Perl 6 - the future is here, just unevenly distributed

IRC log for #salt, 2015-04-23

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:01 ajw0100 joined #salt
00:02 c10 joined #salt
00:04 solidsnack joined #salt
00:05 tmh_ joined #salt
00:05 blacked joined #salt
00:05 MatthewsFace joined #salt
00:06 otter768 joined #salt
00:06 murrdoc joined #salt
00:11 druonysuse joined #salt
00:15 irctc567 joined #salt
00:19 bfoxwell joined #salt
00:20 baweaver joined #salt
00:23 thayne joined #salt
00:24 bhosmer_ joined #salt
00:29 bhosmer_ joined #salt
00:30 GnuLxUsr joined #salt
00:35 ryuhei joined #salt
00:36 ryuhei hi all.. question about master_sign.pub
00:36 ryuhei do i have to copy it manually to minions ?
00:38 druonysuse joined #salt
00:42 desposo joined #salt
00:46 cheus joined #salt
00:46 desposo1 joined #salt
00:46 iggy ugh... why did I decide to add tablespace support to the postgres-formula... ending up down the custom module and state rabbit hole
00:47 p0rkbelly joined #salt
00:47 solidsnack joined #salt
00:47 murrdoc hahaha
00:47 murrdoc sucka
00:49 johngrasty joined #salt
00:51 solidsnack iggy: I wonder how frequently they're used. I could see wanting to put some ephemeral stuff -- like session keys -- in a RAM tablespace.
00:52 solidsnack But I think in cloud we generally have separate servers, not different disks on one server, for different purposes.
00:52 iggy it's not so much about being used often, it's about being able to completely replicate our setup
00:52 solidsnack Ah.
00:52 solidsnack What does your firm do with tablespaces?
00:52 iggy we have big_tablespace = spinners index_tablespace = SSDs
00:53 solidsnack Interesting.
00:53 iggy yeah, realistically at this point, we could probably put it all on SSD
00:53 iggy but I still have to support what's in the field, so...
00:56 MatthewsFace joined #salt
00:57 dalexander joined #salt
00:59 Twiglet joined #salt
00:59 pdayton joined #salt
01:02 GnuLxUsr joined #salt
01:02 cornfeedhobo left #salt
01:03 solidsnack Is there a way from Jinja to get the name of the current Salt state?
01:03 c10 joined #salt
01:05 iggy yes
01:05 iggy although I'm having trouble remember it right now
01:06 iggy {{ self }} ?
01:09 iggy {{ source }}
01:09 iggy knew it was something like that
01:09 MatthewsFace joined #salt
01:17 zwi joined #salt
01:20 solidsnack So let's say a state depends on a _module that depends on Python packages.
01:20 solidsnack Where do I add the Python packages?
01:22 otter768 joined #salt
01:24 iggy in a state that has reload_modules: True set
01:24 iggy doesn't really matter where it is
01:24 iggy but if it's pip.installed, you need reload_modules: True (pkg.installed has that set by default)
01:26 rhodgin left #salt
01:27 ITChap joined #salt
01:32 TheNumb joined #salt
01:34 Tyrm joined #salt
01:34 desposo joined #salt
01:38 xMopxShell joined #salt
01:38 johngrasty joined #salt
01:38 nyov joined #salt
01:39 kusams joined #salt
01:39 TyrfingMjolnir joined #salt
01:42 yomilk joined #salt
01:45 vincent_vdk joined #salt
01:45 ajw0100 joined #salt
01:47 sk_0 pip.installed isn't working on a ubuntu lucid box.  Comment: State 'pip.installed' was not found in SLS 'cloudwatch'
01:47 sk_0 salt-minion version 2015.2.0-787-ga717549 (Lithium)
01:48 sk_0 on my newer precise, trusty boxes running salt helium it works fine
01:49 TyrfingMjolnir_ joined #salt
01:50 murrdoc joined #salt
01:55 vimmonkey joined #salt
01:55 ITChap joined #salt
01:55 Furao joined #salt
02:03 Vynce joined #salt
02:05 iggy sk_0: does the box have pip installed?
02:06 sk_0 it does, i installed the pip modules manualy after it failed
02:06 sk_0 and pip.list works which seems weird if pip.instaled fails
02:09 sk_0 this is a lucid box which is an old release. python-pip might install a really old version of pip. i'll try upgrading pip
02:10 iggy pip.list is a module, pip.installed is a state
02:10 sk_0 ah, ok
02:11 wendall911 joined #salt
02:12 sk_0 upgrading pip with pip install -U pip din't help
02:12 iggy python -c "import pip.req"
02:13 sk_0 ImportError: No module named req
02:14 subsignal joined #salt
02:15 iggy pip might be too old
02:15 iggy since you installed a newer pip with pip (which probably went to /usr/local), try removing python-pip now
02:16 sk_0 it's 0.3.1, that's old
02:16 sk_0 ah, ok
02:17 sk_0 nice work iggy!! that did it
02:19 murrdoc joined #salt
02:19 iggy now write my postgres_tablespace state for me
02:21 _JZ_ joined #salt
02:23 murrdoc :)
02:23 sk_0 no problem
02:23 sk_0 i doubt it will work but i'll write it
02:27 murrdoc left #salt
02:27 malinoff joined #salt
02:31 hasues joined #salt
02:31 hasues left #salt
02:33 dendazen joined #salt
02:39 echo joined #salt
02:40 SeeDickCode joined #salt
02:42 michelangelo joined #salt
02:45 evle joined #salt
02:51 favadi joined #salt
02:52 bhosmer joined #salt
02:54 writtenoff joined #salt
02:57 andrej in terms of using salts API ... how do I extract a minions FQDN in python?
03:04 Furao __salt__[‘grains.get’](‘fqdn’)
03:08 refnode_ joined #salt
03:10 andrej Thanks Furao
03:10 andrej is that provided by salt.client ?
03:11 Furao oh that api
03:11 desposo joined #salt
03:11 andrej There's a different one?
03:11 Furao use salt client to run module grains.get fqdn
03:11 andrej OK, will look into that :)
03:11 andrej Thanks
03:12 Furao there is python render, you can use python in _modules/$mymod.py and _states/$mystate.py and salt-api over http
03:12 Furao and the one you’re using now
03:13 andrej Wow ... way more complex than I thought :)
03:13 nkconnor joined #salt
03:13 nkconnor hi
03:14 andrej It's crazy, I've been using salt (interactively and with fairly involved states for well over a year now, and still don't get the "bigger picture" :}
03:14 nkconnor could anyone direct me to a resource that explains how to push changes to my salt state?
03:14 andrej Hmmmm ... I tried ret = client.cmd('playpen*','grains.get','fqdn')
03:15 andrej it swore at me "TypeError encountered executing grains.get: get() takes at most 2 arguments (4 given).
03:15 andrej nkconnor : what do you mean?
03:16 Furao client.cmd('playpen*','grains.get’,[‘fqdn'])
03:16 nkconnor I added some new stuff to my top.sls for a box I recently provisioned
03:16 nkconnor and I have no clue how to deploy it
03:16 Furao i guess it split fqdn into 4 chars
03:16 andrej Oh
03:16 Furao it probably run func(*otherarg)
03:16 nkconnor originally I did something like salt 'box-id' state.highstate
03:17 nkconnor read the tutorial and it didn't say much about applying changes
03:17 andrej Furao : why would it split a 'fqdn' literal string?
03:17 iggy nkconnor: just run highstate agaain
03:17 andrej nkconnor : that's still how you do it after the fact
03:17 nkconnor ok
03:18 nkconnor hope nothing goes wrong :)
03:18 andrej Heh
03:18 andrej Famous last words "What could possibly go wrong?" :}
03:19 andrej Unless you made local changes that are crucial to the box manually on it, and the highstate will overrwrite these, you should be sweet
03:19 nkconnor does it attempt to do everything over again? or just the diffs
03:19 iggy just diffs
03:19 andrej depends on what your state entails
03:19 nkconnor ok thanks guys
03:19 nkconnor running it now so we shall see
03:19 andrej if theres' cmd.run and such in there it will just do those
03:20 andrej if you're just pushing/modifying files she'll be right
03:21 andrej Furao : found it.
03:21 iggy there are ways to not run cmd.run repeatedly
03:21 andrej it wanted ret = client.cmd('playpen*','grains.get',['fqdn'])
03:22 nkconnor looks like we are using a lot of cmd.scripts
03:22 andrej iggy : yup ... did nkconnor employ these? we don't know
03:22 nkconnor welp I can just manually fix whatever is up
03:24 iggy for next time: salt state.highstate test=True
03:28 nkconnor very useful diff output atleast
03:29 beneggett joined #salt
03:43 beneggett joined #salt
03:44 solidsnack joined #salt
03:46 scbunn joined #salt
03:50 Not_ joined #salt
03:52 otter768 joined #salt
04:05 favadi joined #salt
04:05 bemehow joined #salt
04:06 bfoxwell joined #salt
04:14 eyeoh_ joined #salt
04:28 beneggett joined #salt
04:29 mosen joined #salt
04:33 solidsnack So earlier I posted about state that requires a _module that itself requires Python packages.
04:33 favadi joined #salt
04:33 signull joined #salt
04:34 solidsnack One wrinkle is that the _module is used in Jinja templates.
04:34 solidsnack So when it doesn't load, it prevents the minion from loading anything at all.
04:35 solidsnack I am not sure what to do about this. It does seem like a fairly general problem. The _module is used a template to generate a list of users.
04:36 mosen does it define __virtual__ and return false if you cannot import dependencies?
04:36 zircote joined #salt
04:37 solidsnack Oh, no.
04:38 solidsnack So say I do that -- then what happens in the Jinja template?
04:39 iggy it will say salt doesn't contain module.function
04:39 solidsnack And then it will fail to load, right?
04:39 solidsnack So __virtual__ seems to make no difference.
04:40 iggy it's correct either way
04:40 iggy but yeah, you have to manage chicken/egg dependencies like that onyour own
04:41 iggy they aren't as general as you'd think
04:41 solidsnack So I need to have Chef or something.
04:41 jalbretsen joined #salt
04:42 mosen correct me if im wrong but i dont think modules are usually invoked from jinja templates
04:42 iggy grains.get pillar.get all modules
04:43 mosen oh yeah, for sure
04:44 solidsnack mosen: But that is a supported use.
04:45 solidsnack Now if Salt had just been written in Java we wouldn't have these problems. The master would just call `mvn package` and BitTorrent everything over to the clients.
04:46 iggy and I'd still be waiting for my very first highstate to finish
04:48 solidsnack Tradeoffs.
04:48 iggy what is this magical mystery module you're working on?
04:48 solidsnack You could run your cluster from a tab in IntelliJ.
04:48 solidsnack It gets all the users from a GitHub organization and puts them on the servers.
04:49 solidsnack {% for user in users %} <template out user> {% endfor %}
04:50 solidsnack It is "working" now because the template is wrapped in an {% if <something> in salf %} so highstate has to be run twice on new nodes.
04:50 iggy {% if 'module.function' in salt %} ... do your module stuff ... {% endif %}
04:50 solidsnack Right, the problem and the solution.
04:51 solidsnack Salt doesn't go around again by itself.
04:51 iggy does the reload_modules: True on your pip.installed state not reload the states?
04:52 solidsnack Didn't seem to.
04:52 solidsnack I put all that in a separate state file.
04:53 iggy so the way I handled something (not entirely) similar was to write an orchestrate job that did 2 highstates (along with some other stuff)
04:53 iggy and use the reactor to run that when the host in question comes up
04:54 solidsnack Oh, man.
04:54 solidsnack What is an orchestrate job?
04:54 yexingok joined #salt
04:54 iggy another option is to move this github data fetching to an ext_pillar, then you only have to worry about the master being right (vs every minion)
04:55 solidsnack Yeah, that seems way better.
04:55 solidsnack The master is bootstrapped with cloud-init.
04:55 www-BUKOLAY-com joined #salt
04:56 echo_ joined #salt
04:58 solidsnack Can ext_pillars be included in the salt:// roots?
04:58 solidsnack The "file roots"?
04:59 SeeDickCode joined #salt
05:00 solidsnack This would seem to suggest no: http://docs.saltstack.com/en/latest/topics/development/external_pillars.html#location
05:02 ckao joined #salt
05:04 rdas joined #salt
05:18 krelo joined #salt
05:24 iggy you can file.managed it
05:34 bdols joined #salt
05:44 nocturn joined #salt
05:45 pravka joined #salt
05:50 joeto joined #salt
05:53 otter768 joined #salt
06:00 colttt joined #salt
06:00 isodude_ joined #salt
06:01 favadi joined #salt
06:03 JayFK joined #salt
06:17 tedbot joined #salt
06:22 KermitTheFragger joined #salt
06:22 tedbot joined #salt
06:22 tedbot Salt, y u no upgrade package to new version??
06:22 blacked joined #salt
06:23 tedbot Me: "Salt, ensure pkg-2.0.rpm is installed"
06:23 tedbot Salt: "No problem, boss. pkg-1.0 is already installed."
06:23 tedbot lj;lsfjasdlkfjsakfj
06:24 dingo use pkg.latest, not pkg.installed
06:24 dingo or you can specify a version somehow, its in the docs
06:24 tedbot oh I've combed through those
06:24 tedbot haven't tried latest + version number though
06:25 tedbot I assumed latest would just pull whatever's latest
06:25 dingo yeah it would have to be a combination
06:25 tedbot nice, ok
06:25 tedbot processing...
06:25 dingo that should work, give it a try
06:25 dingo computers are hard :)
06:26 tedbot haha
06:27 tedbot part of me hopes it doesn't work...PR opp
06:28 tedbot dangit @dingo, why u gotta be right all the time??
06:28 tedbot worked perfectly
06:28 tedbot thanks very much
06:28 dingo happy to help
06:29 dingo enjoy your rpm hell hehe
06:29 flyboy joined #salt
06:30 dingo if you're making rpms and they're not too complicated, i highly recommend https://github.com/jordansissel/fpm
06:30 tedbot oh heck yeah
06:31 tedbot I already have a docker container set up as my environment for that
06:31 tedbot so I can keep Ruby off my system :P
06:31 tedbot great language...just a huge footprint
06:32 dingo ruby is on my list of languages i'm happy to have mostly forgotten
06:32 radd joined #salt
06:34 tedbot apparently it's falling in popularity, according to TIOBE
06:35 c10 joined #salt
06:35 dingo i don't quite have a pulse on it, but my feeling was ruby attracted a lot of web (javascript) developers who wanted to move to server-side (rails), and so many of them have moved to node.js
06:36 jhauser joined #salt
06:36 dingo as a systems language ruby has always fallen short compared to python, i don't know many systems programmers who stayed with ruby very long
06:36 mosen ruby isnt bad but it seems like it sufferred from the huge rails people rolling in and then back out again
06:36 tedbot agreed...I actually loved Ruby w/o Rails b/c it was really fast to get things rolling
06:36 tedbot then I switched to a Python shop, so I haven't used it, and lost the desire to
06:37 seeg ruby is a hippie language http://www.rubyinside.com/the-split-is-not-enough-whitespace-shenigans-for-rubyists-5980.html :)
06:37 tedbot Python ecosystem + people seemed way more laid back and concerned about solving problems than Ruby-ing All The Things
06:37 dingo yeah, the ruby user groups have a whole different class of people than python user groups from my experience
06:38 dingo some people say, "python is the new basic", which isn't such a bad thing, considering how much farther python can go than basic ever did. we get a lot of non-programmers from academic, scientific, and math fields
06:39 mosen I'm one of those people who wrote a bunch of stuff in ruby and only recently started writing python, mainly for salt modules :)
06:39 tedbot that's the great thing about Python though - it's very accessible to other disciplines
06:39 tedbot the trick is not writing your Python like a C program, but keeping it Pythonic
06:40 dingo i started python and ruby around the same time, 15 years ago, and i've fallen out of ruby multiple times, i always found better core python or 3rd party modules to solve problems.  however i've managed to avoid web programming my whole career, thank god
06:40 tedbot haha
06:40 mosen yeah, didn't take much to go from one to the other! but I'm still not writing stuff that is pythonic
06:40 AviMarcus joined #salt
06:40 mosen dingo: I thought Go was the hot stuff in systems programming :)
06:40 tedbot I remember when Javascript came out, and I wanted that language to die so hard...so much for that
06:41 tedbot Go feels like the new C to me in terms of excitement
06:41 dingo i'm really into "Pythonic" now, I'm not sure if I can be persuaded to Go for the things I work on, like https://github.com/erikrose/blessings/
06:41 tedbot refreshing to return to static binaries
06:42 tedbot @dingo that is one awesome readme
06:42 dingo i got a huge branch in PR right now that'll make it better
06:43 tedbot haha..."print term.bold_underline_green_on_yellow"
06:43 tedbot careful, your Ruby is showing :)
06:43 dingo packaging is a big difficulty in python, i'm very very experienced in it now that it's not a problem for me, even using things like pyinstaller to make windows and linux binaries, but i can see how it is for other people
06:44 dingo i'm not sure if the distutils/distutils2/setuputils/pip/easy_install/virtualenv world will become sane anytime soon
06:44 tedbot python 3 it is...virtualenv is finally a first class entity
06:45 tedbot I just stick with pip, which requires setuptools
06:45 tedbot distutils is outdated
06:45 tedbot haven't messed with wheels
06:45 tedbot or eggs, for that matter
06:45 tedbot run a private pip server
06:45 tedbot proxy to pypi.python and weeeee off we go
06:46 dingo packages i [co-]maintain are pexpect, blessings, wcwidth, sqlitedict, x84, xmodem, telnetlib3
06:47 seev I chose salt so all the stupid Ruby developers couldn't 'help' manage systems anymore
06:47 tedbot lol
06:47 dingo i've used chef, and i hate it with a passion, it was a terrible experience
06:47 seev chef and puppet are both horrid
06:47 dingo i could rant about it all night, but this probably isn't the place for it :)
06:48 dingo i've been encouraged to do a chefcon talk "why chef sucks", some chef developers have admitted i have some very good points, hehe
06:48 tedbot oh man...that would be awesome
06:48 tedbot puppet was....fair enough, but got complicated very quickly
06:48 seev every job posting I see that involves Puppet wants me to come in and fix their horrible Puppet environment
06:49 tedbot haha
06:49 seev I've swapped it out for Salt once already
06:49 tedbot chef makes nice t-shirts
06:49 tedbot always visit them at ___Cons
06:51 dingo i used to learn new programming languages a lot, i estimate somewhere between 20 and 30 in my lifetime, but i've been stuck on python for a long while now, i'm not sure its a bad thing
06:52 dingo its a hard field in IT... every new language you vest yourself in is a bit of a gamble
06:52 dingo imagine if you had become an expert at flash, for example
06:52 tedbot ha, agreed
06:52 dingo one thing i like about salt, is the pillars are language agnostic
06:53 dingo in my project, our pillars are stricly yaml, we use jinja and such only in the states
06:53 seev if I wasn't using salt, I'd go back to a custom shell script setup
06:53 mosen I liked that orchestration was pretty much built in vs. setting up mcollective
06:54 seev I had this monstrosity with xargs and distributed keys that I used to orchestrate and manage systems before
06:54 dingo me too... friend of mine is now re-writing the chef infrastructure i maintained at my last company, and his employees thought, with SO much complexity and LOC, that they were looking at the actual -product-
06:54 dingo i used to joke that the deployment software was more complicated than the thing it deployed
06:55 tedbot yeah, I've heard Chef is heavy
06:55 tedbot haven't used it personally
06:55 dingo when it boils down to it, its just shell scripts written in ruby
06:55 hebz0rl_ joined #salt
06:55 seev the only thing I liked about Chef was the idea of data bags
06:55 seev and that is replicated cleanly in pillar
06:56 dingo what's nice about salt is its declaritive process, "this is the final success state", with ruby, its the same as shell scripts, its pure logic, its up to you to write if statements and conditions about whether or not to take an action
06:56 nene joined #salt
06:56 nene hi all.. how to check all the grains of a minion?
06:56 mosen salt minion grains.items
06:57 mosen or whatever pattern match etc
06:57 tedbot or salt-call grains.items if yr on the minion itself
06:57 mosen yep
06:58 eseyman joined #salt
06:58 tedbot hey actually, I found a Salt bug, kinda
06:58 dingo heathen!
06:58 tedbot if I install an rpm and specify version 0.14.2
06:58 tedbot haha
06:58 tedbot it'll install the package, but fail
06:59 tedbot because the version is technically 0.14.2-1
06:59 dingo oh oh... don't get me started
06:59 dingo thats a thing with rpm's, hold on...
06:59 Romlok joined #salt
06:59 tedbot yum handles it, so it's like hey Salt come aaahn
06:59 dingo it does, but it shouldn't one second ..
06:59 nene mosen: i ran sali myminion grains.items on salt master =.. but no o/p
07:00 tedbot this is with version 2014.7.1 btw
07:00 nene on salt minion salt-call grains.items worked
07:01 dingo https://github.com/jordansissel/fpm/issues/559
07:01 tedbot actually 2014.7.1-1 :)
07:01 dingo The rpm spec does not allow hyphens in version and release tags, per http://rpm.org/api/4.4.2.2/specfile.html which states "Names [...] may include a hyphen '-' (unlike version and release tags)."
07:01 mosen ahh ok
07:01 mosen bbl
07:01 tedbot nene: try salt 'hostname' grains.items from the master
07:01 dingo unfortunately you can find rpm's on EPEL that don't honor this spec
07:01 tedbot ah
07:02 nene tedbot: i tried that only
07:02 nafg_ joined #salt
07:02 dingo notice in that PR, that package is version '0.12.1.2-2.355.0.1', but rpm -qi reports '0.12.1'
07:03 dingo i'm sure salt does the same, uses rpm -qi to match the installed version, and its failed because its not matched
07:03 dingo https://github.com/saltstack/salt/issues/13293
07:03 ITChap joined #salt
07:04 nene how can we check grains from masters?
07:04 tedbot may I present to the Salt Gods rpmvercmp: http://yum.baseurl.org/download/misc/rpmvercmp.py
07:04 seev at some point salt start doing this --whatprovides RPM thing for every pkg
07:04 seev it slowed down a highstate run
07:04 jxm_ joined #salt
07:04 tedbot nene: you tried with quotes around the hostnames?
07:04 tedbot nene: also try with a splat
07:04 tedbot e.g. salt '*'
07:06 tedbot or even more low level: http://rpm.org/api/4.4.2.2/rpmvercmp_8c-source.html
07:06 tedbot imma rewrite in assembly language just for the street cred
07:06 eseyman joined #salt
07:07 nene tedbot: tried with 'hostname' and '*' too.. no luck
07:07 jxm_ Hi there. I am getting started with salt, using a dozen or so servers as minions and have a few questions. I installed Salt using the suggested debian repos, as seen in the online docs. Now I want to use the snmp formula, but I noticed that this relies on the osfinger grain to select either redhat of debian packages. When I query my minions, that grain does not exist. But my salt minion versions should be more recent than the
07:07 jxm_ introduction of this grain (dated 2014, found that the grain got introduced in 2013 or so). What am I doing wrong?
07:08 jxm_ Note: I use salt '*' grains.get osfinger to query for the grain (no result on my minions), and saw it is used in snmp-formula/snmp/map.jinja from https://github.com/saltstack-formulas/snmp-formula
07:08 tedbot nene: if "salt '*' grains.items" doesn't return anything, then I don't think your minion-master relationship is kosher
07:09 dingo does your minion log say anything about "such and such tool is missing, lsb_release is not installed" or some such?
07:09 jxm_ dingo, is that a question for me?
07:09 dingo there are some 3rd party packages that help decorate the grains file
07:09 dingo err grains items, not file
07:09 jxm_ dingo, if so, I have all the data in the os, os_family, oscodename etc. grains
07:10 tedbot nene: ensure your /etc/salt/minion config has the right master defined
07:10 jxm_ dingo, also, there shouls not be troubles with this as I am using the upstream provided packages, with an upstream formula
07:10 nene something went wrong.. i ran test.ping too no o/p
07:10 dingo so 'osfinger' just happens to be missing, huh?
07:10 tedbot nene: and dbl check that with ping or netcat or something
07:10 jxm_ dingo, yup
07:10 nene minion.conf having my master ip
07:11 jxm_ dingo, dunno if the formula is outdated and the grain has been removed recently, if there is a bug, an install problem...
07:11 funzo joined #salt
07:11 dingo jxm_: is 'osfullname' there, and of value 'Debian' ?
07:11 dingo or is that also missing?
07:12 jxm_ This is important for me as I am trying to evaluate salt vs other systems. And I need to know if I can rely on the formulas existing on github to actually work, if the updates are consistent and tested, etc.
07:12 tedbot nene: make sure your minion config is all good: http://docs.saltstack.com/en/latest/ref/configuration/minion.html
07:12 jxm_ dingo, let me check
07:13 tedbot nene: also make sure the master hostname resolves from the minion
07:13 jxm_ root@salt  /srv/salt/formulas  salt -C 'G@os_family:Debian' grains.get osfullname
07:13 jxm_ longphone.netiant.com:
07:13 jxm_ Debian
07:13 jxm_ intranet.netiant.net:
07:13 jxm_ Debian
07:13 jxm_ www.netiant.com:
07:13 jxm_ Debian
07:13 jxm_ admicom.netiant.com:
07:13 jxm_ Debian
07:13 jxm_ dns-slave2.netiant.net:
07:13 jxm_ Debian
07:13 jxm_ git.netiant.net:
07:13 jxm_ Debian
07:13 jxm_ ns1.netiant.com:
07:13 jxm_ Debian
07:13 tedbot pastebin?
07:13 jxm_ dns-slave1.netiant.net:
07:14 jxm_ Debian
07:14 dingo apt-get install lsb-release might help
07:14 jxm_ ns2.netiant.com:
07:14 jxm_ Debian
07:14 jxm_ dns-master.netiant.net:
07:14 dingo and yeah wow, thanks for the paste ...
07:14 jxm_ Debian
07:14 jxm_ observium.netiant.net:
07:14 _ale1_ joined #salt
07:14 jxm_ Debian
07:14 jxm_ salt.netiant.net:
07:14 jxm_ Debian
07:14 jxm_ dingo, so yes
07:14 jxm_ (as far as the Debian minions are concerned, of course)
07:14 jxm_ tedbot, you're right, sorry for that
07:14 seev maybe netiant should hire a new admin
07:15 dingo jxm_: does your grains/core.py have this section of code, https://github.com/saltstack/salt/blob/1cd2996d45f49b0d0f15c1822bf55ac4e2207d86/salt/grains/core.py#L1313-1316
07:15 tedbot jxm_: I was still impressed - either if you typed all of that, or by your copy/pasta speed
07:15 dingo according to this, if you have 'osfullname' == 'Debian', then your 'osfinger' should be set 'Debian-lenny' or similar
07:15 jxm_ ok, re the paste, I slipped on the middle button, I guess that happens, but again asorry
07:16 dingo i'm just looking at master here, i'd just check the code deployed on one of your minions and see if that's there
07:16 jxm_ seev, if you would care to explain why I need to hire someone new, I'll listen - maybe you want to work for me?
07:16 dingo was added https://github.com/saltstack/salt/commit/11741aac62ab36b88a83db5de0ab511f042cd4a7
07:16 seev hmm, it's possible, I do some consulting
07:16 babilen jxm_: You might want to check your IRC client settings. Most sensible ones warn you when you are about to paste more than, say, three lines into a channel
07:16 jxm_ dingo, ha, thanks for finding the commit
07:17 dingo it appears to be 2015.2+
07:17 dingo so if you're not above that version, that'd be why
07:17 tedbot oh crap
07:17 jxm_ babilen, actually I am trying out xchat and have not yet gotten it up to my old irssi config tweak level
07:17 * tedbot has 10% battery left and no power cord
07:17 tedbot :(
07:17 tedbot guess that's my queue
07:17 tedbot night all
07:17 tedbot thanks again
07:18 dingo so long
07:18 nene thanks tedbot
07:19 jxm_ seev, good,send me a motivation letter, you have one of my domains name, you should be able to find my contact email for it in the ARIN database
07:20 seev I have my MCP, does that qualify me, I'm real good with Access
07:21 zz_Cidan joined #salt
07:21 jxm_ dingo, that would mean that the debian repos are lagging behind by a lot and the formulas up on github/saltstack-formulas may assume a more recent version. Not so good :-(
07:21 Cidan joined #salt
07:21 jxm_ seev, sure, I a also looking for someone to answer the phone and run errands
07:21 dingo yeah, typical with debian. i have the same problem with arch linux, just build your own version of salt, that's what i do
07:21 dingo pretty easy to setup a debian repo
07:22 lb1a joined #salt
07:22 jxm_ seev, also I am not sure which OS the coffe machine runs, an MCP might just not cut it ;-p
07:22 jxm_ s/also/however
07:22 dingo i like debian (i hate linux, but debian is my least favorite), but the "stable" release is so damn old :(
07:22 dingo or i should say, i hate debian the least
07:22 seev you're a good sport, jxm_, I was just giving you a hard time over the paste snafu but you've won me over with your cool demeanor
07:22 jxm_ dingo, ok this is one important point I was trying to asses. So homebuilt, do not rely on prebuilt debian packages is your rule of thumb. Mmmh, I am a bit dissapointed.
07:23 jxm_ Note that I am not talking about Debian packages from the Debian repos, but the upstream packages from the salt Debian repos.
07:23 dingo i know a few debian pkg maintainers, their job isn't so easy, but just basically learn how debian builds the package, copy their build process, and just update the version variables and it should be fine
07:23 Auroch joined #salt
07:24 dingo i wouldn't be suprised if somebody provides a repository with newer salt .deb packages if you look hard enough
07:24 dingo or maybe there is some way to point to 'testing' repository for only the salt packages, etc.
07:24 dingo or just copy them down individually to a private repo
07:25 dingo any sufficiently large infrastructure ends up with a private repository, forks, custom patched stuff, its just inevitable, might as well begin a process now
07:25 jxm_ dingo, I maintain already ~80 custom Debian packages, so this is doable for sure, but still represents work I'd rather avoid.
07:25 dingo computers are hard :)
07:26 seev I just use source RPMs and write my own specs
07:26 Grokzen joined #salt
07:27 jxm_ dingo, and as for the Debian maintainers, I already have a hard time with the code I am the upstream of properly packaged into Debian, so I won't get into pushing for Salt packages there ;-)
07:28 dingo i hear ya, i hate getting bug reports for shit i fixed years ago
07:28 dingo release something and suddenly its my job to ensure some N number of distros update it too, thankless work!
07:29 jxm_ dingo, what I don't get is that you mention Debian maintainers. But these packages I use come from saltstack, not Debian. Are you saying that the Debian maintainers actually are slatstack people, and they maintain both the packages pushed into Debian + the slatstack repo?
07:29 dingo oh i misunderstood, i didn't know saltstack had a debian repo
07:29 jxm_ dingo,  http://debian.saltstack.com/debian - both wheezy and jessie repos there
07:30 kawa2014 joined #salt
07:30 jxm_ dingo, hence why I assumed I would get the latest and greates ;-)
07:30 dingo well i don't work for saltstack, so i can't help you there
07:31 jxm_ dingo, looking at the repo manually, they seem to have dists/* repos for more recent builds
07:31 jxm_ This is counter-intuitive and not mentionned in the official install docs
07:31 jxm_ I'll try those I guess
07:31 jxm_ dingo, but still 2014- builds there, built today :-(
07:32 I3olle joined #salt
07:33 nocturn joined #salt
07:35 slav0nic joined #salt
07:35 slav0nic joined #salt
07:35 jxm_ OK, I guess that gives me some indication of the consistency of the, let's say, 'stable stack' for salt, aka not very good and requiring some DIY.
07:37 jxm_ Now, could you guys share what usually is the favored approach for the rules structure. I want to basically sort my machines by OS type/release (obvious), and also a few static grains I'll introduce. Do you typically structure your rules per "machine class" first and then have config in them, or config first and then per machine class?
07:38 seev I assign states based on hostname/id
07:38 jxm_ It might be a matter of personal preference, although I suspect experience might result in one being more convenient than the other
07:38 seev web*.something will get "web-server", which contains an include and a list of sub-states
07:38 jxm_ seev, without any grouping or common base?
07:38 seev there is a common base shared amongst all systems
07:39 jxm_ ha ok, using the id - that work too I guess
07:39 nocturn joined #salt
07:39 seev it works great for clusters of systems that are homogenous
07:39 jxm_ seev, so typically /srv/salt/servers/web.sls, etc + base?
07:39 seev for instance, I have 36 web servers with the only difference being 01 - 36
07:40 jxm_ seev, I hear you. If that works for you, saves from having to configure static grains on each minion.
07:40 seev I don't use grains for anything, it's all pillar- and id- driven
07:40 seev but how you organize and manage systems is pretty individual
07:41 jxm_ seev, do you also favor pillars vs slat fs state files? I understand that this might allow me to expose rule and config templates only to relevant servers, which is better for privacy
07:41 jxm_ (no, I won't paste my rules on IRC, I swear, trying to ensure minimum of privacy for that)
07:41 seev I store everything sensitive in pillar, like API keys, private SSL keys, etc
07:42 jxm_ seev, that's what I had in mind, thank for confirming it makes sense
07:42 seev there is an option for file.managed for pillar_contents, which works great for long-form text data
07:42 seev you can do yaml: |
07:42 seev and then paste a giant block of text like a private key with line breaks
07:42 seev it's very clean and nice
07:43 jxm_ seev, but do you still use regular salt fs? I though it might as well be simpler to move everything to pillars...
07:43 seev I store configs and templates on the salt master, yes
07:43 jxm_ ok
07:43 seev stuff like the /etc/hosts, /etc/motd, whatever you want to have uniform across all servers
07:44 seev they are available to any minion, I believe, unlike pillar, so you shouldn't put anything secure in the fileserver
07:44 babilen jxm_: Pillars are an additional system that works in parallel to states. In fact most formulas (cf. https://github.com/saltstack-formulas ) make heavy use of pillars to "configure" generic states
07:44 jxm_ Also, do you have any experience with the formulas up on saltstack github? I tend to be cautious of those, I looked them up to get a headstart from them and see what is the "recommended way" to build those, but I tend to shy away from that sort of thing for production.
07:44 babilen Yeah, sensitive data belongs in the pillar
07:45 jxm_ Is that just not invented here syndrom?
07:45 seev I have used the formulas for hints on organizing my own states, but no I haven't used any of the off-the-shelf formulas
07:45 echo joined #salt
07:45 seev but, I converted an existing Puppet codebase over to Salt, so I had material to work from
07:45 jxm_ babilen, yes, I got that far in my understanding
07:45 monkey661 joined #salt
07:46 babilen jxm_: We are activelty working on formulas, but it is very hard to make a generic statement about them. Some are actively developed and reflect the current state of the art (e.g. salt, influxdb, collectd, postgres, ...) others might not be production ready
07:46 jxm_ seev, ok, you seem to have approached it the same way I do
07:46 seev some pillars I expose to all systems, like a YAML dictionary of users and user properties
07:46 babilen jxm_: I use a bunch of formulas in production and couldn't live without https://github.com/saltstack-formulas/users-formula for example
07:47 jxm_ babilen, thanks for the info. By "we" I imagine you are a core salt dev? (sorry, I am not yet familiar with the ecosystem and who's who)
07:47 babilen No, not a core salt dev, just somebody who is doing some work on formulas
07:48 jxm_ babilen, maybe you have insider info re. the state of Debian repos on http://debian.saltstack.com ?
07:48 jxm_ babilen, <nod>
07:48 babilen What kind of information are you interested in?
07:48 jxm_ babilen, are those up to date for example
07:48 jxm_ Or should I build my own
07:48 babilen They are, but might lag a little every now and then (by a few days)
07:49 jxm_ babilen, above in the chan, I was talking about the osfinger grain missing from the version in the repos but in use by the snmp formula,
07:49 babilen They are quite well maintained and the packages are good. It is just a little annoying if you are waiting for a bugfix and it is simply not available to you yet, even though the release has long been tagged in the git repository.
07:51 jxm_ I see the git repo latest release is v2014.7.4, which is what I got from the repo too
07:51 jxm_ But that snmp formula assumes you have 2015+
07:51 jxm_ (according to the commit for that fingeros grain that dingo looked up for me)
07:52 jxm_ Are there not any way to put version compatibility metadata in the formulas?
07:53 joeto joined #salt
07:53 babilen jxm_: That was added in f6898c26 and is available on 2014.7, but is specific to Ubuntu
07:54 otter768 joined #salt
07:54 jxm_ Sorry, %s/fingeros/osfinger/g
07:54 yidhra joined #salt
07:54 jxm_ babilen, haha, ubuntu-specific?
07:54 jxm_ babilen, so the snmp formula which is testing for Debian vs Redhat is wrong?
07:54 babilen https://github.com/saltstack/salt/blob/2014.7/salt/grains/core.py#L1138
07:55 illern joined #salt
07:56 babilen RedHat is being filtered by osfinger
07:56 babilen (in addition to 'normal' os_family filtering)
07:57 jxm_ babilen, from that code it seems to work for RH and ubuntu, not debian
07:57 jxm_ I wonder why
07:57 babilen It is essentially being used to introduce additional settings that differ between RH 5 adn RH 6
07:57 jxm_ (and those three BSD too)
07:57 babilen jxm_: Which 'code' do you refer to exactly?
07:57 Ph-x Can anyone confirm that /etc/salt/grains can be in JSON format instead of YAML?
07:57 jxm_ babilen, the one you linkd to
07:58 jxm_ core.py L1138
07:58 babilen jxm_: That is correct. To be honest: I have never used osfinger, but we are a Debian shop so that shouldn't be too surprising. Nor did I ever have the need for it.
08:00 babilen Ph-x: TIAS ;)
08:00 jxm_ babilen, now it makes sens, looking again at the snmp formula, actually the grain is only used to discriminate between RH5 and RH6
08:00 Ph-x babilen: What does that abbreviation mean?
08:00 babilen Ph-x: "try it and see"
08:00 Ph-x Gee thanks
08:01 babilen Sorry, I simply cannot confirm it. I set grains based on pillars that generate grains.present state (cf. http://docs.saltstack.com/en/latest/ref/states/all/salt.states.grains.html#salt.states.grains.present)
08:01 jxm_ babilen, actually I am not quite sure, not familiar with jinja+salt
08:02 babilen jxm_: It does. That formula is a bit hard to read, but that is definitely the intention and, not having tried it, most likely also the way it works
08:02 jxm_ Could you tell me? It's https://github.com/saltstack-formulas/snmp-formula/blob/master/snmp/map.jinja last line
08:02 jxm_ You were faster, thx
08:02 jxm_ Yes, at least hard to read for me
08:02 babilen Yes, I had a look at that earlier, which is why I said "It is essentially being used to introduce additional settings that differ between RH 5 adn RH 6"
08:03 jxm_ Ha, ok I thought that was a general statement, not specific to that formula :-)
08:03 babilen It was very specific to the topic in question :D
08:03 ktosiek joined #salt
08:03 jxm_ <nod>
08:05 babilen Anything else you require help with this glorious morning?
08:06 Xevian joined #salt
08:06 jxm_ babilen, I guess self help by experimenting is the next step :-)
08:07 jxm_ babilen, seev, dingo thanks!
08:07 denys joined #salt
08:07 babilen Enjoy
08:07 jxm_ thx
08:08 c10 joined #salt
08:13 wilfried joined #salt
08:18 jrluis joined #salt
08:19 aquassaut joined #salt
08:19 teogop joined #salt
08:21 monkey661 left #salt
08:21 mortis what would be the correct way to modify a module to change output of a salt-call execution to be something more than just: local: True
08:21 ZhuJinhe joined #salt
08:22 mortis inside the actual function being executed or somewhere else
08:25 CeBe joined #salt
08:27 babilen mortis: Make whatever changes and then place it in _modules
08:28 stevednd joined #salt
08:30 wilfried joined #salt
08:31 mortis ah yeah, thats fine, but i meant more like ...should i put a print inside the function or is there some more clever handling of output that i havent noticed yet
08:33 mortis probably log :)
08:33 Xevian joined #salt
08:35 mortis salt.logger.log in salt.utils, thats what im looking for :)
08:37 Kire joined #salt
08:39 babilen mortis: Ah, right. You would put additional information into ret['comment']
08:39 mortis oooh
08:42 nene root@sal-master # salt 'myminion' grains.itmes
08:42 nene {'myminion': '"grains.itmes" is not available.'}
08:43 nene any idea?
08:43 babilen itmes → items
08:43 babilen speling is impurtant
08:43 nene important****
08:44 ITChap1 joined #salt
08:45 nene i started reading about pillars.. but didnt get good understanding of why pillar
08:46 nene are these something like modules in puppet?
08:47 phx nene, pillars is server-side renderred data, for the clients. the most common usecase is, think of formulas as the "code" or "directives" that does the configuration, and pillars as the "input data" for the previously mentioned formulas
08:48 phx nene, pillars are restricted to specific clients, so they can contain private data as well. also, pillars are rendered on the server side, so you can even do something like use a different SQL database to fetch some data, and serv it to salt formulas using a pillar
08:49 nene phx: data specific to only one minion?
08:50 phx even that, yes
08:50 phx in the pillars top.sls you can specify what minions get access to what pillars
08:51 babilen pillars are simply Python dictionaries that are being targeted to minions (much like states are targeted)
08:51 phx and if they don't have access to a given pillar, they will not be able to access the data inside
08:58 harkx joined #salt
08:59 wilfried joined #salt
09:03 monkey66 joined #salt
09:04 catpig joined #salt
09:06 faust joined #salt
09:13 codehotter If I provision a server from amazon EC2 and want to then configure it, what's the best way to do it? Should I install salt on the ami base image that I use, and keep the salt key the same for each minion? Is there a better way?
09:16 zer0def joined #salt
09:19 jakubm codehotter: key should be unique per minion. you could hardcode salt server in the image or write some simple autodiscovery of the salt server
09:20 SteamWells joined #salt
09:21 codehotter so I'd like to be able to recreate my infrastructure purely from salt - after deploying a server in ec2 using the AWS api (using salt cloud?) - how do I do the key generation and acceptance dance automatically?
09:21 SWAT joined #salt
09:21 chiui joined #salt
09:22 codehotter If I hardcode the location of the master server in the image, the keys will be autogenerated and submitted, right? But how does the master know what the right keys to accept are?
09:22 codehotter Should it go in via SSH and figure out what the proper key to accept is, and then accept that one? Is there a good way to do all this automatically after deploying a server via aws api?
09:23 CedNantes joined #salt
09:25 codehotter Is this what I'm looking for? https://github.com/saltstack-formulas/salt-cloud-reactor
09:27 codehotter What I want is - step 1. make a change to my salt config, like add a new server - step 2. deploy this server via aws api - step 3. wait for it to become available, bootstrap it and  - step 4. configure it with configuration that I also added in step 1
09:28 CedNantes Hello
09:30 wilfried joined #salt
09:30 CedNantes My salt-master is successfully able to  deploy a VM using salt-cloud on a remote Vcenter but...  when the VM is created, salt then is stuck at "[DEBUG   ] Attempting function <function wait_for_ip at 0x63f9398>" forever. Did anyone here had the same issue ?
09:30 stefan_ joined #salt
09:30 ekle joined #salt
09:31 ekle hi, is there a way an sls can alter an sls which it inlcudes ? mybee through jinja ?
09:32 stefan_ can i give zip options to the archive.extracted same as tar ?
09:32 cberndt joined #salt
09:32 CedNantes stefan : http://docs.saltstack.com/en/latest/ref/states/all/salt.states.archive.html seems so
09:39 peters-tx joined #salt
09:40 jakubm codehotter: i know you can pregenerate keys - maybe you can populate them via salt-cloud? (sorry - i don't know the specifics as i never had to do it)
09:43 stefan_ CedNantes: It needs to be the tar argument specific to the archive being extracted
09:44 stefan_ CedNantes: if i specify a unzip option is doesn't work
09:44 stefan_ like -d (extract to specific dir)
09:53 codehotter oh, does salt-cloud automatically do everything?
09:53 codehotter maybe I should try it before worrying
09:54 otter768 joined #salt
10:01 CedNantes i thought the "clonefrom" option in salt-cloud profiles was for actually cloning a VM, not a template but it won't take any name of actual machines i'm trying.
10:07 bhosmer joined #salt
10:12 Grokzen joined #salt
10:14 sheltonash joined #salt
10:16 sheltonash morning, struggling to google the answer to this. I have a pkg v1.0 (full installer) which gets updated by another pkg to v2.0 (patch installer). Unfortunately there is no v2.0 full installer. Works fine the first time through, but the second time through the first pkg tries to install as it thinks its not present, however it is just upgraded and fails. can't seem to find an example online of how to solve this :[
10:19 monkey66 left #salt
10:20 kawa2014 joined #salt
10:23 CedNantes still stuck at "function wait_for_ip" ... salt-cloud is killing me
10:23 theag3nt joined #salt
10:25 bluenemo joined #salt
10:27 wilfried_ joined #salt
10:29 JDog_ joined #salt
10:30 joehh1 jxm_: debian packages for salt are currently community maintained - same maintainer as debian and generally packages are identical
10:30 JDog_ pip virtualenv state help required.
10:30 joehh1 occaisonally they will differ slightly if packages are stuck in new queue for debian (like now)
10:30 sheltonash guess i need to use 'unless'
10:30 JDog_ How do I use the find-links tag in that? Doesn't seem supported in the docs.
10:31 giantlock joined #salt
10:41 wilfried joined #salt
10:42 blacked joined #salt
10:44 wilfried_ joined #salt
10:44 ndrei joined #salt
10:46 markm_ joined #salt
10:48 jxm_ joehh1, thanks for the tip
10:49 theag3nt joined #salt
11:00 amcorreia joined #salt
11:03 QiQe joined #salt
11:05 sheltonash sigh im so bad :( how do i say unless: pkg.version somePackage == 213123
11:09 QiQe I have all my hostname (grains) formed as {someword}{number} ( ie example1), I need to remove the number part with a filter on pillar
11:09 QiQe any idea?
11:10 bhosmer joined #salt
11:11 QiQe something like {{ grains['host'] | removenumber }}
11:11 QiQe so if I have 'example1' as hostname then 'example' will be interpoled
11:13 lietu joined #salt
11:14 bhosmer joined #salt
11:16 illern_ joined #salt
11:18 jxm_ I have some troubles with services not restarted after config file update (using a formula with appropriate watch statement) on debian jessie, but it seems to work on wheezy. Where can I check what the service reload actually does? I suspect it mught be systemd in JEssie that causes the issue.
11:19 morsik joined #salt
11:19 morsik left #salt
11:19 morsik joined #salt
11:21 joehh1 https://github.com/saltstack/salt/blob/develop/salt/modules/debian_service.py
11:21 markm joined #salt
11:22 joehh1 jxm_: I reckon this is the issue: https://github.com/saltstack/salt/blob/develop/salt/modules/debian_service.py#L35
11:26 illern joined #salt
11:26 pressureman joined #salt
11:28 jxm_ joehh1, mmmh, thanks for the pointer but crap
11:28 jxm_ This is one of the very foundation of automated configuration
11:29 jxm_ Is the bugtracking done on github for saltstack?
11:29 joehh1 yes
11:31 jxm_ joehh1,  I assume the "Only work on Debian" part fo the comment means "no ubuntu" aks upstart?
11:31 jxm_ s/aks/aka
11:32 mamercad joined #salt
11:32 jxm_ Are debian distros second-class citizens in saltstack? I mean that in a non-derogatory way, more to know if the main dev platform is RH for example, so I should expect less support for debian-based systems
11:32 joehh1 I think that the ubuntu service commands are handled by the upstart module
11:32 joehh1 they definitely work - use it regularly
11:33 babilen Well, upstart is not being used (by default) on Debian
11:33 zipkid Hi, would anyone be able to pinpoint what i'm doing wrong here with augeas?   https://gist.github.com/zipkid/6f2aa8d198885cb680c7
11:34 joehh1 jxm_: have you added/are you planning to add an issue for this?
11:34 wilfried joined #salt
11:34 jxm_ joehh1, looking first if it is reported, and it seems related to this: https://github.com/saltstack/salt/issues/13922
11:35 jxm_ With a patch here: https://github.com/saltstack/salt/pull/20706
11:37 jxm_ Which I should already have on my system using 2014.7.4
11:37 jxm_ Mmmh
11:37 joehh1 yes
11:37 joehh1 My initial thought is that no service module was loaded for the (debian, systemd) case
11:37 jxm_ So, if this part has been fixed, I guess the remaining problem is to tell salt to use the systemd provider on debian jessie when systemd is running
11:37 jxm_ Not sure how to look / do that
11:37 joehh1 but a quick look at https://github.com/saltstack/salt/blob/develop/salt/modules/systemd.py#L34
11:38 joehh1 seems to imply that the systemd module should be loaded
11:38 jxm_ OK, Salt lingo is "service module", that's (probably) what I meant by "provider"
11:38 * jxm_ is learning the language :-)
11:39 joehh1 yes - I'm guessing you have written/are using a state file (sls file)
11:40 jxm_ So, https://github.com/saltstack/salt/blob/develop/salt/modules/systemd.py#L34 should mean the the service module used is going to be systemd even on Debian, right? Unless this is overriden somewhere else? I am not sure how many hooks there are (seems weird that it is the service provider module that "Activates itself" and not the other way around)
11:40 joehh1 the code referenced from them is in https://github.com/saltstack/salt/blob/develop/salt/states/
11:40 joehh1 they tend to call modules to do the actual work
11:40 jxm_ joehh1, actually, I am plyaing with the snmp formula, and have a couple of sls files and pillars
11:40 joehh1 re last question - that is my understanding
11:41 jxm_ <nod>
11:41 jxm_ joehh1, re. me being surprised by how the code (seems) to work
11:41 funzo joined #salt
11:42 jxm_ What happens if for "service", both the sysvinit and systemd modules __virtual__() decide to return somthing != False ?
11:42 jxm_ Will both be called?
11:42 nene i ran salt '*' pillar.items on master... no o/p
11:42 jxm_ OR is the last one to pose as "service" win?
11:42 nene any idea?
11:43 joehh1 I think only one will be called, but I'm not sure which - I suspect you are right
11:43 jxm_ Mmmmh
11:43 joehh1 they return the name of the "module" they are implementing
11:43 joehh1 ie debian_service, systemd, upstart etc would all return "service" or False if they weren't going to work
11:44 nocturn joined #salt
11:44 nene salt '*' pillar.items
11:44 jxm_ If I am correct in my assumtion re. how it works just by looking at that module you pointed to, aka it is the specialised module that decides to declare itself as the hook for the generic one ("service" in that case), I am pretty sure this can be argued with good arguments to be not bad but _dangerous_ design
11:44 temhaa joined #salt
11:44 temhaa hello
11:45 temhaa I have question genereally.
11:45 jxm_ joehh1, is there a way to debug that and see which module gets the virtual name hook in a dry run?
11:46 yomilk joined #salt
11:46 temhaa https://www.tanium.com/ this is endpoint management tool. salt is it posible alternative tool instead of tanium?
11:46 joehh1 I've been thinking about that (running on a systemd wheezy box right now... but with an old version of salt atm) I think the best is to look at the minion logs
11:47 jxm_ joehh1, looking now
11:48 JDog_ The error I'm currently struggling with is a new thing that was working yesterday, and I'm unaware of any changes that would have caused this. Here's the gist https://gist.github.com/jontyneedham/3df0d2547007fc608d10
11:49 jxm_ OK. This is it: Command 'systemctl is-enabled snmpd.service' failed with return code: 1  and output: Failed to get unit file state for snmpd.service: No such file or directory
11:49 bhosmer joined #salt
11:49 joehh1 is that because snmpd is a sysvinit script?
11:49 jxm_ joehh1, so it means the systemd module won but did not find the legacy snmp script
11:50 jxm_ Actually that point to the pull request I linked above
11:50 joehh1 I suspect so
11:50 jxm_ joehh1, I think so
11:50 jxm_ Need to check it that pull request actually got applied in 2014.7.4
11:50 fxhp joined #salt
11:52 refnode_ joined #salt
11:53 joehh1 It certainly appears to be in 2014.7.5
11:53 joehh1 http://anonscm.debian.org/cgit/pkg-salt/salt.git/tree/salt/modules/systemd.py#n17
11:53 ndrei joined #salt
11:53 joehh1 looking at the debian packaging repo
11:54 joehh1 yes - applied in 2014.7.4 http://anonscm.debian.org/cgit/pkg-salt/salt.git/commit/salt/modules/systemd.py?id=510c0d1e3e9257c1cf02d9237257a68c28464d9a
11:55 otter768 joined #salt
11:56 temhaa For example Can I use saltstack in large network instead of tanium
11:57 nene i created /srv/pillar dir and created one sample pillar.. then did salt '*' saltutil.refresh_pillar...
11:58 nene now if i run salt '*' pillar.data or salt '*' pillar.items
11:58 nene i am not getting anything
12:00 nene joehh1: jxm_ ^^
12:01 nene should i restart any services?
12:01 joehh1 nene: shouldn't need to
12:01 bkleef joined #salt
12:02 joehh1 have you got your minion listed in /srv/pillar/top.sls
12:02 nene joehh1: yes
12:02 nene base:
12:02 nene 'minion'
12:02 nene -data
12:03 jxm_ joehh1, hey, sorry, had to hush my older daughter
12:03 jxm_ joehh1, so, it got applied but does not work / is not enough to solve the problem then
12:03 joehh1 no worries - I know the feeling
12:03 nene joehh1: then created data.sls
12:05 joehh1 I think you need a : after 'minion'
12:05 joehh1 jxm_: I think that is the case
12:06 nene joehh1: yeah given that
12:06 nene forgot to type here
12:07 zipkid Hi, would anyone be able to pinpoint what i'm doing wrong here with augeas?   https://gist.github.com/zipkid/6f2aa8d198885cb680c7
12:07 jxm_ joehh1, from what I see, this is (one of numerous) a bug in Debian systemd implementation: systemctl [enable|status|start|stop|....] _do_ work with snmpd, only is-enabled fails. This doe not look right
12:08 JDog_ Can anyone help with my virtualenv issue? https://gist.github.com/jontyneedham/3df0d2547007fc608d10
12:09 joehh1 not that surprising, jessie is certainly less used than wheezy at the moment
12:09 jxm_ joehh1, https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=705254
12:10 jxm_ joehh1, TBH, I am a long-time Debian user (since the first version I guess), and I am thinking of jumping boats because of the mess JEssie and the general direction of the distro is
12:10 jxm_ taking
12:10 jxm_ IT seems to be more suited for enthusiast desktops now than for servers
12:11 TheNumb jxm_: That's my general feelings towards debian.
12:11 TheNumb Sadly.
12:11 joehh1 I'm holding my judgment for awhile
12:11 jxm_ Very important packages for enterprise clusters have simply been removed from JEssie for lack of maintainers, etc.
12:11 zwi joined #salt
12:11 jxm_ However quite a lot of effort seems to go into desktop environments and futilities like that
12:11 Romlok better than having unmaintained, broken software in the repo, I guess
12:11 jxm_ TheNumb, yes, sadly
12:12 jxm_ Romlok, yes, probably
12:12 jxm_ The problem is where to go from here? For now I keep using Debian as a base and simply maintain a large collection of custom packages to bolt on
12:13 CedNantes joined #salt
12:13 TheNumb jxm_: which packages have been removed from sid?
12:13 TheNumb err
12:13 TheNumb jessie
12:13 TheNumb ,_,
12:14 jxm_ joehh1, actually re. the is-enabled command. some context: http://lists.freedesktop.org/archives/systemd-devel/2015-April/030704.html
12:14 jxm_ TheNumb, the whole clustering suite (pacemaker etc.)
12:15 jxm_ TheNumb, for lack of time from the maintainers, my packages too have been dropped (targetcli, python-rtslib, etc.)
12:15 joehh1 jxm_: painful
12:15 jxm_ Well, not my "packages", rather my "software", I am the upstream
12:15 jxm_ My published packages for debian actually work
12:15 jxm_ (which was not the case of what the Debian maintainer pushed to alioth)
12:15 TheNumb jxm_: hmm I see that pacemaker is in ubuntu.
12:16 TheNumb You could try deploying a test machine.
12:16 jxm_ TheNumb, it does not work, it is broken, Ubuntu is the worse contender in that area
12:16 TheNumb jxm_: actually I was looking at vivid (15.04)
12:16 jxm_ TheNumb, some of the clustering suite package have not even been tested, as they do not even _install_ properly
12:16 TheNumb pacemaker (1.1.12-0ubuntu2)
12:17 TheNumb looks fresh
12:17 TheNumb jxm_: that sucks.
12:17 nene joehh1: should i uncomment pillars_roots section in master conf file?
12:18 jxm_ TheNumb, if you are interested, some people are driving an effort to change that and build a good cluster suite for Debian. See the #clustelabs channel to meet those guys :-)
12:18 jxm_ #clusterlabs that is
12:18 TheNumb jxm_: ugh, I don't really do clusters ;p
12:19 joehh1 jxm_: what should is_enabled return for a legacy script?
12:20 jxm_ joehh1, well, 0 or 1 depending on if it is active in the default runlevel I guess, same as always
12:20 jxm_ joehh1, normally systemd dispatches that to chkconfig for legacy scripts, but is patched on debian to dispatch to update-rc.d, which does not support the is-enabled option
12:21 jxm_ (but does support enable / disable)
12:21 jxm_ Lenanrt apparently offered to include said dispatch in upstream, but claims he got no reply from the Debian devs (see http://lists.freedesktop.org/archives/systemd-devel/2015-April/030700.html)
12:23 jxm_ joehh1, also update-rc.d has a warning saying "The disable|enable API is not stable and might change in the future.". I guess this will not be the case now with systemd around, but hey, this is altogether pathetic
12:25 venom joined #salt
12:25 joehh1 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=770174#29
12:26 vahtangsuperboos joined #salt
12:26 vahtangsuperboos Hi there !
12:26 vahtangsuperboos sorry for my english in advance
12:27 vahtangsuperboos i just wanted to ask about how to install several packages (with specified version) from python shell
12:27 jxm_ joehh1, I just found a way to infer from an update-rc.d dry run if a service is enabled.
12:28 Eureka_ joined #salt
12:28 sheltonash pkg.list_pkgs shows a fullname and version combo. i've put those in my pkg. yet it insists on re-installing it every time
12:28 jxm_ joehh1, so now the question is what is the most pragmatic workaround.
12:28 joehh1 I'm tempted to look at something like https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=705254#22
12:29 cmcmacken joined #salt
12:29 joehh1 how have you infered it from update-rc.d?
12:29 jxm_ joehh1, actually, apparently update-rc.d just calls insserv. Wow, this is a russian doll
12:30 jxm_ joehh1, http://pastebin.com/G9KCB5i8
12:30 vahtangsuperboos also why i have errors like  __env__  or  __salt__  not defined ?
12:30 mapu joined #salt
12:31 jxm_ joehh1, actually you would need to reverse the return code from my example
12:31 wnkz joined #salt
12:31 ndrei joined #salt
12:31 joehh1 that shouldn't be too hard to add to the module
12:32 jxm_ joehh1, probably trivial even. But I just got started this morning with Salt, and still am learning the basics...
12:32 joehh1 thats how I got started too :)
12:32 jxm_ So I dare not touch the code just yet, I am sure I would break havoc by ignoring all standards and context
12:33 joehh1 If we can get a reasonable patch, I'm happy to add it to the debian packages
12:33 jxm_ Mmmh
12:33 joehh1 Ideally, it will become irrelevant because either salt will apply it or systemd will fix the issue
12:34 cpowell joined #salt
12:34 joehh1 but in the mean time, it should work
12:34 jxm_ I could probably do it, but then I'll still lack basic undertanding of those jinja magic thingies that I do not understand just yet
12:34 sheltonash anyone else had issues pkg.installed trying to install packages every time, i have the fullname and version correct :[
12:34 jxm_ Well, it is magic until I understand it, I guess
12:35 jxm_ Unless magic really exists
12:35 monkey66 joined #salt
12:35 jxm_ joehh1, ok, let me take a look at it and postpone my learning of saltstack (typicall OSS community there, you get on IRC to understand how the stuff works and you end up with a pull request ;-) )
12:36 Auroch joined #salt
12:36 jxm_ (and end up not understanding it any more than you did in the first place ;-) )
12:36 joehh1 :)
12:36 jxm_ Which repo should I clone on github?
12:37 jxm_ IS the devel branch the one to diff against?
12:37 jxm_ Or will a diff against 2014.7.4 do?
12:37 joehh1 My guess is the devel branch
12:38 jxm_ k
12:39 jxm_ I need to fork/pull/install from srource first
12:40 dendazen joined #salt
12:40 joehh1 depending on how you are happy to work, you could just edit the files installed by the package then apply the diff/changes to the git clone
12:41 joehh1 it test from installed package then apply to souce
12:41 joehh1 it = ie
12:42 jxm_ joehh1, yeah, but I have 2014.7.4 installed not devel
12:42 jxm_ I guess that'll merge anyway
12:43 joehh1 exactly - the diff should be small enough to deal with any changes between the two
12:44 wnkz_ joined #salt
12:44 tmclaugh[work] joined #salt
12:45 theag3nt joined #salt
12:50 cpowell joined #salt
12:51 Tecnico1931 joined #salt
13:01 Tecnico1931 joined #salt
13:02 msheiny joined #salt
13:02 codehotter I'm using salt-cloud to deploy a vm, and then I would like to bootstrap the vm. No bootscript script seems to be run on the new server, but salt-cloud reports no errors. How do I troubleshoot it?
13:03 Auroch joined #salt
13:03 thayne joined #salt
13:07 FeatherKing joined #salt
13:08 asido joined #salt
13:10 serodriguez joined #salt
13:11 serodriguez Hi, i'm having some trouble with the use of modules on salstack, i have to install the pythons modules like cx_oracle or mssql_python
13:12 bhosmer joined #salt
13:13 JDog_ I have two states that need to operate on the same directory. How can I do this given that they can't share names?
13:15 davisj JDog_: the ID doesn't have to match the path, it can be whatever you want. But then you have to supply a "- name:" argument to the function, which would be the path.
13:15 subsignal joined #salt
13:16 serodriguez How can install the dependecies of modules, with salt?
13:17 davisj serodriguez: pkg.install?
13:17 Ssquidly joined #salt
13:18 serodriguez but that will install the python module on the saltstack enviroment or on de python of the linux?
13:19 davisj serodriguez: it will install on whatever minions you target
13:19 davisj The pathon that salt uses is typically the default system python no? [disclaimer: I don't do windows]
13:20 CedNantes I guess a "require" could work
13:20 davisj s/pathon/python/
13:20 JDog_ davis: I tried that with the file.directory function and it whinged on the -name argument.
13:20 CedNantes codehotter : are you running salt-cloud with a -l debug ?
13:20 serodriguez my linux python is 3 not 2.7
13:21 davisj JDog_: hmm.. I'm a noob myself, maybe post debug output?
13:21 fusionx86 joined #salt
13:21 serodriguez davisj: my linux python the sys one is 3 not 2.7
13:21 jdesilet joined #salt
13:22 davisj serodriguez: I see. If I understand correctly, salt does not yet support python3. Does your minion have python 2.7 available? If not, Perhaps the saltstack bootstrap script set that up?
13:23 serodriguez davisj: when you do the salt install i came with the python2.7
13:25 serodriguez davisj: the problem im having is, I have to use the mssql module, but i can't install the dependecies of it.
13:25 fredvd joined #salt
13:25 I3olle joined #salt
13:25 jxm_ joehh1, you know, what, I actually tried several more time, running the minion in debug mode, and it seems that the problem is slightly different. Using 2014.7.5+ds-1, on jessie, I do not even see an attempt to execute a restart on the service after updating the daemon config file, while on wheezy/sysV, this triggers a restrart
13:26 dariusjs joined #salt
13:26 joehh1 odd
13:27 davisj serodriguez: If the salt minion install created a python2.7 installation, then maybe you can use pip to insatll the missing module? `salt-call sys.doc pip`
13:27 jxm_ joehh1, my previous test was made with an older version without the commit mentionned above accepted
13:27 jxm_ joehh1, now, with the commit in, it actually seems to fallback on update-rc.d for some stuff, but the restart is simply not triggered
13:27 JDog_ davis: https://gist.github.com/jontyneedham/3df0d2547007fc608d10
13:28 joehh1 jxm_: do you know how to execute the module code directly?
13:28 joehh1 salt 'minion' service.restart snmpd
13:29 davisj JDog_: looks like you have an extrainious colon after "venv:".
13:29 jxm_ joehh1,  good idea, I'll try that
13:30 jxm_ Yep, that works
13:30 jxm_ It is indeed the trigger that does not happen then
13:31 jxm_ Unless the systemctl status ran by the minion give the wrong info, and it believes it is stopped and only issues a start command instead of restart
13:32 bhosmer joined #salt
13:32 kusams joined #salt
13:32 pf_moore joined #salt
13:33 CedNantes Grrrrrrrrrrr VM Creation still stuck at "wait for ip"
13:33 XenophonF joined #salt
13:33 serodriguez Some one have install the mssql.module??
13:33 evle joined #salt
13:33 CedNantes i can create a machine with salt cloud but it'll always wait at the end of the process forever
13:34 jxm_ joehh1, but the debug output clearly show that every status operation results in systemd telling the minion the service is started/loaded. So if the minion really wante to restart it, I guess it would have done so
13:35 KoFFiE joined #salt
13:36 KoFFiE hi
13:37 KoFFiE any idea how to check if a package is installed, and if it is, upgrade it?
13:38 KoFFiE I don't want to install it if it's not present
13:38 zircote joined #salt
13:39 jxm_ joehh1, on the wheezy, I get an "Executing state service.mod_watch for snmpd" which I do _not_ get on the jessie machine, under the same condition (transition to highstate after removing the snmd.conf file)
13:40 jxm_ joehh1, does it mean the trigger did fail, or could it be that the systemd implementation does not implement mod_watch ?
13:40 joehh1 I'll have a look
13:41 yidhra joined #salt
13:41 numkem joined #salt
13:42 joehh1 the mod_watch is implemented in the state https://github.com/saltstack/salt/blob/develop/salt/states/service.py#L415
13:42 joehh1 so applies to both
13:42 davisj KoFFiE: I think this "unless" example illutrates what you want: http://docs.saltstack.com/en/latest/ref/states/requisites.html#altering-states
13:43 wilfried joined #salt
13:45 jxm_ joehh1, haa, it is in /states, I was looking in modules
13:46 mpanetta joined #salt
13:46 Grokzen joined #salt
13:47 jxm_ joehh1, ok, so mod_watch is simply not called
13:48 jxm_ joehh1, my understanding is that what should trigger it is, in my case, the "watch_in: - service {{snmp.service }}" present in the "snmp_conf: file_managed:"  rule of the snmp formula I am using to test
13:49 joehh1 that matches my understanding
13:49 bhosmer_ joined #salt
13:49 joehh1 have you a url for the formula you are using?
13:50 jxm_ github.com/saltstack-formulas/snmp-formula.git, the watch_in is in snmp/conf.sls
13:51 jeffspeff joined #salt
13:51 serodriguez some one know how to install dependecies of the modules?
13:52 joeto Hi guys, I today I updated salt  from 2014.7.4 to 5  and now on ubuntu machines minions wont start
13:52 joeto error is "NameError: global name 'zmq' is not defined"
13:52 joeto any ideas?
13:52 joeto :(
13:52 KoFFiE davisj: hmm, but then I'd need to use distro-specific stuff
13:52 joehh1 jxm_: could it be that the service name differs between jessie and wheezy?
13:53 joehh1 joeto: using the packages?
13:53 mage_ joined #salt
13:53 coreping joined #salt
13:53 mapu joined #salt
13:53 jxm_ joehh1, nope, same
13:54 joeto yeap
13:54 joeto pp
13:54 joeto ppa
13:54 timoguin joined #salt
13:54 joehh1 joeto: is there a line number with the exception?
13:54 dyasny joined #salt
13:54 joehh1 and can you do a salt --versions-report (after the source package version)
13:55 joeto joehh1: http://pastie.org/10109382
13:56 pdayton joined #salt
13:56 joehh1 or a salt-minion --versions-report
13:56 otter768 joined #salt
13:57 joeto http://pastie.org/10109389 ... hmm ZMQ is not installed ... I also update and OS is it possible this also to be an issue?
13:57 msciciel_ joined #salt
13:57 kaptk2 joined #salt
13:57 joehh1 interesting...
13:58 joehh1 what does dpkg -l | grep zmq
13:58 msciciel_ is this normal that master in version 2014.7.5 do not transfer custom modules (_modules, _grains subdir ) to minion ?
13:58 joehh1 give
13:59 joehh1 looks like you are running trusty - is that correct?
13:59 Tyrm joined #salt
13:59 joeto ii  libzmq3:amd64                    4.0.5-1chl1~trusty1              amd64        lightweight messaging kernel (shared library)
13:59 joeto ii  python-zmq                       14.0.1-1build2                   amd64        Python bindings for 0MQ library
13:59 joeto yes
13:59 CedNantes [DEBUG   ] VM Salt-Cl-Minion is created, waiting for it to boot [DEBUG   ] Attempting function <function wait_for_ip at 0x49548c0>
13:59 joehh1 odd - very odd
14:00 joehh1 do you get any error from: python -c "import zmq"
14:00 joeto ImportError: No module named cffi
14:01 joehh1 can you install python-cffi
14:01 joehh1 apt-get install python-cffi
14:02 stanchan joined #salt
14:02 favadi joined #salt
14:02 joeto done, but error is the same
14:02 joehh1 Though I don't know what might need it
14:03 andrew_v joined #salt
14:05 jtanner joined #salt
14:07 kusams joined #salt
14:07 davisj KoFFiE: I know common for folks to maintain maps via pillar to abtract the OS differences out of thier states. http://docs.saltstack.com/en/latest/topics/development/conventions/formulas.html#conventions-formula
14:08 kusams joined #salt
14:10 aparsons joined #salt
14:11 kusams joined #salt
14:13 joeto joehh1: after apt-get -y remove  python-zmq ; apt-get -y install python-zmq salt-minion
14:13 joeto evrething works ... no idea why
14:13 joehh1 joeto, jxm_, nene: I'm off to bed - good luck with your respective issues
14:14 joeto thank yoiu fixed :)
14:14 joehh1 odd, good to hear it is resolved
14:14 jxm_ joehh1, thanks! Sleep tight.
14:15 mapu joined #salt
14:16 gladiatr joined #salt
14:18 Tyrm joined #salt
14:19 lietu joined #salt
14:19 CedNantes joined #salt
14:21 thayne joined #salt
14:22 theag3nt_ joined #salt
14:22 jxm_ :q
14:22 * jxm_ realizes that vi commands do not work on irc, and this is a shame BTW
14:22 phx M-x quit RET ?
14:26 walker_ joined #salt
14:27 matthew-parlette joined #salt
14:27 jxm_ phx, I would not now, I use evil under emacs
14:27 jxm_ *know
14:28 faust joined #salt
14:28 robothands use irssi with vim_mode and they will work
14:28 elfixit joined #salt
14:29 jxm_ robothands, as I mentionned earlier, I am trying out xchat and have some hard time migrating away from my irssi config
14:29 jxm_ But I think I'll get back to it soon enough
14:29 echo joined #salt
14:29 robothands oh gotcha. I didnt read up
14:30 jxm_ robothands, that was a long time up :-)
14:35 ccarney_ROCC joined #salt
14:36 jkleckner joined #salt
14:36 Romlok I heard hexchat was the new xchat
14:38 ccarney_ROCC left #salt
14:39 MAbeeTT joined #salt
14:39 lietu- joined #salt
14:40 bhosmer joined #salt
14:42 jalbretsen joined #salt
14:42 lietu joined #salt
14:47 alynpost joined #salt
14:47 alynpost I have the following require line:
14:47 alynpost file: {{salt['file.dirname']({{data['home']}})}}
14:48 alynpost and it is giving me this syntax error:
14:48 alynpost failed: Jinja syntax error: expected token ':', got '}'
14:48 alynpost I'm trying to take the value of data['home]' and compute the dirname of it in a jinja template.
14:48 alynpost Can someone give me a hint of how to compute the dirname in a template?
14:50 Romlok alynpost: once you start with a {{ block, you don't need to use them again until you close it with }}
14:50 davisj joined #salt
14:50 Romlok ie. you don't need the {{}} around `data['home']`
14:51 dkrae joined #salt
14:51 alynpost Let me try that, it seems obvious enough.
14:51 nitay joined #salt
14:52 smcquay joined #salt
14:55 scbunn joined #salt
14:56 alynpost Well, I have all manner of other template errors too, but that got me past that error.  Thank you Romlok.  Time to study the template tutorial...
15:00 StDiluted joined #salt
15:05 timoguin_ joined #salt
15:06 conan_the_destro joined #salt
15:09 codehotter I have a command that runs onchanges. Sometimes it fails. I would like it to run again on the next run of salt.highstate, even though nothing changed the second time, because that command failed the first time that something did change. Can I accomplish this somehow?
15:09 codehotter so if a onchanges resource fails, do it again even if nothing changed.
15:11 tmh_ joined #salt
15:11 giantlock joined #salt
15:13 alynpost You may have better luck using onlyif/unless to detect the condition under which you should run the command.
15:14 iggy ^
15:15 Tyrm joined #salt
15:15 lietu joined #salt
15:16 faust left #salt
15:17 ntk joined #salt
15:18 gdm85 would it be possible to run a cmd.script with jinja template replacements? in one shot?
15:18 ntk in the script source?
15:18 drawsmcgraw gdm85: In a state or on the cli?
15:19 gdm85 drawsmcgraw: state
15:19 drawsmcgraw Seems simple for a state
15:19 drawsmcgraw Yeah. In fact, I think I do that...
15:19 gdm85 drawsmcgraw: you have the replacements within the source of the script?
15:19 drawsmcgraw uh-huh
15:19 Eureka_ joined #salt
15:19 drawsmcgraw The script is worthless on it's own. Has to pass through the Jinja rendering
15:19 drawsmcgraw just pass the 'template' parameter to cmd.script()
15:19 gdm85 ah, nice :)
15:20 gdm85 I also thought it could work that way, but was unsure
15:20 gdm85 thanks
15:20 drawsmcgraw At least I think so...? I've written so damned many...
15:20 drawsmcgraw Sure thing!
15:20 drawsmcgraw Let us know if I'm wrong, for sure
15:20 gdm85 no need to specify mode right?
15:20 gdm85 yeah, I will
15:20 Brew joined #salt
15:21 alynpost hrm.  I've just updated to the latest ppa on ubuntu 14 and now my gitfs log is giving me:
15:21 alynpost 'Unsupported URL protocol' caught while fetching gitfs remote git@...
15:21 alynpost this was all working before upgrading.
15:22 alynpost I've switched on debug logging.
15:24 alynpost Traceback (most recent call last):
15:24 alynpost File "/usr/lib/python2.7/dist-packages/salt/fileserver/gitfs.py", line 1150, in update
15:24 alynpost fetch = origin.fetch()
15:24 * alynpost crosses fingers gitfs can be updated.
15:26 alynpost err, pygit2 I mean.
15:28 gdm85 drawsmcgraw: the docs says it's possible, although I just noticed I don't need it anymore.
15:28 drawsmcgraw Awww :)
15:29 drawsmcgraw Well that happens
15:29 gdm85 on another topic, I am using a masterless minion and have a state that would add more .sls files
15:29 gdm85 is there any (heretic) way I could chainload them too?
15:30 mindscratch joined #salt
15:30 Auroch joined #salt
15:31 drawsmcgraw gdm85: There's something about a queue system...
15:31 drawsmcgraw You could maybe add those new sls files to the queue -> http://docs.saltstack.com/en/latest/ref/runners/all/salt.runners.queue.html
15:31 penguin_dan joined #salt
15:32 gdm85 thanks!
15:32 gdm85 "This runner, as well as the Queues system, is not api stable at this time." :s
15:32 mindscratch joined #salt
15:33 dyasny joined #salt
15:33 ntk I have a hopefully simple issue, what could cause "User foobar is not available", where foobar is an NIS user? I'm getting this on Fedora 19 minions but not Ubuntu ones, e.g. for managed files set to be owned by foobar.
15:33 debian112 joined #salt
15:33 ntk the NIS setup seems to be ok on all minions, e.g. I can "chown foobar" and "su - foobar" on all of them.
15:34 drawsmcgraw gdm85: Yeah you're kinda putting your fate in your own hands there
15:34 iggy alynpost: try ssh+git
15:34 ntk I'm guessing there's an additional NIS configuration I'm missing for fedora that salt is checking
15:34 drawsmcgraw I'm seeing runs on just one minion taking forever. Like, two minutes for a test.ping
15:35 drawsmcgraw Here's me running a test.ping with -l trace. I've noted where the output stops and hangs for two minutes: http://dpaste.com/1MGEEPY
15:35 drawsmcgraw Anyone have any clue?
15:35 tcotav left #salt
15:35 iggy kill it
15:36 drawsmcgraw My solution last time was to rebuild the box
15:36 drawsmcgraw That seems to have fixed it, but it's hardly a solution
15:36 dendazen how can i create a grain to give me value to which salt environment host belongs?
15:36 dendazen i need it to use in jinja template
15:36 iggy that's why we use salt... a new box is just a highstate away
15:36 iggy dendazen: there's already one
15:36 iggy or a jinja variable maybe
15:37 dendazen oh can i read about it somewhere?
15:39 peters-tx Anyone know what Erik Johnson's nick is
15:39 cornfeedhobo joined #salt
15:39 dave_den joined #salt
15:39 ntk weird, when I execute "salt-call -l debug state.highstate", it seems the state was successful. :/
15:39 theag3nt_ joined #salt
15:40 cornfeedhobo is anyone running salt for localhost/a linux workstation, or know of a guide about such a setup?
15:40 theag3nt joined #salt
15:41 iggy you can do masterless or just run a master/minion together
15:41 drawsmcgraw iggy: This is a physical box :/
15:42 ntk that's a little disconcerting that salt-call would success where 'salt' on the master failed.
15:42 iggy I've heard of them
15:42 iggy ntk: that usually means there's some environment variable that is being relied on
15:43 ntk you mean one that is set in the shell when I run salt-call, that's not set in the context of the minion dispatched by the salt-master?
15:44 ntk I'm looking through env but not sure what could affect NIS username resolution
15:45 ntk is there some other command that can be run on the minion, besides "salt-call -l debug state.highstate" in order to get debugging details of the failure I am seeing from the salt master?
15:45 rm_jorge joined #salt
15:46 cornfeedhobo iggy: okay, i will play around. thanks
15:47 iggy ntk: that is what I mean, yes
15:48 iggy ntk: set the minion to log_level: debug and run the command from the master like you were doing
15:48 rypeck joined #salt
15:48 iggy you should end up with about the same amount of output in your minion log as you would on the command line with salt-call -l debug
15:50 bhosmer joined #salt
15:52 dalexander joined #salt
15:54 codehotter OK, I have python code to accomplish a change I want, and detect whether it is changed or not. How do I use this python code from a state file? Does it matter if I'm using a yaml renderer or pyobjects renderer?
15:55 dendazen and is there a way on the minion which is controlled by master to find value of this? “salt.modules.environ.get” with salt-call?
15:55 dendazen without creating a state for it
15:56 subsignal joined #salt
15:57 subsigna_ joined #salt
15:57 otter768 joined #salt
16:00 sl_ joined #salt
16:01 dendazen and i also get something like this
16:01 dendazen salt-call config.get environment
16:01 dendazen local:
16:01 dendazen None
16:01 dendazen but it is actually not “None"
16:02 ntk this is annoying. now that it has succeeded from the minion, it's not failing from the master, even if I change the ownership back
16:02 ntk I'll try on another minion
16:03 ntk I do get local: None from the minion with config.get environment
16:04 lothiraldan joined #salt
16:06 Guest70 joined #salt
16:06 thayne joined #salt
16:07 ntk ok, well I guess I'll try the debug level on the minion when it's actually breaking for me again. :/
16:07 dendazen isn’t it supposed to report someting like “production” or some other environment minion is in?
16:08 huleboer joined #salt
16:10 ntk i'll have to read the docs on that. I get None from "config.get environment" running from the master as well as from salt-call on the minion
16:10 ntk all of them
16:11 writtenoff joined #salt
16:12 ntk ok reading about environments, it's probably because I've set up everything under 'base' initially.
16:13 spookah joined #salt
16:14 kusams joined #salt
16:17 SeeDickCode joined #salt
16:18 bhosmer joined #salt
16:18 dendazen oh
16:18 dendazen i think minion doesn’t get attached to the environment in any way.
16:20 amcorreia joined #salt
16:21 Grokzen joined #salt
16:21 Tyrm joined #salt
16:25 StDiluted joined #salt
16:26 pravka joined #salt
16:26 dendazen joined #salt
16:26 dyasny joined #salt
16:28 KyleG joined #salt
16:28 KyleG joined #salt
16:31 zircote joined #salt
16:31 jxm_ Where can I find the grain.filter_by(), pillar.get(), etc function reference? Is there a doc somewhere?
16:31 bhosmer joined #salt
16:33 jxm_ Never mind, found it here: http://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.grains.html
16:36 seeg hello!
16:36 seeg is there a way to track progress of a job in salt?
16:36 seeg or if I run hihgstate -- to see what states completed, which failed, etc?
16:36 jxm_ run a job, hit ctrl-C and it will tell you what to run to track progress of that job
16:37 jxm_ USe -vvv option of course to enable verbose mode
16:38 iggy config != top matching... config.get environment would be grabbing the actual environment setting from the config file(s)
16:39 _JZ_ joined #salt
16:40 iggy dendazen: ^
16:40 seeg well, jxm_ it doesn't show much progress i see it just shows all states after the job is completely finished on a minion
16:40 dendazen yeah i understood that
16:40 seeg before it's finished i get no output from salt-run jobs.lookup_jid xxxx
16:41 dendazen i acutally fround environment via
16:41 dendazen salt-call grains.item velio.environment
16:41 dendazen velio.environment:
16:41 dendazen production
16:41 dendazen that’s how i define it in top.sls
16:41 jxm_ seeg, you want the logs then, on the minion. And you probably want to enable more logging. Try running salt-minion -l all or -l debug without -d, then trun your job
16:41 seeg how about if i want to check this from master? is it possible?
16:42 seeg also it would be nice if it was something else that log parsing :)
16:42 iggy seeg: SSE has a nice gui
16:42 jxm_ seeg, I have no idea, but I think probably not
16:42 seeg iggy, how does the gui get the info? :) i don't want gui, i want to know if i can easily track progress somehow :)
16:43 jxm_ seeg, what does increasing the log level on the master gives you ?
16:43 iggy seeg: progress no
16:43 iggy that's just not the way salt is built
16:43 seeg when i did -vvv it gave me job id at beginning, then waited, job finished and printed status
16:43 jxm_ seeg, salt '*' state.highstate -l all only gives you progress from the master
16:43 theag3nt_ joined #salt
16:43 jxm_ seeg, no I would say, you need the minion logs to track progress
16:43 jxm_ And you'll only get as much as your log level on the minion
16:44 iggy the minions don't tell the master (nor even keep track of) progress
16:44 seeg ah, ok
16:44 seeg so another question -- how are errors handled?
16:44 iggy they get a command to run, run it, then return the output
16:44 seeg can i specify some condition to do something else on error? or break early? or just ignore error and continue
16:44 jxm_ seeg, as I said, if this is for debugging, run the salt-minion with -l all (or less) in the foregraound, and get it from there
16:45 iggy by default, they are skipped (unless a state that is a requisite of another fails)
16:45 seeg sorry for asking so much but i didn't find anything in docs -- yeah, with -l all i get something
16:45 iggy there is however the failhard setting
16:46 philipsd6 Is there some way to specify the ssh user used by salt-ssh when using the scan roster? There's no flat file to stick 'user' in, and it doesn't seem to work in the Saltfile.
16:46 JoeHazzers with the introduction of beacons in the upcoming release, when combined with the reactor and various returners, surely salt can become a quite powerful enterprise-wide auditing system?
16:46 seeg ok, failhard is nice :)
16:47 kunersdorf joined #salt
16:48 illern joined #salt
16:49 hasues joined #salt
16:49 iggy JoeHazzers: that was one of the use-cases mentioned at SaltConf
16:49 Tyrm joined #salt
16:50 timoguin joined #salt
16:50 kunersdorf if I can't use a file path on 1st line of yaml stanza, can I "- target:"?
16:50 rap424 joined #salt
16:51 seeg so another question -- is it possible to run some custom callback after every state being applied? this would be a hacky way to do progress for me :)
16:52 dyasny joined #salt
16:52 huleboer joined #salt
16:52 kunersdorf maybe - name:
16:52 iggy kunersdorf: yes, name is probably what you want
16:53 iggy kunersdorf: by default name: is the same as the state_id (i.e. the first line of the stanza)
16:53 MatthewsFace joined #salt
16:53 kunersdorf state_id!! ty
16:53 Tyrm joined #salt
16:54 ntk wow, I can't have a . in a state name.
16:54 perfectsine joined #salt
16:54 hasues left #salt
16:54 wendall911 joined #salt
16:54 ntk maybe due to it being a regex special character.
16:55 iggy probably more to do with it being the standard delimiter in python (and therefore Salt)
16:55 ntk makes sense
16:55 solidsnack joined #salt
16:57 JoeHazzers iggy: being a typical poor student and being on the wrong continent, i didn't have much chance of attending ;)
16:58 StDiluted joined #salt
17:01 CeBe1 joined #salt
17:05 alynpost iggy: I did try your suggestion upthread about changing my remote spec.  That didn't work; after debugging I wrote Joe Healy, the package maintainer for the Ubuntu salt ppa for additional help.
17:06 iggy we had to ditch pygit2 for now fwiw
17:07 iggy it's just too inconsistent for us
17:07 alynpost I'm thinking of doing the same.  It sucks for me to do that, but I can hack a temporary workaround.
17:07 iggy (kind of the same situation salt-cloud was in a year ago)
17:15 jonatas_oliveira joined #salt
17:15 blacked joined #salt
17:16 zircote joined #salt
17:21 denys joined #salt
17:22 wendall911 joined #salt
17:24 JDiPierro joined #salt
17:26 clintberry joined #salt
17:29 blacked joined #salt
17:31 aravind joined #salt
17:31 ajw0100 joined #salt
17:31 bemehow joined #salt
17:35 Vynce joined #salt
17:37 timoguin joined #salt
17:41 aravind joined #salt
17:48 hal58th_ joined #salt
17:49 Guest70 joined #salt
17:50 bhosmer_ joined #salt
17:51 bhosmer__ joined #salt
17:57 SeeDickCode joined #salt
17:58 baweaver joined #salt
17:58 otter768 joined #salt
17:58 bhosmer_ joined #salt
18:05 coval3nce joined #salt
18:05 coval3nce iggy: noticed you added some authproto and privproto config options to the snmp formula the other day
18:06 ipmb joined #salt
18:06 druonysus joined #salt
18:06 jonher937 joined #salt
18:06 codehotter How does salt reordering work? If I have a, b, then c requires a, does that ensure b always runs before c?
18:07 codehotter or c is onchanges a
18:10 blacked joined #salt
18:10 dingo it is an OrderedDict internally ... i'm not sure exactly on your question though
18:10 iggy coval3nce: I probably just merged someone's pull request
18:10 nafg_ joined #salt
18:11 dingo i have had problems where making small changes in ordering somewhere affects an order elsewhere, simply because the ordered layers bump up or down the stack
18:11 coval3nce iggy: cool, just wanted to give you a a heads up, added some vacm configurable stuff to it for v2 users out there, will throw in a PR here shorlty
18:11 iggy codehotter: it depends... some things reorder wildly, some just a little
18:12 dingo i sortof wish, as far as salt was, when it says "this group first, then these two groups after, then all these groups after those", that those in each group would be randomized somehow, so i could catch implied ordering that i ended up depending on becoming an error state later when something unrelated is changed
18:12 iggy well, I'm waiting for someone to merge my postgres stuff, so send it over... I'm bored
18:12 iggy dingo: flying spaghetti monster, no
18:12 theologian joined #salt
18:13 iggy a lot of use don't use any requisites, we rely on top-down ordering
18:13 coval3nce iggy: sent
18:15 lumtnman joined #salt
18:15 iggy coval3nce: does vagrant require things to be in dev/ ? I've seen other people do that and it bothers me
18:15 coval3nce nope, but its a standard i’ve seen folks doing, i think maybe from an salt-formula example
18:15 iggy A. it's more testing than dev B. it's pretty ambiguous C. it's too similar to what a lot of people probably use for an environment name
18:15 coval3nce https://github.com/saltstack-formulas/salt-formula
18:16 iggy yeah, and I have a bug open about that
18:16 coval3nce dude, you are a DJ?
18:16 coval3nce 8-)
18:16 druonysuse joined #salt
18:16 iggy indeed
18:16 coval3nce Haha, me too, mostly deep house.
18:17 hal58th joined #salt
18:17 coval3nce Found your issue about the “dev"
18:17 iggy mostly D&B
18:17 coval3nce nice, been loving “liquid” lately
18:17 iggy but if I can make it not train wreck and it makes people dance, I'll give it a shot
18:17 hal58th_1 joined #salt
18:17 coval3nce ha
18:18 baweaver joined #salt
18:25 tomh- joined #salt
18:25 badon joined #salt
18:29 jY is there a way to fire an event on the command line from minion to master
18:29 jY ahh event.fire
18:30 KyleG i was going to say publish.publish maybe
18:30 cberndt joined #salt
18:30 dendazen will this {{ salt['grains.item'](‘velio.environment') }} in jinja give me the result of that command as a string?
18:30 dendazen Also how could i check something like this fast in the shell?
18:31 iggy yes, you can't
18:31 dendazen just this line without running any state, just for the sake of checking symantics and syntax
18:31 dendazen oh ok.
18:32 iggy maybe http://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.state.html#salt.modules.state.template_str
18:33 iggy never actually tried it myself though
18:33 dendazen Thanks, iggy.
18:34 iggy I find it... distressing, that we are writing integration tests for SaltStack in Ruby (/me eyes kitchen-salt)
18:37 blacked joined #salt
18:38 solidsnack joined #salt
18:40 coval3nce iggy: you mean “# Source: salt://snmp/files/snmpd.conf”  near the tops of conf files right?
18:40 coval3nce # {{ salt['pillar.get']('SALT_MANAGED') }}
18:40 coval3nce # Source: {{ source }}
18:41 iggy well... a bit more obvious
18:41 coval3nce i’ll see if i can find a best practice for that one
18:41 iggy # This file managed by Salt, do not edit by hand!!
18:41 iggy that's what the salt-formula has
18:42 coval3nce cool, ganking
18:42 iggy https://github.com/saltstack-formulas/influxdb-formula/blob/master/influxdb/files/influxdb_0.9.config.toml.jinja
18:43 iggy that's another example
18:43 iggy but capitalize Salt
18:43 dendazen iggy i get this error with that: ID velio.environment in SLS /tmp/test.sls is not a dictionary
18:44 iggy dendazen: without seeing the state...
18:45 blacked joined #salt
18:45 dendazen oh no state i just used that link you gave me put “ {{ salt['grains.item'](‘velio.environment') }}” in sls file and ran salt-call state.template /tmp/test.sls
18:46 iggy yeah, it's actually expecting a valid state file... not just some random jinja you are trying to see rendered
18:48 dendazen oh ok.
18:52 racooper joined #salt
18:58 I3olle joined #salt
18:58 jxm_ Not sure who was there already a few hours ago, but I made some progress re. service.mod_watch not triggering service restart on config file change on debian jessie w/ systemd
18:59 jxm_ It happens that it works if I remove "-enable: true"
18:59 jxm_ So, apparently, "-enable: true" breaks everything on jessie+systemd services
18:59 jxm_ Well, at least it breaks mod_watch triggers
19:00 bhosmer_ joined #salt
19:00 coval3nce iggy: have to run, updated that PR, thx for the pointers
19:01 jxm_ Anyone has any clue? I found something similar (https://github.com/saltstack/salt/issues/18311) on ubuntu, but it ends up beingrelated to one specific package (shorewall) having a broken initscript, which is not the case here (using snmpd)
19:01 adelcast joined #salt
19:03 bhosmer__ joined #salt
19:10 pullphinger joined #salt
19:13 ntk ok so I have some insight into what's going on with my salt state on fedora.
19:14 ntk it's rewriting nsswitch.conf and starting the ypbind service, but then later steps that use an NIS username foobar fail because the salt-minion's attempt to do pwd.getpwnam('foobar') throws an exception that it doesn't know the user.
19:15 ntk restarting the minion fixes that
19:15 pullphinger joined #salt
19:16 ntk apparently the way fedora is set up, when ypbind is started, existing processes have to restart in order to take effect for binding those names somehow
19:16 ntk I'm not sure what the fix is for rewriting the state
19:18 iggy ntk: try adding reload_modules: True to your state that does the NIS setup
19:18 MaliutaLap joined #salt
19:18 MaliutaLap left #salt
19:18 iggy (just to see if you need a full process restart or just some modules)
19:19 joeto Hi again, are there module or something which push ec2 metadata in minion grains?
19:19 big_area joined #salt
19:19 iggy there are in fact
19:20 iggy https://github.com/saltstack/salt-contrib/tree/master/grains
19:20 iggy there are a few different ones there that deal with ec2
19:20 adelcast left #salt
19:21 adelcast1 joined #salt
19:22 Tyrm joined #salt
19:22 joeto mmm I am searching more for something which take information from http://169.254.169.254/latest/meta-data/ and put it in grains
19:22 solidsnack joined #salt
19:23 joeto to be honest all what I check was to take info directly from AWS and need keys
19:23 joeto but there is no modeule which take info from http://169.254.169.254/latest/meta-data/
19:23 seev curl > /salt/grains/thing
19:24 ntk ok, took a minute to reproduce this, I'll try that now
19:24 joeto yea I know that :) tha idea is if something already exist :)
19:24 iggy joeto: did you look at all those grains?
19:24 seev instance_id=$( /usr/bin/curl http://169.254.169.254/latest/meta-data/instance-id )
19:24 seev like that
19:24 joeto not in all of them but for scaliing and application deployments and registering in ELB we need some info
19:24 iggy that is exactly what ec2_info does
19:25 joeto ou!
19:25 ntk i'm a bit pessimistic because I think the pwd.pwnam is not part of a module
19:25 joeto checking , my bad
19:26 timoguin The ec2_info grain works well for the metadata, but it won't give you tags
19:26 relopezz joined #salt
19:27 joeto iggy: pfff sorry this is exactly what I need :)
19:27 iggy what timoguin said... metadata but no tags
19:27 joeto timoguin: tags are not needed for now
19:28 iggy so throw that in /srv/salt/_grains (or wherever) and you're good to go
19:28 timoguin There are two other grains there that will fetch tag info, but last time I checked those grains wanted credentials.
19:28 joeto btw aws anounced that they plan to put tags inside metadata in the furture :) so sooner or latter will be ther
19:28 timoguin Rather than using the EC2 roles
19:28 Zachary_DuBois joined #salt
19:28 ntk nope, sadly it didn't work.
19:28 monkey66 left #salt
19:29 iggy ntk: you can restart the salt-minion service, but sadly it won't happen until the end of the run, so you're going to be stuck running highstate twice
19:31 ntk just salt-minion service rule, watching the state that I care about, with reload: True ?
19:31 ntk that would be better than nothing I guess
19:31 relopezz Hi, Im new using salt, I created an AMI (using packer) with SaltStack (masterless) as a provisioner... I was able to connect via ssh and make a configuration to the minion. I was able to run salt-call state.highstate successfully. Later, I lost the connection to my instance,([root@<ip> ec2-user]# Write failed: Broken pipe) and after that, I wasn't able to connect again
19:31 relopezz I'm not sure if I'm missing a configuration in SaltStack. Is there a possibility that the keys on my instance changed after running salt-call state.highstate ??
19:33 pdayton joined #salt
19:33 Guest70 joined #salt
19:35 iggy ntk: the other option would be to have an orchestrate job that ran your NIS states (which should trigger a minion restart), then a full highstate
19:35 blacked joined #salt
19:35 iggy and have the reactor call that when the machines boot up
19:36 baweaver joined #salt
19:36 iggy relopezz: depends... by default salt won't touch keys, but if you tell it to it will
19:36 ntk relopezz: how weren't you able to connect again? is the connection refused (e.g. not listening of port 22), or are you getting an authentication error?
19:37 ntk relopezz: it's probably only related if your keys or openssh service are managed by your salt state.
19:38 bluenemo joined #salt
19:38 ntk iggy: that's a good tip, for my purposes an orchestrate is probably a little heavyweight, running highstate twice will probably do.
19:38 iggy I used to say the same thing
19:39 iggy (and yeah, learning reactors and orchestrate isn't trivial)
19:39 iggy https://gist.github.com/iggy/b7599a97c18ddd6e6ca4
19:39 iggy that's an example of a similar situation we have
19:41 ntk I should learn salt-cloud too, this is my first attempt at a salt setup and I'm very happy with it, but I rolled my own libvirtd provisioner with virt-install + kickstart, and now I'm thinking biting off salt-cloud with the libvirtd provider would have been the way to go
19:41 jxm_ I find the YAML state syntax confusing. Is there a good intro somewhere about it? I mean, what is the difference between service.running: -enable: true and service.enables: running: true ???
19:41 iggy we skipped salt-cloud too (it had issues with GCE when we first started rolling stuff out)
19:41 ntk but then, I didn't read up enough to know that salt-cloud was a thing, before I did it. I was just thinking, Vagrant + salt is overkill.
19:42 cheus joined #salt
19:42 iggy jxm_: there isn't a service.enables (or service.enable*) state
19:42 relopezz Thank you, Im getting an authentication error, permission denied, its weird since I didnt tell salt to touch the keys on my instance. I've checked the permissions on the .ssh files and they seem fine, and also created a new instance and use the same key.pem and I was able to connect to this new instance. So isnt a permission problem
19:43 iggy it would help if I looked at states, not modules
19:43 ajw0100 joined #salt
19:43 jxm_ "Simplicity, Simplicity, Simplicity" it says section 3.3.1 on that documentation. Then why using confusing names all over the place ? I mean come on "require_in" ? NO! "required_by" is simple
19:44 iggy because it's the inverse version of require
19:44 jxm_ iggy, 1.27.127. salt.states.service is so unclear regarding what is a state and what is not that I can't tell
19:44 iggy it's not a separate requisite, it's the other end of a requisite that already exists
19:45 iggy if you are that confused after reading the docs, try another tool
19:45 jxm_ iggy, "salt.states.service.enabled [...] Verify that the service is enabled on boot, only use this state [...]"  -> In english, it means this _is_ a state
19:45 iggy nobody has a gun to your head telling you to use salt
19:45 iggy the great thing about open source is you have other options
19:46 jxm_ iggy, I am evaluating the tools available to find th best one, right now I am doing salt, which appeals to me because it is written in python among aother things
19:47 jxm_ iggy, if you think it is not normal to be confused by what I just pointed out, then you are either biased or can't read english
19:47 jxm_ The doc says it is a state
19:47 jxm_ You say it is not
19:47 iggy yes
19:47 ntk relopezz: is this reproducable when you do the highstate again? are you looking at your salt configuration directly or are you a step removed from that via packer etc ?
19:47 iggy 15:43 < iggy> it would help if I looked at states, not modules
19:47 jxm_ OK, fair enough, either the doc is wrong or you are
19:47 iggy I corrected myself
19:47 iggy but there is no service.enabled: running: True
19:48 ntk jxm_: are you paying maintenance to iggy or is this a free support channel? you seem angry.
19:48 ntk I've gotten a lot more than my money's worth
19:48 iggy you have service.running: enabled: True (which makes sure it's running now and starts it on next boot) and you have service.enabled (which just makes sure it starts on next boot)
19:48 iggy they are very different bits of functionality
19:49 jxm_ ntk, I am angry because I just put a whole day of effords working on salt, fiddling with the code to understand some of its bug, planning to send patches, and iggy tells me that I should use another tool if the doc confuses me
19:49 jxm_ Implying that I am either dumb or not trying hard enough
19:49 ntk i think you should use another tool too
19:49 iggy implying that you use the tool that works best for you
19:50 iggy I don't care if that's pssh+scripts or salt/ansible/chef/puppet
19:50 jxm_ Wow, people in this chan were a lot nicer a few hours ago, I miss you joehh1, too bad you went to bed
19:50 iggy I certainly don't use Salt for everything because it isn't good at everything
19:51 bhosmer_ joined #salt
19:51 * jxm_ is going to cool of, have diner, and try to not judge a tool by a couple of it's community members
19:51 jxm_ *off
19:51 iggy I'll let other people waste their time on you
19:52 bhosmer__ joined #salt
19:52 ja-s joined #salt
19:52 relopezz @ntk Im using packer to install salt but anyways I made the configurations manually in the box before loosing the connection .. I mean I did change the minion conf manually
19:52 MaliutaLap joined #salt
19:53 MaliutaLap left #salt
19:53 iggy first person I've felt the need to /ignore in here (and in general the first non-obvious-troll) that I've /ignore'd in like a year
19:56 cpowell joined #salt
19:56 relopezz @iggy hater gonna hates, Im completely new using saltstack and I think is great, mention Im not a devops person
19:57 solidsnack joined #salt
19:57 timoguin iggy: ignore me, butthole
19:57 * timoguin is on FIRE
19:57 iggy like I tried to say, it's not for everyone (or every situation)
19:59 otter768 joined #salt
20:00 timoguin salt is for everyone.
20:00 timoguin salt-tang is for the children!
20:00 hemphill joined #salt
20:00 joeto ok guys call me a noob but I stuck with ec2_info.py need help, could you please someone with py exp to take a look on : http://pastie.org/10110363
20:01 joeto its run on ubuntu 14 py 2.7
20:02 toastedpenguin joined #salt
20:02 timoguin joeto: looks like the grain might not be getting a response back from AWS?
20:02 timoguin But that's an odd error. I didn't have to do anything special when I added that grain.
20:02 timoguin On Ubuntu 14.04 too.
20:05 joeto today is not my day :(
20:07 joeto btw what I need to install on minions as a package? only salt-minion or also salt?
20:07 iggy joeto: can you pastie the output of "curl 169.254.169.254/latest/user-data"?
20:08 iggy joeto: just the minion
20:08 [7hunderbird] joined #salt
20:08 sandah joined #salt
20:09 joeto iggy: something like http://pastie.org/10110373
20:09 joeto I cut most of the script
20:10 iggy uhh... that's definitely not right
20:10 iggy that grains module is expecting json data
20:11 joeto ?!? from user data?
20:11 iggy https://github.com/saltstack/salt-contrib/blob/master/grains/ec2_info.py#L104
20:11 iggy it's trying to json.loads the response, so yeah, that's what it's expecting
20:12 evilrob using cmd.run, is there a way to source a file of env vars without having to specify each of them in the state?
20:12 beneggett joined #salt
20:12 iggy use cmd.script?
20:13 druonysus joined #salt
20:14 evilrob iggy: it's closer, but I'd have to put the ". envfile" in the script.
20:15 evilrob that's ok.  This will work, I'll just have several vars under the env section
20:15 iggy yeah, that's where I was going with that
20:15 bhosmer__ joined #salt
20:16 joeto iggy: maybe I am wrong but if user-data is not json it shoud end with : raise httplib.BadStatusLine("Could not read EC2 user-data")
20:16 joeto not with exception
20:19 timoguin joeto: the exception should definitely be handled better
20:19 timoguin I'm not currently using userdata, so I've never seen that error
20:19 aquassaut joined #salt
20:20 joeto Iill try to remove userdata part :)
20:20 joeto thank you very much guys
20:20 timoguin just checked. the version i dropped into my custom _grains doesn't have that userdata function
20:21 timoguin This commit: https://github.com/saltstack/salt-contrib/commit/b433ded8fe6b10caa2fb91104d0ede3dd19c379a#diff-f57c991587560a639929b69d1e76b9e0
20:22 hal58th_ joined #salt
20:22 hal58th__ joined #salt
20:22 joeto yea I just removed it and can confirm - it works without it
20:22 joeto unfortunatelly I am not good in python so cant fix it :(
20:24 ajw0100 joined #salt
20:24 pannon joined #salt
20:26 pannon /msg nahamu Hi Nahum
20:26 nahamu pannon: hi
20:26 pannon /msg nahamu nice to see you here
20:27 pannon /msg nahamu I have tried to build a custom Salt on Smartos
20:27 pannon /msg nahamu all went well
20:27 pannon /msg nahamu but the sal-key command is looking for cinfigs in /etc
20:28 nahamu so I have a pretty heavyweight solution I use in the Esky builds that I do:
20:28 nahamu https://github.com/saltstack/salt/blob/develop/pkg/smartos/esky/_syspaths.py
20:28 pannon /msg nahamu just want salt-key to search in /opt/local
20:28 ntk /msg pannon i can see your messages
20:30 pannon /msg ntk new to irc
20:30 nahamu pannon: yeah, your IRC client is just rendering the "/msg" part rather than messaging me directly, just leave it off.
20:30 babilen pannon: Just drop the " /msg NICK"
20:31 pannon ok
20:31 nahamu much better. :)
20:31 pannon lol
20:31 * relidy cheers
20:31 ntk hooray!
20:31 babilen \o/
20:31 nahamu pannon: one question I have is why you need a custom Salt build.
20:31 pannon have not use irc much before unfortunately
20:32 pannon wanted to build a newer release
20:32 nahamu got it.
20:32 pannon the pkgsrc does have an older version
20:32 nahamu one option is to let me do the work for you.
20:32 perfectsine joined #salt
20:32 nahamu I have builds that you can untar that keep everything contained in a single directory.
20:32 pannon don't want to bug you
20:32 solidsnack joined #salt
20:32 nahamu I publish them publicly.
20:32 pannon OK
20:33 nahamu http://us-east.manta.joyent.com/nahamu/public/salt/salt-2014.7.5-esky-smartos.tar.gz is the latest build
20:33 pannon my build is fine, just salt-key is not behaving correctly
20:33 nahamu how are you building it?
20:33 pannon ./setup.py build
20:33 pannon ./setup.py install
20:34 Norbell_ joined #salt
20:34 nahamu I think there's probably a flag you can pass in...
20:34 pannon OK
20:34 pannon downloading your bits now
20:34 XenophonF left #salt
20:34 I3olle joined #salt
20:34 pannon thanks :)
20:35 pannon what is esky?
20:35 nahamu It's the build process that they use for Windows. I got it to work for SmartOS
20:35 pannon noticed it has a lot of extras
20:36 nahamu It just packages up a python application into a neat redistributable standalone bundle.
20:36 pannon nice
20:36 pannon I will also try to research the salt-key issue
20:36 nahamu My esky tarball extracts to a directory named "salt" I usually drop it at /opt/salt
20:37 nahamu there's an "install.sh" script that will import SMF manifests for you. The configuration would then live under /opt/salt/etc
20:37 pannon oj
20:37 pannon ok
20:38 nahamu but otherwise in theory you could try passing "--prefix=/opt/local" to setup.py if you're just installing from the source tarball.
20:39 pannon I will try that!
20:39 pannon probably solves all my issues
20:39 pannon :)
20:41 nahamu either that or you want to figure out how to get setup.py to set the config_dir variable the way you want it.
20:42 nahamu but either way, that's a pretty generic setting that any of the Salt developers who have poked at setup.py more recently than I have should be able to help you with.
20:42 pravka joined #salt
20:42 pannon ok
20:42 pannon I think I have plenty to info to resolve this now
20:43 pannon many thanks nahamu
20:43 nahamu let me know what the answer was when you figure it out. :)
20:43 pannon will do!
20:44 pannon thanks again, really appreciate your time/help!
20:44 pannon will report back
20:44 pannon once all dusted
20:45 Tyrm joined #salt
20:46 Tyrm joined #salt
20:46 pannon oh
20:46 pannon just got it working!!
20:46 pannon ./setup.py install --prefix=/opt/local --salt-config-dir /opt/local/etc/salt
20:46 ntk hooray!
20:47 Vynce joined #salt
20:47 pannon time to build the sls files
20:47 nahamu nice
20:47 pannon can't wait!
20:48 pannon must admit I am blown away by the SDC+Salt combination
20:48 pannon very neat
20:49 baweaver joined #salt
20:50 timoguin pannon: what is SDC?
20:50 timoguin an joyents cloud?
20:50 pannon opensource private cloud
20:50 pannon yes from joyent
20:50 pannon SmartDataCenter
20:51 * timoguin nods
20:53 dingo SDC api is very nice, i agree
20:53 dingo i think joyent (and solaris zones) in general have been ignored far too long
20:53 pannon yes agree
20:53 pannon now there is LX branded zones too
20:53 dingo yup, good engineers over there
20:53 pannon you can run Linux on SmartOS
20:53 pannon as a zone
20:54 dingo i work with openstack at my $JOB and i can't understand why anyone would use this pile of poo :)
20:54 pannon :)
20:54 florinandrei joined #salt
20:54 pannon we are migrating to SDC now
20:54 pannon from VMware
20:55 pannon so far SDC is amazing
20:55 dingo i'm a big proponent of having base images, 99% configured, then making instances from that image and finishing off the details (using salt or whatever)
20:55 pannon we even trialed legacy
20:55 pannon we have a CentOS zone with IBM DB2 installed
20:55 pannon for legacy apps
20:55 pannon and it is working
20:55 pannon lol
20:56 pannon yes images are great
20:56 dingo but i have only one problem with SDC: You can only create a custom image from *their* base image: if you want to tweak or adjust it by just a single bit, you have to re-clone the original base image again, you cannot "create an image off a custom image"
20:56 pannon yes you can
20:57 dingo really? i had a support ticket they responded to and everything
20:57 pannon I just use this tool sdc-createimagefrommachine
20:57 pannon you can install the minimal image - customize and turn it into an image
20:58 pannon it is part of their smartdc node module
20:58 dingo "cannot create incremental image for VM --: incremental images of incremental images are not currently supported"
20:58 dingo i got that just two months ago
20:58 dingo if that's changed, i'm a happy boy
20:59 pannon not incremental
20:59 dingo i use sdc-createimagefrommachine too, but you can't call that on a new instance you've provisioned from your own image -- only from the base image
20:59 pannon this is just for turning machines insto custom images
21:00 pannon let me try this
21:01 und1sk0 i keep a template instance running and create checkpoint images from it as i make changes to the config (new scripts, updated nodejs, etc)
21:01 dingo well its pretty great stuff, anyway. I have automated scripts to provision machines for testing 'pexpect' builds on solaris, and some strange node.js error i don't understand (because i don't code node.js) just started happening a week ago.  I can only guess the API changed and the library needs to be updated, that kindof sucks :)
21:01 dingo yeah, i'm a cheap bastard, its just for a FOSS project and you get charged for instances even if they're powered off, so there's that
21:01 jonatas__ joined #salt
21:02 pannon we are talking about separate things
21:02 und1sk0 yeah, i figure i can live with $30 a month to have a "not-quite-prod" nodejs box laying around to beat up
21:02 pannon we use our own gear with SDC7
21:02 pannon just tested
21:02 pannon image is created
21:03 pannon on the opensource SDC
21:03 dingo dang, i knew there was no technical reason it can't, zfs don't care if you clone a clone, etc.
21:03 benegget_ joined #salt
21:03 pannon from my own instance which was imaged before
21:03 SheetiS joined #salt
21:04 dingo they must prevent it on their public api because they can't accurately do accounting/bookkeeping or something
21:04 dingo anyway, SDC is good, salt is good, the end :)
21:04 irctc926 joined #salt
21:04 pannon SDC+Salt FTW!
21:06 iggy just out of curiosity, is salt being suggested by SDC? or is it just something that apparently a couple of you have picked up?
21:06 bhosmer_ joined #salt
21:06 dingo joyent's support recommended me *anything but* salt, haha
21:06 pannon not suggested
21:07 iggy ouch...
21:07 pannon we are planning to have cross orchestration between VMWare and SDC - Salt is great for that
21:07 dingo > What do you recommend?
21:07 dingo Personally, I recommend configuration management (chef, puppet) where possible.
21:08 pannon BTW, anyone has forst hand experiences driving the opensource SDC direclty via Salt?
21:08 dingo no, i have shell scripted it
21:08 rypeck What is the SDC?
21:08 pannon I mean actually talking to the API
21:08 pannon Joyent SmartDataCenter
21:08 dingo https://jeffquast.com/post/joyent-provisioning/
21:09 timoguin pannon: should be doable with salt-cloud: https://github.com/saltstack/salt/blob/develop/salt/cloud/clouds/joyent.py
21:09 pannon nice dingo, saved that
21:09 pannon yes I know
21:10 pannon just wanted to hear whether anyone is actually driving the headnode API
21:10 pannon I will try it in the next 2 weeks
21:10 pannon and report back
21:12 alub left #salt
21:12 clintberry joined #salt
21:14 pannon dingo out of curiosity why is joyent not recommending Salt?
21:16 beneggett joined #salt
21:19 giantlock joined #salt
21:20 blacked joined #salt
21:20 bmcorser joined #salt
21:21 desposo joined #salt
21:22 yidhra joined #salt
21:28 hemphill joined #salt
21:28 thayne joined #salt
21:36 yidhra joined #salt
21:36 SheetiS joined #salt
21:36 kusams joined #salt
21:41 beneggett joined #salt
21:48 bhosmer joined #salt
21:51 yidhra joined #salt
21:52 baweaver joined #salt
21:53 bhosmer joined #salt
22:00 otter768 joined #salt
22:02 Guest70 joined #salt
22:02 bougie joined #salt
22:03 yomilk joined #salt
22:04 keekz joined #salt
22:04 echo joined #salt
22:06 StDiluted joined #salt
22:07 timoguin joined #salt
22:09 aparsons joined #salt
22:09 gladiatr joined #salt
22:16 markm joined #salt
22:30 beneggett joined #salt
22:32 loz-- joined #salt
22:42 ajw0100 joined #salt
22:44 hemphill joined #salt
22:44 mohae joined #salt
22:47 jeddi joined #salt
22:48 Trades joined #salt
22:52 solidsnack joined #salt
22:58 zwi joined #salt
22:59 kusams joined #salt
23:03 solidsnack joined #salt
23:04 teepark how do you go about creating an encrypted password suitable for states.user.present?
23:04 iggy I think there's something in the docs about it
23:05 teepark oh does modules.shadow.gen_password do it?
23:06 teepark this looks good
23:07 iggy looks like a possibility
23:08 iggy The password hash can be generated with this command:
23:08 iggy python -c "import crypt; print crypt.crypt('password', '\$6\$SALTsalt')"
23:08 iggy but the other way looks better
23:10 ipmb joined #salt
23:13 blacked joined #salt
23:18 baweaver joined #salt
23:23 yomilk joined #salt
23:27 codehotter How do I have something depend on TWO other things?
23:27 codehotter as a watch
23:28 solidsnack joined #salt
23:30 timoguin joined #salt
23:30 iggy it's a list
23:30 iggy just put multiple things in the list
23:31 codehotter will this do what I expect? http://fpaste.org/214992/29831903/
23:32 codehotter for example, the semanage module requires policycoreutils-python to be installed.
23:32 codehotter is that guaranteed?
23:32 codehotter it's higher in the file
23:33 * iggy backs away slowly
23:33 codehotter iggy: why? What did I do? =(
23:34 iggy me no pyobjects
23:34 codehotter is pyobjects frowned upon?
23:35 iggy just uncommon
23:36 iggy you could use a nested with format (like the docs have)
23:38 codehotter OK, how about this http://fpaste.org/214994/32313142/
23:38 subsignal joined #salt
23:39 codehotter the package MUST run before the semanage, the ssh config change before the service restart, is that guaranteed by the order in the file?
23:39 codehotter even if I have watch?
23:39 codehotter or is it safer to add requires
23:39 bhosmer_ joined #salt
23:39 iggy you could make it a listen to make sure
23:41 iggy (I personally like listen more than watch anyway)
23:41 iggy but I like top-down vs explicit requisite statements everywhere
23:41 codehotter is top down enough to guarantee it?
23:43 iggy as long as nothing else changes the order
23:43 iggy which is why some of us prefer listen to watch
23:44 iggy some of the requisites (watch, etc) have a nasty habit of not just slightly reordering things, but really messing up the ordering
23:44 wt joined #salt
23:44 wt hi
23:44 wt are there any known issues with the git ext pillar in 2014.7.5?
23:44 codehotter so, in my service i can use listen on the file rather than watch?
23:45 codehotter does that do the same? (ensure service is running, restart it if file changed)?
23:45 wt I just upgraded, and I don't appear to be getting any pillar data from my git pillar sources.
23:45 iggy codehotter: yeah, read the docs for the full rundown, but it's basically watch -reordering
23:45 wt The master appears to be updating the git pillar data, but it just not using it when I refresh pillars on my minions.
23:46 iggy wt: haven't heard anything, but it was just officially announced like 2 days ago, so...
23:46 kunersdorf have you refreshed the pillar data for the minons?
23:46 wt yes
23:46 codehotter does salt-cloud trigger an automatic highstate on the node i just created or do i need to configure something extra to get that?
23:46 wt I don't get any data.
23:46 thayne joined #salt
23:47 kunersdorf pillar top.sls updated?
23:47 lempa joined #salt
23:47 wt kunersdorf, does it need to be different in this version
23:47 wt ?
23:47 iggy codehotter: you can tell it to (and there are other purely salt ways)
23:47 kunersdorf don't think so
23:48 wt well, I have a top.sls in the master branch of my git repo, but doing "salt-run pillar.show_top <mach> saltenv=base" produces nothing
23:48 wt If I move the files to a directory, and setup pillar_roots to point the "base" env at it, it works.
23:49 iggy you only have a top.sls in one branch?
23:49 wt Yes
23:49 wt I had a more complex setup before, but I have cut it down to try to figure out the problem
23:50 yomilk joined #salt
23:50 eseyman joined #salt
23:50 kusams joined #salt
23:51 codehotter iggy: Are you telling me I don't need salt-cloud, I can deploy servers from an sls file?
23:51 Tyrm joined #salt
23:52 wt I am on Amazon Linux, if that matters.
23:52 iggy codehotter: you can in newer versions (there are cloud states/modules)
23:53 codehotter When writing my own module, should I write an execution module to make changes, as in the example? Or can the  state module make changes itself?
23:54 iggy I think it depends on what you're doing
23:54 codehotter semanage port -a -t ssh_port_t 222
23:54 iggy but you generally see stuff with a module to do the heavy lifting and so you can use it on the command line as well
23:55 gladiatr joined #salt
23:55 wt Is anyone here using git pillar with 2014.7.5?

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary