Perl 6 - the future is here, just unevenly distributed

IRC log for #salt, 2015-04-25

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:03 canci joined #salt
00:04 otter768 joined #salt
00:07 vexati0n exit
00:07 vexati0n gah
00:07 * nzero shows vexati0n the exit
00:10 ageorgop joined #salt
00:12 linjan joined #salt
00:14 solidsnack joined #salt
00:17 thayne joined #salt
00:18 baweaver joined #salt
00:21 clintberry joined #salt
00:23 SeeDickCode joined #salt
00:24 VR-Jack is there an easy way to generate a log/print statement in an sls to view variables and such?
00:38 c10 joined #salt
00:44 otter768 joined #salt
00:47 VR-Jack got it. use state.event filtering for a tag on master and use event.send in the sls. So now I know that {{ sls }} can work as $self in an init.sls
00:49 dalexander joined #salt
00:53 desposo joined #salt
00:53 smcquay joined #salt
00:57 dharper_ii joined #salt
00:57 vstoniest joined #salt
00:59 hybridpollo joined #salt
01:12 baweaver joined #salt
01:14 dharper_ii joined #salt
01:14 cmb_ joined #salt
01:14 vstoniest joined #salt
01:14 _Cyclone_ joined #salt
01:38 scbunn joined #salt
01:39 vstoniest joined #salt
01:51 jonatas_oliveira joined #salt
02:02 dharper_ii joined #salt
02:05 bhosmer joined #salt
02:18 dingo VR-Jack: https://github.com/joejulian/saltstack-logging
02:18 dingo i was looking for the same some weeks ago and a colleague wrote that for me, i ended up never using it, but it should allow you to "debug print" mid-state
02:18 SeeDickCode joined #salt
02:19 badon_ joined #salt
02:19 VR-Jack dingo: bookmarked and thanks. I searched but didn't have any luck
02:20 VR-Jack yeah, debug print is better than shooting out signals for some things. Also, with an warning print on orchestration, I can follow the orchestration module easily instead of waiting for the end.
02:21 _Cyclone_ joined #salt
02:21 dingo you bet! enjoy
02:22 VR-Jack doing kickstart rewrites before doing pxe, so this will rock.
02:22 pcn joined #salt
02:23 bmcorser joined #salt
02:24 VR-Jack think I just broke 100 hours of reading salt docs. lol
02:26 yomilk joined #salt
02:28 ageorgop joined #salt
02:29 fusionx86 joined #salt
02:29 smcquay joined #salt
02:30 dingo yeah im using salt to prepare machines for pxe too, its a nice idea
02:32 VR-Jack only annoyance I've had is that I didn't have feedback when it's done loading and waiting for me to boot the server. Not a biggie for vm, but annoying for bare metal
02:36 I3olle joined #salt
02:37 yomilk joined #salt
02:39 SpeedFuse joined #salt
02:43 michelangelo joined #salt
02:48 yomilk joined #salt
02:49 subsignal joined #salt
02:56 hasues joined #salt
02:57 writtenoff joined #salt
03:01 hasues left #salt
03:11 iromli joined #salt
03:16 echo joined #salt
03:17 echo_ joined #salt
03:28 catpig joined #salt
03:29 VR-Jack hmmm. monitoring system -> event.send -> reactor -> fix things, please. might be fun
03:41 bhosmer joined #salt
03:41 otter768 joined #salt
03:44 vstoniest joined #salt
03:55 scbunn joined #salt
03:57 stanchan joined #salt
04:00 bemehow joined #salt
04:06 hernan604 joined #salt
04:07 thayne joined #salt
04:20 stooj joined #salt
04:24 blacked joined #salt
04:31 blacked joined #salt
04:38 blacked joined #salt
04:41 jdesilet joined #salt
04:41 jdesilet Jason how are you
04:41 jdesilet sorry wrong window :(
05:00 otter768 joined #salt
05:00 yomilk joined #salt
05:03 yomilk_ joined #salt
05:05 ckao joined #salt
05:14 ndrei joined #salt
05:23 jxm_ joined #salt
05:29 mosen joined #salt
05:49 Eliz_ joined #salt
05:52 und1sk0 closed connections? this computer has gone to sleep? no one uses screen anymore?
06:00 Eliz_ joined #salt
06:03 VR-Jack Lots of people do. Just not everyone. :P
06:15 jeffspeff joined #salt
06:16 Not_ joined #salt
06:16 dh__ joined #salt
06:17 dstokes_ joined #salt
06:17 simonmcc_ joined #salt
06:17 spiksius joined #salt
06:18 tmmt_ joined #salt
06:19 Sketch_ joined #salt
06:19 amatas_ joined #salt
06:19 codekobe_ joined #salt
06:19 phx- joined #salt
06:19 nihe_ joined #salt
06:19 jtanner_ joined #salt
06:20 speedlig1t joined #salt
06:20 douardda_ joined #salt
06:20 dayid_ joined #salt
06:20 mage__ joined #salt
06:20 _ether__ joined #salt
06:20 ropes_ joined #salt
06:20 Hazelesque joined #salt
06:20 Hazelesque joined #salt
06:20 boubou joined #salt
06:20 marcel_ joined #salt
06:20 TomJepp joined #salt
06:20 eightyeight joined #salt
06:20 jbub joined #salt
06:20 nich0s joined #salt
06:21 isbm joined #salt
06:21 manytrees joined #salt
06:21 pcn joined #salt
06:21 gdm85 joined #salt
06:21 drags joined #salt
06:21 JPaul joined #salt
06:21 samnmax joined #salt
06:21 dkrae joined #salt
06:21 mfournier joined #salt
06:21 fxhp joined #salt
06:22 kwmiebach joined #salt
06:22 Guest69053 joined #salt
06:22 APLU joined #salt
06:23 dh joined #salt
06:26 moderation joined #salt
06:27 Tritlo joined #salt
06:27 copelco joined #salt
06:27 scalability-junk joined #salt
06:28 gyre007 joined #salt
06:28 goki joined #salt
06:28 akafred joined #salt
06:28 hardwire joined #salt
06:29 basepi joined #salt
06:29 zipkid joined #salt
06:30 mikepea_ joined #salt
06:30 mattl joined #salt
06:37 stooj joined #salt
06:39 jxm_ I have the weirdest issue. I am assigning pillar data in a "foobar" dict to a node. salt mynode pillar.items shows the data just fine, but pillar.get foobar returns empy. Any ideas?
06:40 ajolo joined #salt
06:43 borgstrom joined #salt
06:45 jxm_ Also pillar.item foobar works fine, but pillar.get returns nothing
06:49 nicksloan- joined #salt
06:50 utahcon_ joined #salt
06:50 mpanetta joined #salt
06:51 jxm_ And salt-call pillar.get works, not salt mynode pillar.get. Weird
06:53 CaptainMagnus joined #salt
06:53 babilen_ joined #salt
06:53 modafinil_ joined #salt
06:54 mackstic1 joined #salt
06:54 pcdummy_ joined #salt
06:54 dkrae1 joined #salt
06:54 pelzi__ joined #salt
06:54 moderation_ joined #salt
06:55 Karlthane joined #salt
06:55 MTecknol1gy joined #salt
06:56 dthorman_ joined #salt
06:56 micko joined #salt
06:57 hillna_ joined #salt
06:57 dayid joined #salt
06:57 dayid joined #salt
06:57 Nazca__ joined #salt
06:57 emid_ joined #salt
06:57 kutenai_ joined #salt
06:57 paolo_ joined #salt
06:57 seblu42 joined #salt
06:57 sav joined #salt
06:57 ThomasJ|d joined #salt
06:57 LinuxHorn_ joined #salt
06:58 synical joined #salt
06:58 ben_NN joined #salt
06:58 xMopxShell joined #salt
06:59 samnmax joined #salt
06:59 awpti joined #salt
06:59 jxm_ joined #salt
06:59 copelco joined #salt
07:00 ShadowHntr joined #salt
07:01 Nazzy joined #salt
07:01 sirtaj joined #salt
07:02 g3cko joined #salt
07:03 rome_390 joined #salt
07:03 forze joined #salt
07:03 bhosmer joined #salt
07:03 MrMorden joined #salt
07:03 joehh1 joined #salt
07:04 beauby joined #salt
07:04 Hell_Fire_ joined #salt
07:04 Trades joined #salt
07:04 cwyse_ joined #salt
07:04 abele joined #salt
07:04 m0nky joined #salt
07:04 bdols joined #salt
07:04 tmclaugh[work] joined #salt
07:05 ropes joined #salt
07:05 ecdhe joined #salt
07:06 leszq joined #salt
07:06 joshin joined #salt
07:09 bhosmer_ joined #salt
07:10 m0nky_ joined #salt
07:12 leszq joined #salt
07:15 jxm_ So, sorry for those seing this in double, I was kicked by a large netsplit - I have a pillar that I can see the data of using local salt-call get mypillar, but remote salt mynode pillar.get mypillar returns nothing. However, if using salt mynode pillar.items, the data is there in the returned dict. Tried highstating. restarting the master, running the job with -l all -vvv, no clue :-( Any idea?
07:20 tmh_ joined #salt
07:23 jesusaurus joined #salt
07:23 tkharju joined #salt
07:47 yomilk joined #salt
07:52 teogop joined #salt
07:55 mpanetta joined #salt
07:55 colonD joined #salt
08:06 codehotter VR-Jack: yes, I tried running the systemctl that failed, and it works fine when I type it in the shell.
08:07 codehotter VR-Jack: I'm not sure the service module is ineffecient, that sounds a bit strange. Do you have any idea to systematically debug it? To figure out what's really going on?
08:07 codehotter maybe I can pause it somehow and then measure memory usage?
08:08 blacked joined #salt
08:09 duckx joined #salt
08:10 duckx Hello , first time here.  Just to let yet you know there is another happy user of salt ...
08:11 ndrei joined #salt
08:15 I3olle joined #salt
08:19 aquassaut joined #salt
08:22 c10 joined #salt
08:24 paolo joined #salt
08:27 joeto joined #salt
08:39 giantlock joined #salt
08:56 mpanetta joined #salt
08:58 markm joined #salt
08:58 thayne joined #salt
09:01 joeto1 joined #salt
09:06 tomh- joined #salt
09:16 markm_ joined #salt
09:20 bhosmer joined #salt
09:36 chiui joined #salt
09:37 bhosmer joined #salt
09:40 peters-tx joined #salt
09:48 CeBe joined #salt
09:50 ndrei joined #salt
10:00 bhosmer joined #salt
10:02 yidhra joined #salt
10:09 pppingme joined #salt
10:22 c10 joined #salt
10:26 mpanetta joined #salt
10:27 svx joined #salt
10:30 bhosmer joined #salt
10:32 otter768 joined #salt
10:35 magnus-lycka joined #salt
10:46 c10 joined #salt
10:49 Berty_ joined #salt
10:50 Eliz_ joined #salt
10:53 bhosmer joined #salt
10:54 linjan joined #salt
10:55 tkelley joined #salt
11:06 al joined #salt
11:07 rawzone joined #salt
11:12 tkelley joined #salt
11:12 ageorgop joined #salt
11:18 ndrei joined #salt
11:18 scalability-junk left #salt
11:18 Mattisdada joined #salt
11:18 c10 is there any way to dynamically define states?
11:21 Mattisdada Hey guys, first time user for Saltstack. I'm using SaltStack with Vagrant (https://github.com/saltstack/salty-vagrant). What is the correct workflow? The /vagrant folder contains the correct /src files, but obviously by default it doesn't look inside that folder. So what should I do?
11:21 Mattisdada cp the files out? Or reconfigure to look in that folder?
11:21 bhosmer joined #salt
11:22 c10 for example have information about different deployable apps in a pillar, and then have a way to selectively deploy them from the command line by executing a deploy an associated state (each of those states would be dynamically defined by looping over the pillar)
11:22 robinsmidsrod joined #salt
11:26 Drajwer joined #salt
11:26 Drajwer hello
11:26 Drajwer if I want to deploy ssl certs is it good idea to keep them in pillars?
11:33 favadi joined #salt
11:41 MaliutaLap joined #salt
11:41 MaliutaLap left #salt
11:42 zekoZeko Drajwer: keys yes, certs only if you want to.
11:50 robinsmidsrod joined #salt
11:50 yomilk joined #salt
12:08 robinsmidsrod joined #salt
12:09 saltsa joined #salt
12:11 radd joined #salt
12:12 bhosmer joined #salt
12:14 amcorreia_ joined #salt
12:15 robinsmidsrod joined #salt
12:26 bluenemo joined #salt
12:26 bluenemo joined #salt
12:32 otter768 joined #salt
12:37 catpig joined #salt
12:41 losh joined #salt
12:51 c10 joined #salt
13:02 jonlangemak joined #salt
13:13 catpig joined #salt
13:14 fusionx86 joined #salt
13:19 cpowell joined #salt
13:19 cpowell joined #salt
13:22 scbunn joined #salt
13:23 bhosmer joined #salt
13:25 jonlangemak joined #salt
13:41 bash124512 Drajwer : you can use gpg encryption for private keys
13:42 asido joined #salt
13:44 asido all of a sudden out of nowhere I can't run highstate on a minion anymore.  get the following output every single time: https://gist.github.com/Asido/7fb99326a38c54946fe9
13:44 Drajwer bash124512: sounds interesting any example?
13:44 asido I've seen people getting it when having different master/minion versions, but it's not the case for me
13:44 bash124512 Drajwer : http://docs.saltstack.com/en/latest/ref/renderers/all/salt.renderers.gpg.html
13:45 asido how can I debug this? no top files were touched since last time it was working
13:47 scbunn joined #salt
13:47 Drajwer bash124512: thanks
13:47 Drajwer what do you think about https://github.com/StackExchange/blackbox ?
13:48 bash124512 asido : No Top file
13:49 asido bash124512, the top file is where it always was
13:49 bash124512 Drajwer : never used it. I have a script that opens pillar files in vim and encrypts keywords that contain password, key .. etc
13:50 bash124512 asido : set debug in minion settings and watch /var/log/salt/minion
13:50 bash124512 asido : I never seen that message b4
13:55 Drajwer bash124512: does this salt.renderers.gpg supports only one key?
13:57 bash124512 Drajwer : I use only one gpg key. Wouldn't know the answer to your questions but I imagine it does support multiple gpg keys to be setup
13:59 bash124512 asido : maybe its the test function that returns that result. if you would try to run it without a test to see if the state runs ok.
13:59 asido bash124512, no it doesn't
14:00 tmclaugh[work] joined #salt
14:01 bash124512 asido : can you post the result of the state without test ?
14:05 asido bash124512, it started running again. all I did was commented some things I knew were changed in some state files, then uncommented again as it didn't help and it just worked
14:06 bash124512 asido : then maybe it was an indentation problem. anyway :)
14:07 asido I doubt. I just added and removed a hash
14:08 bemehow joined #salt
14:08 Rockj joined #salt
14:13 bhosmer joined #salt
14:17 yomilk joined #salt
14:20 txomon joined #salt
14:21 txomon hi! I am totally new to salt, I yesterday read like 5 hours of doc. and I am interested in the salt virt stuff
14:21 txomon I however, don't have a computer with vmx support. I would like to use lxc as libvirt backend
14:21 txomon any idea?
14:21 ndrei joined #salt
14:23 sandah joined #salt
14:27 JDiPierro joined #salt
14:29 c10 joined #salt
14:33 otter768 joined #salt
14:38 _`_ joined #salt
14:38 _`_ left #salt
14:39 VR-Jack txomon: http://docs.saltstack.com/en/latest/topics/tutorials/cloud_controller.html
14:40 txomon VR-Jack, no lxc mention...
14:40 txomon may I suppose it will be the same?
14:41 llua > Salt Virt is made to be hypervisor agnostic but currently the only fully implemented hypervisor is KVM via libvirt.
14:41 VR-Jack http://saltstack.com/saltstack-delivers-more-automation-docker-lxc-application-containers/
14:41 txomon oh ok, thanks!
14:41 VR-Jack it's more promo, not doc, but perhaps the video and links off that might help
14:42 VR-Jack I don't do docker/lxc
14:42 txomon I have not alternative :/
14:42 txomon (my test computer is just an old intel core quad)
14:42 txomon no*
14:44 VR-Jack understand. my test server is the most expensive computer I've ever bought
14:44 tmclaugh[work] joined #salt
14:44 VR-Jack lxc state module. http://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.lxc.html
14:46 VR-Jack You might also search formulas. I haven't even seen what all formulas might already be built for different htings yet.
14:46 cpowell_ joined #salt
15:01 cpowell joined #salt
15:02 cpowell joined #salt
15:04 faust joined #salt
15:06 bluenemo joined #salt
15:09 JoeHazzers joined #salt
15:10 tmclaugh[work] joined #salt
15:10 txomon ok! I will definitely have a look on that
15:20 otter768 joined #salt
15:21 evilrob joined #salt
15:23 yomilk joined #salt
15:23 VR-Jack txomon: dont' get discouraged. I've spent the last week reading through documentation; at least 40 hours, though I think closer to 100.
15:25 stanchan joined #salt
15:29 bhosmer joined #salt
15:29 ndrei joined #salt
15:30 c10 joined #salt
15:31 scbunn joined #salt
15:34 bemehow joined #salt
15:37 ndrei joined #salt
15:44 tmclaugh[work] joined #salt
15:47 fusionx86 joined #salt
15:50 tmclaugh[work] joined #salt
15:54 tmclaugh[work] joined #salt
15:54 txomon joined #salt
16:02 jasonrm joined #salt
16:05 aqua^mac joined #salt
16:08 _Cyclone_ joined #salt
16:09 tmclaugh[work] joined #salt
16:10 viq joined #salt
16:11 VR-Jack anyone know if there's an easy way to set the value of a pillar based on a state?
16:12 Eureka joined #salt
16:12 VR-Jack I need to check if dns servers are available and make decisions based on that for filling out resolv.conf
16:12 donmichelangelo joined #salt
16:13 jcockhren VR-Jack: you may need to right a custom module for that
16:13 jcockhren s/right/write/
16:13 VR-Jack yeah. not a python guy. lol. Didn't know if we had a dynamic variable storage mechanism somewhere.
16:14 illern_ joined #salt
16:14 VR-Jack I can technically do multiple dependencies and pass override pillar accordingly. It's just messy.
16:15 g3cko_ joined #salt
16:16 scbunn_ joined #salt
16:16 eseyman_ joined #salt
16:16 heaumer_ joined #salt
16:16 Eureka__ joined #salt
16:16 c4urself__ joined #salt
16:16 OnTheRock joined #salt
16:16 vexati0n_ joined #salt
16:16 pmcg_ joined #salt
16:17 ligthert_ joined #salt
16:17 denys_ joined #salt
16:17 msciciel2 joined #salt
16:17 mephx_ joined #salt
16:17 spootly_ joined #salt
16:17 ninkotech__ joined #salt
16:18 davroman1ak joined #salt
16:18 crazysim_ joined #salt
16:18 X-Istence joined #salt
16:18 ShibMcNe_ joined #salt
16:18 mohae_ joined #salt
16:18 cozby_ joined #salt
16:18 Number6_ joined #salt
16:18 ze-_ joined #salt
16:18 jamesog_ joined #salt
16:18 mackstick joined #salt
16:18 Jimlad_ joined #salt
16:19 torment_ joined #salt
16:19 programm1 joined #salt
16:19 emid joined #salt
16:19 lz-dylan_ joined #salt
16:19 Nils-_ joined #salt
16:19 gfa_ joined #salt
16:19 JakTrades joined #salt
16:19 the_lalelu joined #salt
16:19 k00mi joined #salt
16:19 grep_away joined #salt
16:19 wm-bot48 joined #salt
16:20 eclectic joined #salt
16:20 tuor_ joined #salt
16:20 froztbyte joined #salt
16:20 froztbyte joined #salt
16:20 ksk joined #salt
16:20 iggy joined #salt
16:20 admgre joined #salt
16:20 djaykay joined #salt
16:20 rigor789|away joined #salt
16:20 jxm_ joined #salt
16:20 Ahlee joined #salt
16:20 __number5__ joined #salt
16:21 sk_0 joined #salt
16:21 aqua^lsn joined #salt
16:21 dec joined #salt
16:21 dec joined #salt
16:21 Vye_ joined #salt
16:21 ujjain- joined #salt
16:21 seblu42 joined #salt
16:21 sarlalian joined #salt
16:22 danee joined #salt
16:22 HuleB joined #salt
16:22 dbanham joined #salt
16:22 nethershaw joined #salt
16:22 mohae joined #salt
16:23 alynpost_ joined #salt
16:23 mortis joined #salt
16:23 djinni` joined #salt
16:23 skarn joined #salt
16:24 JoeHazzers erm, why does the 2014.7.5 release make reference to raet.raeting.autoModes (removed back in february)?
16:25 kevc joined #salt
16:26 VR-Jack looks like best option might be to use reactor to update a pillar states file
16:26 rickflare joined #salt
16:27 Plastefuchs joined #salt
16:28 Pixionus joined #salt
16:28 mohae joined #salt
16:28 keltim joined #salt
16:29 penguin_dan joined #salt
16:29 seeg_ joined #salt
16:30 bhosmer joined #salt
16:30 keltim I'm wondering now sometimes if I understand pillar ... it seems a lot of people are using it instead of state files, but it was my understanding it is a backing mechanism to provide parameters to state files or just push secrets in cleanly targeted way ...
16:30 nadley joined #salt
16:30 spader joined #salt
16:30 ckao1 joined #salt
16:30 programmerq joined #salt
16:30 keltim everything I read now .. seems like people are only using pillar and not the state tree ...
16:30 keltim 'cause I'm still a newbie, more or less
16:31 c10 joined #salt
16:31 sophomeric joined #salt
16:31 dalexand_ joined #salt
16:32 VR-Jack The problem is that I don't see a way to view the state tree
16:32 keltim VR-Jack, not sure what you mean ...
16:32 egilh joined #salt
16:32 kevc_ joined #salt
16:32 VR-Jack I need to set dns servers in resolv.conf based on if my local dns servers are configured or not.
16:32 elfixit1 joined #salt
16:32 VR-Jack local meaning local network, not local to minion
16:32 philipsd6_ joined #salt
16:33 jcockhren VR-Jack: yeah. what you want to do is not part of salt's CM story as of yet
16:33 keltim I don't see why you can't accomplish that with states
16:33 c10_ joined #salt
16:33 Nils- joined #salt
16:33 keltim can't a grain tell you that?
16:33 jcockhren certainly not in the form of yaml states
16:34 tmclaugh[work] joined #salt
16:34 jcockhren yaml states execution custom module? yes
16:34 nahamu joined #salt
16:34 jcockhren s/execution/executing/
16:34 jcockhren VR-Jack: got to get your pythons up. :D
16:34 VR-Jack I technically can. I can do 2 states that are based on the results of a dig command and pass the necessary information in, but it's messy.
16:34 keltim a state can lookup a minions network and configure dns accordingly ... not sure why any other conditions would be in effect
16:35 __number5__ joined #salt
16:35 bemehow joined #salt
16:35 VR-Jack jcockhren: that's why I went with salt. I'd rather learn python than ruby
16:35 keltim the default grains contain the minion's network ...
16:35 fxhp joined #salt
16:35 jcockhren but one can't do a arbitrary remote check for the availability of a remote service
16:35 jcockhren keltim: ^
16:36 keltim availability of dns? I'd ask what you're doing with dns at this point ...
16:36 VR-Jack 8.8.8.8 and 8.8.4.4 if local resolvers aren't running
16:37 keltim well, in my humble sysadmin mind, the dns should be available by subnet/network, always. No need to determine if it's running ...
16:37 VR-Jack I have a lot of circular referencing in my build.
16:37 tmclaugh[work] joined #salt
16:37 VR-Jack umm, that's nice unless it's the first server you setup in a network
16:37 VR-Jack I'm bootstrapping the entire network in one command
16:37 keltim if you have to check that dns is "available" something is wrong and it should fail anyway
16:38 pelzi__ just put 8.8.8.8 as the 3rd resolver
16:38 keltim pelzi__, no don't do that ...
16:38 keltim VR-Jack, then have the dns servers set up first. They're needed
16:39 VR-Jack the vmhost must be setup before the dns server vm. :)
16:39 pelzi__ and to set them up, you need to configure some resolver on them.
16:39 keltim VR-Jack, but also, dhcp, configured correctly, should be setting the dns, not salt
16:39 VR-Jack my servers don't do dhcp unless they are doing pxe
16:40 keltim everything should be dhcp ... statics become reservations
16:40 jonlangemak joined #salt
16:40 pelzi__ dhcp becomes a worse chicken/egg problem
16:40 marcinkuzminski joined #salt
16:40 jcockhren VR-Jack: is this a DR case?
16:40 keltim are you setting up some vagrant / virtual box thing or a "real" environment?
16:41 VR-Jack baremetal + kvm
16:41 keltim dhcp would be somewhat problematic, yes, if you are setting up an virtual environment with vagrant on a desktop ... but normally, dhcp is always the way to go, anything else is foolish
16:42 VR-Jack it's an extra annoyance to manage that isn't necessary. Well, looks like it's time to go dig some water/power lines to my new house. playing with salt more fun. *sigh*
16:43 keltim it *is* neccessary to avoid just the sort of contortions you are putting yourself through!
16:43 abort joined #salt
16:44 pelzi__ I do not see how dhcp solves the resolver chicken/egg problem, instead it is another chicken/egg problem by itself
16:44 keltim the dhcp server sets the resolver - what chicken/egg problem?
16:45 pelzi__ that you need some set of working resolvers to set up your resolvers and the vm host they run on, and you need to set up your dhcp server before anything can run, and at least your dhcp server needs a static address anyway
16:46 keltim well yes you need working nameservers and working dhcp servers in any environment
16:46 bytemask joined #salt
16:46 Sway joined #salt
16:46 techdragon joined #salt
16:46 keltim No 1
16:46 Georgyo joined #salt
16:46 gchao joined #salt
16:46 VR-Jack-housebui even if using dhcp, I'd still need to know what to program into the dhcp servers for dns resolvers based on if they were running or not. ;)
16:46 krobin joined #salt
16:46 berto- joined #salt
16:46 nliadm joined #salt
16:46 adrianhannah joined #salt
16:46 Twiglet joined #salt
16:46 keltim no, nameservers should always be assumed to be running
16:46 cmb_ joined #salt
16:46 pipeep joined #salt
16:46 danielcb joined #salt
16:47 keltim anything else is absurd
16:47 mkropinack joined #salt
16:47 kuromagi joined #salt
16:47 VR-Jack-housebui with your idea, I build VMhost, then I build dhcp server, then I can build dns servers. DNS not available until 3rd server built
16:47 pelzi__ you just need to pick 3 resolvers to put in resolv.conf so that one always works
16:47 [vaelen] joined #salt
16:47 pelzi__ and they must not depend on themselves
16:47 VR-Jack-housebui but the first 2 need dns before the 3rd
16:47 tmclaugh[work] joined #salt
16:47 manytrees joined #salt
16:48 pelzi__ if you don't have other local resolvers or even anycast resolvers in your net, you need to use 8.8.8.8 or you upstream's resolver
16:48 keltim why not have your net infrastructure external to this environment? that would be preferable
16:48 VR-Jack-housebui yeah. that's what I do, then change to local once they are built.
16:48 Laogeodritt joined #salt
16:48 VR-Jack-housebui okay. off for real. have fun
16:49 pelzi__ and what if the vm's fail to start and then you get to fix the host which has no working resolvers
16:49 wilf1rst joined #salt
16:49 pelzi__ that's an extra few minutes wasted waiting for sshd to resolve rdns
16:49 keltim pelzi__, using public nameservers does solve one problem, but it makes name resolution inconsistent in the environment, as the public nameservers will not know how to resolve your private zone records
16:49 pelzi__ assuming you use such moronic things as split dns
16:49 pelzi__ I do not.
16:49 wiqd joined #salt
16:50 grepory joined #salt
16:50 mattl joined #salt
16:50 supermike__ joined #salt
16:51 keltim in any case sshd's reverse lookups should be disabled, it's a long outdated mechanism
16:51 hardwire joined #salt
16:52 solidsnack joined #salt
16:54 keltim I don't know what "split dns" has to do with it
16:55 keltim your resolver should point to caching nameservers only
16:56 Yoda-BZH joined #salt
16:59 zircote joined #salt
17:00 zircote joined #salt
17:00 yomilk joined #salt
17:00 keltim pelzi__, uh, yeah dhcpd needs to be running. you're acting like a highway doesn't need to be there before you go on a long road trip
17:02 pelzi__ which is why the trucks used to build the highway do not depend on it existing.
17:03 zircote joined #salt
17:04 keltim pelzi__, look, if you want to set up an environment where you have to check whether dns resolution even exists or not, be my guest. It's totally absurd to try to set up a network that way, but you'll figure that out on your own one day, I hope.
17:04 scbunn joined #salt
17:04 pelzi__ I do not have to resort to ad hominem, but yes, I usually run anycasted resolvers and I do not have such chicken and egg issues.
17:06 pelzi__ yet, I have experienced losing all resolvers sufficiently many times that I always have a plan for recovery in case they fail, and I am a network engineer so most of my stuff has to work without depending on DNS anyway.
17:09 yawniek joined #salt
17:09 keltim then I'd still pass the anycast resolver via dhcp, and not try to manage /etc/resolv.conf with salt, though you and VR-Jack aren't doing the same thing, actually I don't know what you're doing besides disagreeing with me
17:10 pelzi__ and in every network I have built, there is an initial state where 8.8.8.8 or the local isp's resolvers are used before the local dns is built. this is an unavoidable intermediate state. or of course you could bootstrap the resolvers completely from a DVD
17:11 blacked joined #salt
17:11 pelzi__ IMO it is a mistake to set up a vm host to use resolvers running inside it, the rest of the machines probably can wait until the resolvers are live.
17:13 r0x joined #salt
17:14 keltim well I would just sidestep the problem and make the resolvers available from the start. I don't see how you can proceed logically without being able to assume that. And what are you doing anyway? Setting an entire little self contained network of VM's from scratch with nothing else available? It doesn't matter if you use public resolvers unless you have private name records that need to be resolved. I think I said that. But I don't mix the
17:14 keltim two together, nothing but trouble
17:16 GrueMaster joined #salt
17:17 JayFK joined #salt
17:23 keltim and I can imagine that a networking engineer might be in the habit of setting static address for all sorts of good reasons, but in the systems world, it really best to let dhcp handle that
17:30 cpowell joined #salt
17:32 keltim and the hypervisor can provide dhcp service, haven't seen one that doesn't. Even virtual box does, though it's configurability is sorely lacking
17:35 photex joined #salt
17:36 photex o/ howdy folks... I've got a minion that doesn't appear to have the pkg.info command available
17:36 photex was this a recent addition to salt?
17:37 photex I'm installing salt from the package manager so maybe I'm out of date?
17:37 keltim what version?
17:37 keltim your minion does need to match the server version, generally speaking ...
17:38 tmclaugh[work] joined #salt
17:39 Fiber^ joined #salt
17:41 photex 2014.1.11-1.3 on the minion and...
17:41 photex sorry that was the master
17:41 photex minion is ...
17:42 capricorn_1 joined #salt
17:43 photex ok the versions don't match: 2014.7.5 and 2014.1.11-1.3
17:43 keltim 2014.7 has some major differences .. they really need to match
17:43 photex I was just using the versions provided by the package manager, but I'll instead just install directly then
17:44 keltim if you're unable to pull them from the same repos everywhere I don't think there's a choice but to roll your own salt to keep everything consistent
17:45 _Cyclone_ joined #salt
17:45 photex I wanted to try a heterogeneous setup by default so that'll be the path forward now
17:45 photex thanks keltim
17:45 keltim yeah. I'd rather use the package manager but that is becoming more and more of a pipe dream
17:45 babilen You can use the package manager with repositories maintained by saltstack
17:46 photex babilen, that sounds like a good idea :)
17:46 keltim you can certainly, but will they jump versions? if so I'd want to hold and examine the situation beforehand
17:47 babilen Could you be more specific? Which distribution are you referring to and what constitutes "jumping versions" exactly? 2014.7.4 → 2014.7.5 ?
17:49 keltim any jump that would happen on an update ... do the salt repos just patch for security, retaining the version, or do they give you the new version?
17:49 babilen The latter
17:49 babilen There are no explicit security backports unfortunately
17:50 keltim yeah what I figured ... would not want to do that without examination first
17:50 babilen Then put the packages on hold
17:50 keltim yes of course
17:50 babilen (assuming the "package manager" you refer can do that)
17:50 keltim not a prob
17:50 babilen +to
17:50 bfoxwell joined #salt
17:51 clintberry joined #salt
17:51 keltim babilen, where are they? I'm googling but getting too much junk ... sorry
17:52 otter768 joined #salt
17:53 babilen "they" ? I really can't help you if you don't tell me which distributions you are requiring packages for
17:53 keltim aren't they all in the same place? amazon / or centos, debian
17:54 c10 joined #salt
17:54 babilen No, centos uses different repositories than debian
17:54 babilen (for example as the packages are not compatible)
17:54 keltim no, the same *website*
17:54 babilen http://debian.saltstack.com/ + http://docs.saltstack.com/en/latest/topics/installation/debian.html for debian
17:55 babilen http://docs.saltstack.com/en/latest/topics/installation/index.html#platform-specific-installation-instructions for the documentation on how to install salt for various operating systems and distributions
17:56 keltim oh ok. those just reccomend EPEL which I already knew (for RHEL flavors), though I did not know saltstack.com managed a debian repo itself
17:58 babilen Packages are uploaded to epel and epel-testing in that case
17:59 keltim but EPEL's rpms don't work with amazon linux 2015.03, because EPEL's rpms are hard coded to use #!/usr/bin/python, which is 2.7 on amazon. And amazon's python2.6 is pretty broken. But EPEL-testing's work (usr #!/usr/bin/env python so you can set the python in the init script)
17:59 keltim although I could rebuild the EPEL rpm of course
18:00 keltim but out of the box it's broken on latest amazon
18:02 babilen okay
18:02 keltim I suppose I could file an issue but it's not really EPEL's responsibility
18:02 keltim and you can't file issues against amazon
18:03 * keltim beginning to get fed up with AMZN linux
18:03 babilen You should still file an issue (so that saltstack knows about that issue with their packages)
18:03 keltim yeah, true
18:04 keltim I realized amazon's py26 creates hard links from /usr/local/bin into /usr/lib and bungles it's alternatives config completely
18:04 keltim um, /usr/local/lib
18:05 keltim I don't think Amzn Linux is even subjected to basic automatic rpm checking
18:07 photex hrm, still no pkg.info with both master and minion on 2014.7.5
18:07 photex master is centos and minion is opensuse
18:07 keltim photex, check the release notes
18:08 photex the docs for the zypper module indicate that it should be available
18:09 keltim babilen, or anyone, have you any experience using salt-minion within a docker container to manage a file system beneath it? I'm coming across an actual use case ...
18:10 keltim not sure if docker is the right answer or not
18:10 blacked joined #salt
18:10 babilen manage a file system?
18:10 keltim A directory, rather
18:10 keltim excuse me
18:11 babilen you mean you want to create a directory or do you want to manage files in a directory?
18:11 keltim manage files in a directory
18:11 babilen http://docs.saltstack.com/en/latest/ref/states/all/salt.states.file.html#salt.states.file.recurse
18:11 keltim well, the salt master would be doing that, the minion container would be doing what it's told
18:12 scbunn joined #salt
18:12 keltim babilen, yes I know about file.recurse ... kind of wondering whether I'm venturing on a stupid docker trick or not ... I'm not that familiar with it
18:13 babilen I only ever selected a *few* selected files to docker images with ADD in the dockerfile and otherwise use volumes to provide it with storage. The whole idea if using salt to sync files into a docker image feels, well, wrong
18:14 keltim it kind of does
18:14 keltim yeah
18:14 jonlangemak joined #salt
18:16 smcquay joined #salt
18:17 keltim I have a situation (managing a baked AMI in AWS) where I *really* want to keep the vendor's stock AMI completely clean, and use a local salt-call to apply the differences. On the other hand, we want our salt master to be the "single source of truth". So if the latter, the directory should be managed by salt; but that requires a salt minion be installed on the instance, which I'd rather not do. I'm leaning towards having a salt-minion setup
18:17 keltim that is very specific and would be completely discarded when the baked image boots into a new role, OR, leverage a portable container to do the same
18:17 tmclaugh[work] joined #salt
18:17 keltim both are somewhat convoluted, but this is the reality of using images
18:18 colonD joined #salt
18:25 snaggleb joined #salt
18:27 blacked joined #salt
18:37 radd joined #salt
18:46 mwpher joined #salt
18:49 yomilk joined #salt
18:50 Nils- joined #salt
18:50 tmclaugh[work] joined #salt
19:04 tmclaugh[work] joined #salt
19:07 dendazen joined #salt
19:12 Nils-_ joined #salt
19:22 slav0nic joined #salt
19:22 slav0nic joined #salt
19:24 c10 joined #salt
19:25 bemehow joined #salt
19:28 pdayton joined #salt
19:29 bhosmer joined #salt
19:29 LotR joined #salt
19:29 pdayton joined #salt
19:30 pdayton1 joined #salt
19:32 pdayton joined #salt
19:38 JDiPierro joined #salt
19:40 davromaniak joined #salt
19:42 tmclaugh[work] joined #salt
19:46 c10 joined #salt
19:47 _Cyclone_ joined #salt
19:49 tmclaugh[work] joined #salt
19:52 blacked joined #salt
19:52 tmclaugh[work] joined #salt
19:53 otter768 joined #salt
19:58 colonD joined #salt
20:02 tmclaugh[work] joined #salt
20:08 dendazen joined #salt
20:09 pdayton joined #salt
20:15 bhosmer_ joined #salt
20:15 bhosmer_ joined #salt
20:17 ShadowHntr 0~0~0~0~0~0~0~/part
20:17 ShadowHntr ack
20:17 ShadowHntr left #salt
20:20 aquassaut joined #salt
20:31 tmclaugh[work] joined #salt
20:31 irctc289 joined #salt
20:35 yomilk joined #salt
20:42 ageorgop joined #salt
20:49 tmclaugh[work] joined #salt
20:50 CeBe1 joined #salt
21:00 Queops joined #salt
21:00 Queops left #salt
21:02 _Cyclone_ joined #salt
21:08 linjan joined #salt
21:11 micko joined #salt
21:21 scbunn joined #salt
21:26 armguy is there something equivalent to: salt MINION_NAME file.find name=file.name delete  .. That would read a file with a list of files I want to delete on that minion? Or would it better to just script a loop to read the file and insert the file name that way?
21:27 tmclaugh[work] joined #salt
21:35 yomilk joined #salt
21:44 ageorgop1 joined #salt
21:46 bhosmer joined #salt
21:49 tmclaugh[work] joined #salt
21:52 ventris joined #salt
21:53 CeBe2 joined #salt
21:54 otter768 joined #salt
22:00 blacked joined #salt
22:05 cberndt joined #salt
22:07 mwpher joined #salt
22:11 bemehow joined #salt
22:17 MatthewsFace joined #salt
22:25 blacked joined #salt
22:28 mwpher joined #salt
22:30 Garyx joined #salt
22:32 bash124512 joined #salt
22:40 stanchan joined #salt
22:50 Guest70 joined #salt
22:53 thomas joined #salt
23:09 bash124512 joined #salt
23:10 ec3 left #salt
23:21 voxxit joined #salt
23:22 Vr-Jack ahh, finally back
23:22 voxxit joined #salt
23:23 Vr-Jack keltim: nice long argument y'all had while i was gone. :)
23:24 yomilk joined #salt
23:24 Vr-Jack digging 5 foot deep trenches is not something I enjoy as a network engineer. :(
23:29 amcorreia_ joined #salt
23:31 c10 joined #salt
23:33 thayne joined #salt
23:35 keltim haha
23:37 keltim seriously, I don't see why you don't the KVM do dhcp and provide dns stub resolvers for you, it does that for a good reason
23:38 Vr-Jack I just don't bother, as the dns servers come up pretty quick in the build process.
23:39 Vr-Jack I'm building an orchestrate for building a 2 server redundant setup for small ISPs. My current build method is scripts and notepad scripts.
23:40 keltim suit yourself, but it's a virtualization basic to let the hypervisor provide all that
23:40 Vr-Jack while the orchestrate is step by step, I could call it hard coded, would just be nice to have state information available to the minions.
23:40 keltim I personally use states about 95% of the time
23:40 Vr-Jack our hypervisors don't talk to guests
23:41 Vr-Jack my problem is that I couldn't find anywhere that cross server states could be managed.
23:41 Vr-Jack ie, server1 can be aware of server2 current states
23:42 dendazen joined #salt
23:42 Vr-Jack a dict of last known states would have been nice
23:43 keltim why should a minion neccessarily know anything about another ... the master plays that role
23:43 Vr-Jack I can build such a system easy enough with reactor
23:43 Vr-Jack From what I can tell, the master doesn't keep info on that either
23:43 keltim there is the job list, I believe that's all you have, and that I think is only on the master
23:43 clintberry joined #salt
23:44 keltim the minion only keeps it's own job returns
23:45 Vr-Jack it looks like the minion sends it's job returns events to the master. I can use a reactor to process those and build a state pillar.
23:45 keltim it does
23:45 keltim but there seems to be a lot of latency in the responses, at least in my experience
23:45 keltim very slow
23:46 Vr-Jack then use the state pillar to make decisions on when states activate. ie,db server is live and configured before spamassassin tries to activate and populate
23:46 Vr-Jack delay is fine when I'm just holding off on activating states until other states are completed
23:47 bhosmer joined #salt
23:48 bluenemo_ joined #salt
23:48 Vr-Jack state order within a minion is easy. I just want something that can somewhat handle state order between minions.
23:51 keltim in general I would not really check all that, just wait until the minion is finished booting to move on to the next one in dependency order. if something fails the whole thing aborts until such time as you fix the process
23:53 keltim not that it's a bad idea to check things (it isn't), but that's an incredibly burdensome overhead when you really should just trust the systems to some extent
23:53 keltim and more moving parts like that will most likely end up making the whole thing more fragile
23:54 canci joined #salt
23:55 otter768 joined #salt
23:58 Vr-Jack yeah, will take some thought. I can do it with orchestrate without too much headache. just means careful planning in the orchestrate file and perhaps some duplication.

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary