Perl 6 - the future is here, just unevenly distributed

IRC log for #salt, 2015-04-28

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:02 nafg joined #salt
00:02 KyleG1 joined #salt
00:03 solidsnack joined #salt
00:03 blacked joined #salt
00:07 blacked joined #salt
00:10 bhosmer_ joined #salt
00:19 aquassaut joined #salt
00:21 hybridpollo joined #salt
00:21 jeddi joined #salt
00:21 edrocks_ joined #salt
00:25 mosen joined #salt
00:25 pdayton joined #salt
00:25 dendazen joined #salt
00:27 StDiluted joined #salt
00:28 pdayton joined #salt
00:28 cmcmacken joined #salt
00:33 irctc377 joined #salt
00:33 Guest70 joined #salt
00:35 yomilk joined #salt
00:37 rojem joined #salt
00:42 cornfeedhobo joined #salt
00:42 baweaver joined #salt
00:55 blacked1 joined #salt
01:02 StDiluted joined #salt
01:02 MatthewsFace joined #salt
01:05 sarlalian joined #salt
01:12 UtahDave left #salt
01:19 p0rkbelly joined #salt
01:23 carmony joined #salt
01:29 thayne joined #salt
01:30 otter768 joined #salt
01:36 dendazen joined #salt
01:41 eyeoh_ i'm going to see how easy it would be to change salt-masters stack.py to accept a default environment so this top.sls combining mess is avoidable
01:55 ilbot3 joined #salt
01:55 Topic for #salt is now Welcome to #salt | 2014.7.5 is the latest | Please use https://gist.github.com for code, don't paste directly into the channel | Please be patient when asking questions as we are volunteers and may not have immediate answers | Channel logs are available at http://irclog.perlgeek.de/salt/
01:58 druonysus joined #salt
01:58 druonysus joined #salt
02:04 TyrfingMjolnir joined #salt
02:08 elfixit1 joined #salt
02:14 SheikAlSamad joined #salt
02:16 SheikAlSamad hello. Is Saltstack falls under simple tool, advance tool or complex tool?
02:17 __number5__ SheikAlSamad: very complex tools
02:19 SheikAlSamad Ok thanks number 5
02:19 VR-Jack2 simple to complex
02:19 VR-Jack2 the very basics are easier than some tools, but it can get very complex on the high end
02:20 SheikAlSamad So i can put it in complex tools?
02:22 VR-Jack2 yeah, if organizing, all tools like salt can be complex.
02:23 SheikAlSamad I think I got my answer. Thanks everyone :D
02:23 VR-Jack2 out of the class of tool, I'd consider ansible and salt to be simpler than chef or puppet.
02:31 favadi joined #salt
02:32 otter768 joined #salt
02:38 SeeDickCode joined #salt
02:40 StDiluted joined #salt
02:45 michelangelo joined #salt
02:47 evle joined #salt
02:48 wolfpackmars2 joined #salt
02:48 wavis joined #salt
02:51 wavis left #salt
02:52 blacked joined #salt
02:54 capricorn_1 joined #salt
02:58 PI-Lloyd joined #salt
03:01 ageorgop joined #salt
03:03 hybridpollo joined #salt
03:06 MrPeppah joined #salt
03:18 rdas joined #salt
03:22 malinoff joined #salt
03:25 fusionx86 joined #salt
03:33 otter768 joined #salt
03:37 edrocks_ is there a command to upgrade everything? like apt-get upgrade
03:39 MrPeppah like packages?
03:43 edrocks_ never mind pkg.upgrade works. I can't find the docs for it though
03:45 VR-Jack2 salt.states.pkg.uptodate under salt.states.pkg passes stuff to pkg.upgrade. no docs for the latter that I see
03:46 radd joined #salt
03:55 bhosmer joined #salt
03:59 clintberry joined #salt
04:06 desposo joined #salt
04:13 nafg_ joined #salt
04:21 wwwBUKOLAYcom joined #salt
04:27 aurynn joined #salt
04:40 smcquay joined #salt
04:41 iggy eyeoh_: don't have more than one top.sls... problem solved
04:43 iggy edrocks_: http://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.aptpkg.html#salt.modules.aptpkg.upgrade
04:43 edrocks_ iggy: thank you
04:46 rideh introducing myself to salt and docker this week, the salt walkthrough makes it look easy enough to get started
04:46 rideh just wish someone had told me about it 1.5 years ago
04:57 cztanu joined #salt
05:00 jonatas_oliveira joined #salt
05:02 jonatas__ joined #salt
05:03 echtish joined #salt
05:04 jonata___ joined #salt
05:06 jonatas_oliveira joined #salt
05:06 alexanderilyin joined #salt
05:06 alexanderilyin Hi there
05:07 alexanderilyin Anyuse use “docker.running"
05:07 alexanderilyin can’t define port / volume in it
05:07 alexanderilyin actually can, but container runs without them
05:08 jonatas_oliveira joined #salt
05:10 jonatas__ joined #salt
05:11 iggy alexanderilyin: what version of salt and docker?
05:11 alexanderilyin iggy: salt — https://gist.github.com/6ec10d4b049781c0c438
05:12 alexanderilyin and Docker version 1.5.0, build a8a31ef/1.5.0
05:12 jonatas_oliveira joined #salt
05:12 alexanderilyin states — https://gist.github.com/59bdd7d462cfa92a7dd5
05:13 AB__ joined #salt
05:13 AB__ Hello There !!!
05:14 AB__ I am facing problem is installing Salt-master on Ubuntu 14.04. It cribs about unmet dependencies. Is anyone facing the same problem?
05:14 jonatas__ joined #salt
05:15 AB__ The following packages have unmet dependencies:  salt-master : Depends: salt-common (= 2014.7.5+ds-1ubuntu1) but it is not going to be installed                Depends: python-m2crypto but it is not installable                Depends: python-crypto but it is not installable                Depends: python-msgpack but it is not installable                Depends: python-zmq (>= 13.1.0) but it is not installable                Recommends: p
05:16 alexanderilyin in not working in this way either https://gist.github.com/cfe0472358fa1ace3e20
05:16 jonatas_oliveira joined #salt
05:17 iggy alexanderilyin: protip: gist supports multiple files per paste
05:18 alexanderilyin iggy: sry
05:18 jonatas__ joined #salt
05:19 AB__ Anyone up for help?
05:19 iggy alexanderilyin: it's not as bad as pastebin.com, so we'll let it slide
05:19 iggy ;)
05:20 alexanderilyin AB__: try this curl -L https://bootstrap.saltstack.com -o install_salt.sh
05:20 jonatas_oliveira joined #salt
05:20 alexanderilyin and  `sudo sh install_salt.sh` after that
05:21 AB__ alexanderilyin: Sure. Let me check.. Thanks
05:21 alexanderilyin iggy: also it coul matter — python-docker-py.x86_64 0.7.0-1.el6
05:21 loz-- joined #salt
05:22 jonatas__ joined #salt
05:23 iggy alexanderilyin: that's pretty old
05:23 alexanderilyin yep
05:24 jonata___ joined #salt
05:25 AB__ alexanderilyin: Same error mate !! The following packages have unmet dependencies:  salt-minion : Depends: salt-common (= 2014.7.5+ds-1ubuntu1) but it is not going to be installed                Depends: python-m2crypto but it is not installable                Depends: python-crypto but it is not installable                Depends: python-msgpack but it is not installable                Depends: dctrl-tools but it is not installable
05:26 jonatas_oliveira joined #salt
05:27 alexanderilyin AB__: could only google same problem
05:27 alexanderilyin http://dluat.com/installing-salt-minion-unmet-dependencies-in-ubuntu-14-04-server/
05:28 alexanderilyin AB__: actually you should fin fix for this “python-m2crypto but it is not installable”
05:28 jonatas__ joined #salt
05:29 AB__ Yes I did that. The link you have just pasted provides no solution. It is just the problem that they are stating
05:29 AB__ alexanderilyin : Checking deeper now.
05:30 alexanderilyin iggy: looks like I have to reinstall everithing from pip
05:30 jonatas_oliveira joined #salt
05:31 alexanderilyin because epel is not cutting edge
05:31 iggy lol, no it's not
05:31 iggy but docker 1.5 is
05:31 alexanderilyin it’s accident
05:31 iggy so you might actually have better luck with older docker with the older docker-py
05:32 alexanderilyin I’d prefer get all brand new packages
05:32 jonatas__ joined #salt
05:34 jonatas_oliveira joined #salt
05:37 jonatas_oliveira joined #salt
05:38 jonatas_oliveira joined #salt
05:41 jonatas__ joined #salt
05:43 jonatas__ joined #salt
05:44 jonatas_oliveira joined #salt
05:45 Furao joined #salt
05:45 AB__ No Luck !! I tried adding 'deb http://debian.saltstack.com/debian wheezy-saltstack main' as well but stuck with same error
05:46 blacked joined #salt
05:47 jonatas__ joined #salt
05:48 iggy wheezy repos won't help you on Ubuntu
05:49 jonatas_oliveira joined #salt
05:51 AB__ Ok. I figured out. I am trying something else now. Will share if that resolves the problem.
05:51 jonatas_oliveira joined #salt
05:53 jonatas_oliveira joined #salt
05:54 Diaoul joined #salt
05:55 jonatas_oliveira joined #salt
05:55 bhosmer_ joined #salt
05:57 jonatas_oliveira joined #salt
05:58 krelo joined #salt
05:58 solidsnack joined #salt
05:59 jonatas_oliveira joined #salt
05:59 krelo joined #salt
06:01 jonatas__ joined #salt
06:01 colttt joined #salt
06:01 AndreasLutro joined #salt
06:02 otter768 joined #salt
06:02 pdx6_ joined #salt
06:02 edrocks joined #salt
06:03 jonatas_oliveira joined #salt
06:03 AlexStraunoff joined #salt
06:04 ITChap joined #salt
06:04 freelock joined #salt
06:05 jonatas_oliveira joined #salt
06:05 jmccree joined #salt
06:07 jonatas__ joined #salt
06:09 jonata___ joined #salt
06:11 jonatas_oliveira joined #salt
06:12 danemacmillan joined #salt
06:13 jonatas_oliveira joined #salt
06:13 ajw0100 joined #salt
06:15 jonatas__ joined #salt
06:17 jonatas_oliveira joined #salt
06:18 stoogenmeyer joined #salt
06:19 jonatas__ joined #salt
06:19 stoogenmeyer hey, I have a machine that was connected to the master, and i had to reboot it which caused it to change ips. how do I make the master rerecognize the machine ?
06:20 stoogenmeyer (had to reboot the minion)
06:20 stoogenmeyer nvm (-: just took a minute
06:21 kawa2014 joined #salt
06:21 alexanderilyin iggy: reinstalled docker-py via pip and it start working buy in this way https://gist.github.com/539d4b14cd71e689c740
06:21 jonatas_oliveira joined #salt
06:22 randomuser left #salt
06:23 jonata___ joined #salt
06:25 jonatas_oliveira joined #salt
06:26 toanju joined #salt
06:26 ktosiek joined #salt
06:27 jonatas_oliveira joined #salt
06:28 AB__ joined #salt
06:29 kawa2014 joined #salt
06:29 jonatas__ joined #salt
06:31 nafg_ joined #salt
06:31 jonatas_oliveira joined #salt
06:33 radd joined #salt
06:33 jonata___ joined #salt
06:34 c10 joined #salt
06:35 jonatas__ joined #salt
06:37 AB__ @alexanderilyin : fixed it. some problem with python package or its dependencies
06:37 jonatas_oliveira joined #salt
06:37 alexanderilyin cool
06:39 scarcry joined #salt
06:39 jonatas_oliveira joined #salt
06:40 Auroch joined #salt
06:42 jonatas__ joined #salt
06:43 flyboy joined #salt
06:44 jonatas__ joined #salt
06:44 joeto joined #salt
06:44 joeto Hi guys I am completely stuck with S3 pillars anyone available for some help?
06:45 joeto I cant manage them work at all
06:45 hebz0rl joined #salt
06:46 jonatas_oliveira joined #salt
06:48 jonatas_oliveira joined #salt
06:49 mike25de left #salt
06:50 jonatas_oliveira joined #salt
06:50 renat joined #salt
06:52 jonatas_oliveira joined #salt
06:54 jonatas__ joined #salt
06:56 jonatas_oliveira joined #salt
06:57 plindgren joined #salt
06:57 plindgren hi guys
06:57 plindgren http://docs.saltstack.com/en/latest/ref/states/all/salt.states.mysql_grants.html
06:58 jonatas__ joined #salt
06:58 plindgren i have an issue with this module, im running it against maxscale, a mysql proxy
06:58 plindgren this ends up in some errors since i have my databases with underscores in them
06:59 plindgren if i check the grants you can see something akin to : GRANT SELECT ON my\_database.* TO 'user'@'%'
06:59 plindgren since salt will put a \ with this module
06:59 plindgren before the underscore
06:59 plindgren is there a way i can make salt not send that underscore?
07:00 jonatas_oliveira joined #salt
07:00 plindgren like i want to tell this module to explicitly send my_database instead of it checking the string and changing it to my\_database
07:01 teogop joined #salt
07:02 jonatas__ joined #salt
07:02 eseyman joined #salt
07:03 magnus-lycka joined #salt
07:04 jonatas_oliveira joined #salt
07:06 plindgren - escape: False
07:06 jonatas__ joined #salt
07:06 plindgren was the answer
07:08 michelangelo joined #salt
07:08 jonatas_oliveira joined #salt
07:08 _JZ_ joined #salt
07:10 jonatas__ joined #salt
07:10 Romlok joined #salt
07:12 jonatas__ joined #salt
07:13 ITChap joined #salt
07:14 jonatas_oliveira joined #salt
07:16 jonatas__ joined #salt
07:18 jonatas_oliveira joined #salt
07:18 renat Hi, I'm stuck with managing /etc/apt/sources.list in Debian. When I replace repositories in this file, they not available. Looks like minion using cached information from old content of sources.list. After restarting minion,  state.pkg works correct.
07:19 seev don't you have to run apt-get update first
07:19 CedNantes joined #salt
07:20 jonatas__ joined #salt
07:21 o5k_ joined #salt
07:22 jonata___ joined #salt
07:24 jonatas_oliveira joined #salt
07:26 jonatas__ joined #salt
07:27 _JZ_ joined #salt
07:28 viderbit joined #salt
07:28 saltuser joined #salt
07:28 jonatas_oliveira joined #salt
07:29 JlRd joined #salt
07:30 jonatas__ joined #salt
07:32 fxhp joined #salt
07:38 c10 joined #salt
07:39 gdm85 joined #salt
07:41 faust joined #salt
07:42 crazysim joined #salt
07:46 lb1a joined #salt
07:47 I3olle joined #salt
07:48 Micromus joined #salt
07:49 martintamare joined #salt
07:50 martintamare Hello there
07:50 blacked joined #salt
07:50 martintamare first time on irc, if there is any guideline, I'd like to know ;)
07:52 echo joined #salt
07:52 martintamare I'm moving my infrastructure from puppet to salt, and day after day, I'm amazed by the ease to do so
07:52 JayFK joined #salt
07:52 martintamare howerver, I'm still struggling, cause there is no one way to do things, but multiple
07:52 martintamare Here is the issue i'm dealing with :
07:53 martintamare i have pillar items as hosts
07:53 martintamare using the dhcpd formula, i would like to make them as dhcpd:hosts, withtout having to change the formula, or my pillar structure
07:54 martintamare i tried extend with context, but dont think is correct way, as the dhcpd formulas get its conf using pillar.get
07:55 martintamare is there a simple way to do it ? (I tried not to rewrite formulas at all)
07:56 bhosmer_ joined #salt
07:56 AndreasLutro martintamare: it's encouraged to fork and rewrite formulas to your own need
07:57 peno joined #salt
07:57 jab416171 joined #salt
07:58 funzo joined #salt
07:58 favadi martintamare: you means assign value of `hosts` pillar to `dhcp:hosts` pillar key?
08:00 martintamare exactly
08:02 martintamare AndreasLutro: what about the community, having global formulas and use them as base and make them evolve sounds the right way to have something solid  no ?
08:02 otter768 joined #salt
08:03 martintamare favadi: exactly
08:04 izibi joined #salt
08:05 favadi martintamare: you can do something like this
08:05 favadi {% set hosts = [this is your list] %}
08:05 favadi hosts: {{ hosts }}
08:05 favadi dhcp:
08:05 favadi hosts: {{ hosts }}
08:05 favadi I should use a paste, sorry :P
08:06 magnus-lycka joined #salt
08:07 blacked joined #salt
08:07 alexanderilyin Need some help with YML… =(
08:07 alexanderilyin http://docs.saltstack.com/en/latest/ref/states/all/salt.states.dockerio.html#salt.states.dockerio.running
08:07 alexanderilyin a mapping of key, values
08:07 alexanderilyin a list of mappings of key, values
08:07 CedNantes a quick question, which version is "beryllium" ? a 2015. ?
08:07 alexanderilyin How it should look?
08:07 martintamare favadi: my pillar comes from mysql, i dont want to write a new query every time :)
08:08 Grokzen joined #salt
08:09 alexanderilyin CedNantes: https://github.com/saltstack/salt/milestones
08:10 martintamare alexanderilyin: what's the question ? :)
08:11 chiui joined #salt
08:11 alexanderilyin martintamare: how should look "a mapping of key, values" or ”a list of mappings of key, values" in YML
08:11 alexanderilyin just tring set docker.running.environment
08:12 agend joined #salt
08:12 alexanderilyin in this way https://gist.github.com/56329d358ffa23d9fb80
08:12 speedlight joined #salt
08:12 martintamare alexanderilyin: i'm quiet new to YML, but my understanding is : a list start with a dash (-) whereas mapping start with nothing
08:13 joeto guys where salt master write all cache data only in /var/cache/salt/ or also and somewhere else? I want to simulate fresdh install
08:13 joeto fresh
08:13 martintamare salt '*' state.clear_cache should do the trick ?
08:14 CedNantes alexanderilyin : Thanks, i wanted to test some of these functions: http://docs.saltstack.com/en/latest/ref/clouds/all/salt.cloud.clouds.vsphere.html but none of these are available yet, on actual or rc version of salt
08:15 alexanderilyin CedNantes: http://docs.saltstack.com/en/latest/topics/releases/releasecandidate.html
08:15 alexanderilyin Possible this coudl help
08:16 asido joined #salt
08:16 CedNantes as i said i've already tested with the latest rc release ;) but thx anyway
08:18 linjan joined #salt
08:18 asido I am trying to use onchanges prerequisite. in a sls file like this: https://gist.github.com/Asido/fd01370288d7646f23f4
08:19 Xevian joined #salt
08:19 asido but I am getting error: The following requisites were not found:
08:19 asido onchanges: server: clone-external-software
08:19 asido what do I do wrong?
08:21 teogop_ joined #salt
08:21 asido also, when executing state.highstate in such case when the state has never run before, the install cc-regex state would normally fail when having test=True set with error Desired working directory "/local/external_software/ccregex" is not available. I assume that adding a prerequisite might fix that, no?
08:22 dharper_ii joined #salt
08:22 ahale joined #salt
08:23 bluenemo joined #salt
08:25 matthew-1arlette joined #salt
08:26 jrluis joined #salt
08:26 JakTrades joined #salt
08:27 rosenfs joined #salt
08:27 hellerbarde joined #salt
08:28 asaladin joined #salt
08:35 Furao joined #salt
08:37 kaos01 hi, how does one manage a directory and its contents ?
08:37 gdm85 is it possible to specify the source of a file as inline text in an sls template?
08:38 gdm85 kaos01: you can create the structure and assign mode/ownership. if you want to populate it with files you'll need to store them in the salt fileserver (salt://)
08:38 gdm85 although there are a few other protocols supported
08:39 kaos01 and will any manually added files be deleted ?
08:39 magnus-l_ joined #salt
08:40 TyrfingMjolnir joined #salt
08:44 jhauser joined #salt
08:44 Romlok gdm85: file content can be specified directly in an sls using the "content" key
08:44 gdm85 Romlok: yes, thanks. just found it. It's "contents" by the way
08:45 Romlok kaos01: IIRC there's an option to file.recurse which lets you choose whether to keep or remove other files
08:45 Romlok gdm85: bah! I thought I'd remember whether it was plural or not for sure, after last time...
08:47 gdm85 Romlok: it could have been singular.. as "text" and information in general.
08:47 slav0nic_ joined #salt
08:47 gdm85 but it's not that important to remember this stuff..I mean, otherwise we'd just type everything by memory instead of using salt templates :P
08:49 Romlok trouble is, some of the other file.* states actually use "content", rather than "contents"
08:50 gdm85 :o
08:50 Romlok and if you use the wrong one, there's no error - it just doesn't get used
08:50 Romlok which can lead some people to spend an hour trying to work out what's going on >_>
08:50 gdm85 I'd prefer salt to stop for any such ignored definition.
08:57 SpX joined #salt
08:59 huddy joined #salt
08:59 refnode__ joined #salt
09:04 echo joined #salt
09:04 asido how do you reference another state in the same sls file in onchanges requisite?
09:05 cberndt joined #salt
09:05 asido I tried - cmd: <state>, - file: <state>, - <sls>: <state>
09:05 asido not working
09:05 asido it always says the requisite was not found
09:08 o5k joined #salt
09:10 flebel joined #salt
09:10 dramagods joined #salt
09:10 stoogenmeyer_ joined #salt
09:14 renat require?
09:19 froztbyte mm, anyone here played with debian, cloud-init, and salt?
09:19 froztbyte I've got an issue with salt apparently coming up before cloud-init has finished running and renaming things
09:20 froztbyte so I get a `debian.example.com` minion_id
09:21 radd joined #salt
09:21 johngrasty joined #salt
09:22 bzf130_mm joined #salt
09:24 bzf130_mm I cant get peer publishing to work on clients under a syndic. and I theres nothing on google about it!
09:24 magnus-lycka joined #salt
09:27 linjan joined #salt
09:30 slav0nic joined #salt
09:31 mdupont joined #salt
09:33 gdm85 Rendering SLS 'base:custom' failed: Unknown yaml render error; line 73 <-- helpful :\
09:33 gdm85 froztbyte: do you use bootstrap-salt?
09:33 kawa2014 joined #salt
09:34 froztbyte no
09:34 gdm85 froztbyte: ok. but you can simply create the /etc/salt/minion_id file before installing salt
09:34 froztbyte minion is installed (and cleaned up) at image-creation time
09:34 Singularo joined #salt
09:34 froztbyte so only when the instance comes up is minion_id made
09:35 froztbyte I'm looking at the cloud-init salt-minion module now it looks dumb
09:35 * froztbyte reads some init scripts
09:36 froztbyte # Short-Description: salt minion control daemon
09:36 froztbyte totally read "salt mind control daemon"
09:36 plindgren that wont be released until 2025.1.0
09:36 gdm85 it's almost the same :D
09:38 denys joined #salt
09:38 KermitTheFragger joined #salt
09:40 peters-tx joined #salt
09:51 froztbyte https://cloudinit.readthedocs.org/en/latest/search.html?q=install_packages&amp;check_keywords=yes&amp;area=default *sigh*
09:51 froztbyte this really is not good software
09:51 * froztbyte clones the repo and reads the source
09:52 bzf130_mm syndic experts?
09:54 bzf130_mm # salt-call publish.publish server1 test.ping reports none, when the server is below a syndic daemon. works fine for servers on the masterofmaster.
09:55 mage_ I have a pillar/users/init.sls and pillar/users/webapps.sls, how can I include webapps.sls in init.sls ?
09:55 markm joined #salt
09:55 mage_ - include: webapps.sls doesn't seems to work
09:56 mage_ - include: webapps I mean
09:57 mage_ for ex: https://dpaste.de/k7UF
09:57 bhosmer joined #salt
10:03 otter768 joined #salt
10:05 magnus-lycka joined #salt
10:05 speedlight joined #salt
10:05 speedlight joined #salt
10:10 bzf130_mm mage_ : try include: users.webapps
10:13 asido how can I make during state.highstate test=True execution hg.latest module check if the remote has anything pullable?
10:14 asido currently it always says that update is probably required
10:22 bzf130_mm well, I guess you just fix the salt hg module.
10:24 froztbyte cool, found a nice-ish solution to my salt/cloud-init issue. during image build stage, I let the salt debs just download (not install). drop a thing into /etc/cloud/cloud.cfg.d/ that triggers the salt module, then it installs at boot and comes up with * correctly configured
10:24 mjmasn joined #salt
10:24 froztbyte still a minor boot delay due to that, but meh
10:25 Xevian joined #salt
10:26 mage_ if I understand correctly an - include must always appear in the top structure ?
10:27 mage_ for ex - include: foo but not - users: - include: foo
10:28 sxar joined #salt
10:28 ktosiek joined #salt
10:30 elfixit joined #salt
10:30 muep joined #salt
10:30 speedlight joined #salt
10:30 speedlight joined #salt
10:31 giantlock joined #salt
10:32 TyrfingMjolnir joined #salt
10:33 bhosmer joined #salt
10:34 mackstic1 joined #salt
10:35 stealtherald joined #salt
10:35 slav0nic joined #salt
10:35 analogbyte joined #salt
10:36 tuor_ joined #salt
10:37 slav0nic left #salt
10:38 stealtherald Can anyone direct me to any white papers that detail the before and after salt implementation enterprise success stories? I am looking to gain some traction on my own deployment and need before and after metrics.
10:39 avtobaza joined #salt
10:39 avtobaza hi there !
10:39 avtobaza i am getting following error after configuring postgres as cache backend
10:39 avtobaza KeyError: 'postgres_local_cache.prep_jid'
10:42 avtobaza my salt-master config is here http://pastebin.com/qkN6s9YD
10:42 irctc308 joined #salt
10:52 ndrei joined #salt
10:54 cygnetix joined #salt
10:55 asido I want to execute a command and check exit code ($?) inside onlyif condition for a state to execute
10:55 asido how can I do that?
10:55 gladiatr joined #salt
10:56 nene can any one tell what is -C in salt -C 'webserv* and G@os:Debian or E@web-dc1-srv.*' test.ping
10:56 asido something like "onlyif: my_cmd && $? == 1"
10:56 nene why -c is used?
10:59 ThomasJ nene: -C enables compound matching
11:00 ThomasJ http://docs.saltstack.com/en/latest/topics/targeting/compound.html
11:01 nene ThomasJ: thanks
11:03 magnus-lycka joined #salt
11:05 Romlok hmm, if compound matches glob the ID without an <char>@ prefix, why are compound matches not the default?
11:06 Romlok eg. salt 'blah*' is the same as salt -C 'blah*' AFAICT
11:08 Singularo joined #salt
11:18 gladiatr Romlok, there are certain contexts where compound matching is problematic
11:21 Romlok gladiatr: do you have any examples to hand?
11:22 apergos joined #salt
11:23 apergos morning folks.. wondering if anyone has experience running lucid with 2014.7.1 minions and 2014.7.5 on the rest (other minions, master).  No, we can't just dump the lucid hosts, critical services running on them etc...
11:26 Sacro I'd expect lucid to be supported for the next ... 48 or so hours
11:28 gladiatr Romlock, the most notable one is with pillar.  There have been issues with the way compound matches were evaluated which, until recently, had the potential to expose data in unexpected ways.  Glob matching is programatically very simple, so I imagine that is why it has remained the default.
11:32 Nazca__ joined #salt
11:40 Pixionus joined #salt
11:41 chiui joined #salt
11:47 bhosmer_ joined #salt
11:47 bhosmer_ joined #salt
11:47 magnus-lycka joined #salt
11:47 amcorreia joined #salt
11:49 giantlock joined #salt
11:58 mage_ can I use templating for the pillar data ?
11:58 che-arne joined #salt
11:58 chiui joined #salt
11:59 mage_ for example with https://dpaste.de/mqRw how can I merge the webapps.jinja to webapps.sls ?
12:01 mage_ or this should be done in the state file .. ? but then I don't have the info when I salt .. pillar.items
12:01 bhosmer joined #salt
12:01 gladiatr mage_, take a look at some of the examples in the formulas repository.  Using a jinja maps will solve your problem
12:02 mage_ I took a look at it
12:02 mage_ (if you mean https://github.com/saltstack-formulas/users-formula/tree/master/users)
12:02 bhosmer joined #salt
12:02 mage_ the merge seems to be done in the state file and not in the pillar file, is this correct?
12:04 otter768 joined #salt
12:05 gladiatr Oh, yes.  You can use jinja within your pillar data just in a more limited form than within your states.  The primary limitation to working with pillar in this fashion is that you cannot access __pillar__ within your pillar templating markup
12:05 gladiatr mage_, correct
12:06 mage_ so it's best to not store "defaults" values for, in my example, all users in the pillar file ?
12:07 mage_ but rather use a jinja file with the defaults and render this in the state file ..?
12:07 wnkz joined #salt
12:08 gladiatr You can do that; however, something to be aware of is that pillar data gets cached on the salt-master, so as your installation grows, so will the pillar memory footprint on the master.  That’s one of ther reasons why you see a lot of formulas using a jinja.map file and merging in user-specified/non-default options from pillar.
12:09 denys joined #salt
12:09 gladiatr the jinja.map file will also be cached on the minion, so it makes for a faster state run if the majority of your options are left at their default state—only a few values have to be transferred from the master.
12:10 mage_ ok I see :)
12:10 mage_ thanks!
12:10 gladiatr mage_: you betcha.  happy salting!
12:14 giantlock joined #salt
12:14 tmclaugh[work] joined #salt
12:17 Furao joined #salt
12:19 aquassaut joined #salt
12:20 hemebond joined #salt
12:21 ndrei joined #salt
12:21 hemebond If a module requires a third-party module/package, what is the method for installing that on the minion?
12:22 gdm85 patches cannot be added inline in a .sls template, right?
12:23 CeBe1 joined #salt
12:24 hasues joined #salt
12:25 hasues left #salt
12:25 CeBe1 joined #salt
12:30 cmcmacken joined #salt
12:32 gdm85 joined #salt
12:33 magnus-lycka joined #salt
12:34 yomilk joined #salt
12:36 kawa2014 joined #salt
12:39 _mel_ joined #salt
12:41 _mel_ new mba which won't start linux mint 17.1 in graphic mode. can i somehow use a text mode install or a newer kernel? lmde boots btw.
12:42 _mel_ or can i somehow use a vesa vga mode? i tried the compatible settings, but they don't work
12:50 drawsmcgraw joined #salt
12:50 subsignal joined #salt
12:50 hemebond _mel_: Are you talking in the correct channel?
12:51 magnus-lycka joined #salt
12:55 _mel_ o, i'm afraid not :)
12:55 jerematic joined #salt
12:55 _mel_ thats why its only half the message .. sorry  :-(
12:59 JDiPierro joined #salt
12:59 yomilk joined #salt
13:01 wnkz_ joined #salt
13:01 davisj joined #salt
13:04 jrluis joined #salt
13:06 jonatas_oliveira joined #salt
13:07 anotherZero joined #salt
13:08 lkannan_ joined #salt
13:09 Tecnico1931 joined #salt
13:09 murrdoc joined #salt
13:13 jdesilet joined #salt
13:14 KermitTheFragger joined #salt
13:14 FeatherKing joined #salt
13:15 tuor_ joined #salt
13:15 CeBe1 joined #salt
13:17 racooper joined #salt
13:17 evle1 joined #salt
13:19 asido is it possible to execute file.directory on name pattern
13:19 asido I want to change user and group on all files except hidden ones (starting with .)
13:20 asido exclude_pat seems to be working when 'clean' is set
13:20 asido but I am not cleaning and so it has no effect for me
13:21 ekristen joined #salt
13:25 murrdoc does recurse not work ?
13:26 murrdoc file.directory:  - recurse: - dir_mode
13:26 debian112 joined #salt
13:26 murrdoc it will ignore hidden dirs by default
13:27 asido murrdoc, it doesn't ignore hidden dirs for me
13:27 murrdoc what version of salt
13:27 murrdoc ?
13:27 asido https://gist.github.com/Asido/8f0ce7b87ce81206ada0
13:27 asido salt 2014.7.5 (Helium)
13:28 asido I have source control dirs there and it changes their ownership
13:28 catpig joined #salt
13:28 murrdoc ah
13:28 thayne joined #salt
13:28 murrdoc the .svn / .git stuff
13:29 fusionx86 joined #salt
13:29 asido .hg
13:29 kaptk2 joined #salt
13:30 apergos Sacro: yeah I know but backlog and blah blah... so the upshot is I have to live with lucid for a while yet
13:30 dyasny joined #salt
13:31 lahwran joined #salt
13:31 murrdoc asido:  this is interesting
13:32 murrdoc https://github.com/saltstack/salt/blob/v2014.7.5/salt/states/file.py#L1729-L1748
13:34 perfectsine joined #salt
13:34 murrdoc so asido are u cloning from hg and then applying mode perms ?
13:34 jonher937 joined #salt
13:37 asido murrdoc, I am cloning many repositories and then building and running as user defined in pillar and because of that I am setting /local ownership to the user from pillar
13:38 Sacro apergos: doesn't mean other's do :P
13:38 Sacro *others
13:38 murrdoc are these dev machines asido, sorry just trying to understand the problem u are solving, you are right about file.directory not doing an exclude pattern
13:38 apergos :-P
13:38 looped joined #salt
13:39 Sacro apergos: seems we still have at least 1 lucid server in production ><
13:40 colonD joined #salt
13:40 numkem_ joined #salt
13:40 asido murrdoc, I'll simply run the whole state as the user in specified in pillar, so that I don't need to change ownership at all
13:40 apergos well I'll do some testing here and be able to see what that salt combo looks like, I was just hopnig osmeone else had real life experience
13:43 mage_ I'm running FreeBSD but without ZFS, is there a way to disable the zfs module (calls, ...) completely ?
13:44 murrdoc asido:  kk, http://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.hg.html#salt.modules.hg.archive might help
13:44 murrdoc u can run that in a state using module.run
13:45 KennethWilke joined #salt
13:45 Tyrm joined #salt
13:46 asido murrdoc, I am using hg.latest
13:46 asido it work fine
13:53 StDiluted joined #salt
13:54 favadi joined #salt
13:54 favadi left #salt
13:55 rocket joined #salt
13:55 rocket is it possible to use a pillars match inside a pillar?
13:55 giantlock joined #salt
13:56 subsignal joined #salt
13:57 murrdoc nope
14:01 timoguin joined #salt
14:01 nahamu joined #salt
14:02 ndrei joined #salt
14:04 rocket I was hoping to set some pillar data via a pillar role match :/
14:04 samnmax when using reactor to specify a set of things to execute on an event, how do I specify that the things to execute should go in a sequence?  Specifically, I want to use salt/cloud/*/created to set up a dns record, but I need to run pkg.install python-pip and pip.install before I can do that.
14:04 rocket whats the best way to set roles then?
14:04 andrew_v joined #salt
14:05 otter768 joined #salt
14:06 ek6 joined #salt
14:07 manfred rocket: pillars are rendered on the master, so if you do jinja stuff in it, it will use information from the master
14:07 manfred rocket:  if you want to match on roles, you should use grains
14:08 manfred samnmax:  put them all in one state file, and run that with state.sls, and it will run down that state in order.
14:08 favadi joined #salt
14:08 rocket how can grains be secure for roles though?  anyone can modify the grain on the host and pretend to be something they are not
14:09 penguin_dan joined #salt
14:09 samnmax manfred: thanks, that should have been obvious
14:10 manfred rocket:  they can only be modified by the root user.
14:10 dramagods joined #salt
14:10 manfred rocket: you could use nodegroups.  but that is pretty much just persistent compound matching
14:11 rocket manfred: sure, but what happens if the root user is compromised .. then its a simple matter of changing the role and getting additional information
14:11 drawsmcgraw manfred: Huhn... I hadn't thought that far down... I mean, if you're already root and can modify the grains, I guess there are other problems :)
14:11 drawsmcgraw rocket: Fair enough, but you need to know *what* those roles are
14:11 rocket my use case is a bunch of remote nodes at customer sites that may not be 100% secure, as the customer has physical access
14:11 iggy mage_: I see them too on Linux... just ignore it
14:12 rocket sure, but that sounds a lot like security through obscurity which isnt very secure ..
14:12 cpowell joined #salt
14:12 drawsmcgraw rocket: I use both, actually. I define the roles in Pillar, and I have a script that reads Pillar, then sets the grains on the minion.
14:12 drawsmcgraw I agree
14:12 volongato joined #salt
14:12 I3olle joined #salt
14:12 drawsmcgraw If you want absolutely zero chance of compromise, then data needs to stay on the master
14:12 drawsmcgraw And in that case, you can't use grains
14:13 drawsmcgraw I've got the best that I could come up with -> set it in Pillar, and routinely go out to set grains from what's in Pillar
14:13 drawsmcgraw If the grains are changed, they'll be reset on the next go-around
14:13 iggy security has always had it's overhead... salt is no different
14:13 asido I have a state, which builds and install a project, which has - onchanges: hg: clone-project. I am expecting that when hg pull fetches new commits it will trigger the state building and installing the project, but it doesn't
14:14 rocket I know .. I am just trying to noodle through the issues ..
14:14 asido do I misunderstand 'onchanges' ? should I use watch?
14:14 redzaku joined #salt
14:15 drawsmcgraw rocket: In the off chance you're interested in the implementation, I have a writeup over here: http://www.thereluctanttecchie.com/salt-roles-with-pillars-and-grains-revisited/
14:16 rocket drawsmcgraw: thanks I will take a look :)
14:16 iggy rocket: you have to use some other mechanism to target... there are lot's of different ways to do it (reclass, etc.)
14:17 magnus-lycka joined #salt
14:17 pdayton joined #salt
14:17 pcn iggy: I'm new to salt - so roles aren't first-class citizens ala chef, they're a convention added to grains or pillars in this case?
14:17 iggy someone was talking about using google jsonnet
14:18 ek6 manfred: i havent tested lately but you used to be able to make or mistake /etc/salt/grains with go+w and any user could alter grains..fyi
14:18 pcn Err... that message should have been to drawsmcgraw not iggy. Sorry
14:19 iggy pcn: yeah, a lot of people don't use them at all... I think it's just a comfortable concept to anyone who has lived in the past 15 years (tags/metadata/etc became common place in popular culture around then)
14:19 drawsmcgraw pcn: Correct. There's no "official" role mechanism. People just use existing mechanisms to implement them
14:19 rocket iggy: at the moment I am small enough I can just match the pillar data to hostname, but long term I will have to figure out another way :)
14:19 chiui joined #salt
14:19 iggy reclass
14:19 iggy check it out
14:21 pcn drawsmcgraw: Why is it necessary to bring that data from the pillar into the grain?  Is there not a mechanism to merge on each run?  It seems like this approach doesn't make it possible to remove a role from a pillar and have it clean up
14:21 iggy there are a ton of ext_pillar modules
14:21 iggy (and they are actually pretty easy to write)
14:22 iggy pcn: the problem becomes targeting your pillars based on roles... which are set in pillars
14:22 iggy you can't reliably reference pillars in pillars
14:22 pcn reliably because of ordering, or some other issue?
14:23 Yoda-BZH joined #salt
14:23 Brew joined #salt
14:24 manfred ek6: you can absolutely do that, but you shouldn't :P
14:24 iggy ordering, yes
14:24 ek6 manfred: wasnt saying you should...more less correcting, more altering your response about needing to be root to alter grains on minions..its not that clear cut
14:24 iggy it's not an unsolvable problem, but nobody has taken the time to do it
14:25 CeBe1 joined #salt
14:25 sandah joined #salt
14:25 ek6 manfred: sorry its more less early over here
14:25 manfred <3
14:25 iggy ek6: you can't protect people from bad choices, no matter how many addendums and notes you add to common statements
14:26 manfred I have been in a habit of doing passwd -l root, once salt is installed
14:26 st_iron joined #salt
14:26 manfred and if salt fails, i delete and make a new node
14:27 iggy ^
14:27 iggy I delete shit sometimes just because
14:28 manfred it is satisfying to build 50 servers, and delete them all
14:28 evilrob joined #salt
14:28 ek6 iggy: sigh...i was more referring to accidentally leaving the dir or the grains file writable not that someone made the choice to do so..but anyone..nit point
14:29 manfred i will have to double check that.
14:29 manfred i hope that isn't true
14:30 drawsmcgraw pcn: what iggy said. I kept finding myself in a corner where I wanted to make decisions in Pillar based on.... Pillar values
14:30 dharper_ii joined #salt
14:31 iggy as often as salt reads config files, I imagine people would notice if they started doing proper permissions checks
14:31 CeBe1 joined #salt
14:31 iggy we were |_| this close to 700 people in here
14:33 ek6 manfred: I do something like that..storing all important salt related info on ramdisk and all keys that are kept in memory are removed after start as well as not autorestarting
14:33 spiette joined #salt
14:33 rocket ek6: I would be interested in how you have that all setup...
14:34 toanju joined #salt
14:34 AlexStraunoff joined #salt
14:34 honestly joined #salt
14:35 garphy`aw joined #salt
14:37 ek6 rocket: ill try to cover it at a meetup and hit the record button....i didnt think many would care because i walk a very weird line not being a professional sysadmin and being overly paranoid with my masters
14:39 rocket ek6: lol, that tends to be the best time progress is made, when someone is walking the fine line .. :p
14:39 rocket eg I am thinking of writing salt modules to restore my databases and other data for example ..
14:40 rocket trying to make the process as painless as possible for a dr event
14:40 dendazen joined #salt
14:40 dendazen Why do i get this result?
14:40 dendazen http://pastebin.com/SB5CVez8
14:40 mage_ is there a way to see what a (jinja) rendered sls will looks like?
14:40 dendazen should be ‘ccccccc’
14:41 rocket so I did have a question re that salt module, how do I ensure the salt module is only copied onto my database host for example?
14:41 timoguin rocket: they'll be copied to all hosts, so you can't control that.
14:42 timoguin but there is a __virtual__() function that you can use to determine if a module will actually get loaded
14:42 timoguin a lot of modules will check for dependencies there, and only load if the required deps are available
14:42 rocket ah ok .. that works ..
14:42 ek6 rocket: i specifically dont do that because after a failure i dont trust anything that remains...and i cant have signing keys for submaster on supermaster because then i have to worry about supermaster getting hacked...  if i lose a master it comes down to people opening one of three firesafes around the world pulling our secure usb stick and pulling the signing key off.. yeah i warned you :)
14:42 conan_the_destro joined #salt
14:44 rocket ek6: I hear what your saying, but in this case I am looking at restoring child infrastructure.  the saltmaster and its data must be restored by some other offline step
14:47 [1]Dom joined #salt
14:47 jalbretsen joined #salt
14:48 timoguin joined #salt
14:48 [1]Dom can we have multiple "onchanges" requisite in a state?
14:48 ageorgop joined #salt
14:49 st_iron left #salt
14:51 fredvd joined #salt
14:52 asido I noticed that having multiple "onchanges" list items like this: https://gist.github.com/Asido/63ed00ddcd14d0f257ac
14:52 asido requires all 3 states to change in order for test_changing_state to trigger
14:54 armguy Is there a way to have grains get more info from a box than it shows in grains.items ?
14:54 armguy I seem to be failing in my search attempts
14:55 [1]Dom @armguy: you can put custom scripts that extract info from machines into a _grains folder under your state roots
14:55 theologian joined #salt
14:55 armguy [1]Dom~ Thanks for that :)
14:56 [1]Dom Here's a complete example that extracts info on ec2 machines and puts it into grains
14:56 [1]Dom https://github.com/saltstack/salt-contrib/blob/master/grains/ec2_info.py
14:56 armguy awesome
14:57 armguy thats perfect thanks for that example helps me a bunch
14:58 [1]Dom your welcome :) I use that exact script on my ec2 machines too
14:59 rhodgin joined #salt
15:00 lictor36 joined #salt
15:01 rm_jorge joined #salt
15:02 magnus-lycka joined #salt
15:02 sroegner joined #salt
15:07 chiui joined #salt
15:10 conan_the_destro joined #salt
15:11 scbunn joined #salt
15:13 timoguin joined #salt
15:16 linjan joined #salt
15:16 iggy mage_: salt-call -l debug state.sls foo
15:18 hemphill joined #salt
15:18 bhosmer joined #salt
15:18 iggy armguy: there are a number of other custom grains in salt-contrib as well
15:19 iggy armguy: you can also just shove stuff in /etc/salt/grains
15:20 smcquay joined #salt
15:20 armguy oh nice thanks iggy
15:21 sdm24 joined #salt
15:22 Guest70 joined #salt
15:24 Furao joined #salt
15:25 linjan joined #salt
15:28 Eureka joined #salt
15:30 LtLefse joined #salt
15:31 LtLefse joined #salt
15:35 dharper_ii I am seeing some weird things with zeromq. rpm -qa | grep shows libzmq3-3.2.2, but salt-call grains.item zmqversion show 4.0.5. Does anyone know where salt is getting its zeromq version from?
15:38 StDiluted joined #salt
15:38 theologian joined #salt
15:39 Auroch joined #salt
15:44 MrMarv joined #salt
15:45 spookah joined #salt
15:49 _Cyclone_ joined #salt
15:49 iggy epel?
15:50 SeeDickCode joined #salt
15:50 racooper joined #salt
15:52 CeBe1 joined #salt
15:54 ajw0100 joined #salt
15:57 clintberry joined #salt
16:00 fusionx8_ joined #salt
16:01 bhosmer joined #salt
16:01 ksj how do I target a "subgrain" - e.g. gpus:model. 'salt \* grains.item gpus:model' doesn't seem to work
16:02 magnus-lycka joined #salt
16:02 drawsmcgraw ksj:  gpus['model'] ?
16:03 LtLefse dharper_ii: see what you get from ldconfig -p | grep zmq
16:03 ksj ...nope...though that may be shell quoting strangeness
16:04 iggy ksj: .get is the only thing that supports dict lookups with :
16:04 iggy so pillar.get and grains.get
16:05 JDiPierro joined #salt
16:05 ksj ahh ok....so it can't be done with item. I never quite understood why there's the discrepency
16:05 iggy item should probably just go away
16:06 iggy legacy cruft
16:06 Deevolution LtLefse: ldconfig shows libzmq.so.3 (so 3).  Neither dharper_ii nor I can figure out where it's getting it's zmq version.
16:06 otter768 joined #salt
16:06 iggy except it's related to items (which is still useful)
16:06 mapu joined #salt
16:06 Deevolution The version of salt was installed via pip.
16:06 igorwidl joined #salt
16:07 iggy is there a rogue libzmq somewhere (/usr/local, etc)?
16:08 Deevolution iggy:  That's possible, but I've not yet found it.  Also begs the question of where it came from.
16:09 KyleG joined #salt
16:09 KyleG joined #salt
16:10 murrdoc what does pip freeze report as the version
16:10 Deevolution murrdoc:  Of which package?
16:10 LtLefse Deevolution: in a python shell try import zmq, then print zmq.__file__
16:10 murrdoc python-zmq
16:11 iggy I think we are talking about the ZMQ version (vs PyZMQ)
16:11 Deevolution iggy: We are.
16:11 Deevolution The python-zmq is fine (reasonable version).
16:11 TyrfingMjolnir joined #salt
16:12 Deevolution The (salt reported) version of zmq itself appears to be different then what is installed on the system.
16:12 iggy it's RH, so that's debatable
16:12 LtLefse yeah, I noticed a comment in the zmq __init__: # load bundled libzmq, if there is one:
16:12 Deevolution LOL
16:13 iggy I wouldn't be surprised if pyzmq preferred a built version (and since you installed via pip it would have tried to install whatever version)
16:13 Deevolution There's a libzmq.so in the python-zmq version
16:13 Deevolution That's got to be it.
16:13 murrdoc uh hmm
16:13 murrdoc :P iggy
16:15 Deevolution Okay.  That's helpful.  Thanks everyone.
16:15 iggy you know you're better off with 4.x rather than 3.x anyway right?
16:16 Deevolution iggy: Yep.  We agree.  We're trying to sort out some issues we're seeing in 2014.7.4 with minions not staying connected/not sync_all'ing.  Just looking at anything that looks anomalous.
16:17 rideh joined #salt
16:17 gladiatr joined #salt
16:17 iggy upgrade to 2015.2
16:17 iggy all of our "minions gone missing" problems went away
16:18 Deevolution We had some issues with 2015.2.0rc1.  I'm open to trying rc2.
16:18 nicdew joined #salt
16:18 iggy final should be out "soon"
16:19 nicdew left #salt
16:19 iggy I say that... there were only 2 blockers, now there's 5
16:19 nicdew joined #salt
16:20 dharper_ii iggy: going to give it a shot now
16:21 ek6 iggy: wasnt it down to one at some point..and wasnt that yours?...i still blame you regardless for the delay
16:21 fusionx86 joined #salt
16:22 mwpher joined #salt
16:26 murrdoc figgy
16:26 fusionx86 joined #salt
16:27 richardc joined #salt
16:28 TheOtherDude joined #salt
16:30 fusionx86 joined #salt
16:30 c10 joined #salt
16:31 Guest70 joined #salt
16:31 TheOtherDude joined #salt
16:31 Furao joined #salt
16:33 rojem joined #salt
16:34 solidsnack joined #salt
16:34 ckao joined #salt
16:35 Fiber^ joined #salt
16:35 lumtnman joined #salt
16:39 iggy yeah, my attempts to postpone the release till the 65th of February so I could win a bet totally backfired
16:39 mwpher joined #salt
16:41 wendall911 joined #salt
16:46 meylor joined #salt
16:46 aparsons joined #salt
16:47 bluenemo joined #salt
16:47 bluenemo joined #salt
16:48 mwpher joined #salt
16:48 Guest70 joined #salt
16:51 TyrfingMjolnir joined #salt
16:55 elfixit joined #salt
16:58 jeffspeff joined #salt
16:59 jonlangemak joined #salt
17:00 iggy 'unless' is an invalid keyword argument for 'file.uncomment'
17:01 iggy I really hate that warning, but in this case I think it's actually finding a bug somewhere
17:01 c10 joined #salt
17:02 tkharju joined #salt
17:03 magnus-lycka joined #salt
17:05 adelcast joined #salt
17:08 adelcast left #salt
17:09 theologian joined #salt
17:14 jonatas_oliveira joined #salt
17:14 ek6 iggy: well i joked about the 2 being season...but starting to think i should have guessed quarter instead...so dont feel bad
17:15 joeto joined #salt
17:15 desposo joined #salt
17:17 ajw0100 joined #salt
17:17 khris joined #salt
17:18 iggy they should just do 2015.1 (first release of 2015) 2015.2 (second release of 2015) 2015.3 (third release of 2015)
17:18 murrdoc or 2015.5
17:18 murrdoc for yyyy.m
17:19 Tyrm joined #salt
17:21 manfred you could just name it… i don't know… something arbitrary… like elements … then you could have like… Lithium.rc2, until it is stable… then tag it with the month
17:21 manfred but that is just a thought
17:21 iggy using the release date is obviously not working out
17:22 yetAnotherZero joined #salt
17:23 manfred that is crazy talk
17:24 manfred they aren't using the release date, they are using the tag date
17:25 timoguin joined #salt
17:25 manfred what if they had master… and master was the stablizing release… and we could continue to develop in develop… but once master was stablized, and you did your release candidates… you then just released it ...
17:25 iggy 2015.2 was tagged in 2014.12
17:25 iggy so no
17:25 manfred well, before that one it was on tag date
17:25 iggy true
17:25 signull joined #salt
17:26 iggy and they changed it "to avoid confusion" or something
17:26 manfred until it went 3 months past the predicted date
17:26 manfred are there any blockers listed in the bug tracker still?
17:26 iggy yeah, like 7 now
17:26 stanchan joined #salt
17:26 iggy 6
17:26 iggy 5
17:26 manfred https://github.com/saltstack/salt/issues?q=is:open+is:issue+label:Blocker
17:26 manfred i only see 2
17:27 manfred well 1, two are pending verification
17:27 iggy https://github.com/saltstack/salt/issues?q=is%3Aopen+is%3Aissue+milestone%3ALithium
17:27 manfred https://github.com/saltstack/salt/issues?q=is:open+is:issue+milestone:Lithium+label:Blocker
17:27 iggy I don't know that the tags are entirely consisent yet (getting there)
17:27 Guest70 joined #salt
17:28 manfred yeah
17:28 manfred idk
17:28 iggy well, mine is "High Severity" but not a blocker
17:28 manfred it is all terrible
17:28 manfred everything is awful
17:30 manfred how dare you close that bug while I was looking through the code!
17:30 manfred <3
17:31 iggy unless?
17:31 manfred yeah :P
17:31 manfred https://twitter.com/thatch45/status/471367455345246208
17:31 manfred i was the original one to implement it.
17:31 manfred aight, I gotta go get lunch
17:34 iggy thank you
17:37 ktosiek joined #salt
17:42 c10 joined #salt
17:43 Andre-B joined #salt
17:44 scoates joined #salt
17:44 mens joined #salt
17:45 toastedpenguin joined #salt
17:45 toastedpenguin joined #salt
17:46 signull joined #salt
17:46 toastedpenguin joined #salt
17:46 meylor joined #salt
17:47 toastedpenguin joined #salt
17:48 danblee joined #salt
17:49 denys joined #salt
17:52 denys joined #salt
17:53 tmclaugh[work] joined #salt
17:53 SeeDickCode joined #salt
17:56 wnkz_ joined #salt
17:56 TheOtherDude joined #salt
17:57 MatthewsFace joined #salt
17:58 baweaver joined #salt
17:59 c10 joined #salt
17:59 MatthewsFace joined #salt
18:00 aparsons joined #salt
18:02 aparsons_ joined #salt
18:03 stoogenmeyer_ joined #salt
18:03 jonlangemak joined #salt
18:07 hemphill joined #salt
18:07 otter768 joined #salt
18:08 krelo joined #salt
18:10 jrluis joined #salt
18:14 baweaver joined #salt
18:15 solidsnack joined #salt
18:15 Oxf10e joined #salt
18:18 FeatherKing relatively new to custom modules, getting __salt__ is not defined. i was trying to use grains as parameters in a function
18:22 Guest70 joined #salt
18:23 manfred FeatherKing:  where in the module are you using __salt__ ?
18:23 XenophonF joined #salt
18:23 manfred if it is in __virtual__() it won't be defined there, it gets defined later after it is imported
18:23 FeatherKing this is outside virtual, just in another function definition
18:24 FeatherKing like def(db=__salt__['grains.get']('dms_db_catalog')):
18:24 FeatherKing maybe i cant use it here
18:24 manfred oh, you are defining it in the default variables?
18:25 manfred that won't work
18:25 blacked joined #salt
18:25 manfred anything that is loaded on an import won't be there
18:25 manfred if it is inside the function, then it will work, but as teh default variable, it can't be
18:25 manfred my suggestion would be to set the default to None, and if it is still None in the function, assign that grain
18:25 FeatherKing ah ok perfect
18:25 FeatherKing if i was looking to output in csv
18:26 FeatherKing would i use __outputters__
18:26 manfred that i have no idea
18:26 FeatherKing ok np
18:26 FeatherKing havent gotten that far yet
18:28 baweaver joined #salt
18:29 CryptoMer joined #salt
18:29 CryptoMer Hey Everyone, is it possible to match on pillar data in the pillar/top.sls?
18:30 CryptoMer Specifically, I'm trying to match on a nested pillar dict 'dict1:dictb:dict3'
18:30 murrdoc noep
18:31 CryptoMer d'oh
18:32 iggy that seems to get asked more and more lately
18:32 badon joined #salt
18:32 Oxf10e CryptoMer: you can't use pillar inside pillar, but you can template pillar (see https://github.com/0xf10e/blog/blob/master/SaltStack_templating_pillar.rst )
18:32 iggy wonder what's changed (people being urged against using grains for roles? something else?)
18:32 murrdoc u can pillar in pillar in ext_pillars
18:32 manfred i don't understand why you would need to do that…
18:32 Oxf10e iggy: more new users?
18:33 Oxf10e murrdoc: can you?
18:33 manfred ext_pillar renders on the minion doesn't it?
18:33 iggy most new users don't even know what pillars are much less try to target minions in the pillar top file using pillar data
18:33 sdm24 When I was going to use grains for roles, my boss didn't like that it was saved on the minions instead of the masters
18:33 CryptoMer sdm24: that's exactly the point.
18:33 Oxf10e manfred: ext_pillar render in the master...
18:33 manfred do they?
18:33 CryptoMer ^^
18:33 manfred meh
18:34 CryptoMer The minion has the capability to edit the grains data, whereas if it is pillar data, the minion cannot.
18:34 manfred so like… this is the only place where node groups would be usefull i guess…
18:34 manfred but in the end, the nodegroup is just a persistant compound match
18:34 iggy we have a custom grain module that sets the roles based on $cloud_provider metadata
18:34 Oxf10e manfred: there was the thing with "ext_pillar_first" which I first misunderstood. but maybe one day we can at least use ext_pillar in pillar-rendering...
18:35 iggy and we assume that if someone gets root on our boxes, we're already fscked
18:35 manfred I think that the only real way to do reliable role stuff is by name matching, because it is the minion_id, and not the actual hostname of the server, and if they change the minion_id, they would have to have their key re accepted by the master
18:36 sdm24 yeah, our hostnames don't follow any convention, so we just use pillar role lists where the minionid is manually added to pillar rolse lists. Not perfect, but it works for our small-ish scale
18:36 CryptoMer Oxf10e: that'd be great if we could utilize the ext_pillar in pillar rendering.
18:36 murrdoc ouch
18:36 CryptoMer That's pretty much what I"m looking for.
18:36 murrdoc sdm24:  u could do it in two parts
18:37 iggy this where things like reclass gain a leg up on the simplistic file matching
18:37 murrdoc drop the roles as a grain on the minion
18:37 murrdoc and read in the grain in the pillars only
18:38 sdm24 murrdoc: Yeah that was one idead I had, but then we would still have to manually set each role grain for the minion, either via the master or the minion
18:42 Oxf10e CryptoMer: I think I mentioned this in an issue or on salt-users but there wasn't too much discussion
18:48 iggy at some level you're going to have to have some mapping of minions to roles... just depends where that makes the most sense for a particular user
18:48 iggy there's a reason there are like 20 ext_pillar modules
18:49 alexanderilyin joined #salt
18:50 apergos left #salt
18:52 giantlock joined #salt
18:52 tracphil joined #salt
18:52 solidsnack joined #salt
18:57 TyrfingMjolnir joined #salt
18:57 adelcast joined #salt
18:57 ndrei joined #salt
18:57 blacked1 joined #salt
18:57 cornfeedhobo left #salt
18:58 Oxf10e iggy: I think they're mostly to re-use existing data outside of salt
19:00 krelo joined #salt
19:01 iggy because different configs are going to have different requirements and you're silly if you think you can write one-size-fits-all software
19:01 Oxf10e I actually thought about a postgres-ext_pillar but then I had to write the GUI for getting data in there, too ^^"
19:03 murrdoc u could use redis and disk backing (heh)
19:03 dendazen joined #salt
19:04 Mooon joined #salt
19:04 Oxf10e murrdoc: no key-value NoSQL for me, thx
19:05 iggy wimp
19:05 scoates joined #salt
19:05 Mooon I am considering moving from Puppet to Saltstack, however I am not finding the docs how to figure out what minions are passing/failing states.  Is there some kind of historical tracking of failed states and a way to view it?  Also is there a web based interface for managing/viewing minions and their stats?
19:05 hybridpollo joined #salt
19:05 Oxf10e iggy: because I like my datastructures valid and persistent?
19:06 murrdoc because u havent written a purely rest based interface to postgres
19:06 bhosmer_ joined #salt
19:07 Oxf10e iggy: still the "pillar based on pillar" issue should be possible to implement inside salt so one can do s/t like this without external tools
19:07 sdm24 Quick question, does anyone know of any better/different ways to restart minions via a state? I"m using https://gist.github.com/anonymous/726596ed8ee86dabdf70 now to just use cmd.run for linux/windows minions
19:07 bhosmer_ joined #salt
19:07 Oxf10e murrdoc: to enter the data with curl or what?
19:07 murrdoc yeah
19:07 chiui joined #salt
19:08 iggy Mooon: SaltStack Enterprise (SSE) has a web gui that does that kind of stuff
19:08 iggy Mooon: if you are too broke/cheap to pay for that, there's saltpad and probably a couple other things that can do the historical tracking
19:08 murrdoc Oxf10e:  puppet db is a postgres db fronted by a rest interface and works a-ok
19:08 Mooon iggy: So no tracking of states without a web ui?
19:09 murrdoc nope
19:09 murrdoc no tracking without a returner
19:09 iggy Mooon: not historically (out of the box)
19:09 murrdoc returner ?
19:09 Mooon Well that's pretty close to useless...
19:09 iggy depends
19:09 iggy I don't care what failed 3 months ago as long as everything is running now
19:09 iggy different strokes my man
19:10 FeatherKing lol this one feature that is important to me doesnt work, aka useless
19:10 Mooon If one cannot see what's failing or succeeding how do you know what's happening in your environment?
19:10 sdm24 you can use a testing environment to see if it fails when you run it?
19:10 iggy you can see what's failing right now (up to 24 hours back by default)
19:11 sdm24 then once its successful, move it to the next environment, test it, repeat
19:11 iggy just not like 3 months ago
19:11 Mooon So no email alert, log, nothing can be configured to let you know something is failing?
19:11 drawsmcgraw Mooon: I usually tack on "-v --summary" to each Salt run to get a list of who successfully ran and who didn't.
19:12 drawsmcgraw There's also  the jobs runner for going through the jobs cache
19:12 iggy there are all kinds of returners (smtp, slack, pagerduty, etc.)
19:12 drawsmcgraw Mooon: what you're talking about, I think, is returners
19:12 drawsmcgraw For logging, anyway
19:12 drawsmcgraw http://docs.saltstack.com/en/latest/ref/returners/all/
19:12 vschum1 joined #salt
19:12 iggy that's just not something that's setup by default
19:12 Mooon Got it, they allow you to return results
19:13 murrdoc supposed salt-db is shipping native in 2015.2
19:13 drawsmcgraw uh-huh
19:13 murrdoc how many masters do u haev Mooon
19:13 sdm24 Wow, I didn't know about -v --summary. Very helpful drawsmcgraw. Thanks
19:13 murrdoc salt masters
19:13 drawsmcgraw sdm24: sure thing. I only recently discovered it myself
19:14 iggy honestly though... if I had a working system I wouldn't change it just for s&g's
19:14 andrew_v joined #salt
19:14 Mooon murrdoc: What is salt-db?
19:14 iggy (even as badass as Salt is)
19:14 murrdoc s&g ?
19:14 sdm24 its like --state-output=changes when running a long highstate and you only need to see one little part
19:14 murrdoc salt-db is a mariadb backed returner
19:15 drawsmcgraw murrdoc: I thought salt-db was the small database local to each minion?
19:15 Mooon Looking at returners I am seeing a mysql returner
19:15 sdm24 murrdoc: S&G means *stuff* and giggles, doing something for no reason
19:16 iggy ^
19:16 iggy don't let his dark complexion fool you, he doesn't need idioms explained to him
19:17 sdm24 Always better to over-explain to everyone than just for your target audience haha
19:17 murrdoc shits and googles is a thing
19:18 Tyrm joined #salt
19:19 aparsons joined #salt
19:22 solidsnack joined #salt
19:22 iggy babilen: are you getting my commit message comments? (even though it was already merged)
19:23 CeBe1 joined #salt
19:28 Mooon A question about returners, is the minion or the master doing the returning?
19:28 Micromus joined #salt
19:28 murrdoc minion
19:30 Mooon So you can't have it funnel back to the master?  There is no way we can put a database network connection on every minion we plan on having.
19:31 Guest70 joined #salt
19:33 MatthewsFace joined #salt
19:33 iggy http://docs.saltstack.com/en/latest/ref/configuration/master.html#master-job-cache
19:33 iggy docs ftw
19:34 Mooon Yusss, I just found that as well
19:35 Micromus joined #salt
19:40 armguy with the current smbios module is there a way to call -lite with it that I am missing?
19:40 res0nat0r joined #salt
19:40 armguy err I should say smbios-sys-info-lite
19:40 redzaku left #salt
19:43 iggy armguy: no, but that's not a bad idea for a feature request
19:43 iggy (or a PR if you're feeling froggy)
19:43 TheNumb left #salt
19:44 armguy If I was better with python I would be happy to do a PR, will dig in and see what I can come up with and will FR if it's past me at this point
19:45 iggy do the feature request either way
19:45 iggy then if you do the PR you get to close your own FR and look like a boss
19:45 armguy lol ok thanks iggy will do :)
19:51 Micromus joined #salt
19:56 Micromus joined #salt
19:59 baweaver joined #salt
20:01 numkem joined #salt
20:08 babilen iggy: Which comments exactly?
20:08 otter768 joined #salt
20:08 iggy ping.conf was messed up, sent a PR
20:08 iggy in collectd-formula
20:09 alexanderilyin joined #salt
20:09 solidsnack joined #salt
20:09 babilen ah, I'll check that later
20:09 iggy was more or less just curious if you still got notifications for comments on closed PRs
20:10 babilen I got something, but it looks like a direct push/merge
20:10 IronBalls joined #salt
20:10 iggy hah
20:10 iggy uhh... I really hope not
20:10 babilen "Boo!"
20:11 iggy yeah
20:11 babilen Could you elaborate on that?
20:11 druonysus joined #salt
20:11 druonysus joined #salt
20:11 linjan joined #salt
20:11 babilen (I will review that tomorrow, sorry)
20:11 iggy I sent a PR
20:17 cwyse joined #salt
20:18 murrdoc link
20:20 jrluis joined #salt
20:22 Micromus joined #salt
20:26 babilen iggy: Oh, did I not submit that one?
20:26 babilen hmm
20:27 o5k_ joined #salt
20:28 prwilson joined #salt
20:32 o5k__ joined #salt
20:32 thayne joined #salt
20:32 alexanderilyin joined #salt
20:34 drawsmcgraw joined #salt
20:39 sdm24 What's the best way to have a list that is constantly rewritten by Salt? I want Salt to create and managed a list of hostnames that are not found on a DNS nameserver. File.managed using text: instead of source: isn't working, and File.append won't remove minions when they are added to the DNS nameserver
20:39 sdm24 Or do I have to do a template for file managed, and then use the template as a source for the other file
20:40 seev I do something similar to generate a zone file
20:41 seev it writes out the new version in a tmp space, diffs the existing file under the salt state tree, and then overwrites it and fires off a salt 'dnsserver' state.sls statename
20:41 sdm24 Oh never mind, file.managed uses contents: <String>, not text: <string>
20:41 seev not the most elegant way, but it works
20:42 sdm24 the file.managed with just name and contents works
20:43 murrdoc source > contents
20:43 faust joined #salt
20:44 sdm24 https://gist.github.com/anonymous/1985479d6c5be9af8c9b theres my state if people care
20:44 iggy salt.state.host.present/absent
20:44 Guest61936 I couln't find the answer, is there a way to pillar.get('value') in a pillar sls file ?
20:44 iggy that's like #5 today alone
20:44 iggy Guest61936: no
20:45 hemphill joined #salt
20:45 iggy sdm24: indent your jinja tags... much easier to read
20:45 sdm24 Oh ok sorry
20:46 Guest70 joined #salt
20:48 iggy that was more of a suggestion, not a threat or anything ;)
20:49 Guest61936 iggy: ok, so how to override a pillar (like ansible way ?)
20:49 iggy I don't know ansible, so not sure I can help you there
20:50 bhosmer joined #salt
20:50 Guest61936 hmm the think I wanna do is https://github.com/saltstack/salt/issues/3991
20:50 Guest61936 more or less
20:50 rocket joined #salt
20:50 rocket can I set a pillar value from a state file?  eg the current root password?
20:51 rocket can I set a pillar value from a state file?  eg the current mysql root password?
20:51 iggy rocket: salt.wheel.pillar
20:51 Guest61936 iggy: idea is to have some default iptables rules in pillar/common.sls and some specific in pillar/server01.sls
20:51 Guest61936 I am just starting so I may have a design problem
20:52 iggy Guest61936: make it a list and it _should_ get merged
20:52 subsignal joined #salt
20:52 hemphill So I am trying to get salt-cloud to fire up a windows host(2012 r2), since winexe doesn't seem to support that I installed pywinrm and set use_winrm to True in the profile file. Salt-cloud still seems to insist on using winexe instead, even though it has been removed. Anyone have thoughts on what to check to figure out why?
20:53 rojem joined #salt
20:53 Guest61936 iggy: ah didn't try this approach
20:54 giantlock joined #salt
20:54 Guest61936 but it is definitively not possible to override some pillar (aka default interface is eth0 but for server01 it is br0 ?)
20:54 rojem joined #salt
20:55 nzero hemphill, havent used windows in a couple of years ( wow, that feels weird to say ), but you could check your environment variables, registry, and config files. sometimes those things dont get clean up well after something is removed
20:56 m_ joined #salt
20:56 hemphill I am running from a linux host trying to spin up the windows instances so I don't think there are any remnants. I am destroying the sunup environment on each attempt. This my first brush with windows in close to 15 years myself...
20:58 fusionx8_ joined #salt
21:00 jcockhren hemphill: good luck!
21:01 hemphill Thanks, i'll need it...
21:01 thehaven joined #salt
21:02 baweaver joined #salt
21:02 iggy Guest61936: if you order things right in the top file, the lower files (at the end of the topfile) should overwrite the higher entries (there were some notable bugs that broke that though, so test to make sure)
21:03 solidsnack joined #salt
21:05 rocket iggy: I am not sure what you mean by salt.wheel.pillar ...
21:07 Guest61936 iggy: yep I needed to put an order to get things ok
21:09 iggy rocket: http://docs.saltstack.com/en/latest/ref/wheel/all/salt.wheel.pillar_roots.html#module-salt.wheel.pillar_roots
21:10 kunersdorf joined #salt
21:11 coval3nce joined #salt
21:12 coval3nce salt orchestrate runner - would this be the best bet to orchestrate tasks similar to playbooks in ansible?
21:12 coval3nce e.g. repeatable taks vs simply just applying state?
21:13 fusionx86 joined #salt
21:13 manfred orchestrate are going to be your larger things
21:13 iggy things that have cross-host dependencies
21:13 manfred ^^
21:13 iggy i.e. I need my database in a certain state before my app servers deploy new code, etc.
21:13 coval3nce perfect, thats what i was looking for.  Particularly orchestrating backups accross multiple systems
21:13 iggy coval3nce: oooh
21:13 iggy lookie
21:14 manfred if you are trying to just run backups all seperate across servers, you could have one state that does the backups, and batch them so only say… 2 servers run their backups at a time
21:14 iggy https://gist.github.com/iggy/366611900342234aa184
21:14 manfred salt \* —batch 2 state.sls backup
21:14 coval3nce Are there best practicies for the “orchestrate” directory?  Is it literally just underneath my root salt files dir?  Also, you can drive orchestration files with pillar data yes?
21:14 CeBe1 joined #salt
21:15 coval3nce manfred: i’ve got a condition where i need solr services to stop accross multiple nodes before backing up shards etc, this seems perfect for orchestrate no?
21:15 iggy orchestrate can call the equivalent of state.sls (or state.highstate) so yeah, you can access pillar data that way
21:15 coval3nce iggy: oh sweet, taking a loog at that gist now
21:15 iggy but not directly in an orchestrate file (as that is run in the master context)
21:16 coval3nce ah gotcha, so no way to pillar drive an orchestrate file?
21:16 coval3nce For example, to make a command run on a targeted set of hosts configurable.
21:16 iggy not directly no
21:16 iggy look at my example
21:16 iggy it might clear some things up
21:17 manfred coval3nce:  yeah that would be good for orchestrate
21:17 rocket iggy the docs are not very clear on how to use that
21:17 coval3nce iggy: thx man, will RTFM, litreally just found out about orchestrate 30 seconds before barging in here ;)
21:17 iggy rocket: I've never used it, I just know it's capable of doing what you mentioned
21:19 rocket I am not even sure how the wheel stuff works :/
21:19 iggy coval3nce: you can target things based off of pillar data, but you can't do pillar.get in an ochestrate file
21:25 manfred rocket: wheel is used for stuff to configure and control the master
21:26 manfred rocket:  https://github.com/saltstack/salt/blob/develop/salt/wheel/__init__.py#L19-29
21:26 manfred usually interfaced from the command line using salt-run
21:27 manfred i don't see a salt.wheel.pillar, just salt.wheel.config or .key, those are the two i have used.
21:27 rocket manfred: ok maybe the better question is how do I save the original mysql root password
21:28 manfred i personally save it in grains.
21:28 manfred and pass the one I want to change it to in pillars
21:29 rocket and thats secure enough?  eg leaving the mysql root password on the filesystem?
21:29 manfred so
21:29 manfred i make my /etc/salt/grains secure, and lock my root password
21:29 manfred cause I am never manually logging in as root, and no one should have access to it.
21:30 I3olle_ joined #salt
21:30 rocket I see ..
21:30 manfred i do have one user that is allowed to run specific commands like service salt restart or systemctl restart salt
21:30 manfred but
21:31 rocket I was hoping for something like chef, where you can save the data back to the master easily
21:31 iggy manfred: it's salt.wheel.pillar_roots
21:31 manfred ahh
21:31 manfred maybe that one can do it
21:31 manfred but that is still the master having to run the salt.wheel
21:31 manfred you can't do it from the minion
21:32 manfred you could have an external pillar setup where you could write to it, but maybe not read the data back, and only have the master read the ext pillar to assign stuff
21:32 rocket I guess its no different than doing salt-call pillar.items on the minion :/
21:32 manfred yeah, if you have grains only readable by root
21:32 manfred if they get root… they could just do pillars.items
21:33 iggy are you trying to save it long term?
21:33 manfred well… one benefit is that you would be able to remove it from accepted keys...
21:33 iggy or just through the span of a single highstate?
21:33 manfred but even then, it would still be in /var/cache/salt/minion
21:33 jdesilet joined #salt
21:33 manfred iggy:  save it like grains.set_val was my guess
21:33 fusionx86 joined #salt
21:33 rocket yes iggy .. my thought is to check if exists, if it doesnt use blank as the original password
21:33 ek6 i didnt think pillar data was cached in unencrypted state
21:33 rocket then set the mysql database password to the new one and set the key for the current password
21:34 iggy there's __context__ which exists through the span of a single highstate run
21:34 rocket say 3 months from now I want to change the password, I need the current password and the new password set in my pillar data to do that
21:35 manfred put it in grains, and use config.get
21:35 rocket mysqladmin --user root password fo1 --password=foo
21:35 manfred iirc, that checks grains and then pillars?
21:36 manfred hrm, doesn't look like it stores pillars
21:37 rocket maybe I am overthinking this .. maybe the mysql modules already handle this :/
21:37 rocket looking into them ...
21:38 bhosmer joined #salt
21:41 Diaoul joined #salt
21:42 whytewolf guess you could use mysql_user.present to change the password. followed by a update to the minion config file for mysql, then a minion service restart. in theory. seems more complicated and prone to issues with order.
21:44 iggy we store our postgres passwords in pillars (manually entered)... I can imagine a few situations where that would be tough to work with
21:45 solidsnack joined #salt
21:45 rocket the only challenging situation is when the root password needs to be updated it seems .. any other user is trivial assuming you can authenticate with root
21:46 rocket it seems a nice enhancement would be a pillar.set with some sort of whitelist on the master that is allowed
21:46 iggy yeah, postgres is different in that you can always just run whatever you want as the postgres system user
21:46 whytewolf postgres is nice like that :P
21:47 rocket I think I am just going to go down the document the procedure route for now .. :/
21:49 simmel joined #salt
21:54 aparsons joined #salt
21:55 lynxman joined #salt
21:56 perfectsine joined #salt
21:56 fusionx86 joined #salt
22:02 rocket_ joined #salt
22:03 cornfeedhobo joined #salt
22:04 scbunn joined #salt
22:04 JDiPierro joined #salt
22:05 smcquay joined #salt
22:05 fusionx86 joined #salt
22:06 fusionx86 joined #salt
22:07 cornfeedhobo left #salt
22:07 * eightyeight
22:09 smcquay joined #salt
22:09 solidsnack joined #salt
22:09 otter768 joined #salt
22:10 rocket joined #salt
22:14 rojem joined #salt
22:18 KyleG1 joined #salt
22:20 echo joined #salt
22:23 fusionx8_ joined #salt
22:26 armguy Trying to write my first grain, and painfully rusty in py. Can anyone point me to why I am not getting my expected output. I added extra notes in the paste. http://codepad.org/hNXqM58L
22:28 Guest70 joined #salt
22:29 krobin joined #salt
22:29 KyleG joined #salt
22:29 KyleG joined #salt
22:35 markm joined #salt
22:39 daemonkeeper joined #salt
22:39 iggy armguy: grains['isdell'] = __salt__['cmd.run']('command to run')
22:40 iggy https://github.com/saltstack/salt/blob/develop/salt/grains/ssds.py
22:40 iggy that might give you some inspiration on using cmd.run in grains
22:41 Heartsbane eightyeight: did you want to say something?
22:41 iggy (i.e. setting up the __salt__ dict properly, etc.)
22:43 armguy iggy~ thank you :)
22:48 conan_the_destro joined #salt
22:53 jodv joined #salt
22:55 scbunn joined #salt
22:57 iggy armguy: no problemo, if you need more help feel free to ask
22:57 iggy the stuff in salt-contrib might be good to look at too (although some of them are pretty crappy)
22:58 armguy great thanks, noted. I know I have a steep learning curve but oh well always fun :)
23:04 rocket joined #salt
23:09 mosen joined #salt
23:10 bfoxwell joined #salt
23:10 armguy iggy~ thanks again that got me to what I needed :)
23:10 jodv joined #salt
23:10 badon joined #salt
23:11 iggy if it's not too specific to your setup, you might consider contributing it to the salt-contrib grains
23:12 blacked joined #salt
23:16 blacked1 joined #salt
23:16 scbunn joined #salt
23:17 baweaver joined #salt
23:18 armguy ok, I still have submit the feature request, if that got added eventually this would not be needed
23:18 armguy have to*
23:20 mosen acceptance testing - formulas seem to use kitchen but salt seems to use salttesting ? If I'm writing modules should I just go with kitchen?
23:21 badon joined #salt
23:28 bhosmer_ joined #salt
23:29 solidsnack joined #salt
23:29 thehaven joined #salt
23:38 pviktori joined #salt
23:39 bhosmer_ joined #salt
23:40 murrdoc joined #salt
23:42 baweaver joined #salt
23:45 c10 joined #salt
23:46 pviktori joined #salt
23:50 vstoniest joined #salt
23:54 jodv_ joined #salt
23:54 FeatherKing joined #salt
23:55 iggy testing shmesting
23:56 KyleG shmestin

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary