Perl 6 - the future is here, just unevenly distributed

IRC log for #salt, 2015-06-08

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:01 tmclaugh[work] joined #salt
00:02 murrdoc joined #salt
00:03 evle joined #salt
00:05 teskew joined #salt
00:17 evle1 joined #salt
00:31 bemehow joined #salt
00:34 tmclaugh[work] joined #salt
00:38 fxhp joined #salt
00:42 forrest joined #salt
00:48 otter768 joined #salt
00:49 ageorgop joined #salt
01:12 sunkist joined #salt
01:23 david_an11 joined #salt
01:45 beauby joined #salt
01:51 bemehow joined #salt
02:08 beauby joined #salt
02:09 bemehow joined #salt
02:10 dalexander joined #salt
02:22 bemehow joined #salt
02:26 Not_ joined #salt
02:26 Not_ hola
02:32 favadi joined #salt
02:37 sunkist1 joined #salt
02:39 beauby joined #salt
02:42 sunkist joined #salt
02:48 otter768 joined #salt
02:56 shah joined #salt
02:56 shah hye guys
02:57 shah i wanna ask, is there a way to get saltstack enterprise trial ?
03:08 Dev0n_ joined #salt
03:09 beauby joined #salt
03:09 sunkist1 joined #salt
03:11 dalexander joined #salt
03:27 onorua joined #salt
03:27 Micromus joined #salt
03:27 dthorman joined #salt
03:27 dstokes joined #salt
03:27 hal58th_ joined #salt
03:27 egil joined #salt
03:27 UForgotten joined #salt
03:27 sk_0 joined #salt
03:27 saltsa joined #salt
03:27 _vimalloc joined #salt
03:27 sybix joined #salt
03:28 mirko joined #salt
03:28 robothands joined #salt
03:28 Cottser|away joined #salt
03:28 trevorj joined #salt
03:28 ange joined #salt
03:28 ksalman joined #salt
03:28 mackstick joined #salt
03:28 honestly joined #salt
03:28 agentnoel joined #salt
03:28 pcn joined #salt
03:28 manfred joined #salt
03:28 zz_ashmckenzie joined #salt
03:28 mdupont joined #salt
03:28 grep_away joined #salt
03:28 philipsd6 joined #salt
03:28 bregalad joined #salt
03:28 bretep joined #salt
03:28 vexati0n joined #salt
03:28 dec joined #salt
03:28 Bateau_ joined #salt
03:28 chitown joined #salt
03:28 jacksontj joined #salt
03:28 totte joined #salt
03:28 voxxit joined #salt
03:28 ropes joined #salt
03:28 mattrobenolt joined #salt
03:28 bougie joined #salt
03:28 kwork joined #salt
03:28 kwork joined #salt
03:29 tiadobatima joined #salt
03:29 pmcg joined #salt
03:29 Bryanstein joined #salt
03:30 Sypher joined #salt
03:30 Sypher joined #salt
03:30 mlanner joined #salt
03:36 Steven- joined #salt
03:38 aqua^c joined #salt
03:56 murrdoc joined #salt
04:05 ITChap joined #salt
04:48 rdas joined #salt
04:49 TyrfingMjolnir joined #salt
04:49 otter768 joined #salt
04:49 subsignal joined #salt
04:54 FarrisG joined #salt
05:01 spookah joined #salt
05:08 malinoff joined #salt
05:12 joeto joined #salt
05:20 subsignal joined #salt
05:25 stoogenmeyer joined #salt
05:26 ggoZ joined #salt
05:36 sijis joined #salt
05:36 sijis joined #salt
05:40 oravirt joined #salt
05:57 colttt joined #salt
05:58 catpigger joined #salt
06:01 stoogenmeyer hey is this a valid way to schedule an event every 4 hours? (http://pastebin.com/DB0GBrCP)
06:01 stoogenmeyer I put that in the pillar of my minion
06:04 AndreasLutro joined #salt
06:13 dalexander joined #salt
06:18 Guest69603 left #salt
06:19 IanVorn joined #salt
06:20 IanVorn joined #salt
06:20 subsignal joined #salt
06:21 viq joined #salt
06:21 chutzpah joined #salt
06:23 totte joined #salt
06:29 tmclaugh[work] joined #salt
06:30 IanVorn joined #salt
06:31 wvds-nl joined #salt
06:34 ndrei joined #salt
06:35 Ztyx joined #salt
06:37 bluenemo joined #salt
06:49 stoogenmeyer_ joined #salt
06:50 otter768 joined #salt
06:56 eseyman joined #salt
06:59 illern_ joined #salt
06:59 KermitTheFragger joined #salt
07:00 malinoff_ joined #salt
07:05 oravirt joined #salt
07:09 thalleralexander joined #salt
07:12 pcdummy joined #salt
07:13 bobbob601 joined #salt
07:17 Pulp joined #salt
07:18 che-arne joined #salt
07:18 Berty_ joined #salt
07:20 kawa2014 joined #salt
07:21 Ztyx joined #salt
07:22 subsignal joined #salt
07:27 bobbob601 Hi everybody, we plan to deploy saltstack in our entreprise to help us for our private cloud. What we would like to know is if it will be possible to control salt (send commands) throught a web api from a C# application. I found the cherrypy API but the reference seems very very short. Will we able to "push" a software, either with a powershell or a DSC script?
07:29 ninkotech joined #salt
07:30 phx bobbob601, if that API is not sufficient for you, you can just build something in python that serves your needs just as well
07:31 phx like if you already have some inventory, you can connect the two under a single hood, and provide a nice, integrated management solution
07:31 bersace joined #salt
07:31 phx also, if you have powershell, this was you can authenticate such requests using GSSAPI, which is also a very neat solution
07:31 supersheep joined #salt
07:32 bersace Hi, how to join saltstack-formulas organization ?
07:33 bobbob601 I don't know if the API is sufficient, that's my question :-) is the API fully implemented : can everything be done with the API like I can do it with powershell and Azure for instance
07:34 phx bobbob601, to be honest, i haven't checked the API to that level, and especially not to your needs. I'm doing a similar way i've descirbed above, because over my API i want to have a functionality that's a superset to salt's, but at the very same place
07:34 forrest joined #salt
07:36 markm joined #salt
07:37 lb1a joined #salt
07:39 bobbob601 I'm also creating a superset on top on it, "cloud private automation" which can perform autoscaling, spawn VMs and saltstack would be the solution to deploy app on them. Sadly, we have a great C# team and I'm not sure that ask them to learn python is the way I want to go :) pretty sure that python is a cool langage but if we can keep with what we know, would be better
07:40 pelzi__ not learning python is not a good idea if you are going to use salt.
07:41 phx true
07:42 phx it's very common to write pillars in python which serve data to your states from a bigger inventory database or something
07:42 Furao joined #salt
07:42 onorua joined #salt
07:42 pelzi__ yes, and you need to understand jinja, and pretty much everything
07:43 phx also, neither of these are rocket science, and these interfaces are well designed, easy to work with
07:43 phx i was also surprise how straightforward it is
07:48 bobbob601 thanks for you feedback guys :) in fact, we had two teams : IT and dev (me = dev) and IT decided to use Salt. I will then ask them to install the API and learn python if required :)
07:48 bobbob601 anyway, thanks for your help. have a good day!
07:51 phx yw
07:51 phx if you have any questions or issues let us know
07:54 keimlink joined #salt
07:54 bobbob601 joined #salt
07:56 bobbob601 I'm back, I have an important question. each VM managed by salt will have a unique local admin account (not domain joined). will we be able to give salt the credentials of the target VM? I see that I have to authenticate against salt API but how salt connect to the remote machine to perform actions? I suspect it to use winRM or something like that, but it should required credentials isn't it?
07:56 PI-Lloyd joined #salt
07:57 bobbob601 maybe using args of the command?
08:00 s_kunk joined #salt
08:02 s_kunk joined #salt
08:12 aqua^c joined #salt
08:13 CeBe joined #salt
08:15 dalexander joined #salt
08:15 N-Mi joined #salt
08:16 Xevian joined #salt
08:19 Auroch joined #salt
08:19 Nazzy joined #salt
08:20 TomJepp joined #salt
08:23 subsignal joined #salt
08:23 lb1a joined #salt
08:30 ange hello
08:30 chiui joined #salt
08:30 ange I could not spot it in the release notes : have the EC2 autoscale reactors been merged and released yet ?
08:31 TomJepp joined #salt
08:31 Nazzy joined #salt
08:31 aberdine Is it possible to set pillar data from within a state or via a module?
08:41 al joined #salt
08:45 ranomore joined #salt
08:51 otter768 joined #salt
08:53 IanVorn joined #salt
08:54 IanVorn joined #salt
08:56 linjan joined #salt
09:01 fmartin1987 joined #salt
09:02 moos3 joined #salt
09:02 fmartin1987 Hi,
09:03 fmartin1987 I'm using salt to execute remotelly some scripts which are stored in the salt-master machine
09:03 fmartin1987 with the cmd.script function
09:03 N-Mi joined #salt
09:03 N-Mi joined #salt
09:03 onorua joined #salt
09:04 fmartin1987 however, I've realized that, every time the command is launched, the script is first transferred to the salt-minion destination machine (under /tmp/<randomName> ) and then executed
09:04 fmartin1987 even if the script hasn't changed at all (same checksum)
09:05 fmartin1987 does anybody know if there is a way to avoid this transfer all the time in order to free the network bandwitch ?
09:05 fmartin1987 some kind of md5 check or temporary cache ?
09:05 fmartin1987 thanks in advance, any comment will be appreciate
09:07 fmartin1987 *bandwidth (sorry for misspelling)
09:09 ndrei joined #salt
09:11 Pulp joined #salt
09:15 Auroch joined #salt
09:15 dalexander joined #salt
09:23 subsignal joined #salt
09:29 denys joined #salt
09:34 thehaven_ joined #salt
09:35 ggoZ joined #salt
09:37 sgargan joined #salt
09:38 phych0 joined #salt
09:38 phych0 hello :)
09:40 ndrei joined #salt
09:43 supersheep joined #salt
09:47 ange fmartin1987: is that such a big script you are worried of the size/bandwith use ? what about having the script setup on the minions that need it so you end up just running a command on the minion ?
09:48 kbyrne joined #salt
09:50 stephanbuys joined #salt
09:50 fmartin1987 Yes ange, that's one of the workarounds. However, that would considerably increase the complexity of the version control system we have implemented for the scripts. On the other hand, the script size is quite big (around 4-5 MB because it is an ELF executable file generated by PyInstaller)
09:52 VSpike I'm very confused about current versions now :) https://salt.readthedocs.org/en/latest/topics/releases/index.html#latest-stable-release shows current release as 2015.5.1 (and the notes on that release, the release date has changed from TBA to 2015-5-20). But it lists 2015.5.2 in "previous releases".
09:52 ndrei joined #salt
09:54 VSpike And the Ubuntu PPA is still on 2015.5.0 just to make it more confusing, although http://docs.saltstack.com/downloads/ contains Windows installers for 2015.5.1 and 2015.5.2
09:54 Xevian joined #salt
09:54 AndreasLutro fmartin1987: cmd.script is not really intended to use with binaries - maybe find some way to copy the binary onto the system and then just execute it with a cmd.run
09:58 bluenemo joined #salt
09:59 fmartin1987 Thanks for your suggestion AndreasLutro, In fact, another workaround we're considering is to set up a python virtualenv on each destination machine and the invoke the execution of the sources (.py's) indicating to use that virtualenv as desired shell. Would that be possible , right? The main drawback of this solution is that we wouldn't be able to hide our codes... Am I right?
10:00 favadi joined #salt
10:01 AndreasLutro fmartin1987: that seems correct yes
10:01 mage_ stupid question: is there a difference between using an - include: ... statement and a jinja {% include ... %} ?
10:01 mage_ (outside a top.sls or init.sls file)
10:01 aurynn yes
10:02 aurynn the former brings in defined names, the latter brings in jinja variables and components (which may be text blocks which definie names)
10:02 AndreasLutro fmartin1987: it looks like the file.copy state might work for copying the binary, it will check if the file has changed before transferring
10:03 mage_ ok that's what I thought :p
10:04 aurynn so, you won't get any jinja variables if you use -include, and you won't get any state declarations if you use {%include%}
10:04 fmartin1987 Thanks AndreasLutro
10:07 onorua joined #salt
10:07 mage_ is there a function/test/filter/... to check if a template has already been include ?
10:08 joehh VSpike: might sound familiar, but I'll be doing packaging for ubuntu and debian tonight for 2015.5.2
10:08 kruppm joined #salt
10:10 mage_ and in a template is there a difference betwenn salt['pillar.get']( ... ) and salt.pillar.get( ... ) ?
10:10 keimlink joined #salt
10:12 VSpike joehh: oh cool :) wasn't a dig at you (although it probably sounded like one, couldn't think how to make it *not*). The bug I was suffering from in 2015.5.0 was a Windows-specific one anyway
10:13 VSpike It was more noting that the info is not always totally consistent across different pages sometimes
10:14 VSpike Is the Windows packaging fully automated, out of interest? It always seems to happen pretty much instantly
10:14 LotR joehh: you mean actual debian packages that I will find in unstable/testing? :)
10:16 dalexander joined #salt
10:18 joehh LotR: They will go to the new queue and I'll hassle a few people to hopefully push them through fairly quickly
10:18 joehh so - ideally yes
10:18 LotR great :)
10:24 subsignal joined #salt
10:26 zerthimon joined #salt
10:34 kruppm left #salt
10:45 moos3 joined #salt
10:48 Grokzen joined #salt
10:52 otter768 joined #salt
10:54 pinkbits joined #salt
10:55 ndrei joined #salt
10:56 giantlock joined #salt
10:56 spo0nman joined #salt
10:57 saffe joined #salt
11:00 spo0nman hello
11:01 spo0nman i'm trying to pass arguments to cmd.run in a salt reactor
11:01 spo0nman but not able to
11:01 spo0nman http://pastebin.com/raw.php?i=4QxAqY9b
11:01 spo0nman getting the above error SaltRenderError: Jinja variable 'dict object' has no attribute 'msg'
11:03 AndreasLutro well, according to the dump of the data structure you need to do data['data']['data']['data']['msg']... but that seems kinda stupid
11:04 spo0nman AndreasLutro: That's the datastructure i see in eventlisten.py
11:04 mage_ is there a function to check if and id has already been defined ?
11:05 mage_ for ex I have an SLS with foo_id: ... bar_id: ... and later I would like to do {% if somefunc('foo_id') %} ... {% endblock %}
11:07 spo0nman AndreasLutro: you're right, the data is indeed inside data['data']['data']['data']['msg']
11:08 VSpike Is there a way to do a recursive delete of a dir + subdirs and files with the file module, or do I need to use cmd.run to do it?
11:09 VSpike Tried file.remove and it just returns "False". Doesn't seem to have a recurse flag. file.rmdir specifically says it must be an empty directory
11:11 mage_ I think I'm starting to hate Jinja
11:12 AndreasLutro VSpike: the file.absent state should work
11:13 AndreasLutro mage_: no that's not possible, because the jinja is rendered before all the states are registered
11:14 VSpike It was my fault. Someone else had removed the dir already and I didn't realise :)
11:14 AndreasLutro hehe :)
11:14 VSpike AndreasLutro: I was trying to a one-time delete on multiple boxes from the master, rather than a state :) file.remove works fine, if the dir is actually there
11:15 AndreasLutro ah yes
11:16 ndrei joined #salt
11:16 mage_ I'm trying to resole the id conflicting with https://dpaste.de/c7Xc
11:17 mage_ I get a - 'Rendering SLS ''base:repos.webapps'' failed: Conflicting ID ''git_accept_self_signed_env'''
11:17 aqua^c joined #salt
11:17 dalexander joined #salt
11:23 AndreasLutro I think this is why the `include: - foo` stuff was added
11:24 AndreasLutro I assume the reason you use jinja includes is because you need ot to be executed first?
11:24 AndreasLutro you could try adding an - order: first to the git_accept_self_signed_env state
11:25 subsignal joined #salt
11:25 mage_ in fact it's because I have other files like: https://dpaste.de/Luqq
11:25 fbettag joined #salt
11:26 mage_ so in the init.sls file I'm doing a for loop to avoid havgin to - include .foo - include .bar etc
11:26 mage_ the idea is that in another sls I could include repos.webapps.ants for example
11:27 AndreasLutro hrm
11:27 bersace left #salt
11:27 AndreasLutro any reason you can't/won't put a list of webapps into pillars, and then change webapps/init.sls to iterate through those, including _template.sls for each of them?
11:27 TyrfingMjolnir joined #salt
11:28 joeto joined #salt
11:29 AndreasLutro even if you keep your current structure I don't see why you can't change the jinja include to a salt include
11:29 mage_ because while you can do salt sandbox state.sls repos.webapps pillar='{id: ants}' on the command line you can't do the following in an - include:, you have to include the whole state (so dozens of repositories)
11:30 mage_ for example you can't do - include: repos.webapps.ants if you have a single repos/webapps/init.sls with ids: ants: ... harmonia: ... etc
11:30 ndrei joined #salt
11:31 mage_ so I can't for example include only ONE id from an init.sls with multiples IDs
11:31 AndreasLutro what's the use case for doing - include: repos.webapps.ants ?
11:32 keimlink joined #salt
11:32 mage_ because repos.webapps.ants contains the repository for my webapps "ants" and it need to be included in the future in webapps/ants.sls
11:33 AndreasLutro hrm
11:33 mage_ the context is: 30+ webapps, ruby, python, multiple versions, git repo
11:33 mage_ and I want to be able to, for example, resync the git repo for only ONE app
11:34 AndreasLutro I see
11:34 mage_ and the idea is that I define all my venvs in one palce, all dedicated users in another place, and in the final to have a webapps pillar with something like ants: venvs: ants user: www-ants, etc
11:34 AndreasLutro I don't think salt is very suitable for that sort of thing currently but let's roll with it
11:35 AndreasLutro I still think you can just change the jinja include of git_ssl_no_verify.sls to a salt include
11:35 AndreasLutro because that will ensure it only gets included once
11:35 mage_ ah, that's what I'm looking for :)
11:35 mage_ let's try //
11:35 stoogenmeyer_ mage_: do you have a seperate state file for each web app ? I mean after all they are independent of each other right? Then just list all your apps in the top file
11:35 michelangelo joined #salt
11:35 keimlink joined #salt
11:36 mage_ stoogenmeyer_: I have a separate state file per webapps, but there is only two lines, and it uses a _template.sls file
11:36 AndreasLutro I'd like to see some sort of way to only run certain IDs with state.sls
11:36 mage_ yes
11:37 AndreasLutro salt '*' state.sls webapps only=webapp1_state_id
11:37 keimlink joined #salt
11:37 AndreasLutro I see there's an "exclude" argument... could make a PR for the opposite maybe
11:37 mage_ well you can do pillar='{id: ...}'
11:37 mage_ in fact I asked the question some time ago on reddit http://www.reddit.com/r/saltstack/comments/38dkjy/state_files_en_ids/
11:38 mage_ anyway, I'll try with the - include: :) thanks for your help!
11:38 giantlock joined #salt
11:39 keimlink joined #salt
11:40 mage_ but it would be wonderfull if we could do for example include: - a_big_sls_file include_id=foo,bar or include: - a_big_sls_file exclude=foo,bar etc
11:51 AndreasLutro I'm still in doubt if salt is actually suitable for deployment of these sorts of webapps, I had to create a pretty complex system just to deploy a set of small python apps
11:54 tomasfejfar joined #salt
11:55 mage_ AndreasLutro: I think it is, I used Fabric in the past and Salt is better IMHO
11:55 mage_ BTW the - include: doesn't work
11:55 mage_ I've still a     - Rendering SLS 'base:repos.webapps' failed: Conflicting ID 'include'
11:56 tomasfejfar Hi everyone. When using salt calls in automated tools, how do you check whether was execution successful or failed? `salt \* whatever` always returns "0" :(
11:57 tomasfejfar I've seen some of the issues (https://github.com/saltstack/salt/issues/4176) saying that it's a feature, which is fine. But no one ever mentions a workaround...
11:57 AndreasLutro tomasfejfar: use a parsable returner, like json
11:57 drawsmcgraw joined #salt
11:58 tomasfejfar AndreasLutro: thanks that sounds like a sane way to do it! :)
11:58 tomasfejfar mage_: You probably have something like include: - some_state\n include: - some_other
11:59 mage_ I have this: https://dpaste.de/iCN4
11:59 tomasfejfar mage_: to fix that just group them together under on state( include:\n - some_state\n - some_other)
11:59 mage_ state() ..?
11:59 AndreasLutro mage_: you can remove the include in init.sls
12:00 AndreasLutro and um
12:00 tomasfejfar the foreach is creating multiple "include:" states
12:00 mage_ AndreasLutro: same result .. :(
12:00 AndreasLutro instead of doing a jinja include in init.sls, use salt includes
12:00 mage_ tomasfejfar: yep, that's the thing I try to avoid :)
12:01 tomasfejfar You need to keep in mind that the templating inside SLS files is templating. It's not execution logic. Whatever you create using jinja is then rendered and ONLY AFTER THAT given to salto to work on ;)
12:01 mage_ AndreasLutro: it will not work as it needs the "name " variable ..
12:01 AndreasLutro oh yeah that again
12:01 tomasfejfar remove the include on line 15
12:01 AndreasLutro well you still have a separate .sls for each webapp right?
12:01 mage_ AndreasLutro: yep
12:01 AndreasLutro which sets the name variable?
12:01 AndreasLutro so, just include each of those
12:01 mage_ yep
12:02 mage_ AndreasLutro: but then I can't resync _all_ webapps
12:02 AndreasLutro include: {% for name in salt['pillar.get']('repos:webapps:items') %} - repos/webapps/{{ name }}.sls {% endfor %}
12:02 AndreasLutro yeah you can, it should work just like before
12:03 mage_ mmh not bad :)
12:03 mage_ let's try ..
12:05 phx when i'm running something as a non-root user (allowed in client_acl), I get the following warnings: http://pastebin.com/Jag0KbVE how harmful are these, and how to prevent them? gugling is not telling me much
12:05 phx and if there are such warnings, what would be the way to issue commands as non-root?
12:08 stephanbuys joined #salt
12:09 mage_ AndreasLutro: it works like a charm, thanks!
12:14 amcorreia joined #salt
12:17 aqua^c joined #salt
12:22 jerematic joined #salt
12:24 moos3 joined #salt
12:24 clintberry joined #salt
12:26 ndrei joined #salt
12:26 N-Mi joined #salt
12:26 fredvd joined #salt
12:26 teryx510 joined #salt
12:27 matthew-parlette joined #salt
12:38 IanVorn_ joined #salt
12:39 IanVorn_ joined #salt
12:39 johnkeates joined #salt
12:40 johnkeates how do i know what will be returned from a pillar.get? i.e. dict or string
12:40 phx type(ret) == dict:
12:41 johnkeates is that what the sources say or is that what i should use in jinja to check the return type?
12:41 johnkeates let me elaborate: i'm extending the haproxy formula with authentication
12:41 johnkeates this request a list within a list
12:41 johnkeates so i'd need to loop twice
12:42 johnkeates but i won't want it to break if someone made an error and created a list that has no sublist
12:42 phx oh jinja, sorry
12:42 johnkeates yeah :)
12:43 johnkeates i guess i'd be looking for a way to count the output but return false if there are 0 items or if it;s not a dict at all
12:43 AndreasLutro johnkeates: {% if variable is iterable %}
12:43 johnkeates for example: for userlist in salt['pillar.get']('haproxy:userlists')
12:43 moos3 joined #salt
12:43 AndreasLutro {% if variable is mapping %} will check if it's a dict
12:43 AndreasLutro http://jinja.pocoo.org/docs/dev/templates/#list-of-builtin-tests
12:43 johnkeates userlist[0] would be the ID and for userlist[1] would be the subdict
12:43 johnkeates right?
12:44 AndreasLutro no, userlist would be the subdict
12:44 AndreasLutro you want {% for id, userlist in ... %}
12:44 johnkeates where would the ID live?
12:44 ggoZ joined #salt
12:44 johnkeates ah
12:44 johnkeates so ID gets returned every iteration but stays the same
12:44 AndreasLutro actually you'll need salt['pillar.get']('haproxy:userlists').iteritems()
12:45 johnkeates I see
12:45 AirOnSkin joined #salt
12:48 AndreasLutro this is consistent with python's behaviour when looping over dicts, not a jinja-specific thing
12:48 johnkeates my python is a bit... sparse
12:48 johnkeates but I'm getting there
12:49 saifi joined #salt
12:49 johnkeates This is what I ended up with:
12:49 johnkeates https://gist.github.com/johnkeates/4b4411074a5f0300374a
12:51 numkem joined #salt
12:51 johnkeates added a sample pillar
12:52 subsignal joined #salt
12:52 johnkeates if someone would be willing to verify that it's a correct implementation of a nested dict loop, that'd be great :)
12:52 epcim_ joined #salt
12:53 otter768 joined #salt
12:57 stoogenmeyer__ joined #salt
13:01 timoguin joined #salt
13:02 tkharju joined #salt
13:03 AndreasLutro johnkeates: you can drop the if statement, just change the default return value of haproxy:userlists to an empty dictionary
13:03 AndreasLutro e.g. for id, userlist in salt['pillar.get']('haproxy:userlists', {}).iteritems()
13:03 johnkeates AndreasLutro: using a default value in the pillar.get arguments list, correct?
13:03 johnkeates ah yes
13:04 johnkeates thanks\
13:04 johnkeates :)
13:04 ndrei joined #salt
13:04 DammitJim joined #salt
13:05 primechuck joined #salt
13:05 zerthimon joined #salt
13:05 drawsmcgraw Can you use 'exclude' in a topfile?
13:06 daschatten joined #salt
13:06 ggoZ joined #salt
13:06 jdesilet joined #salt
13:06 drawsmcgraw Like.... this? http://dpaste.com/2PHXPG1
13:07 debian112 joined #salt
13:10 AndreasLutro drawsmcgraw: I don't think so, but you could include an sls from top.sls that has `exclude: - sls: foo` in it
13:10 drawsmcgraw AndreasLutro: oooh, neat idea. Bit kludgy but it's better than my current fix, hacking a state with a Jinja conditional...
13:10 drawsmcgraw Also, I just saw this: https://github.com/saltstack/salt/issues/2053
13:11 drawsmcgraw Was excited. Then sad again...
13:11 AndreasLutro that is quite old :)
13:14 AndreasLutro it's possible that something like that still works but I can't tell from the code where you're supposed to put it
13:15 cheine joined #salt
13:16 racooper joined #salt
13:17 cpowell joined #salt
13:18 drawsmcgraw Yeah.... I think including a statefile like you said is the most elegant for the time being.
13:18 aqua^c joined #salt
13:19 Tecnico1931 joined #salt
13:20 bhosmer joined #salt
13:21 johnkeates so it says: Jinja variable 'list object' has no attribute 'iteritems'
13:21 scoates joined #salt
13:21 AndreasLutro iteritems only works on dictionaries
13:22 johnkeates i guess a list has no iteritems?
13:22 AndreasLutro for lists you can drop it
13:22 johnkeates yeah
13:22 johnkeates but: how do i make it read a dict
13:22 johnkeates drop the minus
13:22 johnkeates or something else?
13:22 Auroch joined #salt
13:23 AndreasLutro {% for id, userlist in salt['pillar.get'](...).iteritems() %} {% for user in userlist %} ...
13:23 AndreasLutro that's what you want to do I assume?
13:23 emaninpa joined #salt
13:23 johnkeates or, to put it in an easier way: when it YAML a dict and when is it a list?
13:23 johnkeates yeah, that is what i want
13:23 AndreasLutro when there are - involved, that's a list
13:24 Auroch joined #salt
13:24 johnkeates okay, I guess I'll have to stick to lists then as a few items in haproxy can't really have an ID
13:24 johnkeates so it cannot be hashmapped  in to a dict
13:25 bemehow joined #salt
13:25 AndreasLutro probably fine, just be aware that you can't have multiple pillars define lists, salt won't merge them
13:25 AndreasLutro salt will just override them
13:25 AndreasLutro whereas dicts can be merged
13:26 onorua joined #salt
13:27 johnkeates hmm, I really want dicts. Can I make dicts with fake id's? (or, keys)
13:28 drawsmcgraw AndreasLutro: (and anyone else following): The 'include a state that excludes' works BUT if you run a 'state.show_highstate', your states-you-want-excluded will still show up.
13:28 cpowell joined #salt
13:28 drawsmcgraw So... show_highstate won't factor out the excluded states, but if you just run the highstate, it *does* properly exclude them.
13:28 AndreasLutro johnkeates: dictionary keys can be whatever you want
13:28 murrdoc joined #salt
13:28 mapu joined #salt
13:29 AndreasLutro drawsmcgraw: sounds like a bug, though I've never used show_highstate
13:29 johnkeates AndreasLutro: so the values will be mapped and the keys will be left alone.. good to know. Keys cannot be duplicate i presume
13:29 bemehow_ joined #salt
13:29 AndreasLutro johnkeates: not in the same file at least, but if you have two pillar files you can override keys from the second
13:29 drawsmcgraw Likely, yes. And I used 'state.show_sls' often but I wasn't even aware of 'show_highstate' until just now :)
13:31 cheine Hi, I'm new to saltstack and have a small problem: https://gist.github.com/cmhe/0fcfc778bfe6eab8a709 Would be nice if you can take a look at it.
13:32 Auroch joined #salt
13:33 cheine I use saltstack 2015.5.0
13:33 cheine On debian 8
13:33 murrdoc joined #salt
13:34 johnkeates cheine: if you are new to salt, start without using git
13:35 cheine johnkeates: Is it not stable yet? Or to complicated?
13:36 murrdoc its stable
13:36 murrdoc but it does raise the bar for entry to salt
13:37 cheine I already have setup the git repositories, so that I can clone from root with pubkey and a repo with top.sls file
13:37 elfixit joined #salt
13:37 murrdoc aight then
13:37 murrdoc jump on in
13:37 cheine the configuration for this is in /etc/salt/master.d/gitfs.conf
13:38 cheine Because I got log error before concerning this file, I think it is loaded by the master.
13:39 cheine So not sure why it the configuration doesn't show up.
13:42 sunkist joined #salt
13:43 mpanetta joined #salt
13:44 che-arne joined #salt
13:48 slimmons joined #salt
13:49 slimmons I've been reading about  salt.states.virtualenv, and salt.states.pip.  I keep seeing a reference to keeping the software you want in the virtualenv, installed by pip, in requirements.txt.  Would I just put the packages I want installed in that environment in the requirements.txt file like a .gitignore file, or is it in some kind of yaml structure like everything else?
13:51 AndreasLutro slimmons: each line in requirements.txt is a pip package with a version constraint, for example SomePackage==1.2.3 or SomePackage>=1.0.0
13:51 AndreasLutro it's pip specific so you could probably just google it
13:52 slimmons thanks, I didn't know it was pip specific.  I'll look up the pip docs on it
13:52 slimmons thanks for the help
13:56 mage_ slimmons: if I can help I did something similar some days agos
14:00 mage_ https://gist.githubusercontent.com/silenius/5618ac3aeddfd4d22fd4/raw/af19acedfd148afd127d18d08b9cef9f797ede13/gistfile1.txt if it can help :)
14:00 ekristen joined #salt
14:01 cheine I updated my problem description with a bit more info, maybe that shows what I am doing wrong better: https://gist.github.com/cmhe/0fcfc778bfe6eab8a709
14:03 s0lar hi, anyone noticed that the schedule states are not saved on minions when running highstate? every time I restart a minion it seems the schedule is returned to  default, so I need to re-run the highstate again. I assume the schedule should be written to /etc/salt/minion.d/_schedule.conf, but looks like it's untouched from default :(
14:03 andrew_v joined #salt
14:04 BitBandit joined #salt
14:06 f4lse_ joined #salt
14:06 perfectsine joined #salt
14:08 ndrei joined #salt
14:08 ahale joined #salt
14:11 giantlock joined #salt
14:11 ange is there a good reference to read on using python scripts as states ?
14:11 ange listing the expected methods to define, the different variables and methods available for use ...
14:12 david_an11 joined #salt
14:14 cberndt joined #salt
14:14 Ahlee possible to do unless: and watch: on a state? if so, which 'wins'?
14:19 dalexander joined #salt
14:19 rojem joined #salt
14:21 ranomore joined #salt
14:22 clintberry joined #salt
14:23 Ouzo_12 joined #salt
14:24 bhosmer joined #salt
14:26 sgargan joined #salt
14:31 Nazca__ joined #salt
14:31 yexingok joined #salt
14:32 TranquilityBase joined #salt
14:34 sunkist joined #salt
14:34 ksj is there a best practice regarding whether to put variables in a template file, or pushed from a state file via context: ? I find pushing via context: in the state file slightly cleaner, but I'm nervous that I haven't seen many other examples of people doing it this way
14:36 root____1 joined #salt
14:36 forrest joined #salt
14:38 Nazca joined #salt
14:39 throwayaj joined #salt
14:41 subsignal joined #salt
14:43 Nazca__ joined #salt
14:45 jalbretsen joined #salt
14:46 john5223 joined #salt
14:47 ndrei joined #salt
14:48 drawsmcgraw ksj: Usually the 'right' way to do things winds up being the minority implementation :)
14:49 drawsmcgraw I do that when applicable. Nothing wrong with pushing context into a config file, IMO
14:49 manfred ksj:  i just do it by wherever the data is already, If I had to pull it from pillars or grains, and it is already in the state file being referenced, then I just pass that to the context
14:49 manfred otherwise i pull it in the template file
14:49 drawsmcgraw I think manfred said it better. That's about what I wind up doing.
14:49 sgargan joined #salt
14:50 manfred like, if I do a publish.publish to pull all the ips of all the db* servers, then i add them to context, cause I don't want to do another publish.publish and have to poll them again
14:53 ndrei joined #salt
14:54 mudfly joined #salt
14:54 otter768 joined #salt
14:54 mudfly when running a pkg.refresh_db I am getting a 'TyperError encountered executing pkg.refresh_db: refresh_db() takes exactly 3 arguments (0 given).' Does anyone know what is causing this?
14:55 Brew joined #salt
14:55 sgargan joined #salt
14:56 bluenemo joined #salt
14:57 brandk joined #salt
14:59 adelcast1 joined #salt
15:01 TheoSLC joined #salt
15:02 desposo joined #salt
15:02 mohae joined #salt
15:03 ponpanderer joined #salt
15:03 iggy Ahlee: unless iirc
15:03 iggy but you'll probably want to test to be sure
15:04 numkem How do you guys go about making sure a minion does a highstate when they are newly created?
15:05 sandah joined #salt
15:05 iggy mudfly: what distro?
15:05 golodhrim joined #salt
15:05 iggy numkem: startup_states, reactor, rc.local script, etc...
15:06 mudfly iggy: CentOS 6
15:07 numkem iggy: is there an event that I could trigger in reactor? I used to have a reactor that would trigger it on new connections but that would also applies to when the minion restarts and with the problem with pillar.get vs mine I end up having to restart them often
15:07 numkem iggy: and it would be only once
15:07 aqua^c joined #salt
15:08 drawsmcgraw numkem: You could trigger on a 'key_accepted' event
15:08 iggy numkem: yeah, that sucks, I don't know of a standard way of solving that... I have a job that runs and checks system uptime and bails if it's more than 10 minutes
15:08 iggy not perfect, but...
15:09 iggy mudfly: I wouldn't think it would do that, but there are some optional args to salt.modules.yumpkg.refresh_db
15:09 numkem drawsmcgraw: interesting, I use foreman to build my vms, would the job stay in the queue until the VM is up?
15:10 jeffin joined #salt
15:10 drawsmcgraw I imagine the 'key_accepted' event only happens when the Master accepts the Minion's key, correct?
15:10 jeffin Hi. . Is there any way to deal with minions with same name? We have an automated system which automatically accept minions.
15:10 drawsmcgraw And if that's the case, then the event only triggers if the minion is up and has just joined the Master.
15:11 numkem drawsmcgraw: I'll have to test this. Thanks
15:11 drawsmcgraw numkem: Also, I don't know the *exact* name of the event
15:11 drawsmcgraw Just guessing at it
15:11 drawsmcgraw Sure thing.
15:11 mudfly iggy: This behavior just recently started, I have run pkg.refresh_db in the past without having to pass arguments. http://pastebin.com/ArM6sHyQ
15:12 khris joined #salt
15:14 jeffin Hi. . Is there any way to deal with minions with same name? We have an automated system which automatically accept minions
15:14 drawsmcgraw jeffin: My approach would be to stop the minion on both machines. Delete the key from the master, then give the two minions distinct names
15:14 hasues joined #salt
15:14 drawsmcgraw then start the minions back up and accept two keys
15:15 drawsmcgraw You can modify /etc/salt/minion_id to change the minion ID if necessary
15:15 drawsmcgraw Unless that's not exactly what you were trying to do?
15:15 khris joined #salt
15:16 hasues left #salt
15:16 bhosmer joined #salt
15:16 jeffin drawsmcgraw: Actually, its a manual method. In our infra, minions with a criteria will get accepted automatically. There is a chance for minions with same names. Is there any way to avoid same name?
15:17 drawsmcgraw Ah, I see
15:17 drawsmcgraw I'm not aware of any way of getting the master to elegantly handle a name collision for minions :/
15:18 jeffin ok :(
15:19 drawsmcgraw very sorry. I could be wrong, though
15:19 drawsmcgraw If you have the ability, you can stand up a test master and two minions with the same name to see what happens and/or come up with a mitigation
15:20 jeffin No problem. Thanks for replying.
15:20 jeffin I think two minions with same name will be listed.
15:20 dalexander joined #salt
15:21 ndrei joined #salt
15:22 iggy mudfly: you aren't setting providers:pkg by any chance are you?
15:24 mudfly iggy: no, I have run it from both master and minion "salt node pkg.refresh_db" or "salt-call pkg.refresh_db"
15:25 giantlock joined #salt
15:27 timoguin joined #salt
15:27 conan_the_destro joined #salt
15:28 bemehow joined #salt
15:28 TheoSLC joined #salt
15:31 bemehow_ joined #salt
15:32 dyasny joined #salt
15:32 dalexander joined #salt
15:32 adelcast1 left #salt
15:34 Grokzen joined #salt
15:35 iggy that's not really what I asked, but that's good to know
15:36 sdm24 joined #salt
15:36 fxhp joined #salt
15:41 adelcast joined #salt
15:42 jvblasco joined #salt
15:42 denys joined #salt
15:43 Nazca joined #salt
15:46 _JZ_ joined #salt
15:47 jvblasco joined #salt
15:47 rm_jorge joined #salt
15:48 Nazca__ joined #salt
15:48 Hazelesque Hey, I've noticed that client_acl doesn't seem to allow for matching users by group membership
15:49 Hazelesque I'd quite like to be able to just give permissions based on e.g. a "sysadmin" group
15:49 Hazelesque is there a good alternative solution?
15:50 iggy sysadmin% doesn't work?
15:50 iggy (note: never messed with that stuff, that's just some standard salt group notation)
15:51 Hazelesque was going on http://comments.gmane.org/gmane.comp.sysutils.salt.user/14233
15:51 Hazelesque where Colton Myers wrote: "As for groups of users, you can define "groups" using regular expressions, but you can't use system groups.  However, we now have eauth support for LDAP and PAM groups."
15:52 Hazelesque although it looks like eauth can't be used for just authorization ("what can a user do"), it has to be used for authentication ("proving who a user is")?
15:52 desposo joined #salt
15:52 Hazelesque and we currently use SSH keys and have passwords disabled
15:52 Hazelesque which seems to rule out using the PAM plugin
15:53 smcquay joined #salt
15:53 Hazelesque iggy: also, glancing at the source, and the current docs, I have yet to find anything that indicates this has changed since that mailing list post... hence asking for suggestions here :)
15:54 Hazelesque e.g. would it be sensible to just allow ".*" to run anything, and then control access based on group ownership of /var/cache/salt, /var/run/salt etc?
15:54 iggy I sadly don't know that much about that stuff
15:54 iggy should have kept my mouth shut
15:54 Hazelesque heh, no worries
15:55 Hazelesque iggy: do you just have the one sysadmin? or do you all use root/sudo/...
15:55 Hazelesque ?
15:55 Hazelesque or the netapi?
15:56 iggy all two of us use sudo
15:56 Hazelesque ah, okay, fair enough
15:57 iggy we also sit about 15' away from each other, so there's always the threat of physical violence to keep us in check
15:57 Hazelesque we have ~150 servers (across dev/test/prod/US georedundancy environments), one sysadmin, 8 developers who are trusted with ops access, an entire outsourced DBA team, ...
15:57 cedwards joined #salt
15:57 iggy we have about the same # servers, just no devs with ops access
15:57 Hazelesque and we'll hopefully soon be having some outsourced sysadmin/sre resource to lend a hand as I'm swamped
15:57 Hazelesque ah, fair play
15:58 Hazelesque I kinda want to allow the devs to use things like supervisord.*, pip.* etc
15:58 Hazelesque and restrict the rest
15:58 Hazelesque or at the very least restrict cmd.*
15:58 iggy but if it's only 8, seems like it wouldn't be too tough to just write out all the users instead of struggling with groups in Salt
15:58 Hazelesque iggy: yeah, sure, I know
15:58 Hazelesque I just want to avoid having One More Place to update when creating users
15:58 Hazelesque cos I already have a 10 page long internal wiki article on how to create users
15:59 Hazelesque as it's a mess right now
15:59 iggy make a state that creates users ;)
15:59 Hazelesque Heheh
15:59 Hazelesque I could just use the /etc/salt/master.d/... stuff and have an autogenerated file with client_acl.* stuff in
15:59 iggy our master/minion configs are managed by salt
16:00 Hazelesque ah, okay
16:00 Hazelesque we're, uh, migrating from CFEngine 3
16:00 Hazelesque ish
16:00 Hazelesque so our salt minion/master config is managed by cfengine
16:00 Hazelesque heh
16:00 Hazelesque as we're using it for just remote command execution/data gathering atm
16:00 Hazelesque although I really want to use it for more
16:01 Hazelesque but baby steps
16:02 Hazelesque out of interest, does anyone know if there's a command line client for the salt netapi?
16:02 iggy pepper
16:02 aparsons joined #salt
16:02 Hazelesque i.e something like salt(1) but for the netapi
16:02 Hazelesque oh?
16:02 * Hazelesque googles
16:03 Hazelesque ah, pre-alpha
16:04 Hazelesque looks like it's probably not a thing I can just say "hey guys, just use X"
16:05 * Hazelesque will keep an eye on it, though! :)
16:06 iggy I guess it depends on your needs
16:06 iggy I suspect they'd take kindly to feature requests
16:07 iggy afaik, it's at the point of "does what the author(s) need it to"
16:07 Ahlee Hazelesque: We make heavy use of pepper
16:08 * Hazelesque was just going on the "The project is currently pre-alpha. Follow progress by watching the project milestones. We'll tag and upload a release to PyPI once the project is ready for a first release." at https://github.com/saltstack/pepper
16:08 moos3 joined #salt
16:08 Hazelesque Ahlee: oh? :)
16:08 Ahlee Hazelesque: Indeed. 9/10ths of our interaction with salt is via libpepper
16:08 Hazelesque I take it it works, then?
16:08 Ahlee Very well. :)
16:08 Hazelesque Ahlee: ah, libpepper, rather than the CLI pepper tool?
16:09 Hazelesque what does the library do for you, vs using the NetapiClient class hierarchy etc?
16:09 Ahlee Hazelesque: i mean, the cli tool is just doing what we do, we just write our interactions with the library
16:09 Ahlee Hazelesque: from pepper import Pepper, api = Pepper('endpoint'), api.login('foo', 'bar', 'pam'), api.local_async('*', 'test.ping')
16:09 peters-tx joined #salt
16:10 Hazelesque ah, okay
16:10 Hazelesque I take it it isn't that easy with the built-in stuff?
16:10 Ahlee built-in? You mean LocalClient?
16:10 iggy there's nothing built-in to do remote calls
16:10 Ahlee LocalClient has to run from the master, we don't want to have to run everything from the master
16:10 Hazelesque http://docs.saltstack.com/en/latest/topics/netapi/index.html#salt.netapi.NetapiClient
16:10 Hazelesque I was thinking of?
16:11 Ztyx left #salt
16:11 writtenoff joined #salt
16:12 Ahlee I don't understand the question
16:12 Hazelesque erm
16:12 Ahlee maybe I'm missing something and pepper can do more than I use it for
16:12 Hazelesque there appears to be a "NetapiClient" class (documented at that link above)
16:12 Hazelesque that's built into Salt
16:12 Hazelesque that looks to me to be analagous to LocalClient, but should work over the API from anywhere
16:12 Hazelesque which sounds like exactly what pepper is doing
16:12 TranquilityBase joined #salt
16:13 Ahlee Right, so salt-api exposes the NetapiClient (which in turn is probably just LocalClient with some auth tacked on)
16:13 Hazelesque I'm asking what the difference is between using Pepper, and using the built in salt.netapi.NetapiClient
16:13 Hazelesque i.e. why not just use the latter?
16:13 f4lse_ joined #salt
16:13 Hazelesque what doesn't the latter do?
16:13 iggy that seems misnamed... I don't think that's something you can roll into a script and run from anywhere
16:13 Ahlee NetapiClient still needs to be exposed via some medium (a cherrypy server, nginx running wsgi, etc)
16:14 Hazelesque Oh. OH.
16:14 Hazelesque right
16:14 Ahlee pepper interfaces with that exposed medium, assuming it's RESTful
16:14 Hazelesque it's a "client" in the sense that it spews stuff via fifos/zeromq/whatever onto the master/minion buses?
16:14 Ahlee iggy: pretty sure NetapiClient just inherits from LocalClient
16:14 Hazelesque not in the sense that it looks like LocalClient, but *talks over HTTP*
16:14 Hazelesque ?
16:14 spookah joined #salt
16:14 Ahlee Correct, it's the server side client to salt
16:14 Hazelesque Oh, I see
16:15 Hazelesque sorry, I was misunderstanding what it meant by "client"
16:15 Hazelesque I thought that something with "apiclient" in the name might be a client for the API
16:15 Hazelesque heh
16:15 Hazelesque I think I get it now, heh :)
16:16 Ahlee so, back to what we do. We have salt-api running on the master, pepper auth's with the salt-api. On the backend, salt-api is handling NetapiClient instantiation
16:16 Hazelesque OK, understood...
16:22 ange anyone using salt orchestrate to run a series of shell commands directly or through salt states? I am looking for examples
16:22 ange I am not 100% to follow how to do sequences of stuff as described in https://docs.saltstack.com/en/latest/topics/tutorials/states_pt5.html#more-complex-orchestration
16:22 anotherZero joined #salt
16:22 throwayaj I have been playing with orchestartion
16:23 throwayaj pretty simple
16:23 throwayaj one second I'll show you one
16:23 throwayaj cmd.run salt.function:
16:23 throwayaj - tgt: 'anno*'
16:23 throwayaj cmd.run salt.function:
16:23 throwayaj - tgt: 'anno*'
16:23 throwayaj - arg:
16:23 throwayaj - iisreset /stop
16:24 throwayaj sorry that double pasted
16:24 throwayaj cmd.run
16:24 brandk Yeah I just implemented some orchestration runs myself tied in with Reactor so I may have some insight as well (I'll let throwayaj tackle it first)
16:24 throwayaj salt.function
16:24 murrdoc bad paste
16:24 iggy "Please use https://gist.github.com for code, don't paste directly into the channel"
16:24 throwayaj - tgt: 'name of computer'
16:24 throwayaj -arg:
16:24 ange throwayaj: use gist.github maybe?
16:24 throwayaj - iisreset /stop
16:25 khris joined #salt
16:25 throwayaj my problem with the orchestartion is if i need the cmd.run function to be required by another statement I can't do it
16:26 throwayaj i can't say - require: cmd.run I wish it allowed me to name that specific step in the orchestration
16:26 ange throwayaj: well yes that's pretty much what the doc says, but I am not clear how to do a list of things such as : checking a /home/bob/releases is present, creating a new dir in there using a string from pillar/grains, running a couple more commands or scripts in there depending on those results
16:26 anotherZero joined #salt
16:26 UtahDave joined #salt
16:26 throwayaj @brandk any insight for ange? I haven't tackled using pillars with it or anything
16:27 brandk try to namespace each item in your SLS (e.g. create_dir_foo:) then use cmd.run in that step. Next step will have - require: cmd: create_dir_foo
16:27 ange well by the look of it the use of pillar or grains data is not going to be an issue
16:27 kawa2014 joined #salt
16:28 throwayaj I have tried to namespace each item with the cmd.run but it fails :( have you been successful creating a namespace and haveing it work?
16:28 brandk require statements just really use format <name of module> : <namespace of previous step required>
16:28 brandk yes hang on I'll try to setup an example and link to it
16:28 ange ok
16:28 throwayaj awesome!
16:28 ange thanks
16:29 murrdoc require statements are scary , dont use em
16:30 robawt no way murrdoc
16:30 robawt requisites are awesome
16:31 throwayaj i agree robawt why are they scare murrdoc?
16:31 murrdoc requisites are awesome, requires arent
16:31 ange https://gist.github.com/mcansky/98ab0589f6795fb61139 < I can get that called for example but it will throw an error about the user (I do know the user exist on the minion, but not on the master : is that orchestrate state meant to be run on the master by default ?)
16:32 throwayaj yes orchestration runs from the master to the minions
16:32 ange I think my issue is around the different syntax used in orchestrate states and regular ones
16:33 throwayaj you can create a step to add the user and group in the orchestration and then call the folder_setup and sub_folders_setup
16:33 iggy why not just put that stuff in order instead of reverse order and using an oddly large number of requires?
16:34 ange throwayaj: no, the user already exists on the minion, it's created by salt
16:34 throwayaj ok
16:34 ange iggy: yeah probably a good way to go in this case
16:34 throwayaj what error does it throw about the user?
16:34 ange that it's unkown
16:35 sporkd2 joined #salt
16:36 iggy I didn't even know regular module calls would work in orch jobs
16:36 beneggett joined #salt
16:36 iggy but yes, orchestrate is a runner, so it runs in the master context... you probably just need to put that stuff into states and target those states appropriately
16:38 theologian joined #salt
16:38 throwayaj so ange I would create a separate state file for the folder setup. then in the orchestartion file call that state file and tgt the minion you need with the folders setup
16:38 Hazelesque right, I gotta run now, take care! :)
16:38 throwayaj i believe it throws an error because there is not target for those steps...
16:38 Hazelesque thanks everyone for answering my questions :)
16:39 throwayaj look at section More Complex Orchestartion https://docs.saltstack.com/en/latest/topics/tutorials/states_pt5.html
16:39 ange iggy, throwayaj : ok, sounds like a very good idea, can I just reference any state through a require ?
16:39 ange throwayaj: yes, that's the one I am looking at
16:39 throwayaj i don't know if you can reference a state through a require, but worth a shot it guess
16:40 throwayaj I would assume yes
16:40 throwayaj or create the namespace that tgt's the state and then in your other steps you can require that namespace
16:40 brandk https://gist.github.com/anonymous/723d01575590f838eb39
16:41 brandk it's in reverse order if you're really interested in following my workflow but the orchestration run is mostly in top item
16:42 ange brandk: ah very interesting
16:42 ange thanks
16:43 amcorreia joined #salt
16:43 throwayaj looks good brandk
16:43 UtahDave has anyone here used the firewalld state that's in develop?
16:44 * robawt highfives UtahDave
16:44 UtahDave yo, robawt!
16:44 brandk now there may be better ways of handling some of that. There seemed to be some issues with the salt mdadm.py script which caused my orchestration runs to fail so I ended up using my own shell scripts in a few places
16:45 linjan joined #salt
16:51 giantlock joined #salt
16:52 ange brandk ,iggy , throwayaj : thanks for all the help, with those last bits I am back to regular states with clean targeting :)
16:55 otter768 joined #salt
16:56 aqua^c joined #salt
16:56 Auroch joined #salt
16:57 xDamox joined #salt
16:58 mbuckner joined #salt
16:59 mbuckner Hello, is there a way to specify whole subnets or use a regex for the salt-ssh roster file?
17:01 conan_the_destro joined #salt
17:01 iggy mbuckner: there's a scan roster module that can do network stuff
17:02 MatthewsFace joined #salt
17:02 mbuckner Great, that's exactly what I'm looking for
17:02 mbuckner Thanks!
17:03 brandk ange: glad it helped
17:09 timoguin joined #salt
17:11 forrest joined #salt
17:12 chutzpah joined #salt
17:12 Pulp joined #salt
17:15 forrest joined #salt
17:15 ajw0100 joined #salt
17:15 rap424 joined #salt
17:15 tomh- joined #salt
17:16 Gareth morning morning
17:16 forrest hey Gareth
17:16 Gareth forrest: hey hey.  hows it going?
17:17 forrest Pretty good! You?
17:17 Gareth Not too bad, it's Monday but still early :)
17:17 ange is there a simple way to generate a timestamp to use as variable in a state ?
17:19 tmclaugh[work] joined #salt
17:20 impi joined #salt
17:21 Gareth something like: {%- set timestamp = salt['cmd.run']("date") %}
17:23 beneggett joined #salt
17:23 UtahDave sup, Gareth!
17:25 Gareth UtahDave: hey hey :) how are you?
17:25 keimlink joined #salt
17:26 sdm24 Does anyone know when 2015.5.1 will be released for windows minions, and/or the apt repo?
17:27 mbuckner When using --roster clustershell I'm getting 'no hosts found with target'. Here's the command: salt-ssh -i --roster clustershell '192.168.1.25[0-4]' test.ping     Am I doing something incorrectly?
17:27 UtahDave the Windows 2015.5.1 installers have been release and can be found here: http://docs.saltstack.com/downloads/?C=N;O=D
17:28 UtahDave Need to update the docs to reflect that
17:28 sdm24 @UtahDave ah thank you
17:29 rojem joined #salt
17:29 baweaver joined #salt
17:31 ndrei_ joined #salt
17:32 iggy love when 2015.5.2 is already tagged and 2015.5.1 is barely out there
17:33 iggy <3 running from git tags
17:33 baweaver_ joined #salt
17:34 ange iggy, brandk : any way to pass additional args / pillar data from the orchestrate runner to the states it calls ?
17:35 ange I thought adding an args dict would do but apparently not
17:35 ange and the pillar data passed upon call of the orchestrate does not seem to be passed on
17:36 ange kwarg + pillar ?
17:37 denys joined #salt
17:37 iggy you'd have to pass the pillar data through if you want to go that direction
17:37 ahammond @UtahDave hey man, can I nag you about https://github.com/saltstack/salt/issues/24198 ?
17:38 wendall911 joined #salt
17:40 UtahDave ahammond: Hm. I've been using event.send successfully.  Let me test again
17:40 pix91 joined #salt
17:41 ahammond @UtahDave I'm able to repro this on my virtual env and am currently reproing it in production, to my chagrin. Are there any config changes I need to make for this to work or anything?
17:41 ange found a way, adding a pillar dict in the orch runner for the state
17:42 pix91 I am trying to make brief outline of possiblities with saltstack to evaluate how good it would be if I implement it in my current job environment.
17:43 pix91 cany good document, refrence, book about salt stack. would be helpful
17:43 ndrei joined #salt
17:43 murrdoc joined #salt
17:43 pix91 also I am targetting to have training kind of session for my subbordinates about salt stack.
17:44 pix91 this outline may help me to create some training-discussion topics.
17:44 murrdoc joined #salt
17:44 ajw0100 joined #salt
17:44 UtahDave ahammond: are you still on the 2015.5.0 release?  I just tested on that tag and I'm getting the minion's event on the master
17:44 baweaver joined #salt
17:45 UtahDave pix91: are you asking about SaltStack training? I can put you in touch with the person who coordinates those.
17:46 pix91 @UtahDave I need outline first so I need to decide if I will be using salt in my env, after that I may want to shortlist topics need for training.
17:47 ahammond @UtahDave I'm on 2015.5.0 on my VMs. Production is a more complicated story (but we're working on that).
17:48 pix91 @UtahDave if you think this can be satisfied, may be I can go ahed and pitch capablities with my infra manager.
17:48 pix91 that after some fancy process they may approve it.
17:49 UtahDave pix91: have you looked at docs.saltstack.com?  There's a list of all the modules and states that Salt supports out of the box here: http://docs.saltstack.com/en/latest/salt-modindex.html
17:49 UtahDave ahammond: what OS are you on?
17:49 ahammond @UtahDave master is centos 6.6, minion is fedora21
17:50 pix91 thanks UtahDave
17:51 UtahDave pix91: you're welcome.
17:51 UtahDave ahammond: So you're not seeing any events from the minion, right?
17:51 pix91 that's a Holy list :P
17:51 UtahDave pix91: you can basically get Salt to do almost anything you want
17:51 pix91 hmm
17:51 pix91 brb
17:51 murrdoc except lay down the os
17:52 murrdoc still havent figured that out
17:52 terxy510 joined #salt
17:52 murrdoc or run a state across reboots, thats a nope too
17:52 KyleG joined #salt
17:52 KyleG joined #salt
17:52 UtahDave murrdoc: just requires some workarounds for now
17:52 monkey66 joined #salt
17:52 ahammond @UtahDave I'm seeing events from the minion, (auth, and an event from executing the event.send stuff) but _not_ the custom event
17:53 stoogenmeyer__ joined #salt
17:53 UtahDave so weird. I'm having trouble reproducing that. I'm getting the custom event every time.
17:53 ahammond @UtahDave in the bug, I'd expect to see the "event_from_minion" event. I see the "test_from_master" event, and salt/job events for both master and minion... but not that event_from_minion event.
17:54 ahammond @UtahDave I'd love to have that problem! :)
17:54 UtahDave Can you try running the event.send   with -l debug?
17:54 murrdoc UtahDave:  any recommendations u have for making a state or orchestrate work across reboots, i am all ears
17:54 ahammond @UtahDave ok
17:54 UtahDave murrdoc: orchestrate is supposed to handle reboots already
17:54 ageorgop joined #salt
17:55 UtahDave with a state, I use jinja to check for flags I set before kicking off a reboot
17:55 murrdoc yeah
17:56 beneggett joined #salt
17:56 xDamox joined #salt
17:58 pix91 back
17:59 ksalman test
18:04 pix91 ok I will try to comeup iwth king mini course about salt stak and write about it.
18:04 pix91 :D
18:05 pix91 time to do some homework :P
18:06 UtahDave murrdoc: I would like to see the reboot managed better, though. We've discussed keeping the state data up to the point of the reboot in the proc_dir
18:06 pix92 joined #salt
18:07 murrdoc there are some package installs, that need reboots
18:08 ahammond @UtahDave bug updated with output. Also, is there a clever trick to get debug info for everything _except_ pillars? That took me 10 minutes to snip out all the pillar contents that need to not be going on github. :)
18:08 iggy quit being such a square
18:19 pix92 hmm
18:20 forrest joined #salt
18:22 ndrei joined #salt
18:27 pix92 I've come-up with some outline for myselfe.
18:27 pix92 may be I should start writing on it.
18:27 epcim_ joined #salt
18:28 cozby_ left #salt
18:30 notnotpe_ joined #salt
18:33 timoguin joined #salt
18:34 writtenoff joined #salt
18:39 sandah left #salt
18:44 aqua^c joined #salt
18:45 iggy grrr, people committing to master in formulas again
18:47 sgargan joined #salt
18:47 impi joined #salt
18:50 Grokzen joined #salt
18:54 SheetiS joined #salt
18:55 baweaver joined #salt
18:56 otter768 joined #salt
18:56 hal58th How are they even allowed to iggy?
18:59 timoguin hal58th: lack of fine-grained permissions in Github
18:59 hal58th ah. well that's annoying
18:59 timoguin Contributors have write access.
19:00 timoguin And that's as fine as the controls get. No branch-level perms.
19:01 forrest iggy: Who was it this time? Repeat offender or first offences?
19:03 slimmons If i'm wanting a server where
19:03 slimmons premature return
19:03 sgargan joined #salt
19:04 slimmons i need to wget a key for neo4j, and I know I can use file.managed for that, but after I have the key I need to 'apt-key add neo4j_key' then 'rm neo4j_key'.  Does salt already handle adding keys?
19:05 monkey66 left #salt
19:06 ahammond I'm familiar with Rejected keys, but what the heck is a Denied key?
19:07 murrdoc joined #salt
19:08 hybridpollo joined #salt
19:09 iggy forrest: hadoop-formula, don't know if first time or not, I certainly don't have the time to go look
19:12 throwaya1 joined #salt
19:12 forrest iggy: okay
19:15 dstokes_ joined #salt
19:15 mtward joined #salt
19:15 mrtrosen joined #salt
19:16 ajw0100 joined #salt
19:17 mtward joined #salt
19:18 debian112 joined #salt
19:23 ndrei joined #salt
19:26 mtward1 joined #salt
19:31 cberndt joined #salt
19:33 vkuusk joined #salt
19:33 nogiveup joined #salt
19:37 E_ro joined #salt
19:39 chiui joined #salt
19:40 forrest joined #salt
19:41 xDamox joined #salt
19:42 linjan joined #salt
19:46 clintberry joined #salt
19:49 rdutch joined #salt
19:51 bhosmer joined #salt
19:56 simmel joined #salt
19:59 mdasilva joined #salt
19:59 mdasilva hello all
20:01 dfinn joined #salt
20:01 dfinn is there a logstash returner or easy way to get salt master output into logstash?
20:02 HappySlappy joined #salt
20:05 dfinn i found this which might be what I'm looking for but it doesn't say whether this is a master or minion config
20:05 dfinn https://docs.saltstack.com/en/latest/ref/configuration/logging/handlers/salt.log.handlers.logstash_mod.html
20:05 saltuser joined #salt
20:05 saltuser hi all
20:05 saltuser someone can help me
20:06 saltuser we use debian wheezy and jessie
20:06 saltuser now i wanna make a sls wich
20:06 sine_nitore joined #salt
20:07 murrdoc dfinn:  thats a master config
20:07 saltuser can find out if debian wheezy then deploy package a if jessie deploy package b
20:07 dfinn thanks
20:10 timoguin joined #salt
20:11 keimlink joined #salt
20:11 sdm24 saltuser: sounds like you want {% if grains['oscodename'] == 'wheezy' %}
20:12 saltuser i will have a look if its working
20:14 murrdoc if salt['grains.get']('oscodename') or salt.grains.get('oscodename')
20:14 murrdoc so you can use defaults
20:14 beneggett joined #salt
20:15 saltuser great thanks
20:15 ahammond Denied Keys are new. So new they don't seem to even exist in documentation. Help?
20:16 sdm24 saltuser: I quickly made this example. Hopefully it helps https://gist.github.com/sdm24/12bdf165579b65892c11
20:16 ahammond specifically, I go to http://docs.saltstack.com/en/latest/ref/cli/salt-key.html and search for denied and get nothing.
20:16 ahammond however, salt-key -L lists Accepted, Denied, Unaccepted and Rejected keys. WTF?
20:16 sdm24 no one knows what it means. Thats what makes it provocative
20:18 ahammond considering it's part of the auth system for something that runs all our servers... the absence of documentation is not provocative. It's terrifying.
20:18 saltuser coolio thanks sdm24
20:18 iggy read the coe
20:18 Norrland denied is for hosts that annouce the same minion_id as an existing minion
20:18 iggy code
20:18 ahammond code?
20:18 tedski when i query a minion using pillar.item, it returns the proper pillar data
20:18 ahammond is this what I should tell my boss?
20:18 tedski however when i query that same item with pillar.get, it returns false
20:18 tedski am i missing something?
20:19 iggy my boss trusts me...
20:20 ahammond iggy mine does too: he let me install salt on a few hundred servers. being able to answer basic questions about the auth system (which I used to understand, but apparently has changed) would be... good...
20:21 ahammond so... uh... can anyone help me out with what "Denied Keys" means, and how to make them accepted keys... because salt-key -a foo doesn't seem to be working here...
20:21 xDamox joined #salt
20:21 mdasilva if salt-cloud --list-sizes only doesn't show some of the new gen instances, what could cause this?
20:21 Norrland ahammond: Have you set the same minion_id for two hosts?
20:22 mdasilva tia
20:22 ahammond Norrland I don't think so, but I wouldn't put it past some of the guys I work with.
20:22 UtahDave ahammond: I believe that has to do with the raet transport
20:22 forrest joined #salt
20:22 ahammond @UtahDave either way, it should really be somewhere in the docs.
20:23 iggy file a bug
20:23 ahammond holy crap. I have duplicate entries?!?!?!
20:23 ahammond iggy will do.
20:23 xDamox joined #salt
20:23 UtahDave ahammond: if you use the salt-key executable it will do the right thing.  For zmq minions   the following dirs are used:    minions, minions_pre, and minions_rejected
20:23 baweaver joined #salt
20:24 bemehow joined #salt
20:25 ahammond @UtahDave at this point, it looks like Denied Keys (on a zmq system) means that some idiot (probably me, but possibly a co-worker) has registered a minion with the same name as another minion.
20:25 UtahDave ah, didn't know that.
20:26 ahammond I am not running RAET yet. Heck, I have issues updating my minions to 2015.5.0 still. :)
20:26 Norrland :)
20:27 baweaver joined #salt
20:27 vexati0n hello ---- ? -- so is it normal when using the MySQL backend for the Salt Master, that the salt database just grows and grows and grows forever?
20:28 IanVorn joined #salt
20:28 markm joined #salt
20:28 baweaver_ joined #salt
20:31 baweaver_ joined #salt
20:32 vexati0n Question 2- does anyone know why I might get a "too many functions declared" in the Reactor, when referencing an SLS file that works perfectly fine in state.highstate ?
20:33 aqua^c joined #salt
20:33 UtahDave vexati0n: Answer 1:  Yes.  You need to decide your own data retention policies and procedures on that data
20:34 vexati0n UtahDave: so, when using the mysql backend, keep_jobs is ignored?
20:34 UtahDave vexati0n: Answer 2: please pastebin, but it's likely because of the slightly different structure of the yaml in a reactor vs a state sls
20:34 UtahDave vexati0n: correct
20:36 vexati0n ok thanks, i'll remember that. on #2, I'll paste asap
20:39 smcquay joined #salt
20:40 tiadobatima joined #salt
20:40 vexati0n UtahDave: http://pastebin.com/F2Z1XwST
20:42 slimmons /path/to/dest:
20:42 slimmons file.managed:
20:42 slimmons - source: http://debian.neo4j.org/neotechnology.gpg.key
20:43 slimmons Unable to determine upstream hash of source file http://debian.neo4j.org/neotechnology.gpg.key
20:44 slimmons does it want the hash of the file
20:45 slimmons nevermind, I missed it in the documentation on it
20:45 slimmons source_hash      This can be one of the following:              a source hash string             the URI of a file that contains source hash strings
20:47 ndrei_ joined #salt
20:50 SpX joined #salt
20:50 CK__ joined #salt
20:50 aboe joined #salt
20:51 aboe left #salt
20:51 aboe joined #salt
20:52 aboe joined #salt
20:52 lexter joined #salt
20:57 otter768 joined #salt
20:58 aboe left #salt
20:58 aboe joined #salt
21:02 xDamox joined #salt
21:05 aboe joined #salt
21:10 aboe joined #salt
21:11 aboe joined #salt
21:12 theologian joined #salt
21:12 aboe joined #salt
21:12 ahammond our master is on an 8 core box. we have almost 400 minions. I currently have worker_threads at 8, but getting prompted about increasing that. does that make sense or do I need to be asking for a larger salt-master server... or should I instead focus on getting moved over to RAET?
21:13 ponpanderer joined #salt
21:14 iggy try 32
21:14 ahammond iggy ok, will do. I was working on the idea that 1 per core made sense.
21:14 rdutch left #salt
21:15 aboe left #salt
21:16 aboe joined #salt
21:17 sygibson joined #salt
21:17 aw110f joined #salt
21:18 bemehow joined #salt
21:18 sygibson g'day everyone - I have an issue w/ jinja templates I'm trying to debug - I'm getting an error 'Unable to manage file: Jinja variable 'function object' has no attribute 'keys' '
21:19 sygibson I've been pouring through the online doc and googling around - but can't seem to figure out how to get salt to output something more verbose ... like ... what exactly is the "function object" or "keys" that is being referenced that has no attribute ... ?
21:19 sygibson is there a way to run a jinja template manually to see the output?  something similar to a shell "set -x" solution ?
21:20 sdm24 can you copy the template to gist.hithub.com or something similiar?
21:21 Not_ joined #salt
21:22 gasbakid joined #salt
21:22 opti98 joined #salt
21:23 sygibson yes - the global vars that's included is:  https://gist.github.com/sygibson/3bb35eeb2618f2a098a7
21:23 sygibson and the ceph.conf jinja template that includes the global vars:  https://gist.github.com/sygibson/a1f9d772ac0b2d0315c4
21:24 timoguin It's line 5 and 6
21:24 timoguin salt['network.subnets']() is how you'd call that
21:25 timoguin so change that to salt['network.subnets']().keys()[0]
21:25 timoguin I think should do it
21:25 sygibson ok - but "network.subnets" returns multiple subnet definitions in my environment - we have a "management" interface and a "production" interface - two separate networks
21:26 monkey661 joined #salt
21:27 timoguin Yea but salt['network.subnets'] isn't a dict, it's a function. So you need to call the function.
21:27 timoguin And it looks like network.interfaces returns a list, not a dict.
21:27 timoguin So you actually might need: salt['network.subnets']()[0]
21:28 timoguin errr network.subnets I mean.
21:29 sygibson ok - for reference - the call 'salt TARGET network.subnets' results in the following in my setup:  https://gist.github.com/sygibson/9dce48a1eb47e030464d
21:30 sygibson (slightly "munged" to protect the innocent ....... he he he )
21:30 timoguin yea that's a list
21:30 * sygibson == python newbie
21:30 sygibson :-)
21:32 sygibson timoguin: thanks for the quick response - making changes now and testing ... b
21:33 sygibson but my question still remains ... is there someway to better debug/test how a jinja template is interpreted?  I'd like to be able to "fish for my own fish" .... so to speak
21:36 forrest sygibson: Not really, this is something where an issue probably exists. We've talked about it a lot, but there aren't any solutions so far.
21:38 dingo hello friends, would saltstack want bugfixes for branch 2014.7? There is a use of "dict.iteritem" that should be "dict.iteritems" https://github.com/saltstack/salt/blob/2014.7/salt/states/rabbitmq_vhost.py#L101
21:39 dingo (this bug is not present in 'develop', since deleted)
21:40 dingo sygibson: there is a solution
21:40 bemehow_ joined #salt
21:40 dingo https://github.com/joejulian/saltstack-logging
21:41 dingo you can just do plain old "print" like logging statements, to check your data types, logic flows, etc.
21:41 dingo using a debug logging statement with this module
21:41 dingo i complained that i needed it, and joe wrote it for me, nice guy. I haven't since needed to use it, but i hope it could help you, sygibson :)
21:42 aboe dingo: thanks, was also looking for something like this
21:42 sygibson dingo: thx - I'll def. check that out !!   crude ... but crude is better than "left in the dark" ... :-)
21:44 monkey66 joined #salt
21:44 Brew joined #salt
21:44 monkey66 left #salt
21:46 JoeJulian Yep, totally a hack. :)
21:47 aboe left #salt
21:49 chamunks joined #salt
22:02 forrest joined #salt
22:03 premera joined #salt
22:06 bemehow joined #salt
22:07 Ztyx joined #salt
22:11 bemehow joined #salt
22:11 xDamox joined #salt
22:11 perfectsine joined #salt
22:21 mrbigglesworth joined #salt
22:22 aqua^c joined #salt
22:25 mbuckner joined #salt
22:27 forrest joined #salt
22:27 diegows joined #salt
22:34 bhosmer_ joined #salt
22:35 sygibson dingo and timoguin (et al) ... ok - so I'm stuck again on this Jinja Template issue ... on some nodes ("mon"s), there is only 1 interface, on others ("osd"s), there are two
22:36 sygibson if I try and test for the 2nd network instance to set "cluster network" to that value, on the "mon" nodes it fails
22:36 sygibson how in a Jinja Template - do I **test** that something exists/is set ?  without it throwing an error?
22:36 dingo sygibson: sure, just test length
22:36 sygibson my example jinja template code is at: https://gist.github.com/sygibson/6b13b147a31b4f3fc7e8
22:36 dingo if len(interfaces) == 2:
22:36 dingo configure 2nd
22:37 dingo i mean, i would be a bit more explicit, that "osd"s have two interfaces, and that this is its 2nd configuration, by pillar
22:37 dingo and it would look like
22:37 dingo if 'osd' in __salt__['salt.grains']['roles']:
22:37 dingo or whatever it is
22:37 sygibson "2" in this case referring to the number of elements in the list ?
22:37 dingo yes sygibson, you can test length of a list, <list>, by len(list)
22:38 perfectsine joined #salt
22:39 sygibson alright ... on to the next round of whacking around !!  thanks, dingo
22:39 Ztyx joined #salt
22:43 ajw0100_ joined #salt
22:47 Panyc801 joined #salt
22:53 forrest Why is sroegner not around today :|
22:54 forrest iggy: I'm going to email him
22:54 forrest and ask him about the merging straight to master thing.
22:54 forrest Once I hear back on the commit (hopefully today or tomorrow)
22:55 Panyc801 Guys i really need some help I have a centos5 box.. long story short... someone removed salt-minion from one of our servers and i can't seem to get it back on....   am i allowed to copy and paste in here?   I really am at a loss and can use some help
22:55 subsignal joined #salt
22:55 forrest Panyc801: use gist.github.com
22:55 forrest Panyc801: Did you already delete the minion from the master? Or are you having an issue installing the package itself.
22:56 Panyc801 it's a package issue im sure but i've tried yum clean all i've tried installing the rpm's manually man i have tried everything.... ill paste one sec to gist
22:57 forrest sounds good
22:57 otter768 joined #salt
22:58 Panyc801 https://gist.github.com/anonymous/4b294dbd2a8d25cdcd3c
22:59 Panyc801 it needs to be that version to work with the master
22:59 Panyc801 im missing something.... python ?
23:01 DrBojingle joined #salt
23:01 forrest Panyc801: can you run rpm -qa | grep salt on that system and add it as a comment to the gist?
23:01 Panyc801 yeah one sec
23:02 Panyc801 nothing
23:02 Panyc801 no output
23:02 Panyc801 but ill add it
23:03 Aidin joined #salt
23:04 forrest weird, did you already try just yum install salt-minion-2014.1.10-4.el6.noarch.rpm ?
23:04 forrest Panyc801: Also, did you confirm that python-zmq isn't on the system already? Maybe a version clash
23:05 forrest also do a yum list python-zmq and see if that pulls anything up
23:06 Panyc801 https://gist.github.com/anonymous/2971c462a5ff75521e0d
23:06 forrest so no zmq Panyc801
23:07 forrest Any chance your repos have changed? Is epel available on that system?
23:07 forrest Panyc801: https://dl.fedoraproject.org/pub/epel/5/x86_64/ doesn't have python-zmq
23:07 Panyc801 epel is on the system
23:07 forrest it has python26-zmq, you're missing a repo it seems.
23:08 forrest Do you have centos extras enabled?
23:08 Panyc801 yes
23:08 Panyc801 so go ahead and install python-zmq?
23:08 bfoxwell joined #salt
23:09 Panyc801 no package python-zmq available
23:09 forrest Panyc801: Yeah, because epel doesn't have it.
23:09 forrest Do this: http://zeromq.org/distro:centos
23:10 forrest Panyc801: ^ Follow the instructions to add the fenshou repo and you'll be all set to go, then find time to upgrade to centos 6 ;)
23:10 forrest *fengshou
23:10 Panyc801 thanks i will try that
23:10 forrest yeah np, it will fix it for you. centos 5 is stupid with the python-zmq packages. Should be all set for an install once you do that.
23:13 Panyc801 so i added the file to the repo directory do i install the zeromq
23:13 Panyc801 or python-zmq
23:13 forrest no
23:14 forrest just do yum clean all
23:14 forrest then install the salt-minion
23:14 forrest it will pull it as a dependency and you should be fine.
23:14 forrest Panyc801: ^
23:15 Panyc801 same stuff
23:15 baweaver joined #salt
23:15 forrest did you yum clean all and yum list python-zmq ?
23:16 drawsmcgraw left #salt
23:16 Panyc801 do i need to do something else other that put a repo file in the /etc/yum.repos folder
23:16 Panyc801 directory
23:17 Panyc801 not folder
23:17 Panyc801 sorry
23:17 f4lse_ joined #salt
23:18 forrest need to clean yum to make sure it updates the repo and makes that repository available. You can run yum repolist to make sure you did it correctly.
23:19 Panyc801 nope its not there but i did put the file in there
23:19 Panyc801 copy and pasted
23:19 sgargan joined #salt
23:19 keimlink_ joined #salt
23:20 forrest I don't know what to tell you there, the repo file looks good. I'd make sure that it's in the right place. That's all I've got.
23:22 xDamox joined #salt
23:23 Panyc801 the repo is there i did the clean but it can't find the python-zmq
23:25 Panyc801 https://www.irccloud.com/pastebin/T9EdNpZO/
23:28 forrest Looks like zeromq is there: http://download.opensuse.org/repositories/home:/fengshuo:/zeromq/CentOS_CentOS-5/x86_64/ but that might not be the python binding
23:29 forrest doesn't look like it is
23:30 Panyc801 :(
23:30 forrest some guy did this: https://khsing.net/2014/04/02/install-saltstack-on-centos-5-x/
23:30 forrest he installed zmq with pip, might be worth a shot
23:30 forrest I don't remember where the actual package is
23:34 Panyc801 cant find pip
23:34 Panyc801 i got all the way to the first pip line
23:35 forrest Yeah you'll probably have to install pip with easy_install.
23:37 forrest joined #salt
23:39 spookah joined #salt
23:39 sygibson dingo: thanks for the pointers ... I managed  to get it straightened out - but needed quite a bit of changes since this is "jinja templates isn't quite exactly python" sort of code ...
23:40 sygibson the working code is:  {% if salt['network.subnets']()|length() == 1   -%}
23:40 sygibson note the change of "len()" to "length()" and passing it through the pipe {"|") since it's a fitler in the Jinja context .... whew
23:41 Georgyo joined #salt
23:41 Panyc801 how do i get easy_ionstall
23:41 Panyc801 er easy_install
23:41 Panyc801 sorry :(
23:42 TheoSLC joined #salt
23:42 forrest Panyc801: https://serverfault.com/questions/267518/how-to-install-easy-install-via-yum-on-linux-centos-server , lots of other resources out there. If you aren't comfortable with that you might want to talk to someone at your org with more familiarity.
23:43 vexati0n gah! what does this even mean -- AttributeError: 'NoneType' object has no attribute '__name__'
23:43 vexati0n i have 1 minion that just refuses to do anything at all
23:43 forrest vexati0n: did you already run with -l debug?
23:44 vexati0n yes. and it's just a whole bunch of errors, which all boil down to that.
23:45 forrest are you getting that on a highstate?
23:45 vexati0n it complains about "syntax errors" in python package files
23:45 vexati0n no i'm getting it on absolutely everything
23:45 forrest vexati0n: What changed recently?
23:46 forrest is there anything more in the error? Seems weird that you'd get that even on grain lookups and such
23:46 vexati0n just a package upgrade in salt from 4.0.1 to 4.0.2
23:46 forrest did you upgrade the master and minions?
23:46 bougie joined #salt
23:47 vexati0n yes
23:47 vexati0n the other minions are fine
23:48 forrest did you restart the services?
23:48 forrest so just one minion is having issue with all commands that query against it?
23:49 vexati0n eh. looks like it's ok now. i had to delete everything in /usr/lib/python2.7/dist-packages/salt/* and then reinstall salt.
23:49 forrest lame
23:52 vexati0n yeah. oh well, thanks for caring :D
23:52 forrest np
23:53 vexati0n just replaced my master with new hardware. 24 CPU cores, 96GB RAM
23:53 vexati0n don't think i need all that but i will not turn it down.
23:53 forrest yeah
23:53 forrest did you provision the new system with salt? ;)
23:54 vexati0n no. but our infrastructure is fractured.
23:54 aqua^c joined #salt
23:54 vexati0n i have 2 separate salt 'domains' and this one is for the redheaded stepchild.
23:56 dingo yeah sygibson, as a ~15 year python programmer, i can tell you i fail miserably at jinja
23:57 dingo the documentation isn't a complete language specification, its "here's some cute unique things -- the rest is mostly python -- except, when it isn't!"
23:57 dingo so i'm never terribly sure about what to do
23:57 sygibson you know what ... that statement was almost verbatim what one of my co-workers helping me out just said ... :-)
23:57 forrest at least the jinja2 docs are thorough
23:58 Ztyx joined #salt
23:58 dingo I think the bastardization of the built-in features in python that it does remove is the purpose of jinja: to allow **non-programmers** to perform **some programming** in a template design language
23:59 forrest dingo: You know you can straight up write python with salt if you want right?
23:59 dingo they're computers forrest, i could write my own damn render if i wanted to, the sky is the limit
23:59 dingo salt isn't the first time i've bumped into jinja
23:59 dingo i could write pure python code with flask, too, passing in context, but that's not the point
23:59 * forrest shrugs
23:59 amcorreia joined #salt
23:59 Panyc801 good hell
23:59 Panyc801 i figured it out

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary