Perl 6 - the future is here, just unevenly distributed

IRC log for #salt, 2015-06-12

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:00 alexanderilyin I’m using `cgi-fcgi -bind -connect /var/run/php-fpm.sock` and if there was errors in PHP it will not affect cgi-fcgi exit code.
00:05 joeto joined #salt
00:15 loz-- joined #salt
00:20 murrdoc joined #salt
00:21 dendazen joined #salt
00:25 amcorreia how i can call hipchat module from another module?
00:25 amcorreia I want send a message from my module
00:26 MatthewsFace joined #salt
00:27 iggy __salt__['hipchat.function']()
00:28 conan_the_destro joined #salt
00:29 murrdoc joined #salt
00:33 murrdoc joined #salt
00:34 Nazca joined #salt
00:37 jonlangemak joined #salt
00:38 murrdoc joined #salt
00:42 karlthane joined #salt
00:48 amcorreia from cli is working ok, i've put same on module but didn't worked
00:48 oblio left #salt
00:48 amcorreia need restart salt?
00:48 iggy try gisting your code
00:49 amcorreia i have..
00:50 amcorreia __salt__['hipchat.send_message']( room_id="number", api_key="KEY", api_version="v1", etc...)
00:50 amcorreia in fact, inside () i copy and paste from cli
00:53 murrdoc joined #salt
00:55 hvn joined #salt
00:55 hvn joined #salt
00:57 hal58th_1 joined #salt
00:57 hal58th_2 joined #salt
00:58 hal58th_3 joined #salt
01:02 murrdoc joined #salt
01:08 amcorreia http://pastebin.com/NKnTkefv
01:09 Nazca__ joined #salt
01:20 desposo joined #salt
01:21 iggy what error do you get? something about output not being defined I'd guess
01:22 iggy or is output set by your code?
01:22 amcorreia no error, just normal output (messages about services restarting, git message)
01:23 amcorreia output is set by my code.
01:23 amcorreia is return from a shell process
01:26 Ryan_Lane basepi: https://github.com/saltstack/salt/issues/7772
01:26 Ryan_Lane killing me
01:27 Ryan_Lane I'm testing 2015.5 upgrade and now some of my services are restarting because module.run for pkg.install returns something that causes my watches to fire
01:27 Ryan_Lane so I'm fucked no matter what I do
01:27 beauby joined #salt
01:27 murrdoc damn
01:28 Ryan_Lane I can either never be able to upgrade packages, or I can restart my daemons every salt run :(
01:29 Ryan_Lane I guess one of these days I need to bite the bullet and setup aptly
01:31 otter768 joined #salt
01:31 evilrob joined #salt
01:31 david_an11 joined #salt
01:56 alexhayes joined #salt
01:56 hvn joined #salt
02:02 keithhub joined #salt
02:04 TOoSmOotH So I have multiple masters with master_type: failover and master_shuffle: True but when I turn off a master the agents that were on the failed master puke out File "/usr/lib/python2.7/site-packages/salt/minion.py", line 973, in _fire_master result = channel.send(load, timeout=timeout)
02:04 TOoSmOotH they are not trying to connect to another one on the list
02:07 cruatta joined #salt
02:08 beauby joined #salt
02:11 dendazen joined #salt
02:12 Eugene joined #salt
02:18 TOoSmOotH nm figured it out.. I needed to add master_alive
02:19 amcorreia Found solution, need call
02:19 amcorreia salt '*dev*' saltutil.sync_modules
02:22 writtenoff joined #salt
02:27 natewalck left #salt
02:28 amcorreia How i get a grain value in module?
02:28 amcorreia I tryed
02:28 amcorreia message='Build test %s' % __salt__['grains.getval'](host)
02:29 amcorreia but, KeyError: 'grains.getval'
02:31 saifi joined #salt
02:33 jasonrm joined #salt
02:33 hasues joined #salt
02:34 amcorreia grains.get
02:34 hasues left #salt
02:40 beauby joined #salt
02:42 timoguin joined #salt
02:45 michelangelo joined #salt
02:48 birdzhang left #salt
02:52 evilrob joined #salt
02:53 asyncsrc joined #salt
02:54 Not_ joined #salt
02:56 asyncsrc Hi there.  I was wondering if there was any way to have third party python libraries used as part of a custom module.  I'm trying to write some custom tests that run via a module to determine if a server should be put back into rotation after changes are made, and I'm making use of the 'robobrowser' library.
02:56 asyncsrc However, when I attempt to run the module on a remote minion, it fails when trying to run the module.  If I remove the import statements and just have a very simple module that uses only the standard libraries as a test, the module runs as expected.. I'm thinking there's some issue with using third party libraries
02:57 hvn joined #salt
02:59 asyncsrc i guess somehow i have to get the dependencies installed on the minions in question
02:59 asyncsrc (the minions are in a windows environment)
03:00 bougie joined #salt
03:03 eccentricson joined #salt
03:03 eccentricson Has anyone ran into an issue with Salt not starting a service that was just installed?
03:04 Nazca joined #salt
03:06 baweaver joined #salt
03:09 beauby joined #salt
03:10 Nazca__ joined #salt
03:11 baweaver joined #salt
03:12 aqua^c joined #salt
03:13 hvn joined #salt
03:13 hvn joined #salt
03:15 hasues joined #salt
03:26 tobie_ joined #salt
03:26 tobie_ howdy
03:26 tobie_ I have a quick question regarding salt master git_backend filesystem
03:27 tobie_ I was checking the docs and I am still kind of puzzle on how to define a branch
03:27 favadi joined #salt
03:27 tobie_ within a gitremote
03:28 tobie_ is there something that can work like this
03:28 tobie_ http://paste.debian.net/220825/
03:28 tobie_ ?
03:32 otter768 joined #salt
03:32 joehh joined #salt
03:33 hasues joined #salt
03:37 NV joined #salt
03:54 goal joined #salt
03:55 murrdoc joined #salt
03:55 Antiarc joined #salt
03:58 iamtew joined #salt
04:03 penguinpowernz joined #salt
04:06 __number5__ tobie_: you can't assign branch like that, each branch is a salt environment
04:07 tobie_ ah
04:08 __number5__ which version of salt you are using btw?
04:08 baweaver joined #salt
04:09 ramteid joined #salt
04:17 mosen joined #salt
04:38 tobie_ salt-master 2015.5.0 (Lithium)
04:39 tobie_ sorry for the late response
04:39 tobie_ I was checking the doc on http://docs.saltstack.com/en/latest/topics/tutorials/gitfs.html#per-remote-configuration-parameters
04:40 tobie_ and it  gave me the perception that I was able to define a branch
04:40 tobie_ but I guess I miss understood somehow..
04:42 aberdine Hi - is there a module or state or other mechanism for downloading/mirroring a given url?
04:44 __number5__ aberdine: file.managed can use http/https as source
04:45 aberdine __number5__ thanks I'll have a look
04:54 rdas joined #salt
05:13 birdzhang-afk joined #salt
05:17 aberdine is there a way to way to specify pillar data in a state file?
05:20 joeto1 joined #salt
05:20 aberdine nvm, I see it in formula
05:23 aberdine actually, that's a not what  I need - I want to pass data from one state formula (my code, uses a few salt-formulas from the salt-formulas repo) to others
05:24 baweaver joined #salt
05:30 hasues left #salt
05:32 otter768 joined #salt
05:33 ecerulm joined #salt
05:39 ranomore joined #salt
05:41 leszq joined #salt
05:48 nzero joined #salt
05:48 favadi joined #salt
05:54 catpigger joined #salt
05:56 ggoZ joined #salt
05:58 AndreasLutro joined #salt
05:58 gmoney joined #salt
06:04 gmoney Any of the SLC peeps awake?
06:05 ITChap joined #salt
06:06 repl1cant joined #salt
06:15 enginx joined #salt
06:16 dopesong joined #salt
06:23 flyboy joined #salt
06:24 favadi joined #salt
06:25 devops joined #salt
06:28 devops Hi, I am new to salt and I am trying to create a file using template file. New file should contains value from pillar.
06:28 devops how can I get pillar data to a template file
06:30 illern_ joined #salt
06:30 KermitTheFragger joined #salt
06:33 evle1 joined #salt
06:35 AndreasLutro devops: {{ pillar.whatever }}
06:37 ndrei joined #salt
06:38 soren joined #salt
06:40 Sesa joined #salt
06:44 devops @andreasLutro: thanks
06:45 pelzi__ ... so that was not a joke after all
06:49 supersheep joined #salt
06:50 slav0nic joined #salt
06:53 ekkelett joined #salt
06:55 bluenemo joined #salt
06:55 ekkelett I have an odd issue where using pillar.get('something', {}) in a for loop works fine, but returns null for pillar.get('something:under', {})
06:56 Auroch joined #salt
06:56 baweaver joined #salt
06:58 ekkelett Oddly enough using salt['pillar.get']('something:under', {}) works fine, but I'm failing to understand why it doesn't work for pillar.get directly with the sub-value
07:01 colttt joined #salt
07:02 eseyman joined #salt
07:02 AndreasLutro ekkelett: the `pillar` variable is a python dictionary, which has a .get() method, but it doesn't work for nested elements
07:03 ekkelett aha!
07:03 AndreasLutro salt['pillar.get'] is a function that does support nested elements
07:03 * ekkelett facepalms and kills self
07:03 ekkelett Thank you for the explanation, I was pondering about it for a long time yesterday to no avail
07:03 stephanbuys joined #salt
07:03 NV ekkelett: that's a little extreme don't you think? :P
07:03 ekkelett ... well, perhaps. :p I've faced bigger obstacles without going that route I suppose!
07:03 NV :D
07:04 ekkelett Inconveniently conveniently similar function names.
07:04 ekkelett Well, one isn't a function but a dictionary, I'll have to not forget that.
07:04 NV well both are functions
07:05 NV .get is a function of a dict
07:05 AndreasLutro pillar.get() is a function, but pillar is a dictionary and get() is a method on the dictionary type
07:05 NV but it's just the basic python one
07:05 AndreasLutro salt['pillar.get'] is just a regular function
07:05 al joined #salt
07:05 NV but has a bit mroe smarts in it ^^
07:05 NV note that
07:05 NV salt['pillar.get']('a:b') == pillar.get('a').get('b')
07:06 NV although salt['pillar.get'] makes handling the case where the key 'a' doesn't exist and providing a default value easier
07:06 colttt joined #salt
07:06 NV otherwise you'd have to check each level
07:07 Ssquidly joined #salt
07:13 lb1a joined #salt
07:13 AndreasLutro it gets very verbose as you go deep in a chain - pillar.get('a', {}).get('b', {}).get('c', {}).get('d')
07:17 Romlok joined #salt
07:20 Ztyx joined #salt
07:30 ekkelett Prone to make more errors
07:31 arount joined #salt
07:33 otter768 joined #salt
07:39 illern_ joined #salt
07:40 kawa2014 joined #salt
07:41 markm joined #salt
07:47 sarlalian joined #salt
07:48 sarlalian joined #salt
07:49 birdzhang-afk joined #salt
07:52 chiui joined #salt
07:58 AirOnSkin joined #salt
08:00 malinoff joined #salt
08:04 steven_ joined #salt
08:05 steven_ Hi I run Win Update from salt with a script salt '*' state.sls update but it install on the first minion when its finish it start on the second minion... Can we run the command on all the minion in the same time?
08:06 writtenoff joined #salt
08:09 fivmo joined #salt
08:12 s_kunk joined #salt
08:13 s_kunk joined #salt
08:13 bfoxwell joined #salt
08:15 supersheep joined #salt
08:15 julez joined #salt
08:16 Xevian joined #salt
08:17 baweaver joined #salt
08:36 ndrei joined #salt
08:41 Emantor joined #salt
08:45 eXistenZNL joined #salt
08:46 joeto joined #salt
08:50 sgargan joined #salt
08:50 onorua joined #salt
08:51 zer0def joined #salt
08:52 mattiasr joined #salt
08:53 sine_nitore joined #salt
08:53 stooj joined #salt
08:54 ndrei joined #salt
08:54 Whissi joined #salt
08:54 cztanu joined #salt
08:55 a7p joined #salt
08:56 sixninetynine joined #salt
08:56 zekoZeko joined #salt
08:57 flyboy82 ok, I've searched the irc logs and documentation but haven't found anything about this... when cmd.run state has a "- user: username" argument defined, the command fails with mkdir: cannot create directory `/home/username\\n'
08:57 supersheep joined #salt
08:57 cheus joined #salt
08:57 flyboy82 it goes and adds a newline at the end of the user's home for no reason
08:58 bluenemo joined #salt
08:58 flyboy82 checked my users pillar, checked my state, everything runs smoothly when ran with root, but not with user privileges
09:00 nebuchadnezzar joined #salt
09:02 arount flyboy82: can you show us your state please ?
09:02 arount flyboy82: gist or pastebin
09:04 Eureka_ joined #salt
09:04 fivmo left #salt
09:04 flyboy82 https://gist.github.com/anonymous/acce56dc26a91084403e
09:05 arount flyboy82: username exists as unix user ?
09:05 flyboy82 oh yes
09:06 arount flyboy82: I think he don't have an home dir
09:06 arount /home/username
09:06 baoboa joined #salt
09:06 arount and you don't explicit `cwd`
09:06 arount but the default location when you are user username is /home/username
09:07 flyboy82 doesn't matter, tried both with and without cwd arg
09:07 notnotpe_ joined #salt
09:07 flyboy82 the response is this: https://gist.github.com/anonymous/f3c9c1a66c360dfb6590
09:07 stevednd joined #salt
09:07 arount flyboy82: huh !
09:08 arount flyboy82: ok .. well, you're write, this is not what I was thinking
09:08 arount but create a /home/username and execute state again
09:09 notnotp__ joined #salt
09:09 arount this `\n` is a bug, it's clear, but maybe creating this folder can allow you to bypass it
09:09 flyboy82 the folder exists already
09:09 arount ho ..
09:09 arount chown ok I guess ?
09:10 flyboy82 it tries to mkdir    /home/username\n/.nvm
09:10 arount flyboy82: maybe `- user: "username"` ? (quotes)
09:10 flyboy82 tried with single and double, same
09:11 Berty_ joined #salt
09:11 flyboy82 hmmm, I have an idea... lemme check a bit
09:12 arount flyboy82: k
09:13 s_kunk joined #salt
09:13 s_kunk joined #salt
09:15 arount ooops
09:16 dariusjs joined #salt
09:20 Ztyx1 joined #salt
09:21 Ztyx1 joined #salt
09:21 Ztyx1 left #salt
09:26 flyboy82 ok, installing 2014.7 salt-minion fixed it... :S some bug, huh? I'll go report if not already present...
09:29 arount flyboy82: hehe ok
09:32 notnotpeter joined #salt
09:38 notnotpe_ joined #salt
09:43 notnotpeter joined #salt
09:44 favadi joined #salt
09:45 Grokzen joined #salt
09:52 flyboy82 done... https://github.com/saltstack/salt/issues/24627  Thanks for the help arount
09:54 arount flyboy82: good for you :)
09:55 flyboy82 yea, not so good, since I'll have to go around and install things manually for that user but, anyway, hope they solve it
09:56 AndreasLutro flyboy82: you can set the NVM_DIR variable manually to override the install dir
09:56 AndreasLutro - env: { NVM_DIR: /home/username/.nvm }
09:56 AndreasLutro replied to the issue as well
09:57 keimlink joined #salt
10:00 sgargan joined #salt
10:02 ingslovak joined #salt
10:04 notnotpeter joined #salt
10:06 keimlink joined #salt
10:14 baweaver joined #salt
10:16 notnotpe_ joined #salt
10:18 jeddi joined #salt
10:19 s0lar joined #salt
10:19 agend joined #salt
10:20 JPT joined #salt
10:21 karlthane_ joined #salt
10:23 stephanbuys joined #salt
10:25 cheine_ joined #salt
10:36 sfxandy joined #salt
10:36 _sfxandy hi folks
10:37 _sfxandy quick question, the correct way to return grains information via salt mine ..... i assume using grains.get?
10:38 _sfxandy or grains.item?
10:38 devops joined #salt
10:39 devops hi, I am getting the error message
10:39 devops "- Rendering SLS 'base:sudoers' failed: Jinja variable 'dict object' has no attribute 'sudoers' "
10:39 stephanbuys joined #salt
10:40 devops can any one guide me
10:40 devops to fix this
10:41 _sfxandy aways helpful if you can add your code (sanitized where necessary) to somewhere like pastebin or gists
10:41 ekkelett devops: don't know about guide, but it does seem like you're referring to a pillar variable that doesn't exist.
10:44 sgargan joined #salt
10:49 jcristau joined #salt
10:53 sgargan joined #salt
10:55 baweaver joined #salt
11:00 babilen devops: Under which circumstances does that happen?
11:00 ITChap joined #salt
11:04 _sfxandy question i've got is how - in a Jinja template - do I access the mine function grains.item fqdn?
11:04 ndrei joined #salt
11:10 stephanbuys joined #salt
11:11 devops please see my files
11:11 devops https://gist.github.com/shahid/60faca036fd2771370bf
11:12 _sfxandy need the URL devops ...
11:12 sgargan joined #salt
11:16 Romlok devops: is the machine in question given access to that sudoers pillar file, in /srv/pillar/top.sls?
11:19 devops @romlok: You saved my day man. That was the issue. now it is working.
11:19 devops tahnk you all :)
11:23 _sfxandy whats the correct way to pass the fqdn grain via salt mine.  the idea is I want a list of FQDN's based upon a particular grain
11:27 cberndt joined #salt
11:30 _sfxandy have this so far...
11:30 _sfxandy https://gist.github.com/anonymous/526690143c998d6e32ff
11:30 dkrae joined #salt
11:31 PI-Lloyd is there a way I can get mine data from systems defined in a pillar list
11:32 nodens heya all
11:33 PI-Lloyd actually nvm, I'm going about this totally wrong.
11:35 otter768 joined #salt
11:39 jonlangemak joined #salt
11:46 _sfxandy any help would be greatly appreciated.....
11:48 babilen _sfxandy: I would recommend to define a mine function *alias* for that call (the mine function is called 'grains.item" and **NOT** 'fqdn' in your example)
11:49 _sfxandy i have just made that change .....
11:49 Dev0n joined #salt
11:49 _sfxandy and still no luck
11:50 babilen In your case you define the mine function "grains.item" with *one* argument. That doesn't allow you to have multiple. You can either use "grains.items" for that (and keep all grains information in the mine and then extract whatever you need) or define mine function aliases for every grain you do need.
11:50 _sfxandy ok, can you give me an example of the former please?  as I think thats what i've currently got set for my mine_functions
11:51 babilen Also: I would strongly recommend to think long an hard about your decision to keep roles in grains. There is, IMHO, no good reason to store them *on* the minion as that is both a potential security risk and necessitates that you manage *that* information as well.
11:52 _sfxandy i'm migrating them to pillar shortly
11:52 _sfxandy but thanks
11:52 _sfxandy https://gist.github.com/anonymous/ad0989f560176f94eafc
11:52 _sfxandy with my latest changes
11:52 julez joined #salt
11:53 masterkorp Hello everyone
11:53 masterkorp https://www.zerobin.net/?1adb571f6e86f20f#zVQVn4kOQT1B2BYE6mqXxozA1e6CYzoIfgov+IhZANM=
11:53 masterkorp i have the following state
11:53 babilen "mine_functions: grains.items: []" and "{% for server, grains in salt['mine.get']('roles:midtier*','grains.items',expr_form='grain_pcre').items() %}" would be what I'm thinking about I guess. I'd make that "mine_functions: grains: mine_function: grains.items" though
11:54 masterkorp https://www.zerobin.net/?0e021c6fd9041ee2#+rem5k4EJ5b3pos0henfS4WsS6Gd7XfqlpNLflGgRoI=
11:55 babilen _sfxandy: Yes, that looks like what I had in mind? Did you try it? And, if not: Have you refreshed both the pillars and the mine explicitly?
11:56 ndrei joined #salt
11:56 masterkorp but i get an error on the multiline yaml data, how do I fix this
11:56 _sfxandy ok, am i correctly referencing the grains.items in my for loop?
11:57 zz_ashmckenzie joined #salt
11:57 babilen _sfxandy: The lack of a space after ',' tickles my OCD, but that looks about alright. The problem is rather that "'roles:midtier*'" isn't the regular expression you want and I'm not sure you can match on list grains anyway
11:58 babilen 'roles:midtier*' as regular expression means something like 'roles:midtie[rrrrrrrrrrrr]' and wouldn't match, for example, 'roles:midtierfoo'
11:59 _sfxandy not when you're matching grains with G@, for example....
12:00 KennethWilke joined #salt
12:00 _sfxandy oooh, stand by your beds....
12:01 _sfxandy it works perfectly now.  looks like you can match on list grains using the * wildcard
12:01 babilen G@ isn't "grains pcre" (that would be P@)
12:02 _sfxandy yes i realised i'd messed that up!
12:02 babilen You would have wanted grain glob there
12:02 _sfxandy but thanks for the pointer on getting my mine function correct.  that was the biggest problem
12:02 babilen Sure, no problem. I'd still recommend to define a mine function alias for the entirety of the grains
12:03 _sfxandy alias?  how does that look?  read the documentation but it kind mistified me a bit
12:03 babilen (you never know that you might need in the future and that way you already have it available to you)
12:03 babilen I showed that earlier ... "mine_functions: grains: mine_function: grains.items" I guess
12:04 _sfxandy ok...
12:04 babilen The 'grains' in there is essentially the name you give that particular execution function call of which the return value will be store in the mine.
12:04 XenophonF joined #salt
12:05 _sfxandy ok, understood.  will experiement with a function alias
12:06 babilen That allows you to do things like: https://www.refheap.com/102467 which includes a call to the same execution function, but with different arguments
12:06 _sfxandy ah ok, quite a good example
12:07 babilen I have that for every minion ... that way I can easily reference their addresses in different networks. The CIDR masks for other networks are being read from the database that also feeds the switch configuration (but that is not my area)
12:07 ndrei_ joined #salt
12:08 _JZ_ joined #salt
12:08 babilen But that way I can say: Give me the address of minion_foo in network 10_network_addr and, if that hasn't been defined, in some_other_network_defined_by_cidr ...
12:08 _sfxandy ok interesting.  i'm coming across more and more requirements to understand and have access to minion data.  hence my firest foray into salt mine
12:08 babilen Sure, the mine is wonderful
12:09 _sfxandy it is
12:09 _sfxandy thanks for your help bablien
12:09 _sfxandy babilen even
12:10 babilen One thing that I would very much like to incorporate, but haven't had time to do so is to have states define applicable checks (e.g. Nagios checks) that are then being stored in the mine. The effect would be that if I target, say, the "mysql" state to a minion that the nagios server would automagically include applicable "mysql" checks for that minion during the next highstate
12:11 TooLmaN joined #salt
12:11 _sfxandy there are lots of things i want to do with my infrastructure but don;t get time!  have moved to a pillar-driven design so that essentially the pillar top.sls dictates everything and drives the operation of the states
12:11 babilen sensible
12:12 _sfxandy am getting therem slowly but surely
12:12 __number5__ I'm still in a masterless/master hybrid mode :(
12:13 elfixit joined #salt
12:14 julez joined #salt
12:14 apofis joined #salt
12:15 baweaver joined #salt
12:15 LotR hmm, I see you can put the mine in the pillar. is it really as simple as adding a mine_functions key to the pillar, or do you need to enable it somehow?
12:16 _sfxandy thats how i do it LotR
12:16 babilen LotR: It is, yeah
12:16 _sfxandy the adding of mine_function and configuring a mine_interval for each minion enabels it
12:16 elfixit joined #salt
12:18 elfixit joined #salt
12:18 sarlalian joined #salt
12:19 babilen _sfxandy: I kept the default of "refresh the mine once an hour" and explicitly call mine.update if I need it earlier
12:19 dendazen joined #salt
12:20 _sfxandy salt '*' mine.update?
12:21 babilen exactly
12:25 dariusjs have been dipping my toes into the reactor system today, wow
12:26 baweaver joined #salt
12:33 ndrei joined #salt
12:43 tmclaugh[work] joined #salt
12:45 jdesilet joined #salt
12:47 stoogenmeyer joined #salt
12:52 tmclaugh[work]_ joined #salt
12:56 tmclaugh[work] joined #salt
12:57 amcorreia joined #salt
12:57 CeBe joined #salt
12:59 subsignal joined #salt
13:00 XenophonF it's really cool
13:02 tmclaugh[work]_ joined #salt
13:05 moos3 joined #salt
13:06 JDiPierro joined #salt
13:07 bhosmer joined #salt
13:07 bhosmer joined #salt
13:09 keithhub joined #salt
13:09 julez joined #salt
13:10 julez_ joined #salt
13:10 JDiPierro joined #salt
13:11 murrdoc joined #salt
13:12 johnkeates joined #salt
13:12 johnkeates left #salt
13:14 onorua joined #salt
13:16 dyasny joined #salt
13:18 racooper joined #salt
13:20 moos3 joined #salt
13:28 ndrei joined #salt
13:30 bhosmer joined #salt
13:32 tkharju joined #salt
13:32 timoguin joined #salt
13:33 Brew joined #salt
13:36 otter768 joined #salt
13:39 aawerner joined #salt
13:40 kawa2014 joined #salt
13:41 cpowell joined #salt
13:42 awerner_ joined #salt
13:44 JDiPierro joined #salt
13:44 ndrei joined #salt
13:47 N-Mi joined #salt
13:51 onorua joined #salt
13:53 ndrei joined #salt
13:56 MTecknology I wonder why this isn't working...  salt -v 'boothost.0010.domain.tld' cmd.run 'aptitude search \* | grep ^ip'   I get "E: Regex compilation error: Invalid preceding regular expression" .. not understanding why that's reaching the minion as being invalid
13:58 _sfxandy looks good to me MTecknology
13:58 thegerm joined #salt
13:58 MTecknology _sfxandy: looks good, but it isn't
13:59 ksj in user.present, I can't see what encryption is used for the - password: option. Is it the OS defualt (e.g. sha512 on Debian)? because I have different OSs using different schemes
14:00 brandk joined #salt
14:01 AndreasLutro MTecknology: I get that exact error if I try to run that aptitude | grep command locally, so doesn't seem salt related
14:01 rocket joined #salt
14:02 AndreasLutro maybe you want egrep or grep -e
14:02 MTecknology AndreasLutro: *sigh* .. you're right.
14:02 MTecknology should be aptitude search ".*"
14:02 brandk Not sure if my Google-Fu is failing me or if the Salt Process (ps) module is dead ... anyone have some documentation on that module? Any pages I've found are blank
14:02 MTecknology AndreasLutro: thanks!
14:04 hasues joined #salt
14:04 Sacro ksj: yes, os default
14:04 CeBe1 joined #salt
14:04 baweaver joined #salt
14:04 hasues left #salt
14:05 andrew_v joined #salt
14:06 supershe_ joined #salt
14:07 ksj Sacro: thanks. I guess this info needs to go in pillar with jinja maps for different OSs
14:07 spiette joined #salt
14:08 Sacro ksj: sorry, ignore me, it's the hash
14:08 Sacro mine starts $6$
14:09 Sacro It *should* in theory work across multiple distributions
14:09 ksj Sacro: ok, so how do I get that hash? $6$ is the same as Debian, which is sha512
14:10 Sacro ksj: I had a user on another system, I just copypasted from /etc/shadow
14:11 Sacro sudo getent shadow | awk -F ':' '/username/{print $2}'
14:11 ksj Sacro: so it literally just copies the password: <x> entry straight into /etc/shadow
14:13 Sacro ksj: Yep
14:14 ksj I still can't figure out how to generate that hash without first creating the user and copypasting from shadow
14:14 Sacro Should be in the docs for shadow
14:14 Sacro http://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.shadow.html#salt.modules.shadow.set_password
14:14 Sacro There's a python one liner
14:16 ksj Sacro: wow, that's perfect! thanks
14:16 ksj exactly what I was looking for
14:16 Sacro Sometimes you have to look at the state and then work back to the actual module it uses
14:16 Sacro so the user state on Linux could be using usermod/useradd/userdel/shadow instead
14:18 teryx510 joined #salt
14:21 viq joined #salt
14:21 debian112 joined #salt
14:24 tracphil joined #salt
14:24 pcn Is there a way to get ec2 instance metadata from within a salt state?
14:24 iggy pcn check out salt-contrib
14:25 iggy there are some ec2 grains in there that could probably help
14:25 pcn I am testing salt with salt-ssh, and I'm trying to e.g. detect if there is a non-root ephemeral disk, and if there are >1, invoke the mdadm module
14:25 pcn OK, looking
14:26 baweaver joined #salt
14:29 bhosmer joined #salt
14:35 kawa2014 joined #salt
14:36 numkem joined #salt
14:37 bhosmer joined #salt
14:42 ange is there a simple way to check why a .sls fails to render (it's a python one, from https://raw.githubusercontent.com/saltstack-formulas/ec2-autoscale-reactor/master/reactor/ec2-autoscale.sls )
14:44 iggy ange: for normal jinja+yaml files, I'd normally run it locally on the machine with salt-call -l debug
14:44 iggy dunno about pyrenderer
14:45 smcquay joined #salt
14:46 ALLmightySPIFF joined #salt
14:47 ange iggy: thanks
14:47 iggy Try gist'ing the full error and see if anything jumps out at anyone
14:49 TyrfingMjolnir joined #salt
14:51 pcn how do I use salt grains in a state's unless/only-if?  The documentation talks about commands (external programs, it seems?)?  Should I wrap everything in a jinja "if" block instead of using unless/only-if?
14:51 pcn err.. onlyif
14:51 ange iggy: well that's partly the thing : I don't get more than : [ERROR   ] Failed to render "/var/cache/salt/master/files/base/reactor/ec2_scale.sls"
14:51 iggy yeah, if you are checking grains, your best bet is jinja conditionals or specific targeting in the top file
14:52 iggy ange: you should get more than that with salt-call -l debug
14:54 nzero joined #salt
14:56 pcn Iggy, which is idiomatic salt? I want to only do mdadm if I have enough ephemeral disks as part of managing cassandra.  Would it be preferred to target in the top.sls, or template?
14:57 iggy pcn: whatever works best for you, I prefer top targetting personally, but plenty of people don't agree with me
14:58 apofis joined #salt
14:59 mudfly How do I force a repo refresh when using gitfs?
15:01 iggy salt-run fileserver.update
15:01 aw110f joined #salt
15:02 mudfly Thanks iggy
15:02 arount have a good weekend guys ! `salt-key -d arount` :)
15:02 arount left #salt
15:04 spookah joined #salt
15:04 bluenemo joined #salt
15:04 bluenemo joined #salt
15:05 aw110f_ joined #salt
15:05 moos3 joined #salt
15:06 dyasny joined #salt
15:07 murrdoc1 joined #salt
15:09 tracphil joined #salt
15:14 murrdoc joined #salt
15:17 jonlangemak joined #salt
15:19 baweaver joined #salt
15:21 t0nyhays joined #salt
15:22 ndrei joined #salt
15:22 tracphil joined #salt
15:24 kawa2014 joined #salt
15:25 jonlangemak left #salt
15:32 baweaver joined #salt
15:35 nzero joined #salt
15:37 otter768 joined #salt
15:37 Whissi joined #salt
15:39 clintberry1 joined #salt
15:45 jonlangemak joined #salt
15:49 sk_0 if i put preaccepted keys on a minion how do i tell the master how to reach that minion? the minion can reach the master but the master can't reach the minion.
15:49 jalbretsen joined #salt
15:50 onorua joined #salt
15:50 iggy sk_0: the master doesn't conact the minion
15:52 pcn I am trying to get this ec2 grain data into a template so I can discriminate on it.  In order to view the data, I'm trying to expand the dictionary into a file.append.  But the rendering breaks.  What's can I do to get this data rendered into a file?
15:52 sk_0 i run salt commands from my master to my minions all the time. but those minions send keys that i then accepted on the master
15:54 _sfxandy what iggy is referring to is that the minions open two TCP socket connections to the master (ports 4505 and 4506 i think).
15:54 iggy pcn: to view grains, just run "salt 'minion' grains.items"
15:55 wendall911 joined #salt
15:56 smcquay joined #salt
15:57 sk_0 yes, that sounds right but why can my master contact some minions but not the ones i preseeded with keys? the master must keep some cache with minion metadata or something
15:57 bhosmer joined #salt
15:58 iggy sk_0: it keeps keys in /etc/salt/pki
15:59 XenophonF sk_0: check your logs - any keying errors will get reported in both the master and minion logs
16:00 pcn iggy I get that, but I then try to do {% set ec2 =  salt['grains.get']('ec2') -%} and then {{ ec2['block_device_mapping'] }}  it breaks the file.append
16:02 sk_0 XenophonF: the minions dont log any key errors because they can contact just fine. the master i uped to debug and i still dont get any useful info
16:02 iggy pcn: without knowing more about the states and stuff it's tough to say
16:03 pcn Hang on
16:03 ageorgop joined #salt
16:04 XenophonF sk_0: are your master and minions all running the same version of salt/zeromq?
16:05 XenophonF sk_0: at the network layer, the minions initiate TCP connections to ports 4505 and 4506 on the master
16:06 pcn iggy https://gist.github.com/pcn/61d28c6a2b207c7c690f
16:06 XenophonF sk_0: you'll see if you check output of "netstat -an" on the master
16:06 XenophonF sk_0: once the minions connect to the master, all comms are bidirectional
16:07 dRiN joined #salt
16:07 iggy pcn: try - text: |
16:07 * XenophonF handwaves the technical details of the zeromq transport layer
16:09 dendazen joined #salt
16:12 pcn iggy: some progress?  It's still breaking parsing https://gist.github.com/pcn/61d28c6a2b207c7c690f
16:12 pcn Am I supposed to have jinja quote this somehow?
16:12 FeatherKing joined #salt
16:12 iggy pcn: oh, and you have to indent the next line 2 more spaces
16:14 pcn So following the -text |, I need 4 spaces instead of 2?
16:14 iggy si
16:14 pcn por que?
16:14 FeatherKing anyone got ideas about assigning a grain based on datacenter location? if i wanted east to have a grain and west to have a different grain? Id like to assign it via reactor or something as i spin the machine up
16:14 Ztyx joined #salt
16:15 iggy FeatherKing: how exactly do you plan on getting that info onto the minion?
16:15 sk_0 XenophonF: i'll have to check what version of salt-minion is running on these boxes. that's a good idea.
16:15 FeatherKing iggy: the only thing i can think of unique is like the subnet information is different at each location
16:16 FeatherKing i was thinking could a reactor see the key accept event and then look at the ip address and add a grain
16:16 FeatherKing idk
16:16 sk_0 XenophonF: salt-call from the minion works fine. salt 'minino id' from the master fails. so i dont think there are network/firewall isses here
16:17 iggy FeatherKing: then you could either just key off that (network info is already in grains) or you can write a custom grain module that has a map of network info to a grain
16:17 hoonetorg left #salt
16:17 FeatherKing iggy: one problem i had was most of these have docker so an extra ip
16:18 FeatherKing which was like causing my jinja to not match as a string on some because network grain was returning a list
16:19 iggy FeatherKing: http://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.network.html#module-salt.modules.network
16:19 nzero joined #salt
16:19 iggy there's in_subnet(cidr)
16:19 iggy there's also ip_addrs(interface=None, include_loopback=False, cidr=None)
16:20 iggy so you could get back only the ip_addrs that fall in a certain cidr
16:21 iggy you could have a custom grain module that mapped some of that functionality to a grain (for easier top targeting, etc.)
16:22 FeatherKing iggy: ive written a custom state module but not a grain
16:22 iggy grains are even easier
16:22 iggy check out salt-contrib for some examples
16:22 FeatherKing they get copied to new minions by default i think?
16:23 iggy only at certain times (highstate, sync_grains, sync_all, etc.)
16:23 FeatherKing right now we run a highstate via reactor
16:23 FeatherKing so that would work
16:23 apofis joined #salt
16:24 FeatherKing let me look at a custom grain, maybe thats all i need. if i could detect the subnet in python and just return what datacenter i want
16:24 FeatherKing that would be perfect
16:25 iggy grains have the same dunder dicts as modules
16:27 iggy so it should be as easy as: if __salt__['network.in_subnet'](WEST_CIDR):\n    return {'datacenter': 'WEST'}
16:27 iggy with more tests for other datacenters obviously
16:28 aparsons joined #salt
16:28 elfixit joined #salt
16:28 amcorreia I have 3 servers with same configuration, but just 1 server i need append a content to a file, is that possible or i'll need make this file per server?
16:28 denys joined #salt
16:29 FeatherKing iggy: messing with this now i think this will probably work TY
16:29 JDiPierro joined #salt
16:33 iggy FeatherKing: np, let us know if you need more help
16:35 cruatta joined #salt
16:36 cruatta joined #salt
16:37 cruatta_ joined #salt
16:39 cruatta joined #salt
16:39 tiadobatima joined #salt
16:39 cruatta joined #salt
16:40 cruatta joined #salt
16:41 cruatta_ joined #salt
16:42 cruatta joined #salt
16:43 cruatta_ joined #salt
16:43 baweaver joined #salt
16:45 supersheep joined #salt
16:45 cruatta joined #salt
16:45 mschiff joined #salt
16:45 mschiff joined #salt
16:46 FeatherKing iggy: do i need to import salt? getting __salt__ is not defined
16:47 cruatta joined #salt
16:47 writtenoff joined #salt
16:47 lumtnman joined #salt
16:48 cruatta_ joined #salt
16:48 iggy FeatherKing: you don't, the loader puts it in there
16:48 iggy gist what you have
16:49 cruatta joined #salt
16:49 FeatherKing iggy: https://gist.github.com/anonymous/794c5a997c0a89b138c6
16:50 KyleG joined #salt
16:50 KyleG joined #salt
16:51 iggy FeatherKing: hmm, I guess grains don't have the regular dunder dicts?
16:52 FeatherKing thats ok i could string match in python if i need to
16:52 L2SHO__ joined #salt
16:52 FeatherKing with my subnetting it would probably get me close enough
16:52 iggy so yeah, just do import salt.modules.network and use salt.modules.network.in_subnet(DC2_CIDR)
16:53 FeatherKing oh ok let me try
16:57 FeatherKing iggy: perfect tyty
17:00 baweaver joined #salt
17:01 baweaver joined #salt
17:04 Berty_ joined #salt
17:07 jonlangemak joined #salt
17:12 JDiPierro joined #salt
17:13 badon joined #salt
17:21 smcquay joined #salt
17:21 N-Mi joined #salt
17:21 thegerm i was wondering if anyone is utilizing salt-ssh and an agentless setup? Just having some issues and not sure how to solve them
17:22 smcquay joined #salt
17:22 gabeg joined #salt
17:24 badon_ joined #salt
17:24 gabeg Someone has asked me to look at their Salt setup because they're having issues with the master connecting to the minions.
17:24 thegerm is there a way to have salt-ssh go through prompts.... our server only allows one user, and once logged in you have to go through some prompts to get to a shell... is there a way to get salt-ssh to enter info for the prompts? i thought about a salt-call, but i am not sure how that will work
17:24 Corey thegerm: Uh... that's a bit off the beaten path.
17:25 gabeg Turns out that something is causing the keys to get 0ed out (file still exists, but contains nothing).
17:25 Gareth o/
17:25 Corey Gareth: You're dead to me.
17:25 gabeg They're on an old version of Salt and we'll be updating them, but I thought I'd check here to see if anyone has seen this.
17:25 thegerm yea i know, its off
17:26 Corey SCaLE IS A LAX THING, NOT A PASEDENA THING!
17:26 Gareth Corey: Sounds about right.  What did I do this time?
17:26 Gareth Oh.  That. ;)
17:26 ProT-0-TypE joined #salt
17:26 gabeg I've reviewed the issue tracker and the mailing list with no luck.
17:27 thegerm Corey: is there any way to make that happen?
17:27 Gareth Corey: Pasadena is awesome though :)  The area around the convention center is ALOT nicer area than Century Blvd though.  many, many options for gatherings.
17:27 Corey thegerm: Exempt the Salt user from that craziness? :-)
17:27 smcquay joined #salt
17:27 thegerm haha.... not using a Salt user (not allowed)
17:28 Corey thegerm: Maybe you'd better back up and start at the beginning. :-)
17:28 badon_ joined #salt
17:28 Corey I think I need to understand your use case a bit more.
17:28 thegerm Corey: luckly i am not running in prod, and only in local VMs for testing it
17:28 thegerm okay
17:29 thegerm basically i would like to have some type of config management, but i cannot install software on the box, so no agent
17:30 murrdoc do u have ssh
17:31 thegerm there is only one user allowed on the box, and once that user logs in, you are a series of questions that are not the default ssh prompts. So, i need to run some type of expect script, or other to walk through the process before reaching a normal ssh prompt
17:31 badon_ joined #salt
17:31 racooper sounds like your ssh is borked by paranoia.
17:31 thegerm you have to answer a series of questions*
17:32 thegerm no, its not paranoia ita a customer system config
17:32 thegerm custom*
17:32 Gareth Are the questions built into the login sequence? Eg. prompts setup in .bashrc or something similar?
17:33 racooper I can think of three options. 1) run agent. 2) fix ssh to be a standard login shell. 3) run another ssh on a different port that doesn't have the prompts.
17:34 lumtnman joined #salt
17:35 thegerm questions are not apart of ssh itself.... its a program that the user executes upon login... racooper: cannot do any of your suggestions... its a very secure system and is quite locked down.... just trying to excelerate the B.U. in configuring machines and Salt has been a life saver for me before
17:35 thegerm i know its an "off the wall" problem
17:35 Corey thegerm: If pushing into the VM doesn't work, can you run a command internally manually? Fire off a salt run locally, or via salt-call?
17:36 Corey Because right now I'm kinda drawing a blank here. :-)
17:36 thegerm haha, i did too and thats why i came here
17:37 thegerm basically, if i manually log into the machine and go through the normal prompts i can get to a shell prompt wihtout issue, but thats a manual process
17:37 Corey thegerm: Generally if you're locking things down to that extent, you back away from traditional config management and into the realm of "provisioning a golden image."
17:37 thegerm yea, thats the other thing... their "golden images" are 100% manual
17:37 Corey thegerm: I do know that you could give salt a special key that's restricted to only running certain commands, but that may not help you either.
17:37 thegerm i come from automating everything
17:38 thegerm giving salt a key, means having salt as a user
17:38 thegerm and i cant have that
17:38 thegerm i feel like this isnt going to work
17:38 otter768 joined #salt
17:38 badon joined #salt
17:38 whytewolf thegerm. even if you can get salt to get through all the rigamarole. you are going to run into problems. salt doesn't run shell commands. it installs a python script in /tmp that gets deleted after it is finished.
17:38 racooper I'm really tempted to ask what requires so much paranoia
17:38 hal58th_3 gabeg never seen it
17:38 LotR do you get the prompts every time, or just the first time you log in?
17:38 thegerm every time
17:39 Corey Yeah, this strikes me as "security through being obstinate." :-)
17:39 thegerm haha
17:39 * LotR backs away slowly
17:39 thegerm i didnt build this, i am just trying to fix it
17:39 Corey I mean, you end up with a shell either way, so what's gained?
17:39 thegerm i wish i could back away haha
17:39 Corey thegerm: A thought. Can you scp a file onto the node?
17:39 iggy thegerm: if you don't login with a shell can you run stuff? (i.e. ssh -t hostname)
17:40 thegerm well you only get to shell through certain means
17:40 Corey Or does this stupidity shoot down the file copy?
17:40 racooper I guess the first question, what OS/distro and how old is it...
17:40 thegerm let me check Corey, thats a good point
17:40 Corey Because if that breaks, you've got bigger problems.
17:41 gabeg hal58th_3: thanks.
17:41 thegerm Corey: no scp and ssh -t ends in same results in the nomral login prompts...... racooper: OS = debian flavor
17:41 thegerm newer
17:42 racooper what kind of qeustions/prompts are asked?
17:42 Corey thegerm: Well, if scp is DOA, then salt-ssh is a non-starter anyway.
17:42 Gareth thegerm: where do the questions from?  How are they loaded?
17:43 thegerm okay, i figured as much, but i wanted to check with ya'll in case there was something i was missing
17:43 iggy there's probably a way to do this with ssh2 and it's command channels
17:43 whytewolf thegerm. I would at this point define a business strat. that defines the ability to add a salt agent to this server.
17:43 iggy I can all but assure you salt-ssh doesn't do this though
17:44 thegerm thanks for putting my mind at ease and leeting me know that i am not missing something!!!
17:44 iggy (and I can further all but assure you that it won't ever support that unless someone else adds the support in a non-obtrusive manner)
17:44 thegerm i am just not sure how to move forward with this now
17:44 thegerm haha
17:44 thegerm my problem
17:45 iggy tell them what they are missing, then make one of their employees responsible for manually doing all the steps required
17:46 whytewolf thegerm: best way is through good business practices. aka: deifning a problem that can only be achivied by allowing the agent on the system. and presenting this to manegment.
17:46 kevin-wk this sounds no different than PAM for various 2FA / OTP systems
17:46 thegerm yea iggy, there is already someone in that role (not me), but i am trying to make it easier.....
17:47 whytewolf red tape is never really easy
17:47 thegerm true
17:49 forrest joined #salt
17:51 thegerm Corey: if there was the ability to scp, could i get it to work?
17:51 thegerm without any menus
17:51 murrdoc Does salt have an event for a server coming back from rebooted
17:52 XenophonF wow that could be handy
17:52 XenophonF like, a minion-start event or something
17:53 badon_ joined #salt
17:53 Corey thegerm: Not sure, but I can state that you won't be able to get the salt code onto the node in the first place without scp. :-)
17:54 whytewolf murrdoc: there is a salt/minion/<mid>/start event
17:54 jonlangemak joined #salt
17:54 iggy XenophonF: minion-start is fired when the minion connects (i.e. service restarts as well)
17:54 murrdoc whytewolf:  thats on service restart
17:54 thegerm thx Corey, and everyone else
17:55 murrdoc i want a beacon on server reboot
17:55 iggy thegerm: the other question is... does this system even have python installed (if they are that paranoid about security)
17:55 XenophonF i wonder how the minion could distinguish booting and service-start?
17:55 thegerm yes, python is install
17:55 thegerm ed
17:56 iggy murrdoc: we have a job that checks system uptime... it gets fired on every service start, but only fires if system uptime is less than 8 minutes
17:56 iggy (don't ask me why we picked 8 minutes)
17:56 forrest Corey: I only saw one other vmware ad in the airport, but all they made me do was go 'lol vmware is out of touch, maybe if they spent more money on their product instead of giant ads...'
17:56 iggy *but only does anything useful if system uptime is less than 8 minutes
17:56 whytewolf iggy: same reason anyone picks anything in IT. a rabbit out of a hat
17:57 Gareth forrest: Barracuda Network has the monopoly on airport advertising.
17:57 iggy true storey
17:57 Gareth Barracuda Networks too.
17:57 iggy story
17:57 forrest Gareth: I didn't see any of those in SFO
17:57 forrest granted I also didn't pay much attention
17:58 Gareth forrest: I've seen them in SFO, they're seem to be in every airport...no where else...just airports.
17:59 forrest weird
17:59 Gareth ugh. they seem...I type good today.
18:01 rap424 joined #salt
18:02 Corey Gareth: I do consulting work for a Barracuda division. Sharp people. I don't get their airport strategy. :-)
18:02 Corey forrest: But yeah, once you start seeing it you can't stop seeing it.
18:02 aparsons_ joined #salt
18:02 Gareth Corey: Cool company with cool products, guess they're going for the target audience angle :)
18:02 murrdoc iggy:  scheduled job ?
18:03 iggy murrdoc: no, reactor job
18:03 Kelsar joined #salt
18:03 s_kunk joined #salt
18:03 s_kunk joined #salt
18:04 iggy salt/minion/*/start calls salt://reactor/run_on_cold_boot.sls which has a {% set uptime = salt['cmd.run']('cat /proc/uptime')|split('.')|first|int %}
18:04 murrdoc i have start doing other shizzle
18:05 autocracy joined #salt
18:05 murrdoc maybe i should just have a scheduled job that checks for uptime and fires off a custom tag
18:05 iggy then {% if uptime < 480 %} do stuff {% endif %}
18:06 murrdoc yeah
18:06 murrdoc should be easy to do in a schedule
18:06 murrdoc oh and  https://docs.saltstack.com/en/2014.7/ref/clients/index.html#salt.client.LocalClient.cmd
18:06 murrdoc is the sweetness
18:06 whytewolf schedule should have an onboot setting :/
18:06 murrdoc Gareth:  ^^
18:06 autocracy I run salt $node state.highstate env=$some_git_branch and I get "No Top file or external nodes data matches found", though the top file wasn't altered. Haven't found anything via searching that seemed to help me. Chance of it being because  of gitfs_root perhaps?
18:07 Gareth who? what? where?
18:07 murrdoc schedule should have an onboot setting
18:07 iggy autocracy: _every_ gitfs remote has to have that env (it's weird and there's a bug open about it)
18:08 autocracy iggy: well, it's only the one remote, but i'm trying to use a different branch on that remote.
18:08 Gareth depending on how the scheduled job is setup...most of them run when the minion loads.
18:14 bhosmer joined #salt
18:14 autocracy if i don't pass saltenv and just default, then the 'master' branch works just fine.
18:17 iggy autocracy: so you have only 1 remote in your entire master file? That remote has a master and $some_git_branch branches? Those branches both have top files?
18:18 rojem joined #salt
18:19 autocracy iggy: correct. identical top files, even.
18:20 iggy you answered one of my questions
18:20 autocracy [true, true]
18:20 autocracy [true, true, true]
18:22 theologian joined #salt
18:23 rojem joined #salt
18:24 autocracy https://gist.github.com/autocracy/aa872a0585e2d422c7d7
18:30 iggy it could be related, but if so, it's a bug
18:30 iggy do you have the ability to test without the gitfs_root?
18:31 baweaver joined #salt
18:33 LiamM network.managed in salt states. Does it update a live interface? if not is there a built in way to do that if I say want to change the MTU on my manages machines?
18:35 ajw0100 joined #salt
18:41 autocracy iggy: probably will take me about an hour; spin up another machine and all that but I'll give it a go and repoint the minion.
18:43 chamunks- joined #salt
18:43 simmel joined #salt
18:46 grep_away joined #salt
18:48 badon joined #salt
18:54 ajw0100 joined #salt
18:56 chiui joined #salt
19:00 morsik hi… it's possible to resolve hostname in salt somehow? i could like to make my pillar easier and more automated, but dnsutil.A uses dig so it can't resolve my localdomain
19:01 morsik let's say:  host1.my.domain host2.my.domain host3.my.domain, and i want use salt['something']('host2') and generate IP address there
19:01 hybridpollo joined #salt
19:02 murrdoc joined #salt
19:04 katyucha joined #salt
19:04 katyucha hi
19:06 katyucha I'm looking for deployint  debian Template on  vmware from salt-cloud. but how to configure network during deployement .. ?
19:08 rojem joined #salt
19:09 catpig joined #salt
19:11 Not_ joined #salt
19:15 iggy I suspect most people use dhcp
19:15 murrdoc forrest:  can u kiss and make up with niels 'i update all formulas' already
19:16 forrest murrdoc: what?
19:16 forrest aboe?
19:16 forrest I don't know who you are talking about
19:16 katyucha but i can't this time... it's on DMZ and my CISO say no ...
19:16 forrest I already did murrdoc
19:16 murrdoc its a joke forrest
19:16 murrdoc sorry it was a bad one
19:16 forrest text ftl
19:17 desposo joined #salt
19:18 murrdoc what does aboe do
19:18 murrdoc cos all he does is update the shit out of all formulas
19:18 iggy katyucha: you can write a custom bootstrap script and use it instead of the default one
19:20 ageorgop joined #salt
19:20 viq Anyone else seeing salt-master taking up 100% cpu and all commands failing on connection to master? 2015.5.2 on archlinux
19:21 katyucha iggy: i can but when i deploy how to put on it informations ?
19:22 katyucha i mean, on the first boot, if I have no network
19:22 autocracy joined #salt
19:22 iggy you can pass bootstrap args on the command line via --script-args=SCRIPT_ARGS
19:22 iggy oh
19:22 iggy that
19:22 iggy nfc man, sorry
19:23 katyucha vmware admin say he can push file but I don't know how. He's on holiday :)
19:25 katyucha I see OpenNebula put some variables via vmwaretools. I will see how
19:26 iggy yeah, you'd have to bake something into the image ala cloud-init
19:27 c4urself autocracy: that's funny i'm having the exact same issue -- keen to know how it turns out
19:28 amcorreia I have 3 servers with same configuration, but just 1 server i need append a content to a file, is that possible or i'll need make this file per server?
19:31 phpdave11 why do i get this error sometimes?  An Exception occurred while executing state.highstate: [Errno 17] File exists: '/Users/phpdave11/code/salt/cache/master/roots/hash/proxy'
19:33 stoogenmeyer joined #salt
19:33 katyucha Have someone a doc about : Why Salt is so awesome and Chef/Puppet so bad ?
19:33 cruatta joined #salt
19:33 katyucha Battle for the choice has begun
19:33 JohnMick joined #salt
19:34 CeBe1 joined #salt
19:34 morsik katyucha: chef is fuckin' difficult to start with. and yeah, team next to me uses chef, we're using salt.
19:35 morsik and they confirm that :P
19:35 forrest katyucha: http://ryandlane.com/blog/2014/08/04/moving-away-from-puppet-saltstack-or-ansible/
19:36 morsik 2. chef/puppet needs ruby, which is another dependency on every server. python is everywhere now. also… not everyone likes ruby (like me)
19:36 ajw0100 joined #salt
19:36 forrest katyucha: If you want to pay for something there is: https://valdhaus.co/books/taste-test-puppet-chef-salt-stack-ansible.html
19:37 catpig joined #salt
19:37 forrest katyucha: Corey wrote http://blog.smartbear.com/devops/a-taste-of-salt-like-puppet-except-it-doesnt-suck/
19:38 forrest katyucha: As someone who used puppet a few years ago I can't give you a fair assessment of what they look like now, but I wouldn't use it, or accept a job that uses it.
19:38 morsik katyucha: also, puppet/chef are only configuration managements. salt is also remote execution software, which allows you to do things on all servers at once immediately
19:38 forrest but obviously this channel is going to be super biased.
19:38 forrest morsik: I thought puppet and chef added remote execution functionality
19:38 morsik oh… didn't know that.
19:39 whytewolf morsik: chef has knife which allows remote execution. I am not sure what puppet did but i am sure they have it also
19:39 morsik forrest: for chef it's another package afaik not with base chef client (needs to be installed separately)
19:39 otter768 joined #salt
19:39 forrest morsik: Yeah I'm not sure, have never used chef
19:39 forrest I read up on it just enough to say 'this thing is like this in salt!'
19:39 katyucha whaouh :) The chan is waking up :)
19:39 morsik ugh… looking in google for 'chef knife' is not nice… damn.
19:40 morsik anyone want cooking with me? ;)
19:40 whytewolf googling anything is chef only makes me hungry. not informed
19:40 katyucha and talk about cooking is not good for my diet
19:41 morsik whytewolf: well… yestarday i was looking for 'salt cert'. google says: "CERT - Salt Lake City Emergency Management" :P
19:41 katyucha morsik: same result :)
19:41 whytewolf true. googleing salt tends to make me thristy.
19:41 katyucha you ask for salt and salt lake city !
19:41 voxxit joined #salt
19:41 whytewolf till i remeber it is saltstack. not just salt ;)
19:42 morsik yeah sure, but almost nobody uses full name in blogs/formulas :P
19:42 whytewolf formulas normally apears in saltstack-formulas
19:43 morsik yeah, unless they aren't and you need to search somewhere else
19:43 whytewolf least the ones i want to even bother reading
19:43 morsik anyway, most of them are useless… we have to write our own for almost everything :<
19:44 forrest morsik: Yeah the formulas are just starter ones to get you going
19:45 katyucha 2 hours of train on Monday => Reading OpenNebula Code to find how to put variables in vmtools :/
19:46 sgargan joined #salt
19:46 tomh- joined #salt
19:47 eichiro joined #salt
19:49 Tyrm joined #salt
19:53 katyucha or read the f***** vmware api docs ...
19:54 morsik :D
19:55 Nazzy <katyucha> Have someone a doc about : Why Salt is so awesome and Chef/Puppet so bad ? <--- puppet is what I call baitware
19:55 Nazzy they make their money off making their stuff work when it fails for you
19:56 Nazzy one of the nice things about salt is that almost everything is open source, they're not withholding really useful features just to make money off you
19:56 murrdoc how do i check if there is ANY job running on a minion
19:56 Tyrm joined #salt
19:57 JohnMick Hi all. does someone knows if it is possible to send a powershell command through the web api? if yes, how? I tried to use the Run() method
19:57 morsik ps auxf | grep salt
19:57 morsik :D
19:57 * murrdoc dunks morsik in a pool
19:57 murrdoc fo srs
19:57 murrdoc cant salt-run it
19:57 murrdoc saltutil doest have anything
19:58 chiui joined #salt
19:58 Nazzy as noted, puppet is at it's core is an installer, not a full system management or orchestration system
19:58 Nazzy you can /make/ puppet do everything salt does, but you'll need 4 or 5 extra bits of software cobbled together
19:58 morsik murrdoc: well… you can laugh, but salt-minion will be forked when it does something :P
19:59 forrest joined #salt
19:59 Nazzy salt has far more "in core" and responds to code issues and PRs much better (puppet has a horrible rep on that :(
19:59 murrdoc morsik:  salt 'minion_id' saltutil.running
20:00 morsik :>
20:00 Nazzy murrdoc, `salt-run jobs.active`
20:00 murrdoc thats every single minions' job
20:00 morsik Nazzy: it's something new in 2015? doesn't works in 2014.7.5
20:00 murrdoc i need onely one
20:01 bash124512 joined #salt
20:01 Nazzy morsik, hmm, I thought that was older but I'm running head
20:01 Nazzy murrdoc, that's why you use grep ^_^
20:01 morsik i got "Function jobs.active is not available"
20:01 morsik Nazzy: me. :P
20:02 hal58th_3 morsik, copy paste command?
20:04 aparsons joined #salt
20:05 morsik hal58th_3: ugh… yeah. i did salt-call jobs.active :D
20:05 morsik always do this mistake :<
20:05 hal58th_3 thought so morsik :)
20:07 smkelly_ joined #salt
20:07 pickledpig joined #salt
20:07 leev joined #salt
20:07 matthew-parlette joined #salt
20:07 khris joined #salt
20:07 oeuftete joined #salt
20:07 qybl joined #salt
20:07 _vimalloc joined #salt
20:08 VSpike joined #salt
20:08 sarlalian joined #salt
20:09 edulix joined #salt
20:09 kalessin joined #salt
20:10 ahale joined #salt
20:10 Deevolution Anyone seen an issue where Salt complains about duplicate Pillars rather then overwriting them when using YAML anchors?  (See this for example Pillar data https://gist.github.com/belvedere-trading/380357ecb63dd5aaf285)
20:10 Deevolution This works just fine via PyYAML
20:11 manfred joined #salt
20:11 Hydrosine joined #salt
20:11 sixninetynine joined #salt
20:11 big_area joined #salt
20:11 Cottser|away joined #salt
20:11 peno joined #salt
20:11 rigor789 joined #salt
20:12 garphy`aw joined #salt
20:12 goal joined #salt
20:12 pinkbits joined #salt
20:15 bhosmer joined #salt
20:16 stoogenmeyer joined #salt
20:18 iggy Deevolution: you have to specify a pillar file as having "extended" yaml features
20:19 iggy #!yamlex at the top iirc
20:21 Deevolution iggy: Oooh!  Okay, I'll try that, thanks!
20:22 Deevolution iggy:  That did it.  Thanks.
20:23 vstoniest joined #salt
20:23 sgargan_ joined #salt
20:26 Berty_ joined #salt
20:30 chiui joined #salt
20:39 CeBe1 joined #salt
20:39 ranomore joined #salt
20:48 jonlangemak joined #salt
20:49 dendazen joined #salt
20:52 subsignal joined #salt
20:56 ajw0100 joined #salt
20:56 moos3 joined #salt
20:56 ingslovak joined #salt
21:10 Tyrm joined #salt
21:11 hal58th joined #salt
21:11 hal58th_ joined #salt
21:11 hal58th__ joined #salt
21:15 catpig joined #salt
21:20 autocracy iggy: alright, created a docker file and a git repo that has everything in the top-level directory. same behavior exhibited.
21:21 forrest iggy: Have you provisioned a mysql db with salt? How do you attribute users to databases?
21:23 felixhummel joined #salt
21:24 autocracy and if anybody else cars to catchup on me being stuck: running `sudo salt-call state.highstate saltenv=alternate_env` fails with 'No Top file or external nodes data matches found' whereas not including saltenv makes it work.
21:24 autocracy (where default branch is master and alternate_env is another branch)
21:29 kevin-wk forrest: does this help?  https://docs.saltstack.com/en/latest/ref/states/all/salt.states.mysql_grants.html
21:30 kevin-wk (i never knew this existed before now - but i think i can make use of this myself too)
21:30 forrest kevin-wk: Yeah a bit, I've been looking at that. Just wasn't sure if you could pass connection_args through when you create the user to make things a little bit less complicated.
21:31 catpig joined #salt
21:35 forrest mysql, such sadness :(
21:37 forrest thanks for linking that though kevin-wk
21:40 otter768 joined #salt
21:42 whytewolf forrest: yes you can pass the connection_args in the state. all of the mysql states/modules let that happen.
21:43 ajw0100 joined #salt
21:43 ranomore joined #salt
21:46 forrest whytewolf: I specifically meant for allowing grants.
21:53 whytewolf forrest: you mean like this? https://gist.github.com/whytewolf/641a71bfca603cab03c6
21:54 forrest whytewolf: Yeah which is what I did. I was curious if it was possible to do that when the user itself is created, not via a secondary ID.
21:55 forrest Thanks though
21:55 whytewolf forrest: ahh no. that isn't possable.
21:56 forrest Yeah I used mysql_grants
21:58 whytewolf humm, actually since they are different classes for mysql_user and mysql_grant they should be able to be in the same id. but they still need there own connection_args
22:01 zemm joined #salt
22:02 whytewolf I personally just got lazy with the mysql and created a mysql config file for the minion config
22:06 mens joined #salt
22:11 bfoxwell joined #salt
22:12 Ashuka joined #salt
22:15 zemm joined #salt
22:24 dfinn joined #salt
22:24 ajw0100 joined #salt
22:29 debian112 joined #salt
22:29 JDiPierro joined #salt
22:34 dopesong joined #salt
22:38 ajw0100 joined #salt
22:41 Ashuka joined #salt
22:42 gabegundy joined #salt
22:44 kossy joined #salt
22:46 gthank joined #salt
22:46 gthank joined #salt
22:46 gabegundy basepi, I'm lending a hand to someone who's seeing an issue that I *thought* I recalled hearing about.
22:47 gabegundy They're seeing the minion keys become 0 bytes at some point... they're still there, just empty.
22:48 sgargan joined #salt
22:48 basepi Very strange
22:49 basepi I don't *think* I've ever heard of an issue like that
22:49 basepi They should make sure they're not accidentally starting multiple copies of the minion, I suppose, because theoretically they could clobber each other
22:50 gabegundy basepi, that's all I neede to hear. I need someone to check my memory.
22:50 basepi But the keys are only written on startup, and only if they don't exist already
22:50 basepi Glad I could help! =)
22:50 basepi Er, sorry, forgot the air quotes around "help" xD
22:50 timoguin joined #salt
22:56 kevin-wk joined #salt
22:56 peno joined #salt
22:57 kossy joined #salt
22:57 dthorman joined #salt
22:57 sk_0 joined #salt
22:59 mudfly_ joined #salt
23:02 gabegundy basepi, thanks again for your time. Enjoy your weekend!
23:03 basepi Thanks!
23:03 snarfy joined #salt
23:04 JDiPierro joined #salt
23:05 snarfy anyone know a magic ratio for number of worker_threads / number of minions?
23:06 iggy snarfy: it's less to do with # minions and more to do with salt master specs
23:06 clintber_ joined #salt
23:06 snarfy fair enough.
23:06 iggy forrest: postgres here sucka
23:07 snarfy im a sysadmin where someone else, no longer here, set up the salt master
23:07 baweaver joined #salt
23:08 iggy snarfy: how many minions?
23:08 snarfy ~300
23:08 iggy #cpu's on the master?
23:08 snarfy im setting up a new master so I can tweak the VM settings however I please
23:08 snarfy i think it's about 3 cores and 4gb ram
23:09 iggy I'd do 16 tops
23:09 snarfy jeebus its set to 50
23:09 iggy way to high for 3 cpus
23:09 * snarfy checks the specs on the current master
23:09 snarfy that's what I was thinking
23:09 snarfy it seemed a bit high :)
23:13 smcquay joined #salt
23:14 snarfy i guess the old SM has 4 cores and 4GB ram
23:14 snarfy still. 50 threads seem high
23:14 iggy yeah, so the thing with worker_threads is this...
23:15 iggy most people that see the warnings about upping them are doing something wrong that causes threads to get hung up
23:16 iggy so the warning should probably say "up worker_threads or fix your broke ass setup"
23:16 iggy but I'm guessing fix your broke ass setup isn't considered very PC in SLC
23:16 Eugene 'cmd.rum' is not available.
23:16 Eugene Why is the rum ALWAYS gone :-(
23:16 JDiPierro joined #salt
23:17 iggy It's not Sept 19th
23:40 otter768 joined #salt

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary