Perl 6 - the future is here, just unevenly distributed

IRC log for #salt, 2015-06-22

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:00 SpX joined #salt
00:01 scoates joined #salt
00:06 otter768 joined #salt
00:32 scoates joined #salt
00:44 clintberry joined #salt
00:47 furball365 joined #salt
00:55 supersheep joined #salt
00:56 peters-tx joined #salt
00:57 Darkalia joined #salt
01:01 mpanetta joined #salt
01:01 murrdoc joined #salt
01:02 mpanetta joined #salt
01:06 murrdoc joined #salt
01:10 benegget_ joined #salt
01:27 beauby joined #salt
01:32 william joined #salt
01:34 Guest25152 hey guys, im totally new to saltstack and just trying to get it running on osx with brew. i keep getting this error ➜  ~  sudo salt-master --log-level=all [DEBUG   ] Missing configuration file: /etc/salt/master [TRACE   ] 'ip' could not be found in the following search path: ['/Users/William/.nvm/versions/io.js/v2.3.0/bin', '/usr/local/bin', '/usr/bin', '/bin', '/usr/sbin', '/sbin']
01:36 david_an111 joined #salt
01:57 Singularo joined #salt
01:58 beauby joined #salt
02:07 catpiggest joined #salt
02:09 beauby joined #salt
02:24 g3cko joined #salt
02:27 TyrfingMjolnir joined #salt
02:29 beauby joined #salt
02:40 aparsons joined #salt
02:40 hrumph http://paste.fedoraproject.org/235250/40808143
02:40 hrumph can anyone look at my fpaste?
02:40 hrumph i can't set a kwarg when i combine multiple commands with the python client
02:42 hrumph the fpaste is very short and to the point
02:44 aparsons joined #salt
02:44 julez joined #salt
02:46 Aidin joined #salt
02:50 amcorreia joined #salt
02:51 michelangelo joined #salt
02:53 aparsons joined #salt
03:04 beauby joined #salt
03:05 otter768 joined #salt
03:11 cberndt joined #salt
03:17 g3cko joined #salt
03:20 favadi joined #salt
03:22 zz_cro joined #salt
03:26 aparsons joined #salt
03:33 Kelsar joined #salt
03:34 onorua joined #salt
03:35 lumerian joined #salt
03:35 lumerian left #salt
03:37 aparsons joined #salt
03:38 subsignal joined #salt
03:42 aparsons joined #salt
03:43 ajw0100 joined #salt
03:56 Darkalia joined #salt
04:04 favadi joined #salt
04:04 totte joined #salt
04:09 hrumph http://paste.fedoraproject.org/235250/40808143
04:09 hrumph i can't set a kwarg when i combine multiple commands with the python client
04:09 hrumph the fpaste is very short and to the point
04:10 g3cko joined #salt
04:16 __number5__ hrumph: I don't think localclient.cmd with list of functions support kwargs
04:16 hrumph __number5__, what kind of workaround might you suggest?
04:17 __number5__ use a loop, execute cmd one by one, only provides kwargs when you need one
04:18 prathee joined #salt
04:19 hrumph ok
04:21 hrumph ..or make a powershell script that does both functions on the minion
04:22 hrumph (i was planning on running two scripts)
04:22 aparsons joined #salt
04:22 icosa joined #salt
04:23 joeto joined #salt
04:26 hrumph __number__ i can call powershell direct to...as in Powershell....
04:28 prathee joined #salt
04:28 beneggett joined #salt
04:29 Prathee_MondayMo joined #salt
04:29 hrumph or i could make a special powershell module based on the cmd.run module
04:29 hrumph call it powershell.run
04:31 MonMornBlues joined #salt
04:32 __number5__ hrumph: make all commands into one script or one module sounds good
04:32 MonMornBlues hey all! :-) can somebody tell me how to automate the key acceptance process??? like..as and when virtual machines come up..the master has to automatically accept the keys?? Thanks in advance! :)
04:33 Kelsar joined #salt
04:34 __number5__ MonMornBlues: if your env is felt like secure enough, use auto_accept: True in master
04:35 MonMornBlues oh okie... thanks a ton! :)
04:36 __number5__ or use reactor if you want to validate minions before accepting https://github.com/saltstack-formulas/salt-cloud-reactor
04:37 MonMornBlues now that sounds better! will look into that right away! :)
04:38 g3cko joined #salt
04:43 lala joined #salt
04:43 kusams joined #salt
04:48 g3cko joined #salt
04:50 ramteid joined #salt
04:51 evle joined #salt
04:54 Kelsar joined #salt
04:54 stoogenmeyer joined #salt
04:59 Kelsar joined #salt
05:01 Mitar joined #salt
05:06 onorua joined #salt
05:06 otter768 joined #salt
05:07 kusams joined #salt
05:08 hrumph __number5__ thing is is that powershell 5 is what i really need to make json objects and that's still in preview stage
05:09 catpigger joined #salt
05:13 ndrei joined #salt
05:15 joeto1 joined #salt
05:18 aparsons joined #salt
05:23 g3cko joined #salt
05:25 ITChap joined #salt
05:29 __number5__ hrumph: use python instead, more powerful than powershell :)
05:32 rdas joined #salt
05:34 notnotpeter joined #salt
05:38 MatthewsFace joined #salt
05:40 subsignal joined #salt
05:41 lazyfanatic joined #salt
05:51 Darkalia joined #salt
05:52 g3cko joined #salt
05:53 Furao joined #salt
05:53 NightMonkey joined #salt
06:03 aqua^c joined #salt
06:03 Furao joined #salt
06:06 AndreasLutro joined #salt
06:07 colttt joined #salt
06:08 malinoff joined #salt
06:09 stoogenmeyer joined #salt
06:12 ekkelett joined #salt
06:13 ALLmightySPIFF joined #salt
06:18 keimlink joined #salt
06:19 viq joined #salt
06:19 KermitTheFragger joined #salt
06:22 julez joined #salt
06:22 epcim joined #salt
06:26 flyboy joined #salt
06:26 ndrei joined #salt
06:31 badon joined #salt
06:33 sieve joined #salt
06:35 dgk joined #salt
06:35 aqua^c joined #salt
06:36 scarcry joined #salt
06:37 epcim joined #salt
06:38 Furao joined #salt
06:38 ndrei joined #salt
06:39 Furao joined #salt
06:39 hrumph __number5__, are you sure that it is as suited to geting registry info and stuff like that?
06:40 aqua^c joined #salt
06:42 oravirt joined #salt
06:47 __number5__ hrumph: windows registry?
06:50 hrumph __number5__, ok i found out that salt minion doesn't install pythonas a depedency so i may not even have python installed on each minion
06:51 hrumph my plan is to incrementally introduce salt so its not a good idea just to say i'm going to install python on every machine
06:52 hrumph i don't really understand how the salt modules work though, since they are in python...
06:52 hrumph i'm baffled now that i say this
06:52 babilen Which distribution doesn't come with Python as a default? (and it really should define that dependency)
06:52 hrumph babilen, i installed salt on my virtual machine
06:52 hrumph salt minion
06:52 hrumph don't see python in the package list
06:52 babilen It doesn't really matter if it is a virtual machine or not, but it should still run an operating system
06:53 malinoff babilen, windows
06:53 babilen AAAAH
06:53 babilen nvm
06:53 hrumph windows of course
06:53 malinoff :)
06:53 badon_ joined #salt
06:53 babilen Of course
06:53 hrumph i said powershell..
06:53 malinoff hrumph, i'd suggest to use tools appropriate for windows
06:53 malinoff hrumph, like AD
06:54 babilen hrumph: Sorry, I did not read the entire scrollback.
06:55 hrumph malinoff, what's wrong with using salt? that way i can do it from a linux box and i don't have to have any depdency on ad at all
06:55 hrumph i can call powershell no problem and it's guaranteed available although i may have to upgrade everything to v4
06:56 malinoff hrumph, from my experience, windows automation via console sucks so much
06:56 malinoff hrumph, you'll have dependency on salt
06:56 hrumph malinoff, salt seems pretty good and i can interoperate it with postgresql and stuff i want to do
06:57 malinoff hrumph, i believe you just don't know AD
06:57 hrumph malinoff, ok i don't....
06:57 __number5__ I'm wondering how you can run salt without python...
06:58 hrumph __number5__, i'm wondering the same thing. i don't see how the modules work
06:58 babilen I gues that the Windows install bundles it
06:58 hrumph __number5__, they do work however....i think salt minion on windows must have its own internal python or something
06:58 __number5__ yep python for windows do have a msi installer and can bundle other libs too
06:58 malinoff hrumph, so you have two choices: #1. Try to use and learn appropriate tools like AD. #2. Try to use salt on windows and gather tons of issues, memory leaks, something that impossible to install via cli
06:59 g3cko joined #salt
06:59 hrumph malinoff, you think salt will memory leak?
06:59 malinoff hrumph, it can, yes
07:01 badon_ joined #salt
07:01 martoss joined #salt
07:07 thalleralexander joined #salt
07:07 otter768 joined #salt
07:12 g3cko joined #salt
07:13 lempa joined #salt
07:13 hrumph malinoff, ok with ad if i want to pull registry info form a bunch of machines can i do that easily with a script?
07:13 aqua^c joined #salt
07:14 malinoff hrumph, https://technet.microsoft.com/en-us/scriptcenter/dd793613.aspx
07:16 hrumph what if i want to do my management in an os that i like better, such as linux?
07:19 eseyman joined #salt
07:20 malinoff hrumph, stop thinking about linux and windows like two different distros based on one base distro
07:20 malinoff hrumph, they're completely different
07:21 linjan joined #salt
07:23 kawa2014 joined #salt
07:23 aqua^c joined #salt
07:29 tavist0_ joined #salt
07:30 tavist0__ joined #salt
07:33 Mitar left #salt
07:34 julez joined #salt
07:34 epcim joined #salt
07:36 aqua^c joined #salt
07:36 leszq joined #salt
07:37 g3cko joined #salt
07:39 hrumph how do i see the os of a minion?
07:41 hrumph (apart from running python or powershell)
07:41 hrumph status.version doesn't seem to work on windoes
07:41 prathee joined #salt
07:42 sajeesh_sre joined #salt
07:42 sajeesh_sre logger url
07:47 aqua^c joined #salt
07:52 aqua^c joined #salt
07:56 g3cko joined #salt
07:57 ingslovak joined #salt
07:59 aqua^c joined #salt
08:03 Romlok joined #salt
08:04 FRANK_I joined #salt
08:04 al joined #salt
08:06 ndrei joined #salt
08:08 illern joined #salt
08:08 julez joined #salt
08:12 aqua^c joined #salt
08:12 chiui joined #salt
08:12 cliluw joined #salt
08:13 favadi joined #salt
08:13 Antiarc joined #salt
08:15 g3cko joined #salt
08:16 sajeesh_sre epcim: /nick lunch
08:16 chamunks joined #salt
08:16 borgstrom joined #salt
08:16 stoogenmeyer joined #salt
08:17 lb1a joined #salt
08:18 epcim sajeesh_sre: I guess I am not the one you wanna lunch with ;-)
08:18 Xevian joined #salt
08:20 leszq joined #salt
08:22 hrumph is everyone in agreement with malinoff that i shouldn't be contemplating the use of salt to manage some windows workstations?
08:23 hrumph i don't really have the perspective to argue...just thought it would be neat
08:29 badon joined #salt
08:30 cberndt joined #salt
08:32 sirtaj joined #salt
08:33 sieve joined #salt
08:33 impi joined #salt
08:34 sieve hrumph: I was thinking of doing the same thing.
08:35 hrumph i'll lay it on the line and say i know next to nothing about windows and whenever i think about it it gives me a headache
08:35 sieve Windows makes me want to self harm.
08:35 sieve But there is gold in those operating systems
08:35 sieve especially if you can automate their deployment
08:36 hrumph i found a really awesome tool to automate imaging (check out cruciblewds and i''ll be running that on linux for sure)
08:37 hrumph sieve i don't need 100 automation, for diddlt odbc connectors and things i think we'll just manuall  install and configure
08:37 leszq joined #salt
08:37 hrumph fiddly stuff we may leave manual for a while at least
08:38 hrumph they're sort of spot deployed anyway
08:39 hrumph sieve well i'll try to use salt....if my boss let's me i'll report back to this chan and tell people how it went
08:39 hrumph i mean i'll use it if my boss will allow it
08:39 hrumph i may not be able to make a particularly strong case
08:40 hrumph can't find anything online about advantages of it over windowsy stuff for a pure windows world
08:41 hrumph i'll just have to hide the fact that people who probably know better than me told me not to :)
08:43 subsignal joined #salt
08:45 markm joined #salt
08:49 g3cko joined #salt
08:49 supersheep joined #salt
08:51 stoogenmeyer joined #salt
08:52 s_kunk joined #salt
08:54 onorua joined #salt
08:55 ndrei joined #salt
08:56 linjan joined #salt
08:57 badon_ joined #salt
09:04 Grokzen joined #salt
09:06 s_kunk joined #salt
09:07 supersheep joined #salt
09:08 otter768 joined #salt
09:10 g3cko joined #salt
09:11 s_kunk joined #salt
09:11 s_kunk joined #salt
09:16 jeddi joined #salt
09:19 g3cko joined #salt
09:29 g3cko joined #salt
09:41 ndrei joined #salt
09:41 denys joined #salt
09:43 g3cko joined #salt
09:46 jhauser joined #salt
09:50 supersheep joined #salt
09:50 ksj to anyone who controls sudoers via salt, how do you verify the configuration is correct before installing the file?
09:50 devops joined #salt
09:51 ksj actually, I suppose it's not that big a deal. if you break it, you just edit the file and run highstate again...I'm being overly paranoid I guess, and forgot the minion is running as real root, not via sudo
09:52 AndreasLutro ksj: if you don't have direct root access, an invalid sudoers file means you potentially lock yourself out of the ability to fix it
09:52 AndreasLutro let me paste my state, sec
09:53 devops while enabling gitfs. I am getting the message "No Top file or external nodes data matches found" in comment
09:53 devops http://pastebin.com/J9MEY6NW
09:53 AndreasLutro ksj: https://bpaste.net/show/1dfefc99f2a2
09:53 ksj AndreasLutro: sure, but the salt minion is running as root, so I could just edit the sudoers template and run the highstate again
09:53 ksj AndreasLutro: ahh, nice
09:54 ksj I like it
09:54 AndreasLutro oh there's a mistake on line 15
09:54 AndreasLutro should be sudoers.tmp
09:55 AndreasLutro and it should be cp, not mv... I should stop live-editing pastes
09:56 ksj AndreasLutro: heh, yeah. I was going to rewrite it anyway, not just copy paste, but the idea is simple and effective
09:56 ndrei joined #salt
09:57 ksj I guess I could also do the same for other configs such as a PF ruleset check before installing....why didn't I think of doing it that way before?
10:03 ntropy ksj: yeah cmd.run is really powerful but prone to abuse :)
10:03 ntropy ideally there would be a module for sudo and pf etc
10:04 AndreasLutro a validate_cmd arg for file.managed would be cool
10:04 AndreasLutro if that command failed, automatically roll back the change
10:05 ntropy interesting idea, but i'd say don't even commit the change if validate_cmd fails, instead of rolling back
10:06 AndreasLutro if possible, yeah
10:09 AndreasLutro ooh, there is a check_cmd arg already that might do what I'm suggesting already
10:09 AndreasLutro The specified command will be run with the managed file as an argument. If the command exits with a nonzero exit code, the command will not be run.
10:11 AndreasLutro yeah it works fine! https://bpaste.net/show/3e9a2cf9487a
10:12 ndrei joined #salt
10:12 supersheep joined #salt
10:13 ksj AndreasLutro: cool! much nicer and more "salty"
10:16 linjan joined #salt
10:17 ndrei joined #salt
10:17 leszq joined #salt
10:23 ndrei joined #salt
10:23 supersheep joined #salt
10:32 ksj how do you guys deal with removing users after they leave the company? I have all my users in pillar, and I'd rather not have to have a separate "expired users" pillar and a separate "remove users" state, but I can't think of any other way to do it. It would be much nicer if I could define the users that should be there - like the file.recurse: clean option
10:33 ksj then any other users should get removed
10:34 AndreasLutro ksj: make sure each user is a dict, add a enable: true to each one, then switch it to false when they are to be removed
10:34 AndreasLutro change your states accordingl
10:34 AndreasLutro y
10:35 napsterX joined #salt
10:38 ksj AndreasLutro: yeah, that'll work. makes sense I guess, if not particularly elegant. I can't help but feel salt (and other config management tools) aren't really "idempotent". I don't want to have lots of "undo" states as it will get messy. The only real solution I've seen to that is the NixOS system, but that comes with its own set of issues
10:40 AndreasLutro ksj: I dunno, I think it's less messy than it would be if salt tried to be more stateful - i.e. remember all the users/ssh keys that it installed and uninstall them when no longer present
10:40 ksj but still, for stuff like users, packages etc. I'm sure it would be possible to have a "clean" option. e.g. I define a set of users, and I can be assured that ONLY those users will ever be on the system. Equally, a set of packages (and optionally their dependencies). I could list a set of daemons and know that only those daemons would ever be running
10:41 AndreasLutro considering how many users come pre-installed with most linux distros + packages adding users I highly doubt that would be a viable option
10:41 ksj AndreasLutro: why is it less messy? you mean from the salt code side?? that I don't know, but I know from the perspective of writing sls files, it would be a lot nicer if I didn't have to write separate states to undo previous things
10:42 AndreasLutro yes, I think if salt attempted to do what you want, it would be a more unreliable piece of software
10:43 bytemask joined #salt
10:43 al joined #salt
10:43 crashmag joined #salt
10:43 Voziv joined #salt
10:43 ampex joined #salt
10:43 dustywusty joined #salt
10:43 Whissi joined #salt
10:43 freelock joined #salt
10:43 nk joined #salt
10:43 aarontc joined #salt
10:43 izibi joined #salt
10:43 anotherZero joined #salt
10:43 gchao joined #salt
10:43 whytewolf joined #salt
10:43 chutzpah joined #salt
10:43 [vaelen] joined #salt
10:43 ThomasJ joined #salt
10:44 programmerq joined #salt
10:44 keimlink joined #salt
10:44 kaiyou joined #salt
10:44 esharpmajor joined #salt
10:44 balltongu joined #salt
10:44 edulix joined #salt
10:44 Ymage joined #salt
10:44 Antiarc joined #salt
10:46 xenoxaos joined #salt
10:46 ksj fair enough. that's a good enough reason not to do it.
10:46 adelcast joined #salt
10:47 jchadwick joined #salt
10:47 denys joined #salt
10:48 jcristau joined #salt
10:49 leszq joined #salt
10:56 ndrei joined #salt
10:57 giantlock joined #salt
10:58 CeBe joined #salt
11:00 c10 joined #salt
11:01 leszq joined #salt
11:03 CeBe1 joined #salt
11:05 Furao joined #salt
11:07 giounaz joined #salt
11:07 ndrei_ joined #salt
11:08 linjan joined #salt
11:08 giounaz Good day everyone
11:08 giounaz i ma trying to add a gpg key using import_gpg_key inside a state
11:09 giounaz for that i use module.run inside the state
11:09 giounaz http://jpst.it/zHfV
11:09 c10 joined #salt
11:09 giounaz but i get the following error:  Module function gpg.import_key threw an exception. Exception: list indices must be integers, not str
11:09 giounaz any ideas?
11:09 otter768 joined #salt
11:10 supersheep joined #salt
11:14 ksj wow. a pastebin that doesn't use a monospace font. that's...new.
11:15 giounaz @ksj lol
11:15 AndreasLutro giounaz: can get the full stack trace?
11:15 giounaz @AndreasLutro errm......how do i do that?   :-S
11:16 AndreasLutro check your master log, or try running the same command with `-l debug`
11:17 badon joined #salt
11:21 giounaz i run the command with '-l debugg' biut didnt returned much extra  info apart from the below'
11:21 giounaz http://justpaste.it/lwi4
11:27 AndreasLutro ah...
11:27 ksj Defaults editor=/bin/ed
11:27 ksj ???
11:27 ksj sorry, no idea how that got pasted
11:28 julez joined #salt
11:28 AndreasLutro giounaz: try running the module from the command line instead - salt my-minion gpg.import_key filename=/root/mygpg.key
11:32 leszq joined #salt
11:36 devops joined #salt
11:38 kusams joined #salt
11:38 c10 joined #salt
11:42 giounaz @AndreasLutro ok..this is weird...i go to the minion and list the gpg keys..which is empty. I then exeute the command and get the same error HOWEVER the key indeed is imported in minion
11:43 evle joined #salt
11:44 TyrfingMjolnir joined #salt
11:44 AndreasLutro giounaz: do you get a stack trace this time?
11:46 c10 joined #salt
11:47 giounaz AndreasLutro: same info as i pasted before.
11:47 giounaz *passed
11:48 AndreasLutro well that sucks, can't go bughunting without a stack trace
11:50 VSpike It's strange. A couple of specific SLS files make my vim slow right down when using salt-vim. If I do :set ft=yaml then it's fine
11:53 rdas joined #salt
11:55 TyrfingMjolnir joined #salt
11:56 julez joined #salt
11:56 julez joined #salt
11:59 giounaz AndreasLutro: I found a bit more info on the master log
11:59 giounaz AndreasLutro: http://justpaste.it/lwj7
12:00 AndreasLutro giounaz: not what we need... maybe the stack trace is in the minion's log
12:00 giounaz ok ill go have a look now
12:03 kiorky joined #salt
12:04 amcorreia joined #salt
12:04 giounaz AndreasLutro: i think you are right, let me paste the log from minion
12:06 bfoxwell joined #salt
12:07 c10 joined #salt
12:16 ndrei joined #salt
12:19 linjan joined #salt
12:20 giounaz AndreasLutro: http://justpaste.it/lwju
12:20 giounaz AndreasLutro: is this what "we" looking for?
12:21 adelcast joined #salt
12:25 AndreasLutro giounaz: yeah. you should probably report an issue on github, include this part of the log https://bpaste.net/show/0f17ddfcf26f
12:27 giounaz AndreasLutro: thanks for your efforts buddy :-D
12:34 julez joined #salt
12:34 leszq joined #salt
12:35 supersheep joined #salt
12:38 dendazen joined #salt
12:41 kawa2014 joined #salt
12:43 kawa2014 joined #salt
12:44 _JZ_ joined #salt
12:46 subsignal joined #salt
12:48 numkem joined #salt
12:59 otter768 joined #salt
13:00 giantlock joined #salt
13:01 kulty joined #salt
13:05 ksj ugh, jinja question. I'm trying to do the following: {% for user in pillar['users']['sysadmins'] and pillar['users']['slasysadmins'] and pillar['users']['dba'] %} but for some reason it only takes the last pillar (users.dba) in this example. How do you concatenate lists like this in jinja?
13:09 ferbla joined #salt
13:09 XenophonF joined #salt
13:10 c10 joined #salt
13:10 murrdoc joined #salt
13:11 subsignal joined #salt
13:12 AndreasLutro ksj: pretty sure that's not possible
13:12 AndreasLutro why do you need them in separate lists?
13:13 jdesilet joined #salt
13:13 ksj AndreasLutro: groups
13:13 racooper joined #salt
13:14 ksj tbh I didn't think it was going to work. I added the "and" assuming it would break, but it didn't. It just didn't work correctly. Jinja is weird as hell
13:15 ksj I should be able to merge pillars with pillar.get though...but I can't seem to get it to work
13:15 AndreasLutro you could create a macro and then have 3 for loops
13:18 leszq joined #salt
13:18 kawa2014 joined #salt
13:19 perfectsine joined #salt
13:25 drawsmcgraw joined #salt
13:27 jespada joined #salt
13:32 primechuck joined #salt
13:32 GabLeRoux joined #salt
13:33 ksj damn, it's so frustrating. all I want to do is to merge a few lists into one. The solution I've now got is http://dpaste.com/3BA03D1 which, of course, creates multiple conflicting IDs. Why is it that in Salt the simplest things like concatenating a list are so much harder than the stuff that should be hard, which is easy? I can apply a sudoers policy to a hundred servers at once, but can't merge two lists
13:33 ksj without some awful jinja hackiness.....ugh. rant over. carry on
13:36 linjan_ joined #salt
13:36 timoguin joined #salt
13:36 AndreasLutro ksj: why is that "of course"?
13:36 AndreasLutro do you have users in both sysadmins and dba that have the same username?
13:37 c10 joined #salt
13:37 AndreasLutro also, I suspect you meant {% for group in pillar['groups'] if group in ['slasysadmins', 'sysadmins', 'dba'] %}
13:39 ksj AndreasLutro: the "or" method actually works fine. more jinja weirdness. your way is much neater, obviously.
13:39 ksj yeah, those are groups, so you can be a member of both
13:39 ksj hence you get ID collisions
13:39 AndreasLutro ksj: it works, but not like you think
13:39 mpanetta joined #salt
13:40 AndreasLutro ksj: this will always return true, so even if you have pillar['groups']['asdf'] it will iterate through it - if ('slasysadmins' or 'sysadmins' or 'dba')
13:40 AndreasLutro ksj: well, again I wonder why you don't have a root-level list of "users" and just put a group key on each one
13:41 ksj AndreasLutro: I'm open to doing it either way. Maybe that's the best way of doing it.
13:42 napsterX joined #salt
13:43 AndreasLutro https://bpaste.net/show/c00b61a4e73f this is how I'd recommend doing it
13:43 drawsmcgraw AndreasLutro: ksj, I've struggled with that a bit myself. I have enough users that I don't want a 'groups' key under each one. I've gone the route of just a huge list of users, then a 'groups' key in Pillar like groups:ro-users or groups:myteam
13:43 AndreasLutro using dicts instead of lists means you can add users from multiple pillar sls files
13:43 AndreasLutro drawsmcgraw: well you can use user_dict.get('groups', [])
13:44 AndreasLutro that'll return an empty list if the "group" key is not present
13:44 AndreasLutro actually why don't I just paste my whole user state...
13:44 drawsmcgraw AndreasLutro: True. And your users Pillar file is similar to mine (ssh_key entry over here, too).
13:45 timoguin joined #salt
13:45 AndreasLutro https://bpaste.net/show/44128666881d my actual user and ssh key states
13:45 spark joined #salt
13:45 drawsmcgraw Also -> I was unaware of the dot-notation for keying into Pillar like that. I would have done pillar['users'].iteritems(). Your is way cleaner.
13:45 ksj drawsmcgraw: exactly. I have enough users that a groups dict under each one just seems messy. I'm thinking maybe it would be better to have a csv file and process it into yaml using awk or something
13:46 AndreasLutro drawsmcgraw: it only works in jinja, mind you
13:46 AndreasLutro jinja has this magic where it converts dot notation to [] notation through reflection and other magic
13:46 drawsmcgraw AndreasLutro: Of course :)  Will that fail hard if the Pillar value doesn't exist?
13:46 drawsmcgraw OOOhhhhhh, okay. Worth knowing.
13:46 drawsmcgraw Sounds like it will, since it just converts it to the 'ugly' way of keying into Pillar.
13:46 AndreasLutro drawsmcgraw: no, pillar.get('users', {}) will return {} if the "users" key doesn't exist in the pillar
13:47 MatthewsFace joined #salt
13:47 drawsmcgraw AndreasLutro: But this -> {% for username, user in pillar.users.iteritems() %}
13:47 drawsmcgraw *will* fail hard, right?
13:47 AndreasLutro ah yes, that will
13:47 drawsmcgraw okay, good to know
13:47 drawsmcgraw I try to have all my Pillar calls fail hard. I'd rather a big nasty Salt error than some silent error down the line from a None value
13:48 AndreasLutro as long as you're thinking about it it's fine. I often want default values to reduce verbosity in pillars
13:49 drawsmcgraw Fair enough
13:49 ksj AndreasLutro: thanks. I'm just going through your pastes. it's always really helpful to see real world working examples.
13:49 Tecnico1931 joined #salt
13:55 leszq joined #salt
13:55 mou joined #salt
13:59 dyasny joined #salt
14:00 kusams joined #salt
14:00 debian112 joined #salt
14:00 tavist0_ joined #salt
14:05 andrew_v joined #salt
14:06 sacrelege joined #salt
14:06 leszq joined #salt
14:06 favadi joined #salt
14:07 SheetiS joined #salt
14:08 ekristen joined #salt
14:11 emaninpa joined #salt
14:12 ksj AndreasLutro: sorry to be a real nuisance, but can you paste the basic structure of your pillar file, there's a few things I'm unsure of
14:14 bmac2 joined #salt
14:16 scoates joined #salt
14:16 CeBe1 joined #salt
14:17 leszq joined #salt
14:17 SheetiS joined #salt
14:19 fyb3r joined #salt
14:22 SheetiS1 joined #salt
14:23 Smoked_Duck joined #salt
14:24 asaladin joined #salt
14:27 markm joined #salt
14:32 cheine_ Is it possible to have a sleep period between two depending states? Because apparently, if docker.running starts a container it doesn't wait until the container is really running.
14:34 cheine_ In the other state I use a template, which calls 'docker inspect' and the template is filled with "Error: No such image or container:" on the first run of state.highstate.
14:35 cheine_ Could that be a bug?
14:37 jespada joined #salt
14:37 asoc_ cheine_: you could always use a cmd.run with a ping -n # to wait for # seconds
14:39 cheine_ So the template state depends on a cmd.run('sleep 5') which depends on the docker.running state. Yeah that is a solution, but maybe not the nicest ;) But thanks for suggesting.
14:40 cheine_ so the cmd.run state waits for a command to be completed, but docker.running does not? Strange...
14:41 sacrelege hi all, I never used saltstack and I try to understand the top file. I saw there is a good intro how to handle several environment and a base base conf. on top of that. Is it possible to extend this further by introducing the customer dimension?
14:42 sacrelege So every customer has its own qa, int and prod?
14:42 cheine_ asoc_: Oh and I think you meant cmd.wait right?
14:43 cheine_ sacrelege: Don't know what you mean by customer.
14:45 ndrei joined #salt
14:46 Heartsbane joined #salt
14:46 sacrelege cheine_, lets say we develop software and deploy them on servers. For each customer we have a complete set of staging environment up to production.
14:46 XenophonF sacrelege: what you want to do is possible
14:46 cheine_ sacrelege: You could just name your environments "[customer]-[environment]" (e.g. customer1-qa)?
14:47 sacrelege XenophonF, cheine_ please be aware, that my needs would also be to set configuration parameters which should apply to all-QA or all-Integration system (no matter what customer).
14:48 XenophonF sacrelege: i'd make the different assignments using pillar
14:48 sacrelege XenophonF, cheine_ and also other configuration variables, which are valid for a certain customer, no matter what environment (qa, int, prod)
14:48 cheine_ sacrelege: I would try to do this via pillar or grain matching
14:49 sacrelege hmm since I don't know what pillar or grain means, I think I will just go a head and read more about saltstack in general.
14:49 XenophonF sacrelege: if you want to see an example of top.sls targeting using pillar, you can look at my git repos - https://github.com/irtnog/salt-states and https://github.com/irtnog/salt-pillar-example
14:50 Slimmons joined #salt
14:50 sacrelege cool thx !
14:50 XenophonF sacrelege: you could extend my example by adding another pillar key named 'customer'
14:50 sgargan joined #salt
14:51 kiorky joined #salt
14:51 XenophonF sacrelege: in top.sls, you could have additional customer-specific environments, or you could have customer-specific compound pillar matches in existing dev/test/stage/prod environments
14:51 XenophonF whatever is clearest to your admins - although i'd probably recommend separating customers into separate environments
14:52 XenophonF or if you use git, into separate repositories, even
14:52 Micromus joined #salt
14:52 XenophonF i do all targeting from top.sls in the base environment
14:52 sacrelege XenophonF, ok
14:52 XenophonF that way, it's all in one file
14:52 XenophonF and i don't use environments in pillar
14:52 sacrelege XenophonF, I think I have read a bit more first, to understand what you are saiyng and your files..
14:53 XenophonF of course, you should do whatever makes the most sense to you
14:53 sacrelege XenophonF, but thanks a lot s far.
14:53 hrumph anyone have experience with salt and windows workstations?
14:53 XenophonF sacrelege: there are many, many other ways to handle targeting
14:53 XenophonF hrumph: i do
14:53 clintberry joined #salt
14:54 JackOnneill joined #salt
14:54 julez joined #salt
14:54 linjan_ joined #salt
14:54 hrumph XenophonF, someone here was telling me that in a mostly windows environment i should just use AD and stuff...i was hoping to use salt. could there be any benefits to using salt apart from the fact I can run it from a linux box and can have more than just windows minions?
14:55 lothiraldan joined #salt
14:55 JackOnneill left #salt
14:56 hrumph XenophonF, i mean as a linux guy is there any way i could justify using salt in a primarily windows world?
14:56 c10 joined #salt
14:56 hrumph other than i'm familiar with linux
14:56 XenophonF hrumph: what do you mean by "AD and stuff"? do you mean just native tools like GPO and startup/shutdown/login/logout scripts?
14:57 hrumph XenophonF, at first i'm going to use salt just to gather info from PC's then i'll start using it to manage them
14:57 Dev0n joined #salt
14:57 XenophonF that's a good start - the salt mine stuff looks really interesting (though i haven't used it yet myself)
14:57 hrumph XenophonF, someone was saying that you can use active directory to do it and active directory will be more suited to it
14:58 hrumph XenophonF, yes i mean salt as opposed to the native tools
14:58 conan_the_destro joined #salt
14:58 XenophonF so given just native tools - AD, GPO, WMI, PowerShell - how do they compare to Salt?
14:58 hrumph XenophonF, so can i make any argument for use of salt other than "i don't really enjoy windows"?
14:58 XenophonF LOL
14:58 XenophonF yes you can
14:58 XenophonF take software deployment
14:58 leszq joined #salt
14:59 hrumph XenophonF, awesome. let's hear it because i want to be able to tell my boss
14:59 XenophonF you can use GPOs and login scripts to deploy software
14:59 XenophonF but GPOs are limited to MSI packages only, computer startup scripts only run at boot time, and login scripts require some way of embedding admin credentials
15:00 XenophonF plus without a bit of coding, you don't necessarily get any feedback as to whether deployments are successful
15:00 XenophonF compare with Salt's pkg.installed or pkg.latest states
15:00 hrumph these are some awesome talking points
15:00 hrumph thanks
15:00 hrumph i'm feeling a lot less depressed now
15:00 XenophonF you can deploy MSI or scripted EXE installers from a Windows package repo
15:01 XenophonF Salt will track the deployment and return success/fail data back to the master
15:01 XenophonF the only limit there is whether your installer can be scripted (and i've done my fair share of repackaging, which sucks, but that's the same problem whether you're using Salt, GPO, or something else)
15:02 XenophonF you could also use WMI or PowerShell's remote execution feature to gather data about installed software
15:02 XenophonF i mean, PowerShell is how Salt gets the info
15:02 XenophonF but you'd have to make your own database, where as Salt Mine comes with Salt
15:02 XenophonF just to pick one example
15:03 hrumph wow
15:03 XenophonF consider too feature/role deployments
15:03 hrumph why aren't these points made on the web? anyway keep going
15:03 XenophonF let's say you want to turn on the Hyper-V feature across your developer workstations
15:04 XenophonF i don't think you can control which features get installed via GPO, but don't quote me on that
15:04 XenophonF GPO is very powerful!
15:04 sdm24 joined #salt
15:04 drawsmcgraw Salt needs a "Why Salt?" brochure. Badly.
15:04 drawsmcgraw I nominate XenophonF for the first draft :D
15:04 XenophonF but that's very easy to do via Salt - the win_servermanager states
15:05 XenophonF hah well i'm selling this to the rest of my team :)
15:05 drawsmcgraw I know the feeling. I was on the defensive for a *long* time myself
15:05 XenophonF again, as with software deployments, Salt tracks the progress of the feature install and returns success/failure results to the master
15:05 theologian joined #salt
15:06 XenophonF whereas you don't easily get feedback when using GPO - you'd have to go trawling through the event logs of the targeted workstations
15:06 XenophonF hrumph: are you operating a multi-forest AD environment?
15:06 XenophonF I am
15:07 hrumph XenophonF, it's in a non-forrest AD environmnet
15:07 XenophonF i'm managing five separate production forests in three continents
15:07 XenophonF and only two pairs of forests have trust relationships
15:07 hrumph XenophonF, i don't have much control over the AD side because we operate in a subunit of a larger organsation (this is reason for *me* to want salt but not necessarily a reason for other people to)
15:08 XenophonF so i often want to be able to run commands across servers in different forests, some of which can't talk to one another, from a vantage point outside all three of my primary data centers
15:08 XenophonF we're running Salt in AWS, and everything globally can talk to it
15:08 lothiraldan joined #salt
15:08 XenophonF so i can run one command from my salt master that reaches out to computers in all five forests
15:09 XenophonF whereas in PowerShell, I could accomplish the same kind of remote exec tasks but with a little more complexity
15:10 XenophonF i still use GPOs and tools like WSUS (well, nowadays Panorama9, but you get the idea)
15:10 XenophonF but i'm slowly converting the GPOs into Salt states
15:10 XenophonF think, too, about orchestration
15:11 XenophonF I have Salt integrated with my hypervisors.
15:11 XenophonF so Salt manages my VM configs, builds VMs on demand, and pushes configs down to them
15:12 felixhummel joined #salt
15:12 XenophonF i don't have a public example yet, but one set of salt-cloud configs and salt state formulas deploys a AD DS replica domain controller
15:12 XenophonF including DNS and WINS
15:12 hrumph wow
15:12 XenophonF all the configs of which are in Git
15:13 hrumph you're making salt sound like a no-brainer
15:13 XenophonF right now, our Salt master can spin up VMs in AWS EC2, but I'm looking at vSphere and OpenStack next
15:13 XenophonF actually the Salt develop branch has a completely revised VMware driver that i'm very excited to try out
15:13 julez joined #salt
15:14 leszq joined #salt
15:15 XenophonF now in some cases it's salt running powershell cmdlets, right? so i'm using win_servermanager.installed states to add the "AD-Domain-Services" (etc.) features
15:15 drawsmcgraw XenophonF: Have you done a talk on Salt on Windows? I'm sure you're aware that you're in the minority, running Windows systems with Salt
15:16 XenophonF and i'm using cmd.run (with shell set to "powershell") to run "Install-ADDSDomainController"
15:16 XenophonF drawsmcgraw: no i haven't done any salt talks
15:16 XenophonF hrumph: honestly, the best part about all of this is that i have all my configs and states and whatnot in Git
15:17 drawsmcgraw XenophonF: Well you're sitting on a gold mine, in my opinion.
15:17 XenophonF sometimes it feels like i'm the only one who documents things around here
15:17 XenophonF i wanted a way to turn my change logs and screen captures and build docs into executable programs
15:17 XenophonF because inevitably someone (including myself!) would misspell something or leave out a step or whatever
15:18 XenophonF it's a lot harder to get change control on VMware guest profiles or Group Policy Objects out of the box, just to pick two examples
15:18 arthurlutz joined #salt
15:19 tavist0_ joined #salt
15:19 tfield joined #salt
15:19 arthurlutz hi all, is there an issue or a discussion somewhere about sending back the status of each low_state to the master as we go, instead of sending back the highstate result at the "end" of the run ?
15:19 XenophonF GPOs and login scripts and whatnot definitely still have their place
15:20 XenophonF drawsmcgraw: i'd like to get some concrete examples together, first
15:20 drawsmcgraw Of course
15:21 XenophonF a lot of what i'm doing is AWS-centric at the moment
15:21 XenophonF i want to do more with vSphere soon, though
15:24 asoc cheine_: I think cmd.run should work. But I haven't tried it. http://docs.saltstack.com/en/latest/ref/states/all/salt.states.cmd.html#should-i-use-cmd-run-or-cmd-wait
15:24 drawsmcgraw I'm interested to see what happens with the vSphere development as well. Most of what I've seen for "private cloud" means VMWare.
15:24 drawsmcgraw arthurlutz: I vaguely remember something like that but I don't know if/where that issue is....
15:25 iggy arthurlutz: doubtful... that's just really not the way Salt is built (and I don't think it's something anyone is motivated enough to try to solve)
15:25 asoc cheine_: I have seen it where some processes return but are just a wrapper for a different process that keeps running in the background. So that might be what is going oin with the docker.running
15:25 tfield joined #salt
15:25 drawsmcgraw Just in case someone else wants to brush up on their writing skills, I've started a (very pitiful) 'why salt?' repo: https://github.com/drawsmcgraw/why-salt
15:25 drawsmcgraw I'm happy to put my energy somewhere else if there's another place for this type of thing.
15:26 asoc cheine_:  I am not very familiar with docker so it is just a guess.
15:32 cheine_ asoc: Thanks, I will take a look at it.
15:33 XenophonF drawsmcgraw: i'll take a look
15:33 XenophonF the domestic IT team here uses Puppet, so a lot of the flack i got was along the lines of why international IT did something different
15:34 XenophonF i would have been happy to use puppet, but there's no way they're going to allow the international networks talk to the domestic ones, so that settled that
15:35 adelcast left #salt
15:35 writtenoff joined #salt
15:36 spiette joined #salt
15:36 Brew joined #salt
15:36 drawsmcgraw XenophonF: Thanks! And well-played with using the organization against itself for a case for Saltstack
15:36 MatthewsFace joined #salt
15:37 arthurlutz drawsmcgraw: iggy: thanks for your answer, someone using ansible said it was a feature they liked in ansible.
15:37 XenophonF hah well it wasn't really a play - i'd much rather not take on a lot of extra technical support w/r/t config management infrastructure
15:37 XenophonF they've got puppet, github enterprise, and all sorts of other goodies
15:37 XenophonF but i can't use any of them
15:37 iggy arthurlutz: if your highstates are taking so long to run that you feel like you need progress bars, you've probably got bigger problems
15:38 XenophonF now that i've learned it, i like salt a lot, and i'm glad i got to do my own thing
15:38 XenophonF but that also means i have no one beside you fine folks on IRC to turn to for help
15:38 iggy I try to keep my highstates fairly minimal and use the reactor/scheduler for bigger stuff
15:38 arthurlutz iggy: careful with that kind of approach, salt is supposed to be agile around your infrastructure, not tell you that you're doing it wrong
15:38 XenophonF and teaching this stuff to my team is challenging
15:38 fyb3r can you not batch the ammount of minions returning their data?
15:39 iggy salt isn't, I am ;)
15:39 jalbretsen joined #salt
15:39 fyb3r either way :D
15:39 arthurlutz iggy: but I find your reactor/scheduler approach can be interresting
15:39 otter768 joined #salt
15:40 iggy fyb3r: batching just slows the amount of jobs sent out at once, they all return when they are done (whether using batching or not)
15:40 arthurlutz now that I think of it, couldn't a simple running break a highstate into low states and run them sequentially ?
15:40 iggy it's possible (with code changes)
15:40 leszq_ joined #salt
15:41 iggy but like I said... I've not heard anyone jumping in to do that coding
15:41 iggy every once in a while, someone pops up and thinks it's a great idea
15:41 iggy then they start looking at the work involved :)
15:44 ranomore joined #salt
15:44 slav0nic joined #salt
15:52 drawsmcgraw XenophonF: I understand. I had the same situation. Organization was huge, so I was free to do what I wanted. That didn't stop the regular influx of "Why not Puppet?" questions, though
15:52 Grokzen joined #salt
15:53 drawsmcgraw arthurlutz: Sure thing. To be honest, I wouldn't hold my breath for it. But, when I'm writing/testing my states, I have a dev VM and I run 'salt-call' to get 'live' feedback.
15:53 onorua joined #salt
15:54 arthurlutz drawsmcgraw: yep, I often do the same
15:54 druonysus joined #salt
15:54 XenophonF drawsmcgraw: i'm _much_ more comfortable with python, yaml, and jinja, having tinkered a lot with the zope and django web app frameworks, plus the yaml->funcall nature of salt feeds the part of my brain that loves lisp :)
15:54 Whissi joined #salt
15:54 ndrei joined #salt
15:55 drawsmcgraw XenophonF: Ah, itches a lot of things, huh?
15:55 drawsmcgraw One of these days I'll set aside some time to get into flow-based programming....
15:55 adelcast joined #salt
15:56 cluther left #salt
15:56 XenophonF drawsmcgraw: you bet
15:57 XenophonF i've long had this idea of "object oriented system administration"
15:57 XenophonF the way i have roles and environments arranged in my salt deployment lets me implement it
15:58 XenophonF where there's a base class - common configs every computer gets - and sub-classes - server roles getting configs specific to them
15:58 XenophonF servers become instances
15:58 XenophonF i can use additional targeting rules to implement things like mixins (CLOS!)
15:58 XenophonF and so on
15:58 Mate XenophonF: your infrastructure (code base :) and working method is really impressive
15:58 drawsmcgraw Really drives home the notion that your data center is a software project, huh?
15:59 Mate thanks for sharing
15:59 XenophonF drawsmcgraw: yes! i don't know who said it first, but i saw it on salt's wikipedia entry - infrastructure-as-code
15:59 XenophonF Mate: you're welcome!
16:00 Mate i see we are in the right direction, but far from it :(
16:00 c10 joined #salt
16:02 XenophonF i won't claim i'm doing it right
16:02 XenophonF lots of other people on here have different ways to accomplish similar config mgmt tasks
16:03 wendall911 joined #salt
16:05 coderMe joined #salt
16:07 coderMe joined #salt
16:08 Mate but i havent seen such a positive overview here in the last few weeks
16:08 gladiatr joined #salt
16:08 coderMe joined #salt
16:09 XenophonF at work my goal is to be able to release our configuration formulas for use in developing countries
16:09 XenophonF Salt's integration with Git is really interesting as a result
16:09 beneggett joined #salt
16:10 kawa2014 joined #salt
16:10 coderMe joined #salt
16:10 thedodd joined #salt
16:10 stoogenmeyer joined #salt
16:10 drawsmcgraw XenophonF: Found a use case for the "mnt_point" options for GitFS?
16:11 nate_c joined #salt
16:11 coderMe joined #salt
16:12 XenophonF drawsmcgraw: is this what you mean? http://docs.saltstack.com/en/latest/ref/configuration/master.html#std:conf_master-gitfs_mountpoint
16:12 XenophonF i haven't used that
16:12 XenophonF at least, not yet
16:12 drawsmcgraw XenophonF: yeah, that. Sorry, was going off of memory
16:12 XenophonF is all good
16:12 Slimmons Hey guys, I have a problem I haven't been able to resolve.  I'm trying to use git.latest, and I've tried lots of different configurations, and my errors don't seem to tell me anything useful (or i'm reading it incorrectly).  if you look in my "masterenvironment.init", and look at the errors reported from salt 'master' state.highstate -l debug, that is where I've gotten so far.  https://gist.github.com/johnsimmons/6d8fded189bca4e85a59
16:12 drawsmcgraw I've seen people use that option for managing *a lot* of different git repos in their deployments.
16:13 pcn I'm having a lot of trouble understanding why a pillar won't render.  The suggestion from the salt command to look at the master log doesn't seem to provide any insight.
16:13 pcn I've got a highstate that intalls cassandra.
16:13 Slimmons bleh, and i have to go afk for abit.
16:13 drawsmcgraw pcn: Try a pillar.items() | less. Then inspect the top of the output for any possible rendering errors.
16:13 iggy Slimmons: that can't be all the debug output
16:14 XenophonF Slimmons: maybe enable trace logging, too?
16:14 pcn drawsmcgraw: I was getting to that - pillar.items does work
16:14 husanu1 joined #salt
16:14 desposo joined #salt
16:14 drawsmcgraw pcn: ah :/
16:14 pcn So my goal is to install a system, then run a separate couple of states that configure the cassandra system with pillar data that's based on the other nodes in the cluster.
16:15 pcn Doing e.g.: sudo salt cassandradatanode1 state.sls cassandra.config_files 'pillar={"seed_list": "10.159.115.164,10.233.132.40,10.37.177.70"}'
16:15 pcn fails rendering the pillar
16:16 iggy pillar='...'
16:16 husanu joined #salt
16:16 iggy and is that really supposed to be a comma separate list? or an actual python/jinja list?
16:17 drawsmcgraw what iggy said
16:17 pcn It's cassandra :(  they want a single string, comma-separated
16:17 iggy okay, I don't know cassandra, just asking since it looked odd
16:18 pcn Fair question
16:21 drawsmcgraw pcn: Does wrapping the pillar args in quotes work?
16:22 pcn I'm not sure I understand what you're asking.
16:22 iggy sudo salt '*mqdb*' state.sls postgres pillar='{"postgres": {"pg_hba.conf": "salt://postgres/pg_hba.conf", "acls": [["host","mqdb","mqdb","172.16.0.0/16","md5"]]}}'
16:23 iggy that's the last command I ran with a pillar on the command line
16:23 aparsons joined #salt
16:23 pcn Let me add to the strange: if I restart the salt master and minion I'm targeting, then it works
16:23 * iggy backs away slowly
16:23 pcn Minions that i haven't restarted fail
16:24 venu0336 joined #salt
16:24 bbhoss joined #salt
16:25 ghoti joined #salt
16:28 GabLeRoux joined #salt
16:30 spookah joined #salt
16:30 XenophonF i wish the selinux state module let you do more selinux things, which is another way to say changing it is hard and i want someone else to do it because i'm lazy :)
16:31 pcn Oh, I wonder...
16:32 pcn These minions are vagrant ec2 nodes.  I wonder if the minion just needs to be restarted because it has some weird start at the outsent
16:32 pcn So let me try that before running any states and see if it works out for the better
16:33 aparsons_ joined #salt
16:33 giantlock joined #salt
16:34 sporkd21 is there any way to have salt show me which credentials salt-cloud is using?
16:34 sporkd21 debug / trace do not show it
16:34 iggy do you have some reason to believe it's not using the credentials you told it to use?
16:35 ingslovak1 joined #salt
16:36 husanu joined #salt
16:37 sporkd21 iggy: I'm trying to do salt-cloud --list-images <provider>
16:37 sporkd21 on my saltmaster I get a 401 cred error, if I bring up a vagrant salt-master and run same command I get the images listed
16:38 sporkd21 same salt versions, but I'm wondering if my "real" saltmaster is getting creds from somewhere else
16:38 sporkd21 neither are running in AWS so it's not metadata
16:41 pcn Yeppers.  The node can run the highstate but not the other states unless I restart it once because reasons.
16:41 pcn Ignore me.
16:41 amcorreia joined #salt
16:42 napsterX joined #salt
16:42 catpig joined #salt
16:44 ksalman joined #salt
16:47 catpig joined #salt
16:50 kaptk2 joined #salt
16:57 keimlink joined #salt
16:57 sporkd21 iggy: if anyone ever says that, my time was off
16:59 sporkd21 someone can close this https://github.com/saltstack/salt/issues/22498#issuecomment-106929797
17:00 keimlink joined #salt
17:03 GabLeRoux joined #salt
17:04 cliluw joined #salt
17:08 forrest joined #salt
17:08 nk joined #salt
17:08 borgstrom joined #salt
17:09 pliniker joined #salt
17:10 pliniker left #salt
17:10 scoates_ joined #salt
17:11 pliniker joined #salt
17:13 baweaver joined #salt
17:14 theologian joined #salt
17:15 DammitJim joined #salt
17:20 iggy sporkd21: thanks for updating us on the outcome, it helps more than most people realize
17:22 linjan joined #salt
17:23 conan_the_destro joined #salt
17:24 ajw0100 joined #salt
17:27 Slimmons iggy:  sorry I was afk.  That's all the debug output I get.
17:27 napsterX joined #salt
17:28 iggy Slimmons: then try what someone else said and use -l trace
17:28 hal58th joined #salt
17:29 hal58th_1 joined #salt
17:34 baweaver joined #salt
17:34 nate_c joined #salt
17:35 Slimmons I commented on the -l trace output, and it doesn't seem to be much more useful.  https://gist.github.com/johnsimmons/6d8fded189bca4e85a59
17:35 leszq joined #salt
17:36 Slimmons I thought maybe I had messed up something in the master file, but if it couldn't find the root directory, it would throw errors.
17:40 otter768 joined #salt
17:41 iggy your top file says masterminion and your command line says master
17:41 JordanTesting joined #salt
17:41 JordanTesting joined #salt
17:42 iggy oh wait
17:42 iggy use salt-call -l debug from the minion you are targeting
17:42 iggy salt 'foo' -l debug isn't generally all that useful
17:43 nitenq joined #salt
17:44 aparsons joined #salt
17:45 Slimmons Yeah, i manually typed the command incorrectly.  Should have been masterminion
17:45 Slimmons I'll use the salt-call -l debug
17:46 Fiber^ joined #salt
17:47 twork_ joined #salt
17:48 cruatta joined #salt
17:49 aw110f joined #salt
17:51 desposo1 joined #salt
17:52 cruatta joined #salt
17:53 leszq joined #salt
17:56 [7hunderbird] joined #salt
17:56 venu0336 joined #salt
17:56 ageorgop joined #salt
17:58 TyrfingMjolnir joined #salt
17:59 chiui joined #salt
18:02 Slimmons I uploaded the error.  It's giving a KeyError.  Looking into that now.
18:03 twork_ hey all. i'm on run number... three or four trying to get my head around salt. i keep getting interrupted, which doesn't help. right now my mission to myself is: just make it distribute two versions of a damn file.
18:03 twork_ the docs are great for the structural stuff but right now i just want a hint to make it go.
18:03 forrest twork_: Okay, what issue are you encountering with multiple versions of files, and in what way are you trying to say 'this machine should get this file'.
18:04 twork_ that's my first problem...
18:04 leszq joined #salt
18:05 twork_ baby steps.
18:05 twork_ just make it do a thing. any thing. the docs are telling me how to lay out my archive, which is great, but i want to set that aside for now, and just play with the tools.
18:05 forrest Do you already have salt deploying a basic version of the file?
18:06 twork_ no.
18:06 iggy Slimmons: look at the rendered top file... master:\n  '':
18:06 iggy Slimmons: also, put ``` around the pastes in the comments so github doesn't try to read it as markdown
18:06 morsik left #salt
18:07 forrest twork_: Okay, so right now you just have the masterless minion installed and are playing with that?
18:07 twork_ i have a master and a minion. i have the minion registered wth the master, and the master can query for state.
18:07 forrest okay, have you run commands against the minion from the master?
18:08 twork_ minion can 'salt-call -i debug pillar.items', for instance.
18:08 twork_ yeah
18:08 forrest okay
18:08 forrest seems like you are about here then: http://docs.saltstack.com/en/latest/topics/tutorials/walkthrough.html#the-first-sls-formula
18:08 forrest they're doing that work on the master, and you can get some pretty quick results if you start there.
18:09 Slimmons iggy:  I have no idea why it would be rendering with the master:\n '': blank.  I've definitely got a name in there.
18:09 twork_ thanks. embarrassed to say i have started there at least twice, got into the weeds, got interrupted, and came back lost.
18:09 Slimmons maybe it doesn't like the minion name
18:09 twork_ thanks forrest.
18:10 forrest twork_: No problem. If you're confused about something feel free to ask, starting there is going to be the best way to learn though :)
18:11 baweaver joined #salt
18:11 Slimmons iggy: The minion id: x definitely matches what's in the master:\n 'x':
18:13 leszq joined #salt
18:14 lexter joined #salt
18:17 denys joined #salt
18:17 Laogeodritt joined #salt
18:17 iggy are you obfuscating things?
18:19 iggy and why do you have your environments named master and server?
18:19 Slimmons lol, not intentionally
18:19 Slimmons I don't actually, I just named them that on the gist in order to make what I was trying to do more clear.  They actually have different names
18:20 Slimmons I should probably just change the gist to match exactly what is there.
18:20 iggy I give up
18:20 Slimmons lol
18:21 twork_ joined #salt
18:27 nate_c joined #salt
18:28 murrdoc joined #salt
18:30 tomh- joined #salt
18:32 Slimmons I'll let you know once ti's fixed.  I'm sure it's something small that I don't have set up right.
18:32 OnTheRock joined #salt
18:35 baweaver joined #salt
18:37 bhosmer_ joined #salt
18:39 s_kunk joined #salt
18:39 [7hunderbird] joined #salt
18:39 s_kunk joined #salt
18:45 XenophonF joined #salt
18:45 c10 joined #salt
18:50 c10 joined #salt
18:51 twork_ okay, following along at: http://docs.saltstack.com/en/latest/topics/tutorials/walkthrough.html#the-first-sls-formula
18:51 twork_ i'm missing something basic. my brief tale of woe:
18:51 twork_ https://gist.github.com/mjinks/a931e4ac4acfc3eb2a0c
18:52 Ahrotahntee I am just beyond stupid here. What is the python equivalent of a cli call "salt '*' network.ip_addrs eth0" ?
18:52 twork_ i thought that "- something" under 'base:' would refer to a state file rooted at the same directory. it looks that way in the example.
18:53 twork_ but i guess not...?
18:53 bitwise__ joined #salt
18:54 Ahrotahntee twork_: how is file_roots defined on the master?
18:55 Ahrotahntee twork_: I'm guessing /srv/file_root/ ? in which case you need motd.sls in there too.
18:55 Ahrotahntee because that is where it is looking for your state file
18:55 Ahrotahntee and if you're targeting a minion with state.sls and not highstate you don't even use top.sls in this exercise
18:56 Ahrotahntee sneaky LocalClient HIDING IN THE CRISPS AGAIN
18:56 twork_ Ahrotahntee: just tacked that to the end of my gist. link again: https://gist.github.com/mjinks/a931e4ac4acfc3eb2a0c
18:56 Ahrotahntee twork_: yeah, so you've defined /srv/file_root as where base belongs
18:56 Ahrotahntee twork_: that means you need your .sls files in there too
18:57 Ahrotahntee twork_: salt:// sources pull from the same place as the states
18:57 ntropy twork_: yup, you want your motd.sls in /srv/file_root
18:57 dingo_ good morning folks
18:57 dingo_ hows salt treatin y'all :)
18:57 Ahrotahntee 14:56:17 < Ahrotahntee> sneaky LocalClient HIDING IN THE CRISPS AGAIN
18:57 Ahrotahntee ^ sums up my day
18:57 dingo_ hah ha ha
18:58 twork_ hm... okay, i've run into this confusion before.
18:58 Ahrotahntee twork_: here, let me show you my directory structure
18:58 twork_ if .sls files go in the file tree, what's left to go in the main salt tree?
18:58 murrdoc joined #salt
18:58 Ahrotahntee twork_: https://gist.github.com/Ahrotahntee/cc9fa7dcdaf22943bf88
18:59 ntropy twork_: what is 'main salt tree'?
18:59 iggy by default, file_roots is /srv/salt, if you change that setting, you need to change the other stuff too
18:59 dingo_ anyone ever make graphics of salt requisite structure? I made some code and produced a series of graphviz charts if anybody is interested in seeing the output or the code
18:59 Ahrotahntee twork_: as you can see file_roots is the main salt root
18:59 Ahrotahntee s/root/tree/
19:00 Ahrotahntee I like the tree command
19:00 Ahrotahntee I don't get to use it nearly often enough
19:00 leszq joined #salt
19:00 ageorgop joined #salt
19:01 dingo_ output graphics: https://teamcity-master.pexpect.org/tmp/ code: https://gist.github.com/jquast/9cfe1b729daee843657a
19:01 dingo_ please node the code is... draft weekend stuff, not really for consumption
19:01 dingo_ note
19:01 Ahrotahntee dingo_: neat
19:01 twork_ okay, this has tripped me up before. i'm looking back now trying to find the specific spot where the docs confused me. i coulda sworn there was a distinct "structure layout" and "file system content"
19:02 twork_ e.g. '/srv/salt' and '/srv/salt/file_roots' for instance
19:03 twork_ that's why i took my file_roots out into their own tree under '/srv', because it didn't make sense to have them mixed. now i see i was wrong.
19:03 ntropy twork_: there are only two paths you should be concerned with for the basic setup at least: file_roots and pillar_roots
19:03 Ahrotahntee twork_: instinctively you want to split the sls files off from the templates you're using to populate the minions
19:03 Ahrotahntee twork_: but that's not the case here
19:03 Ahrotahntee twork_: the templates and the state files belong together
19:03 twork_ thanks.
19:03 Ahrotahntee twork_: I use a sub-folder 'files' for the templates
19:05 scoates joined #salt
19:05 twork_ incidentally Ahrotahntee, how did you generate that tree structure you posted? looks handy.
19:05 * MTecknology whacks rhel in the nuts with a rusty anvil
19:06 Ahrotahntee twork_: 'tree' (from the apt package 'tree')
19:06 forrest twork_: Take a look at http://docs.saltstack.com/en/latest/topics/best_practices.html for some basic directory structure stuff.
19:06 twork_ thanks. one more thing i've read at least three times, and then, time did pass...
19:09 MTecknology I'm having a heck of a painful time trying to write an init script for ferm on centos that salt can properly use. :(
19:14 gladiatr joined #salt
19:15 Ahrotahntee zero-configuration tinc formula does not appear to be feasible
19:15 Ahrotahntee at least not without creating some kind of weird psudo dhcp service
19:16 Ahrotahntee pseudo*
19:21 ajw0100 joined #salt
19:22 husanu joined #salt
19:28 leszq joined #salt
19:29 venu0336 joined #salt
19:29 dynamicudpate joined #salt
19:30 aw110f joined #salt
19:31 XenophonF will file.blockreplace create a file if it's missing, assuming prepend or append_if_not_found is set to true?
19:31 XenophonF it isn't clear from the documentation
19:32 scoates joined #salt
19:33 desposo joined #salt
19:36 XenophonF just read the source, and file.blockreplace will raise an error if the file isn't found
19:37 dingo_ cool
19:39 TodPunk joined #salt
19:41 otter768 joined #salt
19:42 baweaver joined #salt
19:45 nate_c joined #salt
19:46 meete0rite joined #salt
19:46 leszq joined #salt
19:47 meete0rite Hello, we are experiencing an issue where the only thing that seems to work is key acceptance on the master, and after that nothing happens.  No logs in the master, no logs in the minion, nothing
19:47 meete0rite Not sure what to look for or how to debug?
19:51 Brew joined #salt
19:52 twork_ okay... in the state tree, if there's a simple sls file, we'll use that. but for more complex stuff we move to 'foo/init.sls', and put other stuff in that same directory... right? no?
19:52 Ahrotahntee twork_: tends to be how it goes
19:52 Ahrotahntee for example I have tinc/install.sls, tinc/files/tinc.conf, etc
19:52 Ahrotahntee and my paths reference salt://tinc/files/tinc.conf
19:52 Ahrotahntee etc.
19:53 twork_ ok, here's my latest swing at my basic file: https://gist.github.com/mjinks/a931e4ac4acfc3eb2a0c
19:53 Ahrotahntee that way I can distribute my tinc formula as a .tar if I need to
19:53 Ahrotahntee twork_: salt '*' state.sls motd.init
19:53 twork_ ...same error as before, salt says there's no sls found for ' - motd'
19:53 Ahrotahntee twork_: you have named your file init.sls
19:53 Ahrotahntee in motd
19:54 tmclaugh[work] joined #salt
19:54 Ahrotahntee seperated (by salt) with a .
19:54 Ahrotahntee so motd/init.sls -> motd.init
19:54 Ahrotahntee salt '*' state.sls motd.init
19:54 Ahrotahntee dots are special with salt
19:54 edrocks joined #salt
19:54 Ahrotahntee also gists let you define more than one file (at the bottom) so you don't need to manually type out the seperators
19:55 twork_ ah, o
19:55 twork_ k
19:56 twork_ so... i'm confused again. why the bit about putting an "init.sls" like a makefile of sorts? reading at: http://docs.saltstack.com/en/latest/topics/tutorials/states_pt1.html
19:56 twork_ ...about 3/4 down
19:56 supersheep joined #salt
19:56 Ahrotahntee huh
19:56 Ahrotahntee interesting
19:56 Ahrotahntee let me see if that works for me here
19:57 Ahrotahntee yep that worked for me
19:57 twork_ (sorry, being called away, back soon i hope, apologies)
19:57 Ahrotahntee twork_: when you get back: did you restart salt-master after configuration changes?
19:58 Ahrotahntee I also need to leave in a moment, my shift is us
19:58 Ahrotahntee up*
20:00 leszq joined #salt
20:01 twork_ freudian slip?
20:01 XenophonF left #salt
20:02 twork_ back... and, aha. no, after i moved the path in salt/master i did not restart. gotten used to going all willy-nilly in the tree.
20:02 twork_ ...and, all worky-worky now.
20:03 twork_ much thanks.
20:04 ocdmw joined #salt
20:05 iggy meete0rite: try cranking up the logging level on the master and using salt-call -l debug on the minion
20:05 iggy meete0rite: what exactly do you mean nothing happens after key acceptance? What are you trying? What's the output? etc...
20:06 leszq joined #salt
20:12 ntropy Ahrotahntee: what is the .slsc file in the tinc state you pasted earlier?  compiled state?
20:12 meete0rite iggy: I enabled debugging and the salt master is literally outputting nothing when run using an init.d script.  When I run it as salt-master -l debug I get a ton of output
20:13 s_kunk_ joined #salt
20:14 meete0rite Ah, now I see there is a log level for both the command line and file
20:14 s_kunk joined #salt
20:14 aparsons_ joined #salt
20:18 losh joined #salt
20:27 c10 joined #salt
20:27 rocket joined #salt
20:28 benegget_ joined #salt
20:31 hal58th_ joined #salt
20:36 baweaver joined #salt
20:37 toofer joined #salt
20:38 toofer anyone know what library Salt is using for colored output?
20:41 toofer Ah, I think I just found it in the "textformat.py" file. Sorry to jump in and out like this.
20:42 hal58th__ joined #salt
20:43 sgargan joined #salt
20:45 Ahrotahntee ntropy: it's a compiled state file
20:45 Ahrotahntee ntropy: I write my sls files in python, at some point it compiles them
20:47 nitenq joined #salt
20:47 hal58th joined #salt
20:48 ablemann joined #salt
20:48 Ahrotahntee haven't quite figured that one out yet
20:49 ntropy nice, i wrote my first state in python just last week
20:50 ntropy i recommend doing that to anyone not too familiar with yaml
20:50 Ahlee_ wait, what compiles down your python to yaml states?
20:50 ntropy having to write dicts and lists and tuples directly means i now make fewer yaml formatting mistakes
20:50 Ahrotahntee I hate yaml
20:51 Ahrotahntee I also hate python, but I hate python less
20:53 ahammond I see a 2015.5.2 tag in github. And 2015.5.2 packages in epel. Can someone please update the channel topic?
20:53 ahammond basepi: ^
20:54 ekristen joined #salt
20:57 murrdoc basepi:  i figured out what i needed for local cmd … thanks for the assist
21:00 Bryanstein joined #salt
21:01 Ahrotahntee that's weird, minions are not returning from this state. maybe my timeout is too low
21:02 cberndt joined #salt
21:02 hal58th joined #salt
21:06 leszq joined #salt
21:07 moos3 joined #salt
21:08 sgargan joined #salt
21:08 Ahrotahntee yep that is fiercely timing out
21:09 primechuck In salt, is there a concept or a way to have a disposible, or temporary minion without going through the entire key exchange?  Like a group of minions that you don't trust but still want to manage for awhile?
21:09 LtLefse_ Ahrotahntee: where do you see 2015.5.2 in epel?
21:09 Ahrotahntee LtLefse_: did you mean to address that to ahammond?
21:09 LtLefse_ oops, yes
21:09 Ahrotahntee it's not a common letter combination
21:10 LtLefse_ ahammond: I only see 2015.5.0
21:13 Ahrotahntee of fucking course it works once I'm in debugm ode
21:13 Ahrotahntee mode*
21:19 ahammond LtLefse you're right, I was looking at epel-testing. However the tag is out there on git, which to me means a heck of a lot more than packaging stuff
21:20 ahammond primechuck consider using salt-ssh?
21:21 dustywusty is it normal behavior to need to restart salt-minions after restarting salt-master? i'm noticing my reactor events are not firing after restarting my master until i roll each minion
21:25 beneggett joined #salt
21:28 leszq joined #salt
21:33 gladiatr joined #salt
21:36 ahammond or... not? https://github.com/saltstack/salt/releases strange to have a tag out there but not have it released.
21:37 ahammond dustywusty you should not need to do this, however that's an interesting observation. take a look at https://github.com/saltstack/salt/issues/24198
21:37 edrocks_ joined #salt
21:38 keimlink joined #salt
21:39 primechuck That might work, was trying to think of salt for a cheap auto discovery for execution.  Minion starts, points at a master, master says do some stuff, then minion goes away to come back as a real machine to manager.
21:40 cliluw joined #salt
21:41 giantlock joined #salt
21:42 clintberry joined #salt
21:42 otter768 joined #salt
21:44 bfoxwell joined #salt
21:44 hax404 joined #salt
21:44 iggy primechuck: there's autosign
21:45 iggy dustywusty: the reactor never fires? (i.e. how long between the master restart and the minion?)
21:45 iggy ahammond: salt always has a bit of lag between when something is tagged and when something is announced... something about giving packagers time to update... but they never do
21:46 perfectsine joined #salt
21:48 Topic for #salt is now Welcome to #salt | 2015.5.2 is the latest | Please use https://gist.github.com for code, don't paste directly into the channel | Please be patient when asking questions as we are volunteers and may not have immediate answers | Channel logs are available at http://irclog.perlgeek.de/salt/
21:48 basepi thanks ahammond, forgot this time. =)
21:50 iggy basepi: you could just " bit.ly/something is the latest "
21:50 basepi Valid. Still have to remember to update that, though. ;)
21:51 forrest basepi: Have you guys considered using if this then that?
21:51 iggy or a checklist of what to do on a release
21:51 * iggy runs
21:55 penguinpowernz joined #salt
21:56 murrdoc hahah
21:56 qybl joined #salt
21:57 dustywusty iggy: it seems like after restarting my master .. my reactor event will never fire on a minion until i restart that minion, after any amount of time
21:57 dustywusty iggy: on the master I'll see a lot of "Failed to authenticate message"
21:57 iggy dustywusty: what version of salt?
21:58 borgstrom joined #salt
21:59 dustywusty iggy:                   Salt: 2015.5.0
22:00 iggy do you have the ability to upgrade to the latest?
22:00 iggy raet might help too
22:01 iggy you're probably seeing a bug, I just don't know if it's fixed already or how widespread it is
22:01 dustywusty iggy: i could give that a shot
22:02 Gareth forrest: they would use that FABULOUS new ifttt salt module :)
22:03 Gareth s/would/could/
22:05 murrdoc what is the if titty module ?
22:06 trevorj joined #salt
22:06 alexhayes joined #salt
22:06 murrdoc salt needs a PR guy
22:06 murrdoc some one to hype up the awesome new shit they keep writing
22:08 Alan_S_ joined #salt
22:08 forrest Gareth: Hah
22:08 Gareth murrdoc: I added one to the develop branch last week.  there is a PR with a state module waiting on a merge.
22:09 murrdoc where is the blog linked from a tweet, posted on <cool site where people post cool shit for discussion> man
22:10 Gareth murrdoc: Poke someone at SaltStack about having a Salt Planet blog :)
22:11 leszq joined #salt
22:11 * Gareth subtly gestures at basepi
22:12 murrdoc basepi:  Gareth says you are awesome and blogging
22:12 murrdoc and twittering
22:12 murrdoc and hacker newsing
22:15 napsterX joined #salt
22:16 Rockj\ joined #salt
22:17 trevorjay joined #salt
22:19 dh___ joined #salt
22:24 basepi iggy: hehehe, I'm way too cool for checklists. I like to keep things chaotic
22:24 cberndt joined #salt
22:25 basepi forrest: someday maybe I'll have time to play with that. xD
22:25 basepi It's one of those classic xkcd "how much time will this take to automate vs how much time it takes now"
22:25 basepi And it just doesnt' take much time now
22:26 basepi (Assuming I remember)
22:26 leszq joined #salt
22:26 iggy reproducability
22:26 forrest basepi: Fair enough
22:26 forrest he's trolling you iggy...
22:26 basepi iggy: that is a factor, for sure. eventually we want most of it to be automatic
22:26 forrest COME ON MAN
22:27 c10 joined #salt
22:31 monkey66 joined #salt
22:35 baweaver joined #salt
22:39 husanu joined #salt
22:42 cruatta joined #salt
22:43 cruatta_ joined #salt
22:44 Slimmons I have a master, that also is a minion.  I tried removing the key, and adding it back (for testing on some problems), and now it won't show up on salt-key -L anymore when I restart the minion.  Am I missing a step?
22:46 Slimmons salt-key -d minion -> /etc/init.d/salt-minion restart -> salt-key -L
22:46 Heartsbane I hate docker... that is all
22:46 Slimmons also tried to completely remove salt-minion, and reinstall it, and no luck getting it to send a key again
22:47 Ahrotahntee man, this script is taking way too long to execute
22:47 Ahrotahntee Duration: 26636.211 ms
22:47 Ahrotahntee aha it's an out of memory error
22:47 leszq joined #salt
22:47 iggy Slimmons: make sure the minion isn't listed elsewhere in /salt/pki
22:48 iggy i.e. /etc/salt/pki/master/minions_{denied,rejected}
22:48 baweaver joined #salt
22:49 Ahrotahntee how am I loading more than 512MB of pillar data?
22:49 Ahrotahntee that doesn't make any sense
22:49 scoates joined #salt
22:50 iggy recursive include/lookup/etc
22:50 iggy ?
22:51 GabLeRoux joined #salt
22:51 Ahrotahntee hmm
22:51 hal58th_ joined #salt
22:51 hal58th_1 joined #salt
22:51 Ahrotahntee I can't even tell which line is blocking/pushing it out of memory
22:52 Ahrotahntee wait a minute, it looks like the salt-minion is consuming the memory
22:52 iggy git bisect
22:52 Ahrotahntee Kill 4725 (salt-minion) or sacrifice child
22:53 iggy yeah, salt-minion reads pillars
22:53 Ahrotahntee so it takes the child (my python script)
22:54 leszq joined #salt
22:54 forrest Heartsbane: Juse use LXC instead
22:54 forrest Heartsbane: It's like docker, but pretty stable and easily manageable. Not as flashy though
22:54 Heartsbane forrest: ya I know, but the Software Architect doesn't see it my way
22:55 iggy or abstract away all vestages of docker (i.e. kubernetes+openshift)
22:55 forrest Heartsbane: Well, show him a demo of LXC using salt that does what docker does
22:55 forrest Heartsbane: All you get with docker is pre-built images, which you can do with lxc anyways.
22:55 darkhuy joined #salt
22:55 spookah joined #salt
22:56 iggy rocket!
22:56 Heartsbane forrest: working on it... Docker just gave me a case of the Mondays
22:58 darkhuy Hey guys, I'm trying to run a saltstate via salt.client.ssh.client.SSHClient().cmd but i'm running into some errors when copying files to the target machines
22:58 darkhuy https://gist.github.com/anonymous/1e9b636cefb435b6f0a4
22:58 darkhuy it works fine when I run it via CLI with salt-ssh '*' state.sls fio
22:59 darkhuy but that same command with SSHClient().cmd throws up errors that it can't find it
23:02 Ahrotahntee OK so apparently fetching all the grains for all the minions at once is pushing it out of memory
23:03 honestly Ahrotahntee detected
23:03 Ahrotahntee hello honestly
23:03 Ahrotahntee how are you
23:03 honestly o/
23:03 synical joined #salt
23:03 synical joined #salt
23:07 mosen joined #salt
23:10 keimlink_ joined #salt
23:11 murrdoc its been a good day honestly
23:11 murrdoc if i might say so myself
23:13 darkhuy hmm also, if i look in /var/cache/salt/files ...the files are all there, but it still says it can't find it and doesn't copy it to the target system....any ideas?
23:15 Ahrotahntee can someone look over the syntax of https://gist.github.com/Ahrotahntee/f4a007644c12666581a6 (salt mine); the two function aliases I create (tinc.private_ip, tinc.public_key) don't return anything.
23:15 Ahrotahntee and I'm getting "function is not available" on the salt-minion in debug mode
23:15 Ahrotahntee [ERROR   ] Function tinc.private_ip in mine_functions not available
23:16 napsterX joined #salt
23:16 iggy Ahrotahntee: what version of salt?
23:17 Ahrotahntee salt 2015.5.0 (Lithium)
23:19 Ahrotahntee I also can't get the example in the docs to work
23:19 iggy mine_functions
23:19 Ahrotahntee oh wait that one worked
23:20 iggy s on the end in private_ip
23:20 Ahrotahntee son of a
23:20 Ahrotahntee thank you iggy
23:20 iggy hate those ;)
23:20 Ahrotahntee yep, now fully working
23:21 Ahrotahntee this is one of the reasons I want laser eye surgery
23:28 c10 joined #salt
23:31 jamesog joined #salt
23:33 subsignal joined #salt
23:33 gladiatr joined #salt
23:41 baweaver joined #salt
23:43 otter768 joined #salt
23:45 dendazen joined #salt
23:49 murrdoc basepi:  whoever is responsibe for docs, http://docs.saltstack.com/en/2014.7/ref/states/all/salt.states.file.html has lost its anchor links
23:49 murrdoc so i cant link to a function like file.managed
23:49 murrdoc never mind
23:49 murrdoc pebkac
23:50 Ahrotahntee I love salt cloud so much
23:56 husanu joined #salt
23:58 ahammond I'd like to write a state that detects if a user is present but should not be, and rather than calling user.absent, it removes ssh authorized_keys and locks their password. What is the salty way to detect if a user is present?

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary