Perl 6 - the future is here, just unevenly distributed

IRC log for #salt, 2015-06-29

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:03 ALLmightySPIFF joined #salt
00:03 MK_FG joined #salt
00:05 c10 joined #salt
00:17 nocturn joined #salt
00:35 edrocks_ joined #salt
00:35 ageorgop joined #salt
00:52 nyx_ joined #salt
00:59 ajw0100 joined #salt
01:04 ALLmightySPIFF joined #salt
01:04 markm joined #salt
01:11 mapu joined #salt
01:21 vaspiros joined #salt
01:22 Ph-x joined #salt
01:24 BrazaBoy joined #salt
01:25 beauby joined #salt
01:26 BrazaBoy hi
01:28 nocturn joined #salt
01:36 fxhp joined #salt
01:40 pravka joined #salt
01:45 ageorgop joined #salt
01:48 travisfischer joined #salt
01:56 hrumph_ joined #salt
02:00 tkharju joined #salt
02:06 thehaven joined #salt
02:09 beauby joined #salt
02:15 lala_ joined #salt
02:32 beauby joined #salt
02:34 favadi joined #salt
02:48 sunkist joined #salt
02:51 c10 joined #salt
03:09 quasiben joined #salt
03:10 beauby joined #salt
03:17 pcdummy_ joined #salt
03:28 desposo joined #salt
03:29 gfa joined #salt
03:37 quasiben joined #salt
03:40 pravka joined #salt
04:05 hasues joined #salt
04:05 hasues left #salt
04:09 napsterX joined #salt
04:18 pravka joined #salt
04:19 tkharju joined #salt
04:32 hrumph_ jesus is windows ever slow
04:32 hrumph_ sorry wrong chan
04:32 hrumph_ still true anyway
04:43 chiui joined #salt
04:44 sirtaj left #salt
04:45 napsterX joined #salt
04:50 ramteid joined #salt
04:57 joeto joined #salt
05:07 rdas joined #salt
05:11 jradd joined #salt
05:22 c10 joined #salt
05:29 bones050 joined #salt
05:34 travisfischer joined #salt
05:51 jradd joined #salt
05:51 aea joined #salt
05:53 stephanbuys joined #salt
05:58 catpigger joined #salt
05:59 napsterX joined #salt
05:59 pravka joined #salt
06:03 stoogenmeyer_ joined #salt
06:05 aqua^c joined #salt
06:07 AndreasLutro joined #salt
06:11 yamnog_ joined #salt
06:14 aqua^c joined #salt
06:16 julez joined #salt
06:17 malinoff joined #salt
06:17 pravka joined #salt
06:17 colttt joined #salt
06:18 mike25de left #salt
06:20 calvinh joined #salt
06:22 michelangelo joined #salt
06:29 c10 joined #salt
06:30 ndrei joined #salt
06:30 dopesong joined #salt
06:31 dopesong_ joined #salt
06:32 flyboy joined #salt
06:50 aqua^c joined #salt
06:55 rdas joined #salt
06:56 flyboy82 joined #salt
06:57 Bateau_ joined #salt
06:57 ALLmightySPIFF joined #salt
06:57 aqua^c joined #salt
07:02 thalleralexander joined #salt
07:03 soren joined #salt
07:05 al0 joined #salt
07:07 evle1 joined #salt
07:13 kawa2014 joined #salt
07:13 aqua^c joined #salt
07:25 martoss joined #salt
07:25 martoss left #salt
07:27 aqua^c joined #salt
07:29 aqua^c joined #salt
07:30 linjan joined #salt
07:30 s_kunk joined #salt
07:39 aqua^c joined #salt
07:40 chiui joined #salt
07:42 lb1a joined #salt
07:43 julez joined #salt
07:48 aqua^c joined #salt
07:50 aqua^c joined #salt
07:56 favadi joined #salt
07:56 kawa2014 joined #salt
07:58 N-Mi joined #salt
08:02 markm joined #salt
08:08 Grokzen joined #salt
08:09 AirOnSkin joined #salt
08:12 AirOnSkin Does anyone in here clone virtual machine templates with a Salt minion installed? If so, after cloning is complete, how do you manage to provide the new machine with its own identity? I've changed minion_id and deleted the keys under /etc/salt/pki/minion/ and restarted the Salt minion. 'salt-key' on the master however doesn't show a new unaccepted key...
08:12 Xevian joined #salt
08:16 impi joined #salt
08:18 aqua^c joined #salt
08:22 yamnog_ AirOnSkin, I don't clone VMs, I launch new ones and they fetch their Salt-Minion and Salt-Master info over mdata
08:24 slav0nic joined #salt
08:27 juanito joined #salt
08:27 linjan joined #salt
08:29 forrest joined #salt
08:29 blue0ctober joined #salt
08:30 c10 joined #salt
08:32 AirOnSkin yamnog_: How do you "launch" new ones? How are they provisioned?
08:34 jhauser joined #salt
08:34 ctolsen joined #salt
08:34 keimlink joined #salt
08:37 ingslovak joined #salt
08:40 yamnog_ AirOnSkin, via SmartDataCenter's API.   Most IaaS providers have an API you can talk to with a script or Salt Cloud.
08:41 AirOnSkin yamnog_: Ah, I see. Well, we're not that far yet... I still have to clone the virtual machines -.- ... but at leas I found the error:
08:41 AirOnSkin root@svmm-l-0005: ~ # salt-call state.highstate
08:41 AirOnSkin [ERROR   ] DNS lookup of 'hyrax' failed.
08:42 AirOnSkin [ERROR   ] Master hostname: 'hyrax' not found. Retrying in 30 seconds
08:43 stoogenmeyer__ joined #salt
08:44 stoogenmeyer__ joined #salt
08:49 IanV0rn joined #salt
08:50 IanV0rn joined #salt
08:50 cberndt joined #salt
08:51 shiin joined #salt
08:52 shiin On one salt system, minions don't report anything when theres no change upon state.highstate test=True, but on another salt system it does and everything reports as changed, despite not having changed. I saw multiple github issues on that but no apparent solution as it already seems fixed, or not broken. Is this some kind of caching problem and I need to manually fix it?
08:53 kbyrne joined #salt
08:54 dkrae joined #salt
09:12 ctolsen joined #salt
09:13 yamnog_ AirOnSkin, the question you asked above is just a DNS issue.   You may want to modify your /etc/hosts file
09:13 julez joined #salt
09:17 mgar joined #salt
09:21 mage__ is there a way to create a package for my custom modules (_modules/) ?
09:22 mage__ I have the following error : https://gist.github.com/silenius/0cca7908dad5b83737ff
09:27 juanito joined #salt
09:30 DanyC joined #salt
09:36 microch1p joined #salt
09:37 linjan joined #salt
09:38 katyucha2 joined #salt
09:40 mage__ https://gist.github.com/silenius/8ddcba01025d9f2a2c44 no idea ... ? :(
09:40 microch1p joined #salt
09:41 katyucha2 Hi. I try to configure salt pad with salt-api. I add rest_cherrypy conf ( port 8000, host 0.0.0.0)  on etc/master but no port open... No idea ?a
09:46 yuhl_work___ joined #salt
09:47 yuhl_work___ left #salt
09:53 Bryanstein joined #salt
09:55 yomilk joined #salt
09:55 IanV0rn joined #salt
09:55 microch1p joined #salt
09:56 giantlock joined #salt
10:06 calvinh joined #salt
10:17 s_kunk joined #salt
10:17 matthew-parlette joined #salt
10:18 DanyC Hi, anyone who is close to salt-cloud code?
10:21 pcdummy joined #salt
10:23 supersheep joined #salt
10:28 katyucha2 Dont ask to ask, just ask
10:41 calvinh_ joined #salt
10:43 DanyC katyucha2:  okay :0 So i'm at the point where i'd like to tidy up my Openstack HEAT templates (currently using salt) and i was thinking salt cloud or terraform will be a good candidate. Now i had a look over the documentation and the salt cloud code and i do see from Openstack perspective a lot is around Rackspace
10:45 ITChap joined #salt
10:46 DanyC Now my question is: has anyone from dev side run over and put together a gap analysis of things to improve so i can see if i can make some contribution ? (apart form the Issues on github )
10:46 mgar joined #salt
10:51 mgar joined #salt
10:55 pviktori_ joined #salt
10:56 peters-tx0 joined #salt
10:59 sastorsl joined #salt
10:59 sastorsl Is it possible to start a job on a minion _from_ another minion - aka minion: salt 'otherminion' state.sls ...
11:00 sastorsl Or: Is there a way to authorize this?
11:06 sastorsl Found it: http://docs.saltstack.com/en/latest/ref/peer.html
11:10 dimeshake joined #salt
11:17 IanV0rn_ joined #salt
11:21 aqua^c joined #salt
11:28 yomilk joined #salt
11:32 keekz joined #salt
11:34 zerthimon joined #salt
11:35 sastorsl With peer communication - is it possible to restrict a minion publish rights to only a set of other minions?
11:38 dRiN joined #salt
11:38 nyx_ joined #salt
11:43 esharpmajor I want to distribute symmetric keys ('passwords') to minions, each minion would have a unique key, and one privileged minion (the bacula directory actually) would have access to all of them
11:43 esharpmajor Can this easily be done with the pillar system (without writing the passwords twice)
11:43 quasiben joined #salt
11:43 esharpmajor I thought of using cmd_yaml to filter the master passwords list the return the minion-specific password, but this seems hacky
11:44 shiin joined #salt
11:45 julez joined #salt
11:45 _JZ_ joined #salt
11:50 dimeshake joined #salt
11:59 esharpmajor I think I have a solution using load_yaml and jinja, viz https://gist.github.com/anonymous/1d55bd903636c591d748
12:01 dimeshake joined #salt
12:01 c10 joined #salt
12:02 dubey joined #salt
12:03 mgar joined #salt
12:04 shiin joined #salt
12:04 dubey Hi, I am learning salt and added a users.sls file to add an user on all the system which is successful. Now i wanted to know that if i remove that user from anyone of the system how will it get added again to maintain the state ?
12:04 dubey do i need to run any command or configuration to do this ?
12:04 OliverMT it will get added when you run the state
12:04 OliverMT so running highstate will fix it
12:07 IanV0rn2341 joined #salt
12:11 AbyssOne joined #salt
12:11 DanyC Can anyone pls help me understand what are the cons of using formula ? Been reading this blog https://medium.com/@name_alari/saltstack-able-microservices-architecture-fb3db2f3e8 and i'm trying to achieve same thing but prefer not to go ont eh wrong path before i start it. Any honest view much appreciated
12:12 tmclaugh[work] joined #salt
12:13 AndreasLutro DanyC: if you need to re-use the exact same states across multiple salt setups, formulas can be great. if you don't need that, don't bother using them imo
12:13 dubey OliverMT: should i write a cron to run highstate every 1 or 2 min. ?
12:15 OliverMT thats pretty often
12:16 DanyC AndreasLutro: sure. Let me give you more info: I'll be running on Openstack on mutliple tenants : dev/ qa/ project 1,2,3 and the only delta will be the HEAT template (due to HEAT version) but the user_data should be the same. So it sounds like it will be great to move into formulas
12:16 amcorreia joined #salt
12:19 AndreasLutro DanyC: well, there are other ways to provide "deltas", like making a single HEAT template state but using pillar data to make it do different things from server to server
12:19 sroegner joined #salt
12:19 dubey is there other way to do this, or everyone does to run highstate to maintain system states ?
12:22 aqua^c joined #salt
12:25 OliverMT dubey: since you want to run it so often, I would run only the state that maintains the user
12:26 OliverMT salt 'yourservers' state.sls the.user.thing.sls
12:27 kawa2014 joined #salt
12:27 dubey Need help to maintain the state of a user: http://pastebin.com/rPtew7wJ
12:27 dubey OliverMT : got it, thanks
12:28 dubey i want to add a user to the systems and also copy their public keys to authorization files. I have pasted above, but getting error
12:30 OliverMT I think authorized_users is just a file?
12:30 OliverMT or can it be a repo?
12:30 OliverMT *a folder
12:31 dubey it's a file
12:32 OliverMT not how you put it
12:32 OliverMT /home/anir/.ssh/authorized_keys/anir
12:32 OliverMT remote /anir at the end and you're there
12:33 esharpmajor for those interested, I now have a worked example for my own question: https://gist.github.com/anonymous/9685db5691003a7c858c
12:33 esharpmajor the master password file is a normal pillar .sls file and a jinja template is used to extract the minion-specific password (if present)
12:33 Mate dubey: http://docs.saltstack.com/en/latest/ref/states/all/salt.states.ssh_auth.html
12:34 AndreasLutro esharpmajor: dunno if it matters to you but be aware that minions can get other minions' passwords if you do it that way
12:34 c10 joined #salt
12:34 IanV0rn2341 joined #salt
12:34 AndreasLutro oh no nevermind I misread :)
12:34 AndreasLutro ignore me
12:34 esharpmajor AndreasLutro: I wanted to avoid that, are the jinja templates rendered on the master? or the minion?
12:35 AndreasLutro master
12:36 sastorsl Re: peer communication - is it possible to restrict a minion publish rights to only a set of other minions?
12:36 IanV0rn2_ joined #salt
12:37 esharpmajor AndreasLutro: thanks, looks like this solution will work for me then :) the passwords aren't super sensitive, but  perform a sort of mutual auth for the bacula 'cluster'
12:37 AndreasLutro esharpmajor: cool. I'll link this just in case it's useful http://docs.saltstack.com/en/latest/ref/renderers/all/salt.renderers.gpg.html
12:38 furrowedbrow joined #salt
12:39 emaninpa joined #salt
12:40 IanV0rn2341 joined #salt
12:46 napsterX joined #salt
12:47 pliniker joined #salt
12:49 stoogenmeyer_ joined #salt
12:51 DanyC AndreasLutro: indeed and this is what i'm trying to figure out: the pros/ cons of formulas so i can see which path i go with
12:54 stoogenmeyer__ joined #salt
12:54 numkem joined #salt
12:58 DanyC and with this i'm sold to formulas ;) http://www.slideshare.net/SaltStack/forrest-alvarez-salt-formulas-and-states-salt-conf-32725456
12:59 FeatherKing joined #salt
13:01 CeBe joined #salt
13:02 CF674252 joined #salt
13:02 quasiben joined #salt
13:02 dubey Thanks Mate : It solved my problem
13:07 yudao joined #salt
13:12 bhosmer joined #salt
13:13 pacopablo joined #salt
13:14 bhosmer joined #salt
13:16 mapu joined #salt
13:18 subsignal joined #salt
13:19 pickledpig joined #salt
13:19 dyasny joined #salt
13:20 icflournoy joined #salt
13:20 murrdoc joined #salt
13:21 RDc joined #salt
13:23 icflourn1y joined #salt
13:24 IanV0rn2_ joined #salt
13:26 IanV0rn2_ joined #salt
13:28 IanV0rn2341 joined #salt
13:29 peters-tx0 joined #salt
13:30 IanV0rn2341 joined #salt
13:30 peters-tx0 left #salt
13:31 peters-tx joined #salt
13:31 IanV0rn2341 joined #salt
13:31 hasues joined #salt
13:31 hasues left #salt
13:32 FeatherKing joined #salt
13:32 yomilk joined #salt
13:34 mapu joined #salt
13:34 djstorm joined #salt
13:37 perfectsine joined #salt
13:37 cpowell joined #salt
13:39 kawa2014 joined #salt
13:40 quasiben joined #salt
13:41 yudao left #salt
13:41 CF660184 joined #salt
13:44 mpanetta joined #salt
13:44 elfixit joined #salt
13:46 masterkorp hello
13:50 masterkorp https://www.zerobin.net/?fe4fad3a17bd7a6e#S9RI+hKkFig7k8QSi371h6yhaM2INWmBy1WRUF4ZPpg=
13:50 masterkorp i just added a new datadog-formula to my gitfs
13:50 shiin mage__: did you figure out how to install modules separately?
13:51 masterkorp the formulas has propagated to the minion
13:51 masterkorp but i cannot run it
13:51 masterkorp Rendering SLS 'base:datadog' failed: Jinja variable 'dict object' has no attribute 'datadog'
13:51 masterkorp Any ideas ?
13:52 _mel_ joined #salt
13:58 drawsmcgraw joined #salt
13:59 shiin grep -r 'datadog' /srv/salt
13:59 andrew_v joined #salt
13:59 mou joined #salt
14:00 masterkorp its there
14:00 masterkorp shiin: https://www.zerobin.net/?070fbb5afadc7126#+aj8MawMHuco6x7wTklAiCjltSgnXy6kwqq67f74kt8=
14:00 calvinh joined #salt
14:00 masterkorp salt-minion even reads the file
14:01 masterkorp there is the systemcall fd read
14:03 shiin Do you have to put those \" there?
14:04 masterkorp shiin: that is not on the file itself
14:04 masterkorp its just how the syscall shows it
14:05 quasiben left #salt
14:05 quasiben joined #salt
14:06 dendazen joined #salt
14:07 dendazen How can i remove some files in directory with regex or glob in salt without using ‘cmd’?
14:07 dendazen Is there a way?
14:07 dyasny joined #salt
14:08 timoguin joined #salt
14:11 dopeson__ joined #salt
14:11 aqua^c joined #salt
14:11 numkem joined #salt
14:12 shiin I see.
14:12 murrdoc file.absent might accept a glob
14:13 spark_ joined #salt
14:14 leszq joined #salt
14:14 dendazen it doesn’t seem that this would work /etc/yum.repos.d/puppet*: file.absent
14:15 clintberry1 joined #salt
14:16 bhosmer joined #salt
14:16 dopesong_ joined #salt
14:17 ekristen joined #salt
14:18 saffronSpice joined #salt
14:26 calvinh_ joined #salt
14:27 masterkorp https://github.com/saltstack/salt/issues/25031
14:27 masterkorp i have no more ideas
14:27 masterkorp any input would be welcome
14:33 berserkir masterkorp, can you share what is in the sls file?
14:34 PI-Lloyd masterkorp: looks to be a problem with the jinja in the datadog-conf file.replace
14:35 murrdoc might be a formula bug
14:36 masterkorp berserkir: yes, its in github
14:36 murrdoc link?
14:36 masterkorp murrdoc: i've run the formula with kitchen-salt
14:36 PI-Lloyd change the square brackets around 'api_key' to standard brackets '()'
14:37 masterkorp berserkir: https://github.com/DataDog/datadog-formula
14:37 masterkorp also, this is a very generic error
14:37 masterkorp the error messages really need to improve
14:38 PI-Lloyd +1
14:38 wnkz joined #salt
14:39 murrdoc ok the problem here is you havent setup the pillar for datadoc
14:39 murrdoc datadog*
14:39 masterkorp yes i have
14:39 murrdoc fails right there https://github.com/DataDog/datadog-formula/blob/master/datadog/init.sls#L33
14:39 murrdoc ok
14:40 murrdoc try this run salt 'minionname' pillar.get datadog
14:40 masterkorp i've commented that on the salt-minion
14:40 masterkorp murrdoc: hmm its empty
14:40 masterkorp you're right
14:40 racooper joined #salt
14:40 murrdoc :)
14:40 masterkorp How can syn pillar data manually ? or force
14:41 murrdoc salt 'minioname' saltutil.refresh_pillar
14:41 berserkir Nice murrdoc :)
14:41 DammitJim joined #salt
14:41 murrdoc :) easy fix
14:41 masterkorp murrdoc: hmm still gets empty to the minion
14:42 favadi joined #salt
14:42 dopesong_ joined #salt
14:42 murrdoc k did u put the pillar file in the file roots on the salt master ?
14:43 dopesong joined #salt
14:45 murrdoc this formula needs some love
14:48 bhosmer joined #salt
14:49 Brew joined #salt
14:50 masterkorp it has been propely set
14:50 masterkorp all it needed was a force sync
14:54 jalbretsen joined #salt
14:54 murrdoc ok
14:54 murrdoc this formula is wack
14:54 masterkorp murrdoc: thank you
14:54 debian112 joined #salt
14:54 masterkorp yes, but its better than nothing
14:56 jalbretsen1 joined #salt
15:00 zergutzu joined #salt
15:03 murrdoc i am about to fix it up
15:06 sdm24 joined #salt
15:08 icflournoy joined #salt
15:09 SheetiS joined #salt
15:10 murrdoc masterkorp:  you should clos this out https://github.com/saltstack/salt/issues/25031
15:10 murrdoc should/could
15:11 aqua^c joined #salt
15:13 numkem joined #salt
15:14 chiui joined #salt
15:16 drawsmcgraw Potentially dumb question: If I fire a 'salt-call' on the CLI and pass it a 'pillar={pillar-stuffs}', that pillar parameter gets merged with the existing Pillar and does not clobber it, right?
15:17 murrdoc all merges go through the same function
15:17 masterkorp murrdoc: will do
15:20 drawsmcgraw murrdoc: I'll take that as a yes (though I understand that individual keys *will* get clobbered). Thanks
15:22 linjan joined #salt
15:23 murrdoc what version of salt do u use drawsmcgraw
15:23 drawsmcgraw 2015.5.0
15:24 drawsmcgraw murrdoc: I haven't tested anything yet, so no issues. Just looking to confirm the assumption.
15:24 murrdoc k
15:25 murrdoc drawsmcgraw:  https://github.com/saltstack/salt/blob/v2015.5.0/salt/utils/dictupdate.py
15:25 murrdoc the code dont lie
15:25 murrdoc hips do
15:25 murrdoc code not so much
15:25 al joined #salt
15:25 drawsmcgraw Heh. Thanks murrdoc :)
15:25 Ymage joined #salt
15:31 fyb3r joined #salt
15:31 favadi joined #salt
15:32 leszq joined #salt
15:32 thedodd joined #salt
15:32 Ymage joined #salt
15:33 kaiyou joined #salt
15:35 ALLmightySPIFF joined #salt
15:35 murrdoc not being a smartass btw
15:35 al joined #salt
15:35 murrdoc just saying
15:36 coval3nce joined #salt
15:36 numkem joined #salt
15:37 mou joined #salt
15:38 coval3nce Is there a construct in the salt-minion that would allow running helper applications in a seperate thread?  For example, something that hooks the Docker api and sends events when containers spin up or spin down?  Master could launch a continer on a seperate host or re-launch.  Getting into PaaS territory here.
15:43 N-Mi joined #salt
15:44 impi joined #salt
15:44 coval3nce I’d be reinventing fleetctl or mesos then trying to do that jazz i guess ;)
15:45 numkem joined #salt
15:47 numkem joined #salt
15:48 bhosmer joined #salt
15:48 desposo joined #salt
15:49 numkem joined #salt
15:51 giantlock joined #salt
15:53 murrdoc damnit masterkorp https://github.com/DataDog/datadog-formula/pull/8
15:53 pullphinger joined #salt
15:57 Norbell joined #salt
15:58 dopesong_ joined #salt
15:59 dopeson__ joined #salt
16:00 tkharju joined #salt
16:03 zz_cro joined #salt
16:04 totte left #salt
16:06 leszq joined #salt
16:06 masterkorp murrdoc: i din't do anything
16:07 murrdoc u didnt, but u pointed out the whack formula
16:08 coval3nce masterkorp: get a chance to test out https://github.com/saltstack/salt/issues/22241 yet?
16:09 murrdoc :)
16:13 masterkorp coval3nce: not yet ;(
16:13 * masterkorp is buried on work
16:13 coval3nce hehe no worries
16:15 btorch has something changed with salt.states.pkgrepo ?
16:15 dopesong_ joined #salt
16:15 btorch I'm now getting  "Failed to configure repo.... HTTP error 401 reading ... url ... No permission -- see authorization schemes"
16:16 btorch it used to work fine before 2015 upgrade
16:16 btorch 2015.5.0+ds-1precise1
16:16 dopesong_ joined #salt
16:20 ecdhe I've got a jinja-templated file which gets its context from a file.managed state.
16:20 ecdhe Can I change the context from another .sls file?
16:22 dendazen How do I remove crontab entry for some user?
16:22 dendazen with the state
16:22 linjan joined #salt
16:23 dendazen i mean i can directly zero  out  /var/spool/cron/root file, but that doesn’t seem too statefull.
16:23 btorch ok yeah so seems like pkgrepo.managed fails to setup the repo on 2015.5.0 but works fine on 2014.7.2
16:24 btorch I think it doesn't like the url being http://user:pass@server/...
16:25 pguinardco joined #salt
16:26 amcorreia_ joined #salt
16:27 btorch is that no longer possible ?
16:29 stoogenmeyer__ joined #salt
16:29 erjohnso joined #salt
16:38 icflournoy joined #salt
16:38 writtenoff joined #salt
16:45 cro joined #salt
16:47 KyleG joined #salt
16:47 KyleG joined #salt
16:48 bhosmer joined #salt
16:48 leszq joined #salt
16:50 fxhp joined #salt
16:51 anotherZero joined #salt
16:55 pravka joined #salt
16:59 fyb3r can a returner be setup on a master to have it store the data into a sqlite db? or are returners only for minions?
17:00 gmoro joined #salt
17:00 aqua^c joined #salt
17:03 perfectsine joined #salt
17:04 tomh- joined #salt
17:05 MatthewsFace joined #salt
17:08 cruatta joined #salt
17:08 theologian joined #salt
17:12 MatthewsFace joined #salt
17:13 amcorreia_ joined #salt
17:14 forrest joined #salt
17:16 fyb3r Nvm, I found the answer
17:21 dfinn joined #salt
17:21 dfinn I seem to be seeing a pattern on my centos minions that /var/log/salt/minion is empty, there should be something in there at least from salt-minion starting up right?
17:22 evle1 joined #salt
17:25 ajw0100 joined #salt
17:25 bhosmer joined #salt
17:26 drawsmcgraw dfinn: About the only thing I see in one of my fresh minions is the minion talking about the Master caching the Minion's public key
17:26 dfinn yeah, I don't even have that
17:27 drawsmcgraw If you're able, try starting the minion in the foreground with a debug
17:27 drawsmcgraw salt-minion -l debug
17:27 dfinn I stopped the minion, deleted the log file and then restarted
17:27 dfinn it recreated the log file but it's still empty
17:27 dfinn ok
17:27 dendazen joined #salt
17:28 jY is there an option to delay the start or restart of a service till the end.. like chef has a way to issue a restart but things won't restart till the end of a run
17:29 dfinn odd, the minion starts up fine in debug mode, no errors but I still can't connect to it from the master
17:29 dfinn which is the reason why I was looking for the logs in the first place
17:30 rap424 joined #salt
17:32 forrest jY: You'd have to make the service restart state include the other associated states so it runs as the very last thing (and it wouldn't allow watching files which would be a bummer). What is your use case? I can't think of any services I would want to 'wait' to restart.
17:32 forrest dfinn: Do you see the connection from the minion to the master open?
17:33 dfinn not sure where to check for that.  I got it working by removing the keys and re-adding them
17:33 dfinn not sure why communication stopped working
17:33 julez joined #salt
17:33 forrest dfinn: I'd check netstat, test to see if you can connect from the minion to the listening port on the master, etc.
17:35 IanV0rn2341 joined #salt
17:35 andrew_v_ joined #salt
17:36 twork_ left #salt
17:37 jY forrest: when we auto scale.. sensu loads first before the app is deployed and alerts.. i can fix it by requires but just wondering if there was like a execution delay or something
17:38 forrest jY: You could do something with http://docs.saltstack.com/en/latest/ref/states/ordering.html#the-order-option
17:38 jY forrest: thanks.. i'll try that
17:38 forrest jY: NP
17:41 jY forrest: thanks seems like that'll work
17:41 forrest Cool!
17:43 ecdhe I'd like to template a configuration file with a different context based on the top file.
17:43 ecdhe I have a state with a basic init.sls that does a file.managed.  Then there are two optional configurations.
17:44 forrest ecdhe: What are you matching on in the top file for the two different files?
17:44 ecdhe node type...
17:44 ecdhe It's a grain.
17:44 ecdhe I could match on that directly.
17:45 ecdhe I mean, I could use the node type to seed the context... but I want to reserve the future option that node type and state configuration won't be one to one.
17:46 ecdhe To be a little less abstract, I have servers and clients (the node types) and the state I'm managing is for ntpd.
17:46 ecdhe The server has gps discipline, but the clients get their time from the server.
17:46 forrest ecdhe: okay, you could do a grain match then in either the init (for the source location of the file), template the file itself based on the grain, or create two different state files (confA.sls, confB.sls) and then use the top file to include based on those, and that conf state drops in the specific file.
17:49 ecdhe forrest, thanks!  I have your very first suggestion working (confA.sls pulls fileA.conf, confB pulls fileB.conf)
17:49 ecdhe I wanted to templatize the file to be more DRY.
17:50 forrest ecdhe: Yeah, in those situations I kind of like multiple files to keep things simple since you don't know if it will expand from there, but I can understand why you'd want to do it a different way
17:50 ecdhe Currently I have one template but two file.managed states in confA.sls and confB.sls.
17:51 ecdhe I figured if the top.sls assigns a node  - state.confA, it would really neat if I could get the fact that "confA was called" into the init.sls context.
17:52 ecdhe Then I'd have a DRY config file, a DRY state, and the role grain would only be explicitly making changes to a node's configuration in the top.sls file.
17:53 ecdhe forrest, I appreciate you talking me through it.  I really enjoy salt, sometimes, my thoughts are organized in sort of an anti-salt fashion.
17:53 vaspiros joined #salt
17:53 forrest Yeah you have to get used to it :)
17:58 Ryan_Lane ecdhe: no worries about not thinking in the "salt" way. I surely don't :)
17:59 baweaver joined #salt
18:01 ecdhe Ryan_Lane, I think the salt community would get a kick out of what I do with it... I need to get approval from $CUSTOMER, but I'm somewhat non-conventional without needing to modify the released salt code.
18:01 ecdhe Kind of like your masterless setups at wikimedia...
18:04 murrdoc are you going against the GRAIN?
18:04 * murrdoc makes bad salt pun
18:04 Ryan_Lane ecdhe: masterless is at lyft :)
18:04 baweaver joined #salt
18:04 Ryan_Lane ecdhe: wikimedia only uses salt for remote execution (minion/master)
18:06 spookah joined #salt
18:06 Ryan_Lane ecdhe: you should write a blog post about how you're using it :)
18:06 g3cko joined #salt
18:06 ecdhe Ryan_Lane, I may do that...  I was hoping to squeeze in at Saltconf'16 if I can get it approved.
18:06 Ryan_Lane murrdoc: :D
18:06 Ryan_Lane cool
18:07 ecdhe My project winds down in September this year, more time to reflect on the victory.
18:07 murrdoc :D
18:07 leszq joined #salt
18:07 murrdoc wait so give us some clues on what u doing ecdhe
18:08 ecdhe murrdoc, I came, I salted, I conquered.
18:08 murrdoc eugh
18:08 geekatcmu heh
18:08 murrdoc i meant with regards to saltstack work
18:09 ecdhe I'm going to be vague here: I'm salting the ocean.
18:09 murrdoc ok buddy
18:11 Ryan_Lane ecdhe: heh. I know salt is being used random places in the gov. so I think I have a feeling what you're saying ;)
18:12 denys joined #salt
18:12 ecdhe Thank Ryan_Lane.  If $CUSTOMER approves, I'd love to share more, otherwise, I'll do this sort of thing again, in my line of work.
18:17 Ryan_Lane cool :)
18:19 icflournoy joined #salt
18:19 paha joined #salt
18:20 lowfive joined #salt
18:21 pravka joined #salt
18:27 ALLmightySPIFF joined #salt
18:28 bhosmer joined #salt
18:28 murrdoc my current 'fun thing to implement' is to use saltstack to turn off ipv6
18:29 murrdoc on a hardware system
18:30 zer0def joined #salt
18:31 ecdhe murrdoc, is that a TODO?
18:31 murrdoc yeah just found out today one of the apps we have in prod cant work with ipv6
18:31 murrdoc so now we dig into quagga and stuff
18:32 murrdoc and sysctls
18:32 MatthewsFace joined #salt
18:33 murrdoc why ecdhe u have thoughts on it
18:33 ajw0100 joined #salt
18:35 ecdhe Are you thinking you'll make a custom execution/state module?
18:36 ecdhe out: meeting
18:36 supersheep joined #salt
18:39 bhosmer joined #salt
18:42 MatthewsFace joined #salt
18:43 baweaver joined #salt
18:45 rogst joined #salt
18:49 aqua^c joined #salt
18:51 adelcast joined #salt
18:51 adelcast hello, I am currently working on adding opkg support to Salt
18:52 adelcast an opkg based target can support several architectures (they are listed by priority)
18:52 adelcast it make sense to me to return those architecutes as the grain "osarch"
18:52 adelcast however, I would be returning a dictionary instead of a single value...I think that's ok but wanted to check with the community
18:53 adelcast since this would mean that in the opkg case osarch would be a dict, instead of a single value
18:54 nr2oOl joined #salt
18:55 nr2oOl left #salt
18:56 nr2oOl_ joined #salt
18:56 nr2oOl_ left #salt
18:57 nr2oOl_ joined #salt
18:59 sporkd2 has anyone come up with a clever way to stripe instances across availability zones in amazon?
18:59 sporkd2 using salt-cloud
19:00 quasiben joined #salt
19:01 napsterX joined #salt
19:02 aea joined #salt
19:03 nr2oOl_ left #salt
19:04 Ryan_Lane sporkd2: sure. don't use salt-cloud :)
19:04 Ryan_Lane use the boto_* modules. specfically the boto_asg one
19:04 Ryan_Lane and always launch everything in an autoscale group
19:04 Ryan_Lane then you can control which AZs will be used and the autoscale group will ensure they're across AZs
19:05 Ryan_Lane autoscale groups are superior to normal instances in every way :)
19:05 Ryan_Lane even for singletons
19:09 andrew_v_ joined #salt
19:09 napsterX joined #salt
19:09 nr2oOl joined #salt
19:12 sporkd2 Ryan_Lane: that works for people who are amazon agnostic, which we are not :)
19:12 sporkd2 and we do our own autoscaling outside of amazon
19:14 MatthewsFace joined #salt
19:15 Ryan_Lane gotcha
19:15 ajw0100 joined #salt
19:16 martoss joined #salt
19:20 Ryan_Lane just successfully upgraded salt everywhere :D
19:20 murrdoc manage.up ?
19:20 murrdoc oh wait mastserless
19:21 Ryan_Lane found and fixed about 5 issues while testing
19:21 Ryan_Lane murrdoc: our rollout strategy is pretty excellent with masterless
19:21 murrdoc share cos u care
19:21 murrdoc ?
19:21 Ryan_Lane we can upgrade single instances, entire environments, single availability zones, etc.
19:22 murrdoc do u have 'tasks' in salt
19:22 Ryan_Lane nah. everything is based on a deploy
19:22 murrdoc ah software rollout ?
19:22 Ryan_Lane so, we have grains that are used as feature flags
19:22 Ryan_Lane I feature flag the upgrade, then enable the flag on subsets of hosts
19:22 napsterX joined #salt
19:23 Ryan_Lane so we can bake in an upgrade on subsets of nodes for long periods of time
19:24 Ryan_Lane really, we can use the system for any really dangerous salt change, which is nice
19:25 Ryan_Lane no reason the same thing can't be done in master/minion, though
19:25 murrdoc yeah
19:25 murrdoc i have two versions
19:25 murrdoc trusty vs precise
19:27 nr2oOl joined #salt
19:29 Laserwhit joined #salt
19:39 evilrob joined #salt
19:44 napsterX joined #salt
19:45 hacfi joined #salt
19:48 spookah joined #salt
19:50 hojgaard_ joined #salt
19:50 bhosmer joined #salt
19:52 digismack joined #salt
19:53 icflournoy joined #salt
19:53 pcn Hey, what's the norm for naming jinja templates?  Is it jinja, or is there a common suffix that's shorter?
19:53 murrdoc filename.extension.tmpl
19:55 napsterX joined #salt
19:57 baweaver joined #salt
19:58 pcn Thanks
19:58 murrdoc its not the norm, thats how i do it
19:59 dfinn left #salt
19:59 catpiggest joined #salt
20:02 whytewolf I normally use filename.version.jinja [and have the vim-jinja setup to focus on jinja as a filetype
20:02 slav joined #salt
20:02 juanito joined #salt
20:03 slav hi there - does anyone know who to compile a salt minion msi package for windows?  It' saying that I have no distfiles for amd64 available
20:04 alexanderilyin joined #salt
20:04 alexanderilyin hi, is there a way to call ru only one state from sls file by it’s ID?
20:04 litwol left #salt
20:05 sporkd2 alexanderilyin: check out the state module
20:06 cberndt joined #salt
20:06 sporkd2 alexanderilyin: http://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.state.html#salt.modules.state.sls_id
20:07 bhosmer joined #salt
20:08 bhosmer joined #salt
20:08 linjan joined #salt
20:10 Tahm joined #salt
20:12 coval3nce joined #salt
20:13 leszq joined #salt
20:14 quasiben I see client_acl_blacklist exists — how would one whitelist certain commands for all users?
20:20 catpigger joined #salt
20:20 Ryan_Lane I usually just keep the filename the same
20:22 Tahm joined #salt
20:24 ingslovak joined #salt
20:29 soren joined #salt
20:29 linjan joined #salt
20:30 catpiggest joined #salt
20:31 DammitJim joined #salt
20:33 alexhayes I have a state which is supposed to recursively set ownership on a directory, it succeeds (apparently) yet there are still files in the directory that aren't owned by the correct yser
20:33 alexhayes user
20:33 alexhayes Has anyone else had this issue?
20:34 N-Mi joined #salt
20:35 leszq joined #salt
20:36 NightMonkey joined #salt
20:36 * MTecknology wonders how hard the SSCA exam will be...
20:37 murrdoc iggy pased
20:37 murrdoc so :)
20:37 baweaver joined #salt
20:38 aqua^c joined #salt
20:39 sdm24 alexhayes, check out http://docs.saltstack.com/en/latest/ref/states/all/salt.states.file.html#salt.states.file.directory, especially at the recurse option
20:39 sdm24 I had a similiar issue
20:41 catpig joined #salt
20:44 MTecknology murrdoc: SSCA doesn't exist yet, does it?
20:44 viq joined #salt
20:45 alexhayes sdm24: yeh, that's exactly where i got my example from
20:46 alexhayes i can't replicate the issue now, but it's certainly not the first time this has happened
20:46 edrocks joined #salt
20:47 cburtonnoaa joined #salt
20:48 cburtonnoaa Does anyone here know how to automatically assign selinux permissions to files at creation?
20:48 sdm24 oh, when I did that it worked for me
20:48 cburtonnoaa For instance, I'd like to assign the selinux context info from a .sls file
20:49 cburtonnoaa what options did you use?  I didn't see them referenced in the docs
20:49 sdm24 Sorry my comment was meant for alexhayes
20:50 catpig joined #salt
20:50 Grokzen joined #salt
20:52 giantlock joined #salt
20:53 linjan joined #salt
20:55 napsterX joined #salt
21:02 baweaver joined #salt
21:08 baweaver joined #salt
21:10 gthank joined #salt
21:10 Corey Hmm. Having trouble with the rabbitmq_vhost state. Whines about any() only taking one argument instead of the five that are being passed in https://github.com/saltstack-formulas/rabbitmq-formula
21:11 julez joined #salt
21:12 leszq joined #salt
21:15 clintber_ joined #salt
21:15 Gareth Corey: PEBKAC :)
21:16 evilrob joined #salt
21:18 pguinardco left #salt
21:20 alexanderilyin joined #salt
21:22 Corey Gareth: Suggestions welcome! I'm using the bone stock formula on CentOS 7
21:25 Gareth Corey: rabbit_vhost.present?
21:27 kickerdog joined #salt
21:27 kickerdog left #salt
21:28 baweaver joined #salt
21:32 racooper joined #salt
21:34 nr2oOl joined #salt
21:46 linjan joined #salt
21:54 ajw0100 joined #salt
21:56 napsterX joined #salt
22:02 Corey Gareth: Yes.
22:03 ALLmightySPIFF joined #salt
22:03 kitplummer joined #salt
22:04 kitplummer anyone have any tips on debugging Jinja?  i'm getting a nice "Jinja variable No first item, sequence was empty."  But can't seem to locate the true error, or work around it.
22:04 otter768 joined #salt
22:04 Gareth Corey: So it's failing on the line that warns those options are being deprecated?  The any command is taking one argument, the iterable.
22:05 edrocks joined #salt
22:08 Corey Gareth: https://gist.github.com/13c7232603ba10899bfe
22:09 Gareth 2015.5?
22:09 catpigger joined #salt
22:11 FRANK_I joined #salt
22:13 catpiggest joined #salt
22:18 quasiben I see client_acl_blacklist exists — how would one whitelist certain commands for all users?  Does each user really need to be explicitly defined ?  If this functionality doesn't exist would a PR be welcomed?
22:21 Gareth Corey: https://github.com/saltstack/salt/pull/24524
22:22 Corey \salt 2015.5.2 (Lithium)
22:23 druonysus joined #salt
22:23 druonysus joined #salt
22:23 Corey druonysus: Hello.
22:24 Corey Gareth: But yes, adding those parens solves it.
22:24 Corey Thanks. You do good work. :-)
22:24 Gareth Corey: :)
22:26 aqua^c joined #salt
22:31 pravka joined #salt
22:37 vaspiros joined #salt
22:37 pravka joined #salt
22:38 yomilk joined #salt
22:41 druonysus Corey: Hello sir
22:42 Gareth druonysus: hey hey
22:43 druonysus Gareth: hey there!
22:44 Gareth druonysus: how are things?
22:44 yomilk joined #salt
22:45 druonysus Gareth: things are very well. Starting to get some things in order for SCALE... plus work in awesome ;)
22:45 Singularo joined #salt
22:46 Gareth Nice :)
22:46 prwilson joined #salt
22:48 whiteinge joined #salt
22:48 druonysus Gareth: indeed. How have thing been for you?
22:49 cberndt joined #salt
22:49 otter768 joined #salt
22:50 Gareth druonysus: Not bad. :)
22:52 sunkist joined #salt
22:52 druonysus Gareth: Good to hear. I think we might be doing a SoCalSUSE meetup soon, you should join us. We have a Meetup page now.
22:53 Gareth Cool.
23:06 mosen joined #salt
23:07 baweaver joined #salt
23:09 napsterX joined #salt
23:12 a_ghost_irl joined #salt
23:15 smcquay joined #salt
23:18 bfoxwell joined #salt
23:20 bhosmer joined #salt
23:23 sunkist1 joined #salt
23:26 icflournoy joined #salt
23:29 catpigger joined #salt
23:33 murrdoc Gareth:  is a splay of 12 hours a feasible splay ?
23:33 murrdoc i want to run highstate on all servers of a type once or twice a day
23:33 sk_0 joined #salt
23:33 Gareth murrdoc: technically it should work.
23:33 murrdoc and 300 servers all highstate'ing within an hour might work
23:33 a_ghost_irl joined #salt
23:33 murrdoc but 300 servers all highsatating with 5 minutes would kill said master
23:34 mdupont joined #salt
23:34 Gareth murrdoc: so a range between 0 and 12 hours?
23:36 catpiggest joined #salt
23:38 aqua^c joined #salt
23:39 murrdoc yeah
23:39 murrdoc is that sensible
23:39 murrdoc u think ?
23:43 whiteinge left #salt
23:47 cberndt joined #salt
23:48 Sokel joined #salt
23:50 Gareth That's a big range, like I said it *should* work.
23:50 Gareth splay is seconds so there is still a chance that a bunch of the minions will fire relatively close to each other.
23:51 ajw0100 joined #salt
23:52 Sokel Question... on my jinja statement, if grains['nodename'].startswith('example') works fine, but when I try to do grains['role'] != 'whatever' it complains with  Jinja variable 'dict' object has no attribute 'role' -- Any reason why? This grain was never preset on this particular machine
23:54 pravka joined #salt
23:55 icflournoy joined #salt
23:56 kermit joined #salt

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary