Perl 6 - the future is here, just unevenly distributed

IRC log for #salt, 2015-09-05

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:00 cberndt joined #salt
00:00 pravka joined #salt
00:02 ajw0100 joined #salt
00:12 bfoxwell joined #salt
00:14 dthom91 joined #salt
00:18 APLU joined #salt
00:24 ajw0100_ joined #salt
00:34 pravka joined #salt
00:37 GnuLxUsr joined #salt
00:39 supersheep joined #salt
01:05 jalbretsen joined #salt
01:24 GnuLxUsr joined #salt
01:29 phw_ joined #salt
01:31 subsignal joined #salt
01:47 JDiPierro joined #salt
01:50 otter768 joined #salt
01:52 dthom91 joined #salt
01:54 dthom911 joined #salt
01:55 catpiggest joined #salt
02:00 dthom91 joined #salt
02:02 dthom911 joined #salt
02:03 quasiben1 joined #salt
02:03 quasiben1 anyone know what's going on with the docs page
02:03 quasiben1 ?
02:03 quasiben1 for instance: https://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.pillar.html is not loading correctly
02:06 amcorreia joined #salt
02:22 frogger_ joined #salt
02:53 sunkist joined #salt
02:54 mdupont joined #salt
03:18 writtenoff joined #salt
03:29 GrueMaster joined #salt
03:30 GnuLxUsr joined #salt
03:31 subsignal joined #salt
03:31 Zachary_DuBois joined #salt
03:31 tr_h joined #salt
03:32 berto- joined #salt
03:34 bryguy joined #salt
03:35 writtenoff joined #salt
03:41 kukacz joined #salt
03:51 otter768 joined #salt
03:56 TyrfingMjolnir joined #salt
03:58 subsignal joined #salt
04:01 cberndt joined #salt
04:10 dthom91 joined #salt
04:19 aristedes joined #salt
04:21 GnuLxUsr joined #salt
04:21 aristedes left #salt
04:22 aqua^c joined #salt
04:23 mosu_ joined #salt
04:38 hemebond joined #salt
04:39 hemebond Are there any complete instructions on manually installing salt-master from source tarball and running it as a service/daemon?
04:43 Jahkeup joined #salt
04:56 zer0def joined #salt
05:02 aristedes joined #salt
05:02 aristedes left #salt
05:11 ageorgop joined #salt
05:26 aristedes joined #salt
05:29 dopesong joined #salt
05:34 slav0nic joined #salt
05:46 GnuLxUsr joined #salt
05:52 otter768 joined #salt
05:54 laax joined #salt
06:05 chiui joined #salt
06:14 Fiber^ joined #salt
06:16 dopesong joined #salt
06:36 GnuLxUsr joined #salt
06:39 laax joined #salt
06:48 msn joined #salt
06:49 msn is it possible to provide a custom hostname for salt-maser
06:55 larsfronius joined #salt
07:12 mikeywaites joined #salt
07:27 tkharju joined #salt
07:37 markm_ joined #salt
07:43 GnuLxUsr joined #salt
07:48 GnuLxUsr joined #salt
07:53 otter768 joined #salt
07:55 szhem joined #salt
07:58 aqua^c joined #salt
08:04 cberndt joined #salt
08:08 laax joined #salt
08:21 jhauser joined #salt
08:21 sinonick joined #salt
08:25 GnuLxUsr joined #salt
08:31 linjan joined #salt
08:36 hemebond msn: Custom hostname?
08:38 msn I want to use a hostname different from what the default hostname of the system is
08:40 hemebond For what?
08:40 hemebond Use how? Where?
08:41 msn lets say i am running salt on host host.example.com but i want it to respond/report as salt.example.com for master
08:41 hemebond You can use any DNS name you want.
08:41 hemebond It's not bound to the host name.
08:41 msn couldnt find that option ins config file
08:41 hemebond It's not a salt master thing.
08:41 msn ah just uses ip?
08:42 hemebond e.g., internally my minions go to saltmaster, external minions go to a ddns.net entry.
08:42 hemebond They don't care where it goes as long as the cert is correct.
08:43 msn ah kthanks
08:43 hemebond Welcome :-)
08:43 msn well seems that problem/non promblem has secondary. i installed minion on master and can't get it to respond to test.ping
08:43 msn or any remote commands for that matter
08:44 hemebond Yeah, minion and master on same server shouldn't be an issue as long as the minion config points to a DNS entry or IP that resolves to itself.
08:45 msn it does but seems the replies re not coming back
08:46 hemebond That's probably something else, yeah.
08:49 aristedes joined #salt
08:49 msn that's my minion config https://paste.debian.net/310453/
08:51 msn and that's the master  https://paste.debian.net/310454/
08:51 hemebond And on the master what does master.example.org resolve to?
08:51 hemebond Its own IP?
08:52 hemebond 127.0.0.1?
08:52 hemebond Have you accepted the minion key on the master?
08:52 msn hosts file don't have any entires other than localhost
08:52 msn yes the key is accepted and master "info" log shows constan authentication
08:52 msn all host resolution uses DNS
08:53 hemebond (aside: shouldn't gitfs_root be an absolute path?)
08:53 aqua^c joined #salt
08:53 hemebond What IP does it resolve to?
08:53 aristedes left #salt
08:53 hemebond You might want to add a hosts entry pointing master.example.org to 127.0.0.1
08:54 msn its relative toexternal ip of the host
08:54 hemebond external IP? is it on the server itself?
08:55 msn why can't it sue the external ip lets say external ip of the master is 192.168.1.10
08:55 msn and its resolving perfectly over dns
08:55 msn wouldn't minion be able to respond back
08:56 hemebond Is 192.168.1.10 on the adaptor itself? If it is that's fine/
08:56 msn yes
08:56 msn eth0 is 192.168.10.1
08:56 msn master.example.org resolves to it
08:56 hemebond Then that's fine. I thought by external you meant some really external/public IP, not on the box itself.
08:56 hemebond Can you telnet to master.example.org 4506
08:57 hemebond Should get a smiley face back.
08:57 msn (and gitfs_root: somefolder/otherfolder )
08:57 msn left #salt
08:57 X67r joined #salt
08:57 msn joined #salt
08:57 msn yup telnet is working fine
08:58 hemebond Have you enabled debug logging on the minion and checked the logs?
08:59 msn just did apparently the request is not reaching the minion at all
08:59 hemebond Minion service is running and listening? (netstat ano)
09:00 msn the service is stated
09:00 msn but i am getting this in log I am vmhost3.tolx.net and I am not supposed to start any proxies. (Likely not a problem)
09:00 msn
09:00 msn and its restarted quiet often
09:01 msn so tehre is the issue. some parameters is missing and not actually starting the minion
09:02 hemebond My minion config has "master: saltmaster" and that's it.
09:02 msn i am using fqdn
09:03 msn everytime it restarts it connects and authenticates to master just fine
09:03 hemebond uh
09:05 hemebond Have you tried adding a loopback hosts entry for master.example.org
09:05 hemebond ?
09:07 msn same  master is not reaching salve
09:07 msn master is not reching minion
09:07 msn but minion can reach master
09:07 hemebond Can you telnet to port 4505?
09:07 msn yes
09:08 hemebond Does netstat show a connection from to 4506 from the same server?
09:10 msn running tcpdump
09:11 msn nope nothing is coming on 4506
09:16 laax_ joined #salt
09:17 hemebond But the minion says it's connected?
09:20 msn it isnt saying anywhere that is connectioned but it says atempting to aith then thre are some salt.crypt messages and then LazyLoads
09:23 hemebond You should see something like "Re-using SAuth for ... tcp://masterip:4506"
09:23 msn yup
09:23 msn that's there
09:24 hemebond That's very odd.
09:24 hemebond Maybe a routing issue then.
09:24 msn from same host to same host?
09:24 hemebond Yeah, if you're using the external IP still.
09:24 hemebond If it's using loopback that will narrow it down to the software.
09:25 msn tried  with loopback fails still
09:28 msn i think i got some thing
09:28 msn i tried running salt '*' sys.doc
09:28 msn and got python exception
09:29 hemebond What were you trying before? test.ping?
09:29 msn yes
09:29 hemebond Are you running the minion in the foreground?
09:29 hemebond salt-minion -l debug
09:29 msn test,ping and cmd.run 'uname -a'
09:29 msn nope just enabled debug loggin in config file
09:29 msn andwatching the config
09:30 hemebond What if you reduce the minion config to just the salt master property?
09:31 sergeyt joined #salt
09:33 sergeyt left #salt
09:33 sergeyt joined #salt
09:34 msn works now
09:35 hemebond Oh?
09:35 hemebond What did you change?
09:35 msn i commented everything other than master
09:36 hemebond Ah okay.
09:36 hemebond Cool.
09:36 msn now to enable them one by one :)
09:36 hemebond Most of your values are the defaults anyway I think.
09:36 hemebond (the ones I checked were)
09:37 hemebond oh
09:37 hemebond What is this "salt" user?
09:37 msn yes but i learnt that lesson hard way from php-fpm the one of the parameters default value is 0 which i supposed to be infinite but it uses a hardcoding ineternally
09:38 msn its a user to run salt everywhere
09:38 msn and that's the prblem
09:39 msn so why cant' minion be run as a non-privileged user hmmm
09:39 hemebond Because it needs full control of the server.
09:39 msn then why is the option even there
09:39 hemebond Though you can specify "sudo_runas" to elevate privileges.
09:40 msn that was the mistake then
09:40 hemebond I'm not sure if it starts as that user or drops to it after starting as root.
09:40 hemebond I would have assumed it dropped privileges.
09:41 hemebond But I've never thought to run the minion as anything other than user with full control, i.e., root.
09:41 msn well i was already preapred for the "sudo" scenario just didn't activaite tht option
09:41 msn i am using ldap for both userid/sudo access
09:42 msn so granting taht access is easy and was already there
09:42 hemebond I don't really follow.
09:43 hemebond The minion isn't really supposed to behave like a regular user or remote ssh.
09:43 msn yes but ti allows me finger control over the user itself :)
09:44 hemebond Definitely sounds like sudo_runas then :-)
09:45 hemebond Maybe.
09:45 msn not sure though
09:45 msn seems even with run_As it doesnt work
09:45 hemebond Like I said, I've never thought about running as anything special.
09:45 msn i always work with "just in case"  scenarios and to give the application minimum rights it needs
09:46 hemebond Yeah, re-reading the description. Doesn't seem right.
09:46 msn to do its job,
09:46 hemebond Well, it's not really an application (in my view).
09:46 hemebond To do its job it needs access to everything.
09:46 hemebond Full control. That's what root is.
09:46 msn it doesn;t need to be root to get config from salt master
09:47 msn and receive the commands from network or to do anything on the network
09:47 hemebond True.
09:47 hemebond What if you run as salt but set perms manually?
09:47 hemebond e.g., log dir, pid dir, etc.
09:48 hemebond Or just change the config to move them somewhere else.
09:48 hemebond https://docs.saltstack.com/en/latest/ref/configuration/nonroot.html
09:49 msn just a sec
09:54 otter768 joined #salt
10:12 joe_n joined #salt
10:22 kukacz joined #salt
10:42 CeBe joined #salt
10:44 joe_n joined #salt
10:48 msn hemebond: seems sudo_user is not very effective
10:48 msn even with sudo_user being root minion doesnt notstart properly
10:48 hemebond Yeah I think the permissions are probably the issue.
10:48 msn even afer resetting the permissions
10:49 hemebond oh
10:50 msn i don';t think tht setting is well testted
10:51 hemebond Probably not. Unprivileged minion is probably not used that much either.
10:52 hemebond Hmm, I just created a server. I'll try running it as a different user.
10:52 msn the server works
10:52 msn the minion doesnt
10:52 hemebond By server I mean a new VM with the minion installed.
10:52 msn my salt user has full sudo rights but it won't start  properly as salt user
10:52 msn cool lets see :)
10:53 msn I guess my paranoid thinkin always ends me in theise situations :)
11:01 hemebond hmmmmm
11:01 hemebond First time I ran it, it failed to work.
11:01 hemebond Second time it's working fine.
11:02 hemebond Run manually that is.
11:02 hemebond Not as a service.
11:04 hemebond The process is still running as root.
11:05 jasonrm joined #salt
11:05 hemebond Actually that might just be because it hasn't started properly.
11:08 msn yup it gives that "I am so and so and i have no proxy servers"
11:08 msn it does not go beyond
11:08 hemebond if I actually run salt-minion as the user it works fine.
11:08 hemebond If I try to start as root it fails.
11:09 msn hmmm but the user command in it is supposed to "setuid" to th user before starting
11:10 msn i mean if you are running salt-minion as service it will always initiate as root
11:10 msn then switch user
11:12 msn hmm i see that too if i do a sudo -u salt salt-minion -l debug it starts just fine
11:12 msn which means the code for user changing is causing trouble
11:12 hemebond Yeah, looks like it.
11:13 msn and i found a workaround :P
11:14 msn yup so you can try this hemebond
11:14 msn add fillowing to lines to the salt systemd file
11:15 msn User=salt
11:15 hemebond ;-D
11:15 msn Group=salt
11:15 hemebond I was just opening that file :-D
11:15 msn works that way
11:15 hemebond I had been editing the Upstart file, forgetting that this was a Debian 8.1 box, not Ubuntu.
11:16 msn i have been changin eveyrone i work with to debian 8.1 things are sooo smooth compare to ubuntu
11:16 David_B55__ joined #salt
11:18 msn this is  acatch 22 though, if you want to run all your minions as non-privileged user you need to be root to change to file and you can't do that with salt minion starting as salt
11:18 hemebond That works fine.
11:19 msn yeah that works but its not a a elegant solution
11:19 msn if you have a 100 hosts and want to run nonr--t on all you are stuck at doing those changes manually
11:19 hemebond Yeap, that's why you run it as root. It's there to control the server instead of you having to logon.
11:20 msn i have to install a few new servers i could try inserting that systemd file as a fai insall part
11:20 hemebond How are you deploying Salt? FAI?
11:21 msn yes i haven't done yet i am starting on salt today :)
11:21 msn but yeah faiit will be
11:24 bluenemo joined #salt
11:25 tyler-baker joined #salt
11:26 dopesong joined #salt
11:28 amcorreia joined #salt
11:42 joe_n joined #salt
11:42 larsfronius joined #salt
11:43 quasiben joined #salt
11:46 mikeywaites joined #salt
11:55 otter768 joined #salt
12:01 anmol joined #salt
12:03 pravka joined #salt
12:08 jhauser joined #salt
12:16 X67r_ joined #salt
12:22 dthom91 joined #salt
12:27 mythus joined #salt
12:29 aqua^c joined #salt
12:32 WildPikachu joined #salt
12:41 zerthimon joined #salt
12:42 David_B55 joined #salt
12:51 dthom91 joined #salt
12:53 johtso joined #salt
13:00 homeshlice joined #salt
13:06 blue0ctober joined #salt
13:12 jhauser joined #salt
13:13 a10pu joined #salt
13:13 dthom91 joined #salt
13:17 Ztyx joined #salt
13:24 Andre-B joined #salt
13:31 dthom91 joined #salt
13:44 cyborg-one joined #salt
13:56 otter768 joined #salt
14:02 supersheep joined #salt
14:04 Guest13180 joined #salt
14:05 Guest13180 left #salt
14:07 hoonetorg joined #salt
14:14 markm joined #salt
14:16 rlarkin joined #salt
14:17 laax joined #salt
14:29 larsfronius joined #salt
14:42 viq joined #salt
14:49 laax_ joined #salt
15:03 jtang joined #salt
15:06 sunkist joined #salt
15:13 laax joined #salt
15:16 dalibro joined #salt
15:18 zwi joined #salt
15:19 dalibro yo salters ! :) is there any option for salt ext auth @ mysql ? maybe via pam_mysql ? and then to give those users access to certain machines on the fly without changing config?
15:19 dthom91 joined #salt
15:23 dalibro it's not the mysql authentication I'm having problems with, I would like to get permissions for user from mysql too
15:24 dthom91 joined #salt
15:57 otter768 joined #salt
16:05 aqua^c joined #salt
16:10 ageorgop joined #salt
16:23 JDiPierro joined #salt
16:26 boargod joined #salt
16:35 Configio joined #salt
16:53 djinni` joined #salt
17:09 subsignal joined #salt
17:09 N-Mi joined #salt
17:10 clintberry joined #salt
17:13 lothiraldan joined #salt
17:31 freelock joined #salt
17:34 mspo joined #salt
17:34 mspo is https://docs.saltstack.com/en/latest/ref/pillar/all/index.html broken?
17:46 k00l hey all ,, is there a way to getthe minion to reload teh bash?
17:47 k00l i tryed to run the source ~/.bashrc command but it didnt work ;(
17:47 k00l well i mean i made the minion run it
17:51 clintberry joined #salt
17:58 otter768 joined #salt
18:02 sxar joined #salt
18:04 slav0nic joined #salt
18:11 linjan joined #salt
18:17 amcorreia joined #salt
18:33 PeterO joined #salt
18:40 kukacz joined #salt
18:42 supersheep joined #salt
18:51 keimlink joined #salt
18:56 sunkist joined #salt
18:59 mspo also the nav css iscovering up the contents on https://docs.saltstack.com/en/latest/ref/states/all/salt.states.pkg.html
19:00 timoguin joined #salt
19:08 anotherZero joined #salt
19:14 Configio joined #salt
19:23 mspo when running masterless, where does salt:// look for files?
19:26 dopesong joined #salt
19:26 quasiben joined #salt
19:30 sxar_ joined #salt
19:42 aqua^c joined #salt
19:43 sxar joined #salt
19:43 Configio joined #salt
19:43 quasiben1 joined #salt
19:45 sxar__ joined #salt
19:47 jdubinsky joined #salt
19:49 quasiben joined #salt
19:51 Andre-B joined #salt
19:53 sxar joined #salt
19:56 sunkist joined #salt
19:58 otter768 joined #salt
20:00 sunkist1 joined #salt
20:01 supersheep joined #salt
20:03 timoguin joined #salt
20:03 averell joined #salt
20:14 quasiben joined #salt
20:18 sxar_ joined #salt
20:25 sxar joined #salt
20:25 cberndt joined #salt
20:29 babilen mspo: The behaviour doesn't change (/srv/salt, configured in minion config naturally)
20:42 cberndt joined #salt
20:44 supersheep joined #salt
20:45 colttt joined #salt
20:47 Andre-B joined #salt
20:50 k00l anyone wana take a crack at why my for loop is crashing ?
20:50 k00l https://gist.github.com/anonymous/23ef205e353a7ee14ec1
20:51 mspo babilen: thanks I got it
20:51 zer0def joined #salt
20:54 k00l ahhh never mind i fuigerd it out !
20:56 zwi joined #salt
21:00 mspo https://docs.saltstack.com/en/latest/ref/states/all/salt.states.pkgrepo.html is also broken
21:00 mspo man that website is jacked
21:02 larsfronius joined #salt
21:08 cberndt joined #salt
21:08 Fiber^ joined #salt
21:10 JDiPierro joined #salt
21:11 babilen mspo: Ugh, haven't seen it in that state before :(
21:11 mspo babilen: https://docs.saltstack.com/en/latest/ref/pillar/all/index.html  is also broken
21:11 mspo if you have the power to fix it :)
21:12 kevinquinnyo joined #salt
21:12 babilen I don't, unfortunately
21:16 CeBe joined #salt
21:28 irctc356 joined #salt
21:29 irctc356 Hello, I am trying to install a .deb with salt, but it seems to hang.  Is there a way to ensure that prompts after installing the .deb are skipped/acknowledged?
21:31 mspo -l all to see what's happening?
21:36 supersheep joined #salt
21:39 whytewolf irctc356: if you are talking about the debconf stuff. it really depends on the package you are trying to install. see https://github.com/saltstack/salt/blob/develop/salt/runners/virt.py#L185-L187
21:39 whytewolf sorry that should have been https://docs.saltstack.com/en/latest/ref/states/all/salt.states.debconfmod.html
21:44 babilen irctc356: And salt typically installs in such a way that questions are *not* being asked to ensure that the package installation can succeed without user interaction
21:44 babilen Which brings us to: What are you doing?
21:45 irctc356 i am installing a .deb using sources: - foo: salt://path/to/file.deb
21:45 irctc356 The minion sits for a while and comes back Minion did not return.
21:45 irctc356 If I go to the minion I see that the package has been installed
21:49 whytewolf irctc356: you need to give us more info. not the same info. what package are you trying to install? is it asking debconf questions? [like what password to use] have you installed this package with out salt before?
21:51 zer0def joined #salt
21:54 irctc356 kerio-connect, no, it is just prompting with a message waiting for an OK, and yes
21:55 whytewolf irctc356: if the package installed. it isn't waiting for an ok from apt.
21:56 cheus joined #salt
21:57 whytewolf salt passes -y to the apt command while installing already.
21:58 timoguin joined #salt
21:59 otter768 joined #salt
22:00 irctc356 it returns saying no response, then takes some more time and eventually shows up as installed on the minion side, but saltutil.running shows the job still running
22:00 cberndt joined #salt
22:01 whytewolf that doens't mean it is waiting for an ok prompt
22:01 irctc356 ok
22:01 whytewolf just salt timed out while waiting for the minion to return. and since it is a async process it running in the background is fine.
22:02 cberndt joined #salt
22:02 JDiPierro joined #salt
22:03 irctc356 There is still something causing it to hang and not complete or move to the next steps
22:04 whytewolf thats why i was asking about debconf stuff. like license acceptance or anything like that.
22:04 irctc356 all it does is pops up a ncurses prompt telling you to connect to the admin interface and lets you hit OK to continue
22:04 irctc356 it isn't prompting for anything other than a keystroke
22:04 whytewolf THATS debconf
22:05 laax joined #salt
22:06 irctc356 I know.  That is the piece I am trying to get past as I assume that is what is causing the hang
22:07 whytewolf on a system that you have installed the package on you need to query the debconf database to find out what it is expecting for the answer, then set the debconf before before trying to install through salt
22:09 whytewolf here is an example for one i use for setting the debconf for mysql root password https://gist.github.com/whytewolf/ad31700f4ebd2b9a5b05
22:11 sxar_ joined #salt
22:13 whytewolf there just updated it to also show one for oracle java
22:16 irctc356 how do I test the type of the field?  There are 6 fields, 4 blank, 2 bool.  One is called config-finished so I am guessing that is what happens when you press OK at the end
22:17 whytewolf config-finished sounds about right. what is the other bool
22:20 irctc356 beta-warning
22:21 irctc356 though I just checked debconf database after it shows up as installed while salt job is still just hung and all the values are already set
22:22 whytewolf that is odd
22:23 whytewolf if the package is using something outside of debconf and apt. there isn't a lot of options.
22:24 jtang joined #salt
22:24 aqua^c joined #salt
22:34 TyrfingMjolnir joined #salt
22:38 irctc356 Even just using cmd.run it installs and then just hangs indefinitely
22:42 irctc356 can you set environment variables when using pkg.installed ?
22:47 irctc356 nevermind...this is all getting hung up because of the service starting
22:50 irctc356 https://github.com/saltstack/salt/issues/16153  this is the exact problem :(
23:20 dthom91 joined #salt
23:22 zwi joined #salt
23:29 amcorreia joined #salt
23:32 quasiben joined #salt
23:39 mapu joined #salt
23:41 dthom91 joined #salt
23:43 subsignal joined #salt

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary