Perl 6 - the future is here, just unevenly distributed

IRC log for #salt, 2015-11-04

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:05 Tyrm joined #salt
00:10 trph joined #salt
00:12 djx joined #salt
00:12 ageorgop joined #salt
00:12 djx salt allows someone to set up a server and slaves so I can control those slaves from the server is that it?
00:13 hemebond djx: Yes. Master and minions.
00:14 * djx never understood why isn't Gru and minions
00:14 hemebond When did that movie come out?
00:14 djx 2007?
00:14 djx 8?
00:15 hemebond Then I'll say copyright :-)
00:15 djx lol
00:15 hemebond And "master" is more descriptive.
00:16 keimlink_ joined #salt
00:17 djx hemebond: and those minions, any particularity? I mean, the point is to have a distributed system where I can control all of them?
00:17 hemebond What do you mean?
00:18 djx hemebond: I don't know, trying to know what does this differentiates from docker swarm for example
00:19 hemebond I don't know what a Docker swarm is. In fact I haven't yet figured out a use for Docker over Salt.
00:20 djx I saw one of the contributors commenting over there that's why I got curious
00:20 hemebond But with a Salt master you can send commands, retrieve information, configure the system, etc.
00:20 hemebond React to events...
00:21 hemebond Schedule tasks..
00:21 djx hemebond: what happens when the master goes down? I read the minions would continue to work yes but until when?
00:22 hemebond The minion will continue trying to contact the master. Nothing will change.
00:22 hemebond They have a cache of their configuration.
00:23 djx hemebond: being the devil's advocate here, won't those requests being bad for the network if you have 1000 minions per one master or isn't this a reasonable set up?
00:23 hemebond Depends on your master.
00:24 hemebond And your network.
00:24 djx no,  I was assuming the master was down so I would see an increase of network traffic the the same endpoint were the master was previously connected
00:24 hemebond The zeromq connection has less overhead than, e.g., an SSH connection.
00:25 hemebond Oh. Well, it's like a ping. It might affect your network. but the minions will slow down the checks the longer the master is unavailable.
00:25 hemebond I think they slow to once an hour.
00:25 djx hemebond: any thoughts on having a backup master into configuration?
00:26 hemebond Have two masters with the same certs, use a load-balancer to failover and the minions won't know the difference.
00:26 djx awesome
00:26 hemebond *shouldn't know the difference.
00:26 hemebond That's my understanding anyway.
00:26 hemebond Actually...
00:27 hemebond Yeah, that should work okay.
00:28 hemebond There can be an issue if you have more than one master active at the same time. If you want that then you need to expose that to the minions by having both masters listed in their config.
00:29 djx If I set up the loadbalancer to be fail saving I think it would be okay
00:30 iggy the bad part is the job cache data
00:30 iggy unless you sync that too
00:30 iggy (and mine data if you use that feature)
00:31 iggy in which case, you may as well just use the built-in multi-master functionality built into salt
00:31 hemebond iggy:  What happens if you lose the job cache?
00:31 iggy and skip the load balancer
00:33 Shirkdog joined #salt
00:33 Shirkdog joined #salt
00:45 aparsons joined #salt
00:45 msx joined #salt
00:49 larsfronius joined #salt
00:50 snarfy joined #salt
00:53 baweaver joined #salt
00:53 iggy hemebond: you don't have access to the job data?
00:54 iggy some people would probably be more upset about mine/grain targeting not working
00:59 sk_0 joined #salt
01:04 timoguin joined #salt
01:10 clintberry joined #salt
01:12 ALLmightySPIFF joined #salt
01:15 aw110f joined #salt
01:15 snarfy joined #salt
01:15 mrbigglesworth joined #salt
01:21 mapu joined #salt
01:26 hasues joined #salt
01:26 pyropoptrt joined #salt
01:26 hasues left #salt
01:27 justanotheruser joined #salt
01:28 sunkist joined #salt
01:31 sk_0 joined #salt
01:34 furrowedbrow joined #salt
01:43 ashirogl joined #salt
01:45 ashirogl joined #salt
01:45 yexingok joined #salt
01:46 fsteinel_ joined #salt
01:48 aphor proxy minions seem like a good way to implement salt-cloud drivers...
01:53 dthom91 joined #salt
02:05 hemebond How are people distributing binary files when their Salt config is in a Git repo?
02:05 RandyT joined #salt
02:10 Ludo- hemebond: binaries in s3? and salt config pointing to it?
02:10 dthom91 joined #salt
02:11 hemebond Ludo-: Cloud/S3 storage? Nice idea.
02:19 jaybocc2 joined #salt
02:20 ip` joined #salt
02:21 Ludo- hemebond: what I do since most of my salt deployment are in AWS, for one, way smaller out of AWS and out of internet, we have a http server managing sensu binaries, gem, and a CentOS repo
02:21 falenn joined #salt
02:23 stevej99 joined #salt
02:24 thehaven_ joined #salt
02:31 bhosmer_ joined #salt
02:31 favadi joined #salt
02:33 falenn joined #salt
02:35 dthom91 left #salt
02:48 ilbot3 joined #salt
02:48 Topic for #salt is now Welcome to #salt | 2015.8.1 is the latest | Please use https://gist.github.com for code, don't paste directly into the channel | Please be patient when asking questions as we are volunteers and may not have immediate answers | Channel logs are available at http://irclog.perlgeek.de/salt/
02:50 aphor hemebond: are you trying to give me colon cancer?
02:50 hemebond aphor: LOL, what?
02:51 racooper joined #salt
02:51 aphor hemebond: gotta fish up some links on that sausages --> cancer news.
02:52 aphor https://www.google.com/search?q=heme+colon+cancer <-- NM Google to the rescue!
02:52 hemebond *gasp*
02:52 hemebond What on EARTH!
02:53 hemebond I never saw "heme" mentioned before.
02:53 aphor I lose 20+ IQ points when the Internet is down and I got no Google.
02:53 aparsons joined #salt
02:53 hemebond I think I like my handle even more now :-D
02:53 aphor YW
02:54 amcorreia joined #salt
02:54 aphor Did you read my comment on the salt-cloud issue?
02:54 hemebond I did, but I don't use Salt Cloud so it didn't make much sense to me :-)
02:55 aphor salt-cloud is kinda funky
02:55 breakingmatter joined #salt
02:55 aphor my suggestion was to use proxy minions to control cloud providers
02:56 hemebond Instead of having a minion on each instance?
02:56 aphor All the cloud config stuff would be implemented in states and cloud provider specific execution modules and all the config goes in pillars.
02:56 aphor No.. it's like a fake minion for DigitalOcean that you can target with states to make you some VMs.
02:57 hemebond Ah I see.
02:57 aphor ... or a big fat pillar file to create your whole virtual infrastructure.
02:58 aphor Amazon is already partly there with existing boto execution modules.
02:58 * aphor quivers with excitement
02:59 hemebond So could you just target a minion on your master and execute the commands from there?
03:00 aphor salt 'AWS_ZoneA' state.single my_ec2_profile
03:01 aphor bada bing bada boom you get your ec2 instances
03:03 aphor if you target the cloud provider proxy minions in top.sls then state.highstate rocks your world.
03:04 hemebond I haven't done anything with cloud providers yet so automated VM provisioning is a little scary to me.
03:04 aphor need DNS A records and AAAA records and EIPs? Just put together the appropriate states + requisites, and it all just works.
03:05 aphor hemebond: get yourself as cheap-as-dirt DigitalOcean account and play around. Pretty soon you'll be making money.
03:06 kidneb joined #salt
03:06 aphor oh.. maybe they don't have NZ data centers yet.
03:07 hemebond Closest is AU I think.
03:07 hemebond Still, I have considered it.
03:07 hemebond In the test env I currently have I create VMs myself (from a template) and then leave them to build themselves.
03:13 favadi joined #salt
03:13 aphor just one tiny step further...
03:14 aphor Then what if you had Mesos providing pillar data for a cluster?
03:15 aphor BOOM: automatic elastic scale up/down
03:16 hemebond That all seems to be a far larger scale than I'm at :-)
03:16 aphor Mesos events + pillars with proxy minion cloud provider reactors
03:17 aphor I'm an e-commerce consultant, so I get paid to help people make their moneymakers fast.
03:18 aphor gotta try getting some more attention tomorrow
03:24 subsignal joined #salt
03:25 falenn joined #salt
03:27 ajw0100 joined #salt
03:32 writtenoff joined #salt
03:34 baweaver joined #salt
03:34 otter768 joined #salt
03:35 Bryson joined #salt
03:36 wangofett joined #salt
03:36 mrbigglesworth joined #salt
03:36 wangofett Hey, does anyone know if it's possible (and how to do it) use the dockerng module with an unauthenticated registry?
03:42 crunchwill joined #salt
03:46 crunchwill Hi all, sorry all, I am new to salt and I am having trouble getting my first state to work. Here is a paste of my sls and config data: https://gist.github.com/ano​nymous/a36bf1c343fbf2e5cec2
03:46 crunchwill When i run salt '*' state.highstate my test minion returns state: -no, name: states, function: none, comment: No Top file or external nodes data matches found
03:47 crunchwill I am probably doing something silly but can't figure it out, any advice would be awesome.
03:49 hemebond crunchwill: Can you do:
03:49 hemebond salt '*' test.ping
03:50 geomyidae_ joined #salt
03:50 crunchwill Yeah when I run it I get the minion responding with 'True'
03:50 hemebond That state looks a little odd.
03:51 hemebond Seems to be missing a name.
03:51 hemebond The very first line is missing. The name of the actual state.
03:52 crunchwill Oh yeah sorry, I think it is missing from my paste data
03:52 crunchwill I do have a first line with 'rsakey:'
03:52 crunchwill I don't know if the tabbing is important?
03:52 crunchwill I tried to replicate the state from the docs whilst inputting my own info
03:53 hemebond Indentation is very important.
03:53 hemebond Should be two spaces for each level.
03:53 nethershaw joined #salt
03:54 crunchwill Yeah thats what I have, with the first line with no indentation
03:54 whytewolf crunchwill: is your master on centos 6?
03:55 aphor I can't get https://gist.github.com/ano​nymous/a36bf1c343fbf2e5cec2 is 404 for me.
03:55 whytewolf aphor: I was having that issue earlyer. I switched to my mac and it worked. not sure why
03:55 hemebond aphor: I had to remove some bung hidden characters in the URL.
03:55 hemebond https://gist.github.com/anonymous/a36bf1c343fbf2e5cec2
03:55 aphor I'm on my Mac.. :(
03:56 aphor OFK
03:56 whytewolf anyway. crunchwill basicly is it possable that the master can't read the file as such might selinux being interfearing with the reading of the file
03:57 crunchwill My master is on Ubuntu, should that affect it?
03:57 whytewolf no. ubuntu comes with selinux permissive.
03:57 whytewolf humm
03:57 whytewolf if you changed the file_roots did you restart after?
03:57 crunchwill Yeah I did
03:57 hemebond My use of ssh_auth doesn't have that names parameter.
03:58 whytewolf hemebond: - name is only needed if the name and the state id don't match
03:58 snarfy oh
03:58 hemebond whytewolf: It looks like ssh_auth uses "names" for the actual keys.
03:58 crunchwill I did previously have it referencing a file with keys but because it wouldn't work I tried this to troubleshoot
03:59 hemebond crunchwill: Missing a colon
03:59 hemebond - names:
03:59 snarfy damn colons
03:59 snarfy all day long
03:59 crunchwill Yeah sorry, that is in my actual sls file, the paste data is missing it though
04:00 aphor ;)
04:00 crunchwill Not sure why the paste is missing it
04:00 hemebond lol. Can you update the paste with what you actually have please?
04:01 crunchwill https://gist.github.com/anonymous/a0a68bbcc18ee6b65c9d
04:01 whytewolf crunchwill: also include a copy of the error
04:01 crunchwill Yep, will do
04:02 whytewolf and for kicks and giggles try salt 'minion' state.sls rsakeys
04:04 andrew_v joined #salt
04:04 crunchwill Heres the new paste: https://gist.github.com/anonymous/8b8ed656f22ccec8b4d2
04:04 crunchwill I will give that a go
04:04 mrbigglesworth joined #salt
04:05 hemebond And KEYISHERE is a short single line?
04:06 crunchwill Yeah
04:06 crunchwill Just the data for the key itself on a single line
04:06 * whytewolf doesn't think the issue is rsakeys.sls
04:06 hemebond whytewolf: No but formatting has sometimes given me misleading error messages.
04:06 hemebond By breaking other things.
04:07 whytewolf hemebond: yeah, but normally unless the formatting is in the top file it shouldn't tell you it can't find the minion to match ;)
04:07 crunchwill Hmm, it says Module 'rsakeys' is not available.
04:07 leev_ joined #salt
04:08 simonmcc_ joined #salt
04:08 czchen_ joined #salt
04:08 hemebond What about "salt 'minion' state.show_top" ?
04:08 crunchwill So would that mean it isn't looking in the right place for the state files?
04:08 Phtes_ joined #salt
04:08 crunchwill I will have a try
04:08 hemebond Module is different to state.
04:09 tcolvin_ joined #salt
04:09 hemebond but it's possible.
04:09 whytewolf crunchwill: no. not seeing a module named rsakeys. is odd. state.sls is the module.function. rsakeys is the first arg for that module.function.
04:10 neilf__ joined #salt
04:10 bbhoss_ joined #salt
04:10 crunchwill state.show_top doesn't return anything, only a line of ----------- after the minion name
04:10 Diaoul_ joined #salt
04:10 intr1nsic_ joined #salt
04:10 whytewolf crunchwill: so it isn't seeing the top file.
04:10 spader joined #salt
04:10 crunchwill Wait, sorry I had a typo
04:10 crunchwill the real result for the state.sls command is
04:11 crunchwill Data failed to compile:
04:11 bfoxwell_ joined #salt
04:11 crunchwill No matching sls found for 'rsakeys' in env 'base'
04:11 hemebond Restart master
04:11 babilen joined #salt
04:11 nickermire joined #salt
04:11 wldcordeiro joined #salt
04:11 samed joined #salt
04:11 samed joined #salt
04:11 crunchwill Okay giving that a go
04:12 whytewolf crunchwill: agreed at this point the minion isn't seeing anything on the master. top file or rsakeys
04:14 geekatcmu joined #salt
04:14 Eugene joined #salt
04:16 crunchwill Okay well I restarted the master and still seeing the same results
04:16 hemebond That's very strange.
04:16 skarn joined #salt
04:16 hemebond Can you paste an "ls -l /srv/salt/" of the master?
04:16 whytewolf ^
04:16 bryguy joined #salt
04:16 whytewolf also can you check the master log file for anything odd
04:17 womble left #salt
04:18 crunchwill I will check that in a second, just going through my /etc/salt/master to see if I did anything odd in there
04:19 crunchwill Should my file_roots: base: be /srv/salt or /srv/salt/, or does it even make a difference in this case?
04:19 hemebond I don't have a trailing slash.
04:19 hemebond Doesn't look like it matters.
04:21 whytewolf yeah shouldn't matter. file_roots is at the base level right? [no spaces in front of it]
04:22 hemebond The paste has indentation.
04:22 hemebond That is quite possibly the problem.
04:22 hemebond I ignored it thinking it was just a paste issue.
04:22 riftman joined #salt
04:22 crunchwill Yeah it os at the base level
04:23 crunchwill I registered for github so that I can just update the paste instead of making new ones
04:23 crunchwill https://gist.github.com/crunchwill/2ee426ef80e8aa6c86fd
04:23 whytewolf oh thank you
04:23 crunchwill This has the output of the ls -l at the bottom
04:23 ilk joined #salt
04:23 whytewolf lol
04:23 erjohnso joined #salt
04:24 whytewolf ... I'm at a loss
04:24 crunchwill I think the indent in the paste is just poor formatting on my part creating the paste, the original files seem to be indented correctly
04:24 hemebond So file_roots is not indented at all?
04:24 chutzpah joined #salt
04:25 sontek joined #salt
04:25 hemebond Is that your entire top.sls file contents?
04:26 ramteid joined #salt
04:26 crunchwill Nah, file roots is at the base
04:26 crunchwill That is the entire contents of the top.sls
04:26 falenn joined #salt
04:26 crunchwill I am still working on getting my first state setup :P
04:26 hemebond "at the base" means no indentation?
04:26 crunchwill yeah
04:27 whytewolf salt-run -l debug fileserver.dir_list && salt-run -l debug fileserver.update
04:28 malinoff joined #salt
04:29 hemebond crunchwill: (you can also use pastebin or something for this pasting stuff)
04:29 tmkerr joined #salt
04:29 basepi joined #salt
04:30 hemebond whytewolf: Could it be trying to find a pillar top.sls?
04:30 hemebond crunchwill: Do you have pillar_roots defined?
04:31 crunchwill would that be in the /etc/salt/master?
04:31 hemebond Yes
04:31 whytewolf hemebond: I don't think so. I have gotten away without a pillar top file before.
04:31 hemebond whytewolf: Did you have pillar_roots defined?
04:31 whytewolf yeah
04:31 hemebond Okay.
04:32 whytewolf but that was also a long time ago.
04:32 whytewolf I don't know if things have changed since then
04:33 crunchwill I think pillar_roots is using the default /srv/pillar, as it is commented out, is that correct?
04:34 whytewolf yeah.
04:35 whytewolf typically you put pillar into a seperate directory other wise you might expose pillar data through fileserve commands
04:35 gchao joined #salt
04:36 whytewolf crunchwill: try this: salt-run -l debug fileserver.dir_list && salt-run -l debug fileserver.update
04:37 morissette joined #salt
04:37 crunchwill Okay done, added the response to the paste
04:37 whytewolf shouldn't need to force the fileserver update.
04:38 whytewolf ... salt --version
04:38 crunchwill salt 0.17.5
04:38 hemebond whytewolf: Are those commands for the master or the minion?
04:39 hemebond Yikes, old.
04:39 whytewolf hemebond: they are runners. for fileserver manipulation
04:39 whytewolf so master
04:39 whytewolf crunchwill: what version is your minions on?
04:40 crunchwill minion returns salt 2015.5.0
04:40 hemebond That's quite a difference.
04:41 crunchwill I set them both up at the same time, maybe I set the master up with the wrong version somehow?
04:41 whytewolf okay. at this point i think we are running into a version mismatch. [I should have thought of that when you said ubuntu.]
04:41 whytewolf crunchwill: default ubuntu repo has salt 0.17.5
04:42 whytewolf you might have skipped the repo step on the master by accident
04:42 whytewolf or the apt-get update
04:42 crunchwill Yeah that is quite possible, I don't remember exactly, it was a few months ago. I have had a couple of other things on that have taken the priority away.
04:44 crunchwill I will update the master and minion and try again
04:44 whytewolf anyway. the repos have most likely moved from when you first installed. http://repo.saltstack.com/ has some updated instructions
04:44 crunchwill Then report back
04:49 PeterO joined #salt
04:50 crunchwill Okay now the master is running 2015.5.3 so I will see if it works
04:51 ajw0100 joined #salt
04:51 whytewolf crunchwill: waiting with baited breath
04:52 larsfronius joined #salt
04:52 crunchwill Amazing, works like a charm :)
04:52 hemebond lol
04:52 crunchwill Sorry to put you all through that
04:52 crunchwill I will remember to check something as simple as a version next time
04:54 whytewolf no problem. the ubuntu version thing happens less and less often nowdays. I really wish that ubuntu would remove salt from their repo if they are not going to keep with the update schedule
04:55 crunchwill Yeah it does seem strange. Anyway thank you guys so much for your help.
04:56 mehakkahlon joined #salt
04:56 breakingmatter joined #salt
04:58 llua joined #salt
04:58 llua joined #salt
05:02 crunchwill Hope you all have a good day.
05:03 crunchwill Now if only there was an easier way than homebrew to install the minion on OS X, unless anyone knows of one? haha
05:04 whytewolf sorry I don't run salt on my mac
05:07 mosen crunchwill: im workin on some packages
05:07 mosen crunchwill: but answer is no: only homebrew
05:10 furrowedbrow joined #salt
05:11 crunchwill Ah, that's okay.
05:13 hvn joined #salt
05:13 hvn joined #salt
05:14 mosen there's a whole bunch of dependencies so im trying to make a metapackage for that.. and I'm not totally sure about how the cython or binary extensions actually link to stuff :)
05:16 moogyver joined #salt
05:21 moogyver aah.  this is driving me insane.
05:21 moogyver https://gist.github.com/sjmh/2e173ecaa4241d511c25
05:22 moogyver salt does something weird to exceptions
05:23 mosu_ joined #salt
05:25 Tyrm joined #salt
05:28 Furao joined #salt
05:40 mehakkahlon joined #salt
05:46 ramishra joined #salt
05:57 favadi joined #salt
05:58 zmalone joined #salt
06:07 pyropoptrt joined #salt
06:09 penguin_dan joined #salt
06:12 sunkist joined #salt
06:33 JPaul joined #salt
06:35 hvn joined #salt
06:39 kawa2014 joined #salt
06:41 otter768 joined #salt
06:44 kawa2014 joined #salt
06:54 sunkist joined #salt
06:55 harkx joined #salt
06:55 ashirogl joined #salt
06:58 wangofett joined #salt
06:59 catpig joined #salt
06:59 zer0def joined #salt
07:02 colttt joined #salt
07:03 carmony_ joined #salt
07:04 ashirogl joined #salt
07:16 ashirogl joined #salt
07:17 Lionel_Debroux joined #salt
07:17 cberndt joined #salt
07:18 yuhlw joined #salt
07:18 AndreasLutro joined #salt
07:20 kidneb joined #salt
07:21 Gareth_ joined #salt
07:23 carmony_ joined #salt
07:25 seweryn joined #salt
07:27 Corey joined #salt
07:29 edulix joined #salt
07:30 lude1 joined #salt
07:40 jaybocc2 joined #salt
07:51 clintberry joined #salt
07:51 rocket joined #salt
07:51 felskrone joined #salt
07:54 edulix joined #salt
07:56 jaybocc2 joined #salt
07:59 Rumbles joined #salt
08:00 katyucha joined #salt
08:06 jhauser joined #salt
08:07 hal58th_ joined #salt
08:08 slav0nic joined #salt
08:12 toanju joined #salt
08:16 eseyman joined #salt
08:18 AndreasLutro joined #salt
08:22 fii-fi left #salt
08:28 netcho joined #salt
08:33 bhosmer_ joined #salt
08:36 rotbeard joined #salt
08:39 larsfronius joined #salt
08:42 otter768 joined #salt
08:43 rotbeard joined #salt
08:44 trph joined #salt
08:44 trph joined #salt
08:45 colegatron joined #salt
08:52 impi joined #salt
09:02 s_kunk joined #salt
09:03 thefish1 joined #salt
09:04 ozn_ joined #salt
09:07 Rumbles joined #salt
09:11 ozn_ hi everyone, I have weired problem when installing django==1.8.0, salt claims there is a change done even I re-run the state, if I change the version number to 1.8.5 for example the problem does not occur.
09:12 ozn_ Can some one talk a look at the output here, https://gist.github.com/oz123/c8d69d0121d5c8acdf82, I would appreciate an opinion about this
09:12 ozn_ or better, maybe you can explain this?
09:13 hemebond ozn_: What do you get for "pip freeze" with the 1.8.0?
09:14 ozn_ Django==1.8
09:14 hemebond That's probably why.
09:14 ozn_ because of the extra .0 ?
09:14 AndreasLutro 1.8.0 gets converted to 1.8 somewhere
09:14 hemebond Yeah
09:14 hemebond Oh it does?
09:14 AndreasLutro that's what it looks like
09:14 hemebond Oh, I thought you meant in the Salt check code
09:14 AndreasLutro not sure if it's pip or salt
09:15 ozn_ but salt should not detect this a a "change" it did not change anything
09:15 ozn_ at least now I know why ...
09:15 hemebond It tries to. It will run the pip command.
09:17 hemebond pip will return a success code, and that's all Salt will care about. The change succeeded.
09:17 hemebond If you specify 1.8 in your state, will that install 1.8 or 1.8.5?
09:17 ozn_ both with 1.8.0 and 1.8.5 the return code is 0
09:19 hemebond Yes, they will. They both successfully installed.
09:20 AndreasLutro it's probably a bit more intricate than that
09:20 hemebond You will get 0 for the return code even if the package was already installed.
09:20 AndreasLutro what version of salt are you on ozn_
09:21 AndreasLutro nevermind, I just reproduced the issue locally
09:21 ozn_ salt 2015.5.3 (Lithium)
09:21 ozn_ you can find my states and a vagrant playground here https://github.com/oz123/salt-vagrant-demo/blob/master/saltstack/salt/common/py_packages.sls
09:22 hemebond ozn_: If you specify 1.8 in your state, will that install 1.8 or 1.8.5?
09:24 ozn_ if I specify 1.8.0, it installs 1.8
09:24 hemebond ozn_: If you specify 1.8 in your state, will that install 1.8 or 1.8.5?
09:24 ozn_ if I specify 1.8.0, it installs 1.8
09:24 hemebond lol
09:25 AndreasLutro that's not what he asked ozn_
09:25 hemebond What if you specify "1.8"
09:25 ozn_ oh sorry ...
09:25 hemebond lol, no worries :-D
09:26 ozn_ if I specify 1.8 it installs 1.8
09:26 hemebond And does it show as a change when run multiple times?
09:27 Tyrm joined #salt
09:28 ozn_ no the "change" is only shown with 1.8.0
09:28 thalleralexander joined #salt
09:28 hemebond Sweet. So it's doing a simple string comparison for the version check.
09:29 keltim joined #salt
09:29 zer0def joined #salt
09:30 ozn_ hemebond, I looked in the source of pip.install inside salt and could not find where. Maybe you know where?
09:30 AndreasLutro problem is pip.list returns Django: 1.8 instead of 1.8.0
09:32 ozn_ Ha, I saw always in the console the output from pip.list and did not understand why it's there. Maybe salt should convert to pip show instead of pip freeze?
09:33 Xevian joined #salt
09:35 ozn_ AndreasLutro, can you point at what stage pip.list is called ? I don't see it called inside pip.install
09:35 AndreasLutro https://github.com/saltstack/salt/issues/28558
09:36 AndreasLutro for now you can just use 1.8 instead of 1.8.0
09:36 AndreasLutro ozn_: https://github.com/saltstack/salt/blob/2015.8/salt/states/pip_state.py#L619-L621
09:37 ozn_ Oh, man, I was reading the code of pip.install the module ... no wonder they behave differently ...
09:40 thefish joined #salt
09:41 golodhrim|work joined #salt
09:41 babilen jcockhren: I am using vagrant 1.7.4 and have, like many others, fallen victim to its regressions regarding the salt provisioner. I am using the workaroung detailed in https://github.com/mitchellh/vagrant/issues/5973#issuecomment-137276605 , but still get the following https://www.refheap.com/111359 -- do you by chance know what might cause this?
09:44 evle joined #salt
09:46 ashirogl1 joined #salt
09:49 CeBe joined #salt
09:50 denys joined #salt
09:53 clintberry joined #salt
09:55 zer0def joined #salt
09:56 ozn_ AndreasLutro, hemebond thank you both for helping with that issue!
09:57 hemebond You're welcome :-)
09:58 rhodgin joined #salt
10:02 ggoZ joined #salt
10:02 viq joined #salt
10:02 ashirogl joined #salt
10:07 jaybocc2 joined #salt
10:07 cesar_ joined #salt
10:09 larsfronius joined #salt
10:11 jhauser joined #salt
10:14 larsfron_ joined #salt
10:16 Pixcell joined #salt
10:18 Pixcell Hello, does someone know where does __salt__ determine which module to call ? (Especially for __salt['pkg.XXX'] functions). I went looking into the LazyLoader class, but I couldn't find precisly
10:18 zer0def joined #salt
10:19 ws2k3 joined #salt
10:22 andrew_v joined #salt
10:23 edulix joined #salt
10:23 aqua^c joined #salt
10:23 jaybocc2 joined #salt
10:27 babilen Pixcell: Look into https://github.com/saltstack/salt/blob/develop/salt/modules/aptpkg.py#L79 and the checks leading up to it on line 40-59
10:27 netcho joined #salt
10:28 babilen But it essentially checks if it is 'Debian' or 'Kali' and returns 'pkg' or False dependending on the outcome of that check
10:30 ip` joined #salt
10:33 viq How does salt do log rotation?
10:33 viq ah, nevermind
10:37 plindgren joined #salt
10:37 plindgren hello party people
10:38 plindgren i want to deploy my custom made salt modules with a state
10:38 plindgren is there a state specifically for that or should i run the module for syncing modules in the state?
10:41 zerthimon joined #salt
10:41 rubenb plindgren: why?
10:42 plindgren cause i want my minions to have my modules
10:42 plindgren i need to deploy the modules to a large set of servers
10:42 rubenb Custom modules are synced at highstate.
10:42 plindgren well
10:42 plindgren i do not use highstate
10:42 plindgren i use orchestrate
10:42 plindgren and i have config files for the modules
10:43 plindgren and some minions should not have some modules
10:43 rubenb plindgren: https://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.saltutil.html#salt.modules.saltutil.sync_modules
10:43 otter768 joined #salt
10:43 plindgren alright
10:44 plindgren so ill use the state module
10:44 plindgren thx
10:44 AndreasLutro that's not the state modujle
10:44 AndreasLutro module*
10:44 plindgren SALT.STATES.MODULE
10:44 plindgren then
10:45 AndreasLutro I suspect module.run saltutils.sync_modules won't work
10:45 AndreasLutro hmm
10:45 AndreasLutro actually nvm I guess it will work
10:46 GreatSnoopy joined #salt
10:46 plindgren seems like i cannot sync a specific module though
10:46 Pixcell @babilen Thanks but that's not exactly it, my minion is running on windows. And even when I specify a custom package provider, it still calls win_pkg for install and remove (but not other function like list_pkgs)
10:48 rubenb plindgren: this syncs all _modules for  the environment.
10:49 babilen Pixcell: Well, you asked a very generic question and I tried to elaborate on how __virtual works
10:49 plindgren yeah...
10:49 plindgren really would like to be able to sync specific modules
10:49 plindgren i guess ill have to build it myself instead
10:50 MadsRC Is it possible (Skimmed the docs, couldn't find it) to run the salt-client locally, and have it issue commands to the salt-master (On a separate machine)?
10:50 rubenb plindgren: Isn't it best practice to just sync all modules to all minions?
10:51 rubenb And have the module return False if it should not be ran on the minion
10:51 plindgren there's no such thing as best practice
10:51 plindgren and thats what salt is all about
10:51 plindgren so this is quite shocking actually
10:51 pviktori joined #salt
10:51 MadsRC plindgren: https://docs.saltstack.com/en/latest/topics/best_practices.html
10:51 babilen Sure there are best practices
10:51 MadsRC So, there's a "Best Practice" for Salt ;)
10:52 plindgren thats your opinion
10:52 MadsRC wuut? No, that's SaltStacks opinion :D
10:52 babilen Part of my "best practices" also include: Do not "I accidentally the whole cloud"
10:52 plindgren whatevah guys
10:53 babilen But to argue that there are no best practices is, well, neither helpful nor (IMHO) true. Not all best practices might have been documented, but they definitely exist
10:53 plindgren i dont want to make sure all of our python code will run and exit out properly. its a complex matter
10:53 plindgren there are good practices sure
10:53 plindgren dont believe in best though
10:54 plindgren if you like best practices you should install windows and active directory ;)
10:54 babilen I think I'll let you alone for now
10:54 hemebond plindgren: If you're in a Windows environment, definitely :-)
10:56 linjan_ joined #salt
11:02 felskrone anyone have an idea why a module might not be present on a masterless minion even though the paths are defined in the minions config like this: https://gist.github.com/felskrone/71bad6fdbabed559eed2 salt-call sys.list_modules does not list the apache-module even though its present in /usr/share/pyshared/salt/modules?
11:02 felskrone afk, brb
11:02 breakingmatter joined #salt
11:05 clintberry joined #salt
11:07 Edgan joined #salt
11:08 zer0def joined #salt
11:17 ip` joined #salt
11:18 kawa2014 joined #salt
11:18 rotbeard joined #salt
11:25 amcorreia joined #salt
11:28 Tyrm joined #salt
11:31 zerthimon joined #salt
11:32 ericof joined #salt
11:34 Hazelesque hi
11:35 Hazelesque I seem to find that "salt-call grains.setval" on a host doesn't work prior to the salt-master accepting the minion's key
11:35 Hazelesque is that expected?
11:38 opdude probably did you try with "salt-call --local grains.setval"?
11:40 Hazelesque ahhhhhh
11:40 * Hazelesque will give that a shot
11:42 bmcorser when i call 'cmd.run' from inside a runner
11:43 bmcorser the return type is a dict keyed on minion id that just has the string output from the commands
11:43 bmcorser is there a way to get the return code?
11:43 falenn joined #salt
11:46 oeuftete joined #salt
11:47 AndreasLutro bmcorser: cmd.run_all
11:47 Hazelesque opdude: OK, that works... it just means I need to do a subsequent "saltutil.sync_grains"
11:47 Hazelesque (after the key is accepted)
11:48 Hazelesque actually
11:48 Hazelesque that's a lie
11:48 opdude you can probably also do that with --local
11:48 Hazelesque in this case, I was testing it whilst pointing it to the same salt-master
11:48 Hazelesque as I was re-running it
11:49 Hazelesque so idk whether they were "cached" or just "not sent yet"
11:49 Hazelesque although "salt-run cache.clear_grains" just returned False, and didn't actually make a difference
11:49 Hazelesque (I tried that before saltutil.sync_grains)
11:49 bmcorser AndreasLutro: i'm a little confused between modules and states
11:50 bmcorser when i do client.cmd('minion', 'cmd.run', arg, kwarg), what is getting executed, a module or state of the name 'cmd.run'?
11:51 AndreasLutro cmd.run is a module function
11:51 AndreasLutro in that context
11:53 zer0def got a question - is the reactor supposed to not react when the saltify cloud provider is done setting up a set of minions?
11:54 zer0def i've expected it to react on 'salt/cloud/*/created'
11:56 zer0def actually, didn't check with 'salt/cloud/*/deploy_script', so i guess i should check this first.
11:58 fsteinel joined #salt
11:58 babilen Hazelesque: What are you using those grains for?
12:05 andrew_v joined #salt
12:15 Hazelesque babilen: am moving a bunch of hosts from one "gold server" (combination of a CFEngine Policy Hub and a Salt Master) to another
12:15 Hazelesque and some other maintenance stuff
12:15 bmcorser AndreasLutro: cool, thanks
12:15 Hazelesque so the last line of the script is "salt-call --local grains.setval companyname_maintenance_20151103_done 1"
12:16 bmcorser anyone know of a way to rsync a directory from master to minion
12:16 bmcorser the rsync states don't look like they do that
12:16 bmcorser i am currently using file.recurse, but it is pretty slow
12:16 Hazelesque babilen: hence, at the point that runs, it's just reconfigured salt-minion to talk to a new master -- which has not accepted its key yet
12:18 babilen Right, that's a perfectly valid reason to use grains
12:18 falenn joined #salt
12:20 Hazelesque babilen: yeah, I am using it to A: tell which hosts have had the maintenance, so I can interrogate them to make sure they are working correctly, and B:  spot stragglers that don't have the flag for whatever reason (and thus didn't successfully /complete/ the maintenance script)
12:20 Hazelesque (the bash script, of course, begins with "set -ex")
12:21 Hazelesque (to print out to stderr what it's doing, and exit on any error rather than blithely carrying on)
12:23 zer0def joined #salt
12:24 MadsRC Is it possible to control the salt-master remotely? Like running the salt command locally and have it control a remote master (Which then controls the minions)?
12:24 felskrone babilen: any idea why i minion does not know a standard salt module (apache) while running in masterless mode with this config? https://gist.github.com/felskrone/71bad6fdbabed559eed2
12:25 fredvd joined #salt
12:25 babilen felskrone: https://github.com/saltstack/salt/blob/develop/salt/modules/apache.py#L41 (it checks for "apachectl" or "apache2ctl" and doesn't load the module if it can't find it)
12:26 felskrone ah damn it, i should have checked the module myself, great thanks! :-)
12:26 Score_Under joined #salt
12:29 Score_Under I've got a machine which has started giving me this error: "[ERROR   ] Got a bad pillar from master, type str, expecting dict:"
12:29 Score_Under From what I can see on Google this essentially means "something went wrong; good luck"
12:29 Score_Under is there any way I can debug this?
12:29 illern joined #salt
12:30 babilen Score_Under: Well, the main question is: Where are your pillars coming from?
12:31 lporras joined #salt
12:31 Score_Under I'm still not quite up to speed with the terminology so forgive me if this is irrelevant, but I have the machine as a node in reclass, and it has appropriate classes (i.e. identical to working machines)
12:31 Tyrm joined #salt
12:32 trph what happens when you declare multiple functions with the same ID? what's the expected behavior? does it validate them all?
12:32 babilen So you are using an external pillar (reclass) which returns data salt can't handle (it expects a dictionary and not a string). Why it does that is beyond me, but we would probably have to see your reclass configuration and you need to find a person who is more familiar with it than I am
12:32 babilen trph: "functions" ?
12:33 trph like if file.exists and file.managed are declared under '/tmp/somefile'
12:34 jaybocc2 joined #salt
12:35 AndreasLutro have you tried?
12:36 impi joined #salt
12:36 toanju joined #salt
12:37 trph just did. complains about multiple states of the same type
12:38 AndreasLutro there you go then, any further questions? :p
12:39 Hazelesque MadsRC: https://github.com/saltstack/pepper plus the salt rest API perhaps?
12:40 Score_Under babilen: how does salt interact with reclass? The output of "reclass-salt -u /etc/reclass/nodes -c /etc/reclass/classes --pillar machine-name-here" is identical for a machine on which I can't make any salt calls and for a very similar machine on which everything works perfectly
12:42 MadsRC Hazelesque: Thanks man, I'm gonna take a look at that
12:44 otter768 joined #salt
12:47 ninkotech_ joined #salt
12:48 mapu joined #salt
12:48 bastion1704 joined #salt
12:50 bastion1704 good morning, Is set_tags is salt-cloud (salt-cloud 2015.5.0 (Lithium)) is working ? salt-cloud -y --location=us-west-1  --action=set_tags  MINION project=myproject give me :  There was an error actioning machines: 'str' object has no attribute 'get'
12:50 edulix joined #salt
12:50 bastion1704 but get_tags works
12:50 jaybocc2 joined #salt
12:53 jhauser joined #salt
12:54 s_kunk joined #salt
12:55 trph if you specify source in file.blockreplace would it upload that file to the minion if it doesn't exist?
12:57 breakingmatter joined #salt
13:01 Segfault_ Is there a way to make a salt-minion automatically restart when its key is deleted on the master? It looks like the salt-minion knows that the key has been deleted, but it doesn't do anything about it
13:05 morissette joined #salt
13:05 mikber joined #salt
13:07 human01d joined #salt
13:08 mikber Hi! Is targeting using ip/cidr broken? Doesn't work for me in 2015.8.x... salt -S '<ip>' gives me no matches (but it should)
13:09 mikber That is salt -S '10.3.139.1' test.ping for example
13:10 mikber Working fine in 2015.5.3
13:16 human01d is it possible to check either file exisits in salt:// file server or not?
13:17 human01d ssh_auth.present:     - user: {{ username }}     - source : salt://auth/ssh-keys/client-{{ username }}.pub
13:21 aphor joined #salt
13:21 mortis_ isnt this supposed to be the correct way of running a module inside an sls? http://pastebin.com/882fXj2L
13:21 mortis_ it says "plugin" is missing
13:22 mortis_ so doesnt seem like it gets the argument correctly
13:22 mortis_ the plugin is there :)
13:22 mortis_ OOOH
13:22 mortis_ arf
13:22 mortis_ nm
13:23 seblu joined #salt
13:23 pyropoptrt joined #salt
13:25 losh joined #salt
13:26 pyropoptrt joined #salt
13:28 breakingmatter joined #salt
13:32 zmalone joined #salt
13:35 ericof joined #salt
13:45 subsignal joined #salt
13:53 mik__R joined #salt
13:56 denys_ joined #salt
13:56 aphor GM #salt
13:57 aphor anyone using salt cloud willing to hear out an idea about that?
13:58 aphor zzz
13:58 numkem joined #salt
13:59 aphor I'll ask later when the coffee is working..
13:59 JDiPierro joined #salt
14:00 mik__R joined #salt
14:05 quix joined #salt
14:06 otter768 joined #salt
14:08 otter768 joined #salt
14:09 baoboa joined #salt
14:10 mage_ is it possible to use a custom module to feel the pillar data ?
14:10 aphor mage_: you mean feed?
14:11 aphor pillars target minions, so the master needs to know if/what you see in pillar data
14:12 bhosmer joined #salt
14:12 aphor When the master needs to introspect pillar data, there is a MasterMinion context. Otherwise only minions can read pillar data, using their built in methods.
14:12 mage_ aphor: something like https://dpaste.de/qU4D
14:13 amcorreia joined #salt
14:13 mage_ the idea is to provide each webapp config to the template
14:14 aphor mage_: I think you want to implement a custom pillar.
14:14 mage_ ah, I'll read on that :)
14:14 numkem joined #salt
14:14 aphor mage_: data for which the minion is authoritative comes from grains.
14:15 aphor mage_: data for which the configuration master is authoritative comes from pillars.
14:15 aphor mage_: data for which another minion is authoritative comes from mines.
14:15 mage_ I see
14:16 aphor mines get data from grains, so once you figure out how to get what you want from both grains and pillars, you can do almost anything.
14:16 rhodgin joined #salt
14:16 rocket I am trying to understand salt's infrastructure orchestration... say I have a database and a webserver and the webserver comes up first but depends on the database, how do I ensure that things get orchestrated in the correct order... will the orchestrate runner wait until the database is available?
14:17 mage_ rocket: with - require: and - watch:
14:18 mage_ rocket: https://docs.saltstack.com/en/latest/ref/states/requisites.html
14:18 aphor https://docs.saltstack.com/en/latest/topics/tutorials/states_pt5.html#orchestrate-runner
14:18 rocket what would you recommend I match my events on in this case for orchestration across the two servers?
14:18 aphor The last example on that page is a good one.
14:19 scoates joined #salt
14:19 rocket thanks aphor I will take a look
14:19 pdayton joined #salt
14:21 Deevolution joined #salt
14:21 rocket aphor that example is what I am after, I am just wondering if I can combine this with reactors.  and what happens if all of my nodes werent available when the orchestration started
14:22 aphor rocket: if you have an orchestration requisite, it will block until the requisite states return highstate.
14:23 aphor If you implement reactors, nothing is running until they are triggered by a beacon or event.
14:23 rocket ok, thanks :)
14:23 illern joined #salt
14:25 aphor synchronous vs. async may be a good way to think about it.
14:25 ekristen joined #salt
14:25 eseyman joined #salt
14:26 Tyrm joined #salt
14:28 jaybocc2 joined #salt
14:33 zmalone joined #salt
14:33 DammitJim joined #salt
14:33 mage_ so Orchestration is required when you need to to - require stuff on different machines ?
14:35 racooper joined #salt
14:37 mpanetta joined #salt
14:38 Brew joined #salt
14:40 JDiPierro joined #salt
14:44 eseyman joined #salt
14:44 anotherZero joined #salt
14:45 mik__R joined #salt
14:46 colegatron joined #salt
14:46 AirOnSkin joined #salt
14:47 illern joined #salt
14:49 jdubski joined #salt
14:50 mik__R joined #salt
14:51 SheetiS joined #salt
14:54 kulty joined #salt
14:58 Rob__ joined #salt
15:00 teebes joined #salt
15:01 eseyman joined #salt
15:02 murrdoc joined #salt
15:02 otter768 joined #salt
15:03 _JZ_ joined #salt
15:08 timoguin_ joined #salt
15:10 edrocks joined #salt
15:22 aasirc joined #salt
15:22 hasues joined #salt
15:22 losh joined #salt
15:23 penguin_dan joined #salt
15:24 yexingok joined #salt
15:24 ldelossa joined #salt
15:24 ldelossa Hey guys, what's the best way to add comments in a pillar and state file
15:24 ldelossa should I use jinja commenting or just hashes
15:25 debian112 joined #salt
15:25 Rumbles joined #salt
15:31 dthom912 joined #salt
15:31 Gabemo joined #salt
15:32 Gabemo joined #salt
15:35 teryx510 ldelossa: I don't know about best, but I use both. Hashes on normal lines, but then jinja commenting on jinja lines.
15:35 Ahlee Interesting. With master of master config, if you're auth'd on the MoM, you don't need to have an account on the syndic slave masters
15:40 clintberry joined #salt
15:42 timoguin joined #salt
15:43 ldelossa Thanks Teryx
15:47 dthom911 joined #salt
15:48 hasues left #salt
15:49 murrdoc joined #salt
15:53 Brew joined #salt
15:55 dthom91 joined #salt
15:55 cberndt joined #salt
15:57 dthom911 joined #salt
15:58 Brew joined #salt
15:58 mik__R joined #salt
15:58 cpowell joined #salt
16:02 sdm24 joined #salt
16:05 rm_jorge joined #salt
16:12 johtso joined #salt
16:13 rhodgin joined #salt
16:15 kawa2014 joined #salt
16:15 murrdoc Ahlee:  u are doing master of master ?
16:15 mage_ where i'm requiring a whole SLS is it necessary to include it too ?
16:19 maduro joined #salt
16:19 raqua joined #salt
16:19 PeterO joined #salt
16:21 breakingmatter joined #salt
16:21 jalbretsen joined #salt
16:22 raqua Hi all, I am learning Salt and I am struggling with something, that should be really simple, but does not work. Compound matchers seems to not really works as I would expects after reading the documentation. Please see here: http://pastebin.com/NE4ptfJM
16:23 whytewolf raqua: you have to use -C to get compound matching
16:23 aparsons joined #salt
16:23 Nazca__ joined #salt
16:24 xluther joined #salt
16:24 raqua whytewolf: thanks, that works, now how do I apply it to orchestration state?  There is something like  - tgt: '*'. How do I tell it to use compound?
16:25 whytewolf raqua: add a tgt_type: compound
16:25 dthom911 joined #salt
16:27 raqua whytewolf: thank you very much, that worked as well. I came by the tgt_type, but could not figure out what to put in.
16:27 raqua docs leave some to be deserved
16:29 dergrunepunkt joined #salt
16:30 nofxroky joined #salt
16:31 dergrunepunkt hi, I'm in the situation of having lots of new instaces appearing and disappearing and I'm not sure how to manage the key acceptance now being comfortable with having the master auto-accepting new keys, any ideas/suggestions will be highly appreciated
16:32 Ahlee murrdoc: Playing with it
16:33 Ahlee murrdoc: we've decided upgrading salt in place is a waste, so we're tearing it down and rebuilding it. When we rebuild it we want to make sure it's more resiliant than our current config of single points of failure
16:34 Ahlee bah.
16:34 Ahlee master of master with multpile masters, each with minions cross reporting to them skews results on master of master
16:37 aphor dergrunepunkt: salt-cloud can be used to seed minions with pre-trusted keys.
16:37 murrdoc Ahlee:  i went against master of master at work
16:37 Ahlee yeah. fuck.
16:37 murrdoc well syndic style at least
16:38 dergrunepunkt aphor: we use that to create new instances and works awesome, but to automagically created minions?, like AWS autoscaling
16:38 murrdoc i do have a mater of master
16:38 murrdoc but its just a master instance
16:38 Ahlee i guess i'll kill the MoM, put a load balancer in front of salt-api instances running on each master with nodes cross reporting
16:38 murrdoc so i can do salt <saltmaser> cmd.run "salt command>
16:39 aphor dergrunepunkt: you need to have a secure channel for key exchange.
16:40 dergrunepunkt aphor: I don't follow
16:41 Gareth o/
16:41 dfinn joined #salt
16:41 aphor dergrunepunkt: once you have a way to push a key to a minion, or verify that a minion can be trusted, it's easy.
16:42 rubendv joined #salt
16:44 Ahlee yep, MoM is out, it's acutally submitting the job twice, once through each cross-talking master
16:45 dergrunepunkt aphor: I see, I forgot to mention something important, I want to do it automatically, so is there a mech outside salt-cloud to validate a minion key automatically if say... comes from X or Y network address?
16:45 Vye joined #salt
16:45 dthom91 joined #salt
16:45 aphor dergrunepunkt: maybe you can use http://docs.aws.amazon.com/elasticbeanstalk/latest/dg/eb3-ssh.html
16:46 pmcnabb In yaml state files, why are children of "<state_module>.<function>" elements represented as a list (instead of a key:value hash)? It seems that they are turned into keyword arguments to the function anyway...
16:46 dthom911 joined #salt
16:47 aphor dergrunepunkt: just pull the minion key and give it to the salt master.
16:48 dergrunepunkt aphor: thanks, I'll look into that
16:50 aphor dergrunepunkt: http://shlomoswidler.com/2009/08/how-to-keep-your-aws-credentials-on-ec2.html <-- this also applies to salt keys for more ideas
16:53 aphor I need sanity check for an idea to do cloud provisioning using proxy minions: https://github.com/saltstack/salt/issues/25555#issuecomment-153553006
16:53 rocket hrmm I need to find a new job ...
16:54 whytewolf I'm in that boat as well rocket.
16:55 rocket hopefully working with saltstack... but I am not sure its popular enough in my area yet ..
16:55 whytewolf rocket: be glad if you don't live in las vegas. thiss place is a tech sink hole. hardly anything good ever happens here tech wise.
16:56 xluther left #salt
16:57 rocket I don't live in Vegas at least .. I have options.
16:57 RandyT Greetings
16:57 teebes joined #salt
16:57 aparsons joined #salt
16:57 maduro joined #salt
16:58 RandyT Question: when I run a salt.highstate, what determines the timeout before a master responds with "Minion did not return. [no response]"
16:58 RandyT I have a highstate process running on Windows machines that is sometimes successful. Generally, it seems to time out...
16:58 aphor rocket: what do you do?
16:58 tracphil joined #salt
16:59 sunkist joined #salt
16:59 RandyT I just ran this same highstate process against two identical setups in two different AWS accounts. One was successful, the other was not. The successful one took 491 sec to complete.
17:00 rocket aphor: I write python integrations.  Currently working on taking our product into a saas environment, but the product is not meant to run there.
17:00 ashirogl joined #salt
17:01 aphor rocket: ouch.
17:01 Brew joined #salt
17:01 rocket aphor: I do quite a bit with python and interfacing with other hardware/software
17:01 Trinity_ joined #salt
17:02 justanotheruser joined #salt
17:02 aphor rocket: I have an opening for a sysadmin ninja jack of all trades doing consulting for a Java Spring based software suite.
17:02 Trinity_ is this salt channel?
17:04 Trinity_ anybody there?
17:04 RandyT Trinity_: I hope so :^)
17:04 maduro joined #salt
17:04 RandyT Asking my question again slightly more succinctly, Is there a timeout setting to extend the time that a master waits for response from minion salt-call
17:05 troyready joined #salt
17:05 mosu left #salt
17:06 penguin_dan joined #salt
17:06 maduro joined #salt
17:09 writtenoff joined #salt
17:09 sdm24 RandyT: yep, in the /etc/salt/master config theres a "timeout" line. You can also set this per each CLI call by adding "-t 60", for example, to set the timeout time to 60 seconds
17:09 sdm24 the default is 5 seconds, BTW
17:10 sdm24 Trinity: yep, you've come to the right place (if you are looking for Saltstack stuff)
17:10 Trinity_ you mean like weed?
17:11 Trinity_ haven't heard of saltstack before
17:11 kawa2014 joined #salt
17:11 sdm24 RandyT: reading more on your issue, what happened is that one minion did not respond over a 5-second interval. The master will send out 5-second pings to each minion when a module is called. If that minion does not respond, it will timeout. But the job will still run on the minion'
17:12 sdm24 Trinity_: I think you are way off... http://saltstack.com/
17:12 sdm24 thats what we do here
17:13 otter768 joined #salt
17:14 Bryson joined #salt
17:15 nicolerenee joined #salt
17:15 Trinity_ what does mean automation for cloudops mean?
17:16 ericof_ joined #salt
17:18 sdm24 It means that Salt can easily manage the creation, deletion, and management of your cloud-based servers
17:18 armyriad joined #salt
17:19 DammitJim joined #salt
17:19 moogyver anyone want to try and help me figure this out before I go jump off a bridge out of frustration?
17:19 moogyver https://github.com/saltstack/salt/issues/28553
17:20 kawa2014 joined #salt
17:21 sdm24 moogyver: what does "salt --version" give you?
17:21 sdm24 err salt --versions-report, to show the python version
17:21 moogyver Python: 2.6.6 (r266:84292, May 22 2015, 08:34:51)
17:24 sdm24 hmm, I don't know a lot about python or salt/python version interactions, but I'm using 2.7.6 and it was installed by Salt. Sorry I can't help more
17:24 DammitJim ugh, why can't I watch a directory on this one server?
17:25 Fiber^ joined #salt
17:25 DammitJim to ensure a service is running
17:26 ldelossa Hey guys, inside of a text template, is there anyway to inject pillar data?
17:26 sdm24 DammitJim: what does your sls look like? are you using file.directory or file.recurse?
17:26 ldelossa I have a pillar on a minion which dictates which version of something I watn to download. Now I have a systemd script template where I want to pull that version number in the pillar
17:26 DammitJim tomcat6: service.running
17:27 DammitJim watch: file: /var/lib/tomcat6/lib/*
17:27 DammitJim sorry, I should have pastebin'd that
17:27 sdm24 ldelossa: yep, in your state, include a "- template: jinja" option line under whatever state the template is using
17:27 rhodgin joined #salt
17:28 sdm24 DammitJim: are you moving multiple files into the /var/lib/tomcat6/lib directory? file.recurse should work for that, and then " - watch: \n - file: /var/lib/tomcat6/lib (or whatever the ID is)" should work
17:28 ldelossa I understand that sdm, but how can I access the pillar date inside the template itself
17:28 DammitJim it's weird 'cause it works on another server
17:28 sdm24 https://docs.saltstack.com/en/latest/ref/states/all/salt.states.file.html#salt.states.file.recurse
17:28 ldelossa if that's posssible or not
17:29 sdm24 ldelossa: oh I see
17:29 ldelossa Yeah I want to have a systemd template file
17:29 nicolerenee left #salt
17:29 ldelossa inside there, I want to reference a pillar value
17:29 ldelossa and render teh systemd script with the pillar information
17:29 DammitJim sdm24, I want to make sure the system restarts the service when those files are updated
17:29 DammitJim (reload the libraries)
17:30 MTeck joined #salt
17:30 SgtMalicious joined #salt
17:30 * MTeck hugs basepi
17:30 sdm24 DammitJim: you can have multiple "watch" calls for each file.manage call you make. I can't remember if the logic is "or" or if it is "and" though
17:31 DammitJim alright
17:31 sdm24 ldelossa: is this an example of what you want? https://github.com/sdm24/MySaltStates/blob/master/salt/windows/setup/scripts/domainscript.ps1
17:31 * basepi hugs MTeck back
17:31 sdm24 ldelossa: where pillar data is loaded into a script, so when Salt tells a minion to run the script, it will load the pillar data in?
17:32 ldelossa That is basically what I'm after,
17:32 ldelossa And I've don ethis before with a map.jinja file
17:32 ldelossa but not with pillar data
17:32 andrew_v joined #salt
17:32 sdm24 ldelossa: its basically all the same. If you want to keep it familiar, you can have the map.jinja file use the pillar data
17:33 ldelossa ah hdidn't think about that either
17:33 ldelossa okay let me try this out
17:33 bhosmer joined #salt
17:33 Ryan_Lane potentially of interest to salt users: https://news.ycombinator.com/item?id=10508082
17:33 Ryan_Lane especially because of this part: https://github.com/lyft/confidant/tree/master/salt
17:34 gtmanfred nice!
17:34 whytewolf oh, very nice Ryan
17:37 sdm24 So Lyft isn't just a ride-sharing service now?
17:38 cpattonj joined #salt
17:39 ldelossa so this isn't working as expected sdm24
17:39 ldelossa let me show you waht I'm tring to do
17:39 ldelossa give me a few I'll coem back wit ha haste bin
17:40 kickerdog joined #salt
17:41 Trinity_ so is salt good?
17:41 Ryan_Lane sdm24: we are :) this is just an open source release of a service we wrote in-house
17:42 aphor Trinity_: a little bit makes everything better. Too much is a problem ;)
17:42 Trinity_ lol
17:43 ldelossa http://hastebin.com/memotiziha.sm - okay so I have a pillar with the version number, a state file which references it, but now I need my template systemd script to also reference that pillar
17:43 ldelossa when I get it back on the server, it's just a plane text file
17:43 ldelossa no rendering took place
17:45 sdm24 so thats the template, can you paste your .sls file?
17:46 sdm24 oh I see never mind, you combined it all
17:47 ldelossa yeah could have done that better lol
17:47 baweaver joined #salt
17:47 ldelossa in a little rush rigth now
17:47 sdm24 ldelossa: in your state file, under the install_service_rabbitmq ID (so at line 56, indented just like the lines above it), add " - template: jinja". That will tell salt to render any jinja in the template first, and then copy it over
17:48 RandyT Ryan_Lane: I commend you on your choice of the Apache_v2 license for Confidant, thanks for sharing this.
17:48 APLU joined #salt
17:48 sdm24 oh wait you already have it in
17:48 ldelossa yeah its in there
17:48 ldelossa no syntax error in the set command up there that I can see
17:49 sdm24 one thing you can maybe try, is have {{ var1}} or some placeholder name in the template, and then in file.managed, have " - context: \n
17:49 gekitsuu joined #salt
17:49 sdm24 - var1: {{ salt['pillar.get'].... }}
17:51 penguin_dan joined #salt
17:51 kickerdog left #salt
17:53 Ryan_Lane RandyT: yw :). yeah, apache2 is my preferred license :)
17:55 ageorgop joined #salt
17:56 ldelossa not exactly following you sdm
17:59 ldelossa actually I just have no idea what context does haha
18:00 sdm24 ldelossa: https://docs.saltstack.com/en/latest/ref/states/all/salt.states.file.html#salt.states.file.managed under that, there are "context" and "default" options, which are used to pass variable values to the template being managed
18:00 ldelossa Ohh wait I see
18:00 sdm24 so you would set that variable value to the version in pillar, and then the template would print that variable
18:00 ldelossa so make VER equal the pillar date
18:00 ldelossa data
18:00 ldelossa via teh state file
18:01 sdm24 yeah
18:01 ldelossa gotcha let me try this
18:01 sdm24 so the template renders jinja, but doesn't run any salt commands
18:05 andrew_v_ joined #salt
18:07 jhauser joined #salt
18:08 zsoftich1 joined #salt
18:12 zmalone I just learned that file.append isn't REALLY just a match and append if missing, it also does some weird string manipulation
18:12 baweaver joined #salt
18:12 furrowedbrow joined #salt
18:12 zmalone so if you are appending "foo = bar" and "foo=bar" exists, file.append will say "Okay!  All done here!"
18:13 zmalone some configuration formats feel strongly about spaces vs tabs, so that's kind of nasty
18:13 zmalone but all of file.append is kind of an antipattern
18:16 mkjgore joined #salt
18:16 mkjgore hey folks, I've tried searching but I can't seem to get what I'm looking for. Is there a simple way to list all the available salt runners on a master?
18:17 mkjgore <— N00B
18:17 ldelossa sdm that worked
18:17 ldelossa ;)
18:18 whytewolf mkjgore: if your master is a minion salt-call sys.list_runners
18:18 whytewolf mkjgore: https://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.sysmod.html#salt.modules.sysmod.list_runners
18:18 PredatorVI joined #salt
18:19 ldelossa Does anyone know the rule with templates and pillar data then? So I always need to inject variables
18:19 mkjgore whytewolf: thanks so much
18:19 ldelossa via the state that calls the tempalte?
18:20 PredatorVI Howdy folks!  Has anyone ever seen issues with the pkg.latest calls in salt 2015.8.1 on Ubuntu where it gets a "Hash Sum mismatch" trying to check for the latest, but I am able to manually do the apt-get update/upgrade without issue?
18:20 JDiPierro joined #salt
18:20 sdm24 ldelossa: good to hear. I wonder if {{ pillar['rabbit_version'] }} or whatever would've worked in the template, since its technically a different module
18:20 JDiPierro Can I use Salt to grab a log file from a bunch of minions?
18:20 aparsons_ joined #salt
18:20 sdm24 I got my own question: how do I use multiple " - exclude_pat"s in a file.recurse state?
18:21 mkjgore whytewolf: arg, turns out it's not
18:21 mkjgore (not a minion)
18:21 ldelossa sdm24, doing it with injection at the file.managed is not terrible though, I feel like it's a pretty logical place to do it
18:22 ldelossa It felt like I wasn't doing something right trying to get pillar data from a template, which really doesn't tie into being a state file
18:22 hypnosb joined #salt
18:22 sdm24 ldelossa: yep, and that way you can set a default value if the pillar breaks, or use jinja logic to set different contexts
18:22 ldelossa word up, thanks.
18:23 goldbuick__ joined #salt
18:23 sdm24 like I have a setup state for a new machine conencted to salt, and it sets an IP. the default is the current IP, but it sets a context on if 1. a manual IP is set in a pillar, 2. Getting a dig on a hostname, 3. current IP if not DHCP
18:23 sdm24 and it edits /etc/network/interfaces accordingly
18:24 ldelossa very nice
18:24 ldelossa how do you do your dig command
18:24 ldelossa and get the results in a pillar
18:24 ldelossa cmd.run ?
18:26 KyleG joined #salt
18:26 KyleG joined #salt
18:26 sdm24 {% set IP = salt['dig.A'](hostname + "." + domain)[0] %}
18:27 sdm24 where hostname and domain are set before, imported as either set values in a pillar, or from the grains if left default
18:27 ldelossa Dude, youre getting the gears turning in my head right now
18:27 Gabemo joined #salt
18:27 jaybocc2 joined #salt
18:27 ldelossa this is sick
18:27 sdm24 yeah it took a while to figure out all the logic, and they definitely aren't optimized
18:27 ldelossa I haven't thought about complete deployment yet, just app deloyment
18:28 sdm24 even looking over them now I see improvements I can make. This was like the first real state  I made with salt
18:28 Segfault_ Is it possible to keep the reactor directory in the same git repo as "salt" and "pillar" on a master configured with gitfs?
18:28 ldelossa very nice, yeah I'm seeing that this is just like coding, go at it, then refrator heavy
18:28 ldelossa refractor*
18:29 tiadobatima joined #salt
18:34 andrew_v joined #salt
18:36 dthom911 joined #salt
18:40 andrew_v joined #salt
18:41 Brenden_ joined #salt
18:41 DammitJim why am I getting this? https://gist.github.com/anonymous/86b644ea9019c44628a3
18:41 DammitJim the requisite was not found?
18:41 Brenden_ Hey gang, just did a new salt-minion install. Upon starting the service, I am seeing the following repeated: Exception AttributeError: "'list' object has no attribute 'keys'" in <bound method SREQ.__del__ of <salt.payload.SREQ object at 0x10a3e10>> ignored
18:41 DammitJim I'm looking at /var/lib/tomcat6/lib on the server
18:41 Brenden_ any thoughts on how to troubleshoot this? This is a brand new Centos 6.7 server
18:43 Rumbles joined #salt
18:43 NotBobDole joined #salt
18:47 bhosmer_ joined #salt
18:51 hal58th_ DamnitJim, you can't watch files that don't exist in your states. You also can't watch * of files.
18:51 DammitJim hhmmm... weird 'cause my other servers don't barf about it
18:51 DammitJim so, I have to be specific about the file?
18:51 DammitJim can I watch a directory?
18:52 DammitJim https://github.com/saltstack/salt/issues/663
18:52 Ahlee i miss the developers hanging in this channel
18:52 DammitJim what happened to them?
18:52 Ahlee they got busy
18:52 Ahlee and IRC is a distraction
18:53 hal58th_ Ahlee they would also get blasted with silly questions.
18:53 Ahlee indeed
18:53 Ahlee I don't blame them
18:53 Ahlee i just miss them.
18:53 Ahlee saltconf annually is not enough!
18:54 hal58th_ DamnitJim, you can use file.exists to watch something thats not salt controlled. https://docs.saltstack.com/en/latest/ref/states/all/salt.states.file.html#salt.states.file.exists
18:55 DammitJim hal58th_, all I want to make sure is that if any file in that folder is changed, that the system restarts tomcat6
18:55 hal58th_ How would salt detect that a file has changed if it's not in charge of it?
18:56 DammitJim https://docs.saltstack.com/en/latest/topics/tutorials/states_pt2.html
18:56 DammitJim are you saying I need to file.managed it first and then watch it?
18:58 hal58th_ Well think about it, Salt is aware that something has changed because IT changed it. If something has changed that Salt is not in charge of, then what would be the cut off to restart tomcat6? How old does the file need to be, what perms?
18:58 hal58th_ So yes, you tell Salt what to "file.managed" and then salt can act on it
18:58 DammitJim oh, I  have that defined here: https://gist.github.com/anonymous/c219fb4ba2e01f3feac4
18:59 DammitJim again, this is the 1st server I have come across this problem... all other 5 servers don't have this error
18:59 hal58th_ ok then change your watch statement to "file: /var/lib/tomcat6/lib"
18:59 hal58th_ you can't use asterisk
18:59 hal58th_ and it didn't match the name of the state ID.
19:00 gekitsuu_ joined #salt
19:00 DammitJim again, look at this issue: https://github.com/saltstack/salt/issues/663
19:00 DammitJim what document says I can't do asterisk?
19:01 DammitJim thatch himself says: file: /etc/httpd/*
19:01 hal58th_ well prove me wrong then. I don't have an example either direction
19:01 DammitJim hal58th_, I just gave you the link
19:02 DammitJim Thomas Hatch was the one who implemented this feature
19:02 hal58th_ https://github.com/saltstack/salt/issues/14047
19:02 DammitJim Thomas Hatch himself
19:02 hal58th_ it appears not to be documented
19:02 DammitJim now, that's from 2012
19:02 DammitJim maybe it broke later?
19:02 hal58th_ who knows
19:02 DammitJim LMAO... look at the picture at the end of your link
19:03 DammitJim that's you and I
19:04 whytewolf DammitJim: hal58th_ since watch globs on state id, not on actual files https://github.com/saltstack/salt/issues/14047
19:04 DammitJim hal58th_, thanks for the help. I know that's what you are trying to do... it's just confusing
19:05 cberndt joined #salt
19:05 geomyidae_ joined #salt
19:05 DammitJim whytewolf, not sure what that means
19:05 orion__ joined #salt
19:06 whytewolf DammitJim: state id is the first part of a state.
19:07 DammitJim yes
19:07 DammitJim in my case: /var/lib/tomcat6/libs right?
19:07 whytewolf DammitJim: where is your paste?
19:08 whytewolf yes
19:08 DammitJim https://gist.github.com/anonymous/c219fb4ba2e01f3feac4
19:08 DammitJim that's my state
19:08 forrest joined #salt
19:08 DammitJim then this is my watch state for tomcat 6: https://gist.github.com/anonymous/86b644ea9019c44628a3
19:09 whytewolf those watches don't match states
19:09 orionx left #salt
19:10 baweaver joined #salt
19:11 whytewolf DammitJim: /var/lib/tomcat6/lib/* should be /var/lib/tomcat6/lib* or /var/lib/tomcat6/lib to match the statename.
19:12 whytewolf if you had another state with an ID of /var/lib/tomcat6/webapps
19:12 whytewolf then /var/lib/tomcat6* would match both states
19:12 gekitsuu joined #salt
19:13 DammitJim oh weird... you see... salt is not complaining about webapps
19:13 DammitJim maybe I broke this other state
19:14 otter768 joined #salt
19:14 whytewolf it might not be even getting to webapps since it is second and it is stopping on first fail
19:14 DammitJim tru
19:14 DammitJim debug on the minion doesn't do anything in this case
19:15 DammitJim it doesn't even tell you what the problem is
19:15 whytewolf do you have another state with webapps?
19:15 DammitJim I do, but I haven't even applied it, yet
19:16 whytewolf try using /var/lib/tomcat6* then.
19:16 aw110f joined #salt
19:16 DammitJim whytewolf, on the state id?
19:16 whytewolf no, as the watch
19:17 whytewolf file: /var/lib/tomcat6*
19:17 DammitJim can I use /var/lib/tomcat6/lib* ?
19:17 tercenya joined #salt
19:17 whytewolf sure
19:17 DammitJim 'cause the logs folder is going to change
19:17 whytewolf do you have a state for the logs folder?
19:17 whytewolf [it doesn't mater what happens on the file system it is all about state ids]
19:17 DammitJim yes, to create it
19:17 opensource_ninja joined #salt
19:17 DammitJim OK, I'm running the state now
19:18 DammitJim let's see
19:18 DammitJim it still failed
19:19 whytewolf huh. lib* should work. try dropping the * [unless you have other states that do something inside of the lib directoy]
19:20 DammitJim whytewolf, I do... I have different files that get copied in there
19:20 whytewolf also, if they are happening in 2 different files you might need to include them in the one that does the watch
19:20 DammitJim oh, interesting
19:21 clintberry joined #salt
19:22 zmalone joined #salt
19:22 ldelossa guys dumb question - of_family , we have RedHat, Debian, FreeBSD for the major guys right
19:22 ldelossa os_family*
19:25 whytewolf ldelossa: I'm sure there are more. but thats about the gist of it.
19:27 ldelossa yeah I'm not too worried about other than then
19:27 ldelossa then that*
19:27 iggy I was waiting for the question
19:27 DammitJim whytewolf, weird... it seems that when I ran another state that puts files in the lib folder, that fixed it
19:27 DammitJim maybe file.recurse doesn't work with watch
19:28 whytewolf I'm sure it does.
19:28 whytewolf I have used it with watch before
19:29 cyborg-one joined #salt
19:30 toanju joined #salt
19:33 ldelossa Is there a module that will have rpm import a public key?
19:37 Rumbles joined #salt
19:38 ajw0100 joined #salt
19:38 ldelossa How can I install just based on an .rpm on the file system
19:39 rhodgin joined #salt
19:41 scoates_ joined #salt
19:41 forrest ldelossa, you can use 'sources': https://docs.saltstack.com/en/latest/ref/states/all/salt.states.pkg.html and then just search for 'sources' which will allow you to install an rpm.
19:42 ldelossa That's from a link tho isnt it?
19:42 ldelossa My .rpm is on a file system already
19:42 forrest ldelossa, that's fine, it's supported.
19:42 forrest just have to use the absolute path
19:42 ldelossa ahh
19:42 forrest ldelossa, It's 'qux.rpm' in the example
19:42 ldelossa local path works
19:42 ldelossa thanks forrest.
19:42 forrest np
19:42 ldelossa does the name of the dict matter in anyway?
19:43 ldelossa the foo: foo.rpm
19:43 ldelossa that value name of foo
19:43 ldelossa doesn't actually effect anything right
19:44 metalseargolid joined #salt
19:45 forrest uhhh you know I'm not sure, it might only be relevant to the values seen in salt, I've always just used the name of the RPM so it wasn't a concern.
19:46 mapu joined #salt
19:46 ldelossa Okay cool, I'll do the same sounds logical
19:47 baweaver joined #salt
19:47 sdm24 whytewolf: a little late to the party, but I have a state that I ran just now that uses service.running and watch on a file.recurse. If any of the files in the recurse change (unless deleted when clean=True), the service restarts
19:49 whytewolf sdm24: yes, exactly in line with what i was saying to DammitJim
19:50 DammitJim you are the man
19:50 sdm24 just confirming haha
19:50 whytewolf lol
19:50 ericof joined #salt
19:50 DammitJim sdm24, I must have my recurse state defined wrong
19:50 sdm24 luckily it doesn't restart when deleting files on clean: True because it cleans out the cache each time for my service
19:51 whytewolf huh, thats something i didn't even think to use file.recurse for but makes perfect sense
19:52 sdm24 thats more of a side-effect of what I'm doing, but I'll take it anyways
19:53 whytewolf lol. every point is a win :P
19:54 ldelossa Hey guys, can I do an if, elif, in jinja, but if no condition is matched, just fail the state and exit ?
19:54 llua joined #salt
19:54 llua joined #salt
19:55 sdm24 ldelossa: https://docs.saltstack.com/en/latest/ref/states/all/salt.states.test.html do an {% else %} and then a test.fail_without_changes
19:56 justanotheruser joined #salt
19:57 ldelossa thanks
19:58 ldelossa ahh this can be used as such a great debugging tool
19:59 dthom91 joined #salt
20:00 dthom911 joined #salt
20:03 cberndt joined #salt
20:06 ashirogl joined #salt
20:06 dthom91 joined #salt
20:15 denys_ joined #salt
20:16 denys_ joined #salt
20:17 denys_ joined #salt
20:17 denys joined #salt
20:21 Jimlad joined #salt
20:27 bhosmer joined #salt
20:30 ajw0100 joined #salt
20:31 dyasny joined #salt
20:34 jeffspeff joined #salt
20:35 teryx510 joined #salt
20:35 clintberry joined #salt
20:39 justanotheruser joined #salt
20:41 Destreyf joined #salt
20:42 baweaver joined #salt
20:42 llua joined #salt
20:42 llua joined #salt
20:44 CaptainMagnus joined #salt
20:45 colegatron joined #salt
20:50 losh joined #salt
20:51 dthom91 joined #salt
20:53 gekitsuu joined #salt
20:55 ashirogl joined #salt
20:57 perfectsine joined #salt
20:58 aboe joined #salt
20:59 GreatSnoopy joined #salt
20:59 s_kunk joined #salt
21:05 sdm24 joined #salt
21:09 quasiben Is there a way to add multiple grains at once with grains.append ?
21:09 eightyeight is 2015.5.5 available for centos 5?
21:09 eightyeight yes. i need .el5 RPM packages. no, i can't upgrade.
21:10 aidalgol joined #salt
21:10 zmalone https://repo.saltstack.com/yum/rhel5/salt-2015.5.5-1.el5.noarch.rpm
21:11 zmalone for eightyeight
21:11 eightyeight perfect! thx zmalone
21:11 zmalone (although I believe .5.6 was just a bug release, and included some "passwords in log files" style security fixes)
21:12 seweryn joined #salt
21:13 CaptainMagnus joined #salt
21:14 larsfronius joined #salt
21:14 eightyeight i was grabbing from koji.fedoraproject.org, and didn't see the latest el5 packages there, which is why i asked
21:15 otter768 joined #salt
21:15 ALLmightySPIFF joined #salt
21:16 dthom91 joined #salt
21:19 zmalone eightyeight: yeah, https://github.com/saltstack/salt/issues/28142 , https://github.com/saltstack/salt/issues/28556 , https://github.com/saltstack/salt/issues/28045 etc. etc. etc.
21:19 eightyeight word
21:20 zmalone abandon all hope, ye who enter here
21:20 rocket_ joined #salt
21:24 CaptainMagnus joined #salt
21:24 Segfault_ Is it possible to keep the reactor directory in the same git repo as "salt" and "pillar" on a master configured with gitfs?
21:26 NotBobDole joined #salt
21:31 gekitsuu joined #salt
21:35 clintberry joined #salt
21:37 bastion1704 joined #salt
21:42 HappySlappy joined #salt
21:43 arapaho joined #salt
21:49 cberndt joined #salt
21:50 bastion1704 joined #salt
21:54 babilen Segfault_: it is
21:54 * babilen never mixes pillars and states though
22:10 yomilk joined #salt
22:15 larsfronius joined #salt
22:15 rubendv joined #salt
22:15 perfectsine joined #salt
22:17 clintberry joined #salt
22:17 aphor https://github.com/saltstack/salt/issues/25555#issuecomment-153553006 <-- crazy? good? crazy-good?
22:18 hemebond lol, welcome back :-)
22:18 CeBe joined #salt
22:18 hemebond The title of that issue still says "salt could"
22:19 Tyrm_ joined #salt
22:21 wryfi is there a way to refer to my base environment as 'prod' instead of base?
22:22 ALLmightySPIFF joined #salt
22:25 forrest wryfi, Not as far as I'm aware. Usually base is for states where everything would be applied (say SSH configs), then you create your extra environments with specific needs from there. I would not suggest using base as prod.
22:26 wryfi forrest: the docs specifically recommend using environments for prod, stage, dev, etc.
22:27 wryfi is there something i'm not understanding?
22:30 PredatorVI joined #salt
22:30 trph joined #salt
22:31 iggy I personally avoid salt environments like the plague... but that's just me
22:31 wryfi iggy: then how do handle divergent states between, e.g. dev, stage, and prod hosts?
22:32 whytewolf wryfi: personally I keep seperate masters for each
22:32 iggy the way I've handled it in the past was different masters
22:33 forrest wryfi, regarding your question to me, I'm not sure if there is something you don't understand. If each minion is part of an env, they're also all part of base, so they all get what is in base.
22:33 iggy I don't even want to risk that someone could fat finger the top file and push stuff into production on accident
22:33 PredatorVI We are currently working with environments (dev, acc, int, stg, prd).
22:33 iggy (especially not me)
22:34 forrest iggy, do you not have automated code pushes?
22:34 PredatorVI But haven't gotten to production yet.  We may need to do separate masters.
22:34 hemebond wryfi: Just pull the config release into the next environment.
22:35 hemebond Like a regular software release.
22:35 iggy forrest: not in the past, no
22:35 forrest :(
22:35 forrest That sounds annoying
22:36 iggy meh
22:36 iggy we weren't doing CI either
22:36 forrest :|
22:36 iggy #IKnowBuzzwordsToo
22:36 forrest lol
22:37 wryfi ha
22:37 forrest CI takes like 5 minutes to set up on travis.
22:37 forrest I honestly just hate pushing code for people
22:37 forrest so if I can automate that in a generally safe way I'm all for it.
22:37 iggy it was _me_
22:38 forrest dun dun dunnn
22:38 wryfi so you guys are using completely different state trees with your multiple masters?
22:38 iggy literally, after my 3 month point at that job, I was the only person doing anything with Salt
22:38 forrest wryfi, As an alternate option when systems were provisioned at my old gig we had them all set with grains (including an env grain), and then applied states based on that
22:39 forrest so you'd have app1, dev, or app1, prod, etc.
22:39 forrest then stuff is based on those checks.
22:39 iggy wryfi: you can use branches, just lock each master to a separate branch (so you don't use gitfs branches=saltenv... you use git -> prod branch = prod saltmaster's 'base' saltenv)
22:39 PredatorVI Sticking my nose into this conversation, we are in the process of defining/implementing a full continuous deployment solution using GoCD and Salt (among other things).  The initial implementation is a based on environments and triggered via the Salt-API.  However, the issue is (as iggy illudes to) that with production minions defined on the same master, someone could accidentally do a salt '*' state.sls mybrokenstate to everything including production.
22:41 wryfi PredatorVI: that's a really good point
22:41 wryfi i'm liking the greater isolation provided by using separate masters
22:42 forrest PredatorVI, That all comes down to being able to roll back and learn from the experience in a blameless post mortem though. To me it's just not a big enough deal to be a problem, how many people have access to your salt master? That becomes especially less relevant when you have CI triggering salt pushes. So a combo of branches for your salt code should address most of that.
22:42 aphor environments still help keep states branches working in parallel.
22:43 aphor even if you use separate salt masters.
22:43 PredatorVI Currently everyone has access to the master :)
22:43 PredatorVI we are in early stages
22:43 aphor PredatorVI: how many is everyone?
22:43 iggy anybody who reads the docs on "top merging" and the code and still wants to use environments is a brave soul
22:43 * iggy runs
22:43 PredatorVI all dev and OPS
22:43 PredatorVI and qa
22:44 aphor iggy: maybe one top.sls in base is all you need.
22:44 PredatorVI iggy: another good point :)
22:44 forrest PredatorVI, Seems like that should be something you fix before other stuff. Honestly I don't like dev on the boxes at all
22:44 forrest I have yet to work somewhere that devs could keep their damn dirty hands off the prod boxes if they had access.
22:44 PredatorVI Like I said, we are in early stages so we are still working through the issues.
22:45 zsoftich1 joined #salt
22:45 forrest PredatorVI, Can't you just swap to SSH keys and only add the appropriate users via their public github key if you store it there?
22:45 iggy aphor: easier said than done (someone accidentally creates a new branch that nobody notices and it's got a top file that drifts over time)
22:45 iggy it's happened
22:46 aphor I want to get something like Gerrit set up to spin up dev environments on demand.
22:46 iggy aphor: if you're going to go that route, I'd say put the top file in a completely separate repo
22:46 aphor iggy: yes
22:47 stomith joined #salt
22:47 PredatorVI forrest:  we will definitely be restricting access at some point.  Right now everyone is just learning salt so it's easier to allow them direct access to debug
22:47 forrest ahh
22:47 baweaver joined #salt
22:47 forrest You're kinder than I am I guess :)
22:47 forrest 'Dear sir, please LEARN TO VM'
22:48 PredatorVI ...and it isn't production
22:48 aphor start developing good habits
22:48 forrest on that note PredatorVI you know I have some pre-made Vagrant stuff you could use for local work right? *opens up trenchcoat of salt repos*
22:48 iggy DON'T LET THEM GET USED TO THE POWA
22:48 PredatorVI :)
22:49 aphor http://www.ianbicking.org/blog/2015/08/conways-corollary.html <-- design your organization to control your software
22:49 forrest PredatorVI, Right here I've got this sweet set of demo apps: https://github.com/gravyboat/demo-app-1 only a few dollars each, genuine! Good quality
22:50 iggy real gold?
22:50 geekatcmu We're all learning salt, so our repo includes a Vagrantfile that, by default, will spin up a salt master on trusty, and VMs slaved to it on FreeBSD, Precise, and CentOS
22:50 forrest Well, the cent image is a little old, but otherwise pure gold.
22:50 aphor old... gold!
22:51 forrest geekatcmu, Sound similar to the repo utahdave has.
22:51 forrest If anyone wants to send me gold, let me know
22:51 geekatcmu For all I know we stole the idea from him.
22:51 forrest geekatcmu, it's a good idea, so I wouldn't blame you
22:51 geekatcmu And I've extended that into other areas.
22:53 forrest geekatcmu, https://github.com/UtahDave/salt-vagrant-demo You should make a PR against it with a secondary Vagrantfile (with a different name so it doesn't conflict for new users) and label it as multi-distro or something
22:54 geekatcmu I may do that.
22:54 * Gareth curses the very existance of Azure.
22:55 PredatorVI Now that this conversation has gone off into the weeds, has anyone seen issues with pkg.latest on Ubuntu failing because of Hash Sum mismatch errors when updating the package cache?  I can manually so the 'apt-get update' without issue, but the salt state fails.
22:56 PredatorVI *can manually do*
22:57 stupidnic can anybody give me a pointer on mysql_grants.present? I am trying to grant all on a user@%
22:57 forrest Gareth, lol
22:57 hal58th_ PredatorVI: After you run apt-get update manually, can you do "echo $?" and see if it returns non-zeo? Also I would do the same apt-get command that salt runs.
22:57 forrest Gareth, AWS of Azure, take your pick of shitty cloud providers.
22:57 stupidnic however when I do it, I think the query analyiser isn't properly escaping the host
22:58 aparsons joined #salt
22:58 PredatorVI k
22:59 forrest stupidnic, can you gist your state?
22:59 stupidnic forrest: sure hold on
22:59 stupidnic https://gist.github.com/tomwalsh/eaec8a770e183b1275a8
22:59 bhosmer_ joined #salt
23:00 stupidnic it's pretty straight forward, I have another grant right before it using localhost with no problems
23:01 Gareth forrest: Compared to Azure, AWS is so much better.
23:01 forrest Gareth, Wow really? My god, it must be horrific
23:01 Gareth it's pretty bad.
23:02 whytewolf stupidnic: what error are you getting?
23:02 forrest stupidnic, Did you already try this? http://stackoverflow.com/questions/31488033/mysql-grant-root-permission-for-any-host Where you had to grant the local perms first?
23:02 stupidnic I updated the gist with the error
23:03 forrest stupidnic, But the user DOES exist already?
23:03 dthom91 joined #salt
23:03 stupidnic forrest: yes, as I said there is another grant before this one that works fine with localhost
23:04 stupidnic it's specifically the wildcard that is causing issues
23:04 forrest yeah
23:04 stupidnic I am looking at the SO post now
23:04 whytewolf stupidnic: try '%' instead of "%"
23:04 forrest whytewolf, lol I was just going to say the same :\
23:04 stupidnic whytewolf: I did that already, sadly the code strips it. I looked at the source to confirm
23:05 stupidnic modules/mysql.py line 464
23:05 stupidnic host = host.strip("'")
23:05 forrest stupidnic, Any chance that you need to set the saltenv variable for LC_ALL to utf-8? I know I've had some issues with that in the past.
23:06 stupidnic forrest: that's highly possible openstack likes everything to be utf-8
23:06 sunkist joined #salt
23:06 forrest stupidnic, Yeah I assume the DB was already created as utf-8 right?
23:06 whytewolf stupidnic: here is EXACTLY what I currently use https://gist.github.com/whytewolf/0f4913b3b50c7a1f4fa7
23:07 forrest stupidnic, Also, don't special characters like that HAVE to be escaped with a backslash?
23:07 stupidnic whytewolf: let me modify the mysql_user.present and see if that fixes
23:07 stupidnic forrest: I put it in quotes and salt doesn't complain after that
23:07 forrest stupidnic, okay.
23:07 stupidnic if I do \% for the host it just happily passes it along
23:07 hal58th_ Does anyone know how to do an opposite of "onchanges". I want a service to be started but only if a state was not changed.
23:08 stupidnic and I end up with a keystone@\% which is no bueno
23:08 forrest stupidnic, Yeah that's no good at all.
23:08 hemebond What about "'%'"
23:08 stupidnic hemebond: tried that one too
23:08 hemebond There's a thing with YAML and quotes.
23:08 stupidnic the doubles are parsed and then passed to the mysql.py which then strips the singels
23:08 hemebond Ah.
23:08 hemebond It doesn't put them back in afterwards?
23:08 hemebond It really should.
23:09 stupidnic Trust me... I poked at this for a while with a stick before jumping in here
23:09 iggy use multiline literals?
23:09 stupidnic I am commiting whytewolfs suggestion now
23:09 whytewolf stupidnic: honestly not sure what you have going cause like i said I posted a working config I use for my own openstack setup
23:10 stupidnic yeah I am sure it is the user.present definition that is messing with me
23:10 stupidnic I had localhost there
23:10 stupidnic so I am changing that to % now to see if it fixes the issue
23:13 stupidnic So changing the mysql_user.present to use the % fixed the issue, but the grant definition still fails but it corrects the issue
23:13 bfoxwell joined #salt
23:13 stupidnic not sure how much more I want to fiddle with this
23:13 whytewolf the grant fails but it fixed the issue?
23:14 stupidnic whytewolf: yeah because the user.present is now working with other parts of the code (db_sync)
23:14 whytewolf so the surgery was a sucess, but the patent died
23:14 stupidnic but the actual grant with the wildcard host is still failing, but my net result working
23:14 stupidnic so basically... yeah
23:14 whytewolf okay, that is strange.
23:15 whytewolf it shouldn't work if the grant failed cause it shouldn't have permissions
23:15 hal58th_ Does anyone know how to do an opposite of "onchanges". I want a service to be started but only if a state was not changed.
23:15 stupidnic whytewolf: I am looking at the actual mysql tables now
23:16 otter768 joined #salt
23:16 stupidnic yep the db grant all is clearly there
23:16 stupidnic this is a galera cluster so it is possible that it came from the other cluster memeber
23:17 stupidnic no... I am only running my states against the master
23:17 whytewolf ahh gallera.. 'shudder' I still have waking nightmares about it
23:17 stupidnic so yeah that doesn't apply
23:18 whytewolf hal58th_: I do not know. I don't think there is an oppisite to onchange
23:18 hal58th_ bummer
23:18 whytewolf hal58th_: maybe onfail
23:19 hal58th_ is there a way for a cmd state to make salt wait for it to finish. I was doing /etc/init.d/mysql --wsrep-new-cluster but it doesnt seem to wait for it to finish
23:20 stupidnic whytewolf: for the keystone setup on openstack, are you running the commands for the initial service and identity as cmd.run?
23:21 whytewolf stupidnic: honestly I can't remember. whole thing is orchestrated. i know the db sync is done with cmd.run
23:22 whytewolf but everything else is keystone modules
23:22 stupidnic k. that's what I am doing.
23:22 stupidnic just confirming that I am on the right track
23:23 lionel joined #salt
23:24 baweaver joined #salt
23:25 whytewolf stupidnic: here is what I'm using for the service stuff for keystone [I have each openstack part put in it's own keystone stuff. just in case i don't want to install that module] https://gist.github.com/whytewolf/d76d179ec70414bbd222
23:26 stupidnic Thanks for that
23:27 whytewolf one of these days I should get unlazy and actualy put some of thise into pillars
23:28 sontek joined #salt
23:28 iggy hal58th_: that would be something in the script... by default salt waits, I'm guessing the script says "okay, this is what they want us to do, return and continue in the background"
23:28 lionel joined #salt
23:29 hal58th_ Yeah, I can't figure out for a way of salt to wait for output using cmd.wait. Maybe cmd.wait_script works better.
23:30 ALLmightySPIFF joined #salt
23:31 hal58th_ ah, user problem...
23:38 quix joined #salt
23:41 otter768 joined #salt
23:42 geomyidae_ joined #salt
23:47 vikas joined #salt
23:48 zmalone joined #salt
23:50 whatapain ugh, selinux is a pain in my ass
23:50 whatapain can't even start rsyslog for f-sakes
23:51 whytewolf not just your ass.
23:51 whytewolf although once setup right selinux isn't that bad. it is the whole setting it up right part though
23:53 vikas Hello #salt, have a question related to salt proxy minion. What I can gather from docs that proxy minion processes have one-to-one relation with endpoint it is controlling. Is it possible a proxy minion can control multiple endpoints? The use case I have is suppose I have 1000s network devices that I want to manage through salt. Does this mean I need to have 1000 minion process running?
23:53 whatapain sure, anything works once you set it up to work
23:53 whatapain the problem is the amount of work i have to do to get it setup to work just to install the latest version of rsyslog makes no sense
23:55 whytewolf whatapain: fixing selinux is easy setenforce 0
23:55 whytewolf and yees that was a joke
23:57 whatapain :)
23:57 whatapain well, honestly, that's what i'm doing
23:58 whatapain otherwise i have to create shell scripts to execute semanage and restorecon commands
23:58 whatapain then figure out a way to set an unless: so it only runs once
23:58 whatapain blah blah blah :)

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary