Perl 6 - the future is here, just unevenly distributed

IRC log for #salt, 2016-06-02

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:00 rem5 joined #salt
00:01 hrumph how often are the devel branch docs snapshotted?
00:07 aagbds joined #salt
00:11 Tyrm joined #salt
00:11 Deliants joined #salt
00:11 ajw0100 joined #salt
00:14 Deliant- joined #salt
00:28 nidr0x joined #salt
00:28 aagbds joined #salt
00:32 Deliants joined #salt
00:34 aagbds joined #salt
00:35 cyborg-one joined #salt
00:38 hasues joined #salt
00:42 ageorgop joined #salt
00:43 berserk joined #salt
00:44 hasues left #salt
00:45 Nahual joined #salt
00:46 Tyrm joined #salt
00:49 brotatochip joined #salt
00:50 Tyrm joined #salt
00:54 brotatochip joined #salt
00:59 cyborg-one joined #salt
01:00 brotatochip joined #salt
01:01 flowstate joined #salt
01:02 bltmiller joined #salt
01:04 aagbds joined #salt
01:08 jhauser joined #salt
01:09 ssplatt joined #salt
01:11 Tyrm joined #salt
01:12 catpiggest joined #salt
01:12 justanotheruser joined #salt
01:14 jhauser_ joined #salt
01:14 rem5 joined #salt
01:16 rylnd joined #salt
01:19 rylnd morning!
01:21 rylnd has anyone seen "Could not LazyLoad system.dead: 'system.dead' is not available" on a ubuntu system?
01:23 onlyanegg joined #salt
01:25 ssplatt joined #salt
01:26 Tyrm joined #salt
01:28 Tyrm_ joined #salt
01:32 rylnd ah never mind. i should not do this things so wee early in the morning when i am sleep deprived. NARF
01:46 DanSlimmon joined #salt
01:53 evle joined #salt
01:54 Ayo joined #salt
01:59 berserk_ joined #salt
01:59 spuder joined #salt
01:59 flowstate joined #salt
02:00 racooper joined #salt
02:02 edrocks joined #salt
02:07 spuder_ joined #salt
02:11 DEger joined #salt
02:23 majikman joined #salt
02:24 rem5 joined #salt
02:28 watersoul joined #salt
02:30 favadi joined #salt
02:32 watersoul joined #salt
02:40 ashmckenzie joined #salt
02:57 rawzone joined #salt
02:59 flowstate joined #salt
03:08 mekhami joined #salt
03:08 mekhami is anyone here? I found a broken link in the getstarted tutorial
03:09 mekhami https://docs.saltstack.com/en/getstarted/fundamentals/top.html at the bottom, the button to 'Continue to Configuration Management Get Started' is broken
03:09 hrumph babilen, are you here?
03:31 rgrinberg joined #salt
03:35 ajw0100 joined #salt
03:48 cliluw joined #salt
03:48 mapu joined #salt
03:55 thalleralexander joined #salt
03:57 k_sze[work] joined #salt
03:59 ramteid joined #salt
04:01 flowstate joined #salt
04:02 ajw0100_ joined #salt
04:04 edrocks joined #salt
04:04 * evilrob is looking for someone to do saltstack+ceph+openstack+linux -- infrastructure as code style devops (looking for as in hiring)
04:08 wt0f joined #salt
04:24 philiaagape joined #salt
04:25 ajw0100 joined #salt
04:25 gtmanfred joined #salt
04:25 JoeJulian joined #salt
04:26 sk_0 joined #salt
04:26 monkeybox joined #salt
04:26 mTeK joined #salt
04:32 ninjada joined #salt
04:34 loveTOscoot joined #salt
04:40 loveTOscoot I have what I think is a repeatable bug.  16.04 x64 server.  Add the latest salt repos.  Perform update/upgrade and install salt in self mastered mode. Install pygit2 (now available via apt-get) attempt to use gitfs backend.
04:40 loveTOscoot Result: [ERROR   ] Error occured fetching gitfs remote 'https://git.company.com/project/Salt-Repo.git': Failed to resolve address for https: No address associated with hostname
04:41 loveTOscoot I can confirm that the URL is resolvable from the host.
04:41 sjorge joined #salt
04:42 loveTOscoot It appears a few people have had this problem previously, but there was no resolution: https://irclog.perlgeek.de/salt/2015-12-17#i_11733218
04:42 loveTOscoot and https://github.com/saltstack/salt/issues/29790
04:42 saltstackbot [#29790]title: gitfs: No address associated with hostname for https protocol | When attempting to use a gitfs remote that's found via https, I get the following error:...
04:44 loveTOscoot I can repeat this error from a fresh 16.04 ISO install to a new VM.  All my spacing is correct.
04:45 loveTOscoot I'm running "salt-run fileserver.update -l debug" to test the link
04:55 loveTOscoot just tried it with a github URL, same result: [ERROR   ] Error occured fetching gitfs remote 'https://github.com/mcsrainbow/salt-states-hadoop.git': Failed to resolve address for https: No address associated with hostname
04:58 Miouge joined #salt
04:59 flowstate joined #salt
05:03 rdas joined #salt
05:03 ssplatt joined #salt
05:07 ninjada_ joined #salt
05:18 Miouge joined #salt
05:18 onlyanegg joined #salt
05:20 DEger joined #salt
05:23 Sylvain31 joined #salt
05:24 sauvin joined #salt
05:29 hlub loveTOscoot: what if you test with like github.com/...
05:30 hlub i.e. try to remove the https part.
05:32 loveTOscoot changing to http: or git: definitely changes the behavior, but since I don't expose ports outside of 443 for git, this is a no go.
05:33 loveTOscoot I'm have doubts about removing the protocol in the URL
05:33 hlub you can also specify the port like github.com:443/...
05:33 felskrone joined #salt
05:33 ssplatt ahammond: look at some other execution modules and runners to see how they import logging and such
05:34 hlub it just seems, according to the errormessage, that it now mistakenly assumes the https as the hostname.
05:35 loveTOscoot that was the impression that other people had for switching from either git: or http: to https:, that the error reads that way.
05:36 loveTOscoot but the walkthrough uses this exact nomenclature: https://docs.saltstack.com/en/latest/topics/tutorials/gitfs.html#simple-configuration
05:39 favadi joined #salt
05:39 loveTOscoot I also checked my package versions for libgit2 and pygit2 and they match at .24.  This was what held me up previously, but now both are at .24 in the package manager, salt-master no longer hangs
05:42 loveTOscoot one other minor detail: on a fresh 16.04 install, the debug output of the fileserver.update also calls out a failure of libnacl python libraries.  Installing this library using pip resolves this error.
05:52 macheck joined #salt
05:53 loveTOscoot the only packages I'm installing after the initial OS config are: salt-common salt-master salt-minion python-pygit2.  Is there a chance I need something else to help it interpret a URL with hjttps
05:54 ssplatt loveTOscoot: are you not using a package manager to install dependencies?
05:54 ssplatt or the bootstrap.sh?
05:55 loveTOscoot Ah, sorry it was not my intention to imply that.  I'm using apt-get which maps all the dependencies.
05:55 felskrone joined #salt
05:58 evle joined #salt
05:59 flowstate joined #salt
06:01 loveTOscoot previous to that I'm adding the GPGkey and adding the saltstack URL to my sources list (the default package that ships with 16.04 has the glob error)
06:01 ninjada joined #salt
06:02 ssplatt if you’re installing salt-master with apt it should grab all it needs.  only thing i can think of for https would be libssl
06:03 ssplatt are you using the real github.com or a GHE server
06:03 ssplatt you may need certificates installed
06:04 macheck left #salt
06:06 macheck joined #salt
06:06 edrocks joined #salt
06:08 manji joined #salt
06:16 loveTOscoot I manually grab the certificate and install it to the store
06:17 loveTOscoot btw, the glob error I was referring to affects the salt packages that ship with 16.04.  Here's the explaination: https://github.com/saltstack/salt/issues/32114
06:17 saltstackbot [#32114]title: Wrong validation type for file_ignore_glob key | ### Description of Issue/Question...
06:18 loveTOscoot For the cert I use: echo "" | openssl s_client -showcerts -host git.company.com -port 443 2> /dev/null | openssl x509 | tee /usr/local/share/ca-certificates/company.crt
06:19 loveTOscoot then: update-ca-certificates
06:20 ninjada_ joined #salt
06:21 Mowens joined #salt
06:30 dmaiocchi joined #salt
06:31 Ayo joined #salt
06:34 jhauser joined #salt
06:37 sauvin joined #salt
06:38 dmaiocchi joined #salt
06:44 zoski joined #salt
06:50 fracklen joined #salt
06:51 ivanjaros joined #salt
06:57 yomilk joined #salt
06:58 fracklen joined #salt
06:59 fracklen joined #salt
07:00 flowstate joined #salt
07:00 babilen hrumph: pong
07:03 impi joined #salt
07:03 ninjada joined #salt
07:07 toanju joined #salt
07:07 alexlist joined #salt
07:07 deniszh joined #salt
07:12 kawa2014 joined #salt
07:13 remyd1 Hi; I have some difficulties to understand the difference between require_in require and prereq. prereq is a prerequisite, so it should be ok before executing ? require is just require, so that means it only executes when the condition is validate ? I do not understand quite well the difference
07:15 babilen The difference between require_in and require are clear though?
07:15 KermitTheFragger joined #salt
07:15 babilen 'require' and 'require_in' essentially only change the order in which states are run in that the required state is run earlier than the requiring state
07:16 babilen 'prereq' is about ordering as much as it is about running the requiring state at all in that the requiring state wouldn't run if the required state doesn't have changes.
07:17 punkoivan joined #salt
07:17 babilen The example given in the documentation exemplifies this by showing two states of which the requiring state would shut down a service (i.e. apache) if some of its configuration changed. The service will *not* be shutdown if the prerequired state (i.e. file.recurse) has no changes
07:19 mosen prereq?
07:21 mosen watch/prereq/onchanges gets confusing :)
07:22 remyd1 Ok, so if there is no changes in prereq it won't be executed ?
07:22 remyd1 mosen:  same for me :)
07:22 mosen I think when i started there was only watch and require
07:22 remyd1 although I already read the documentation twice^^
07:24 AndreasLutro afaik prereq means "if this state is supposed to change, run this other state first"
07:24 AndreasLutro I've never had to use it
07:24 mosen oh right there's a little bit of nuance with watch where it runs mod_watch
07:25 slav0nic joined #salt
07:26 remyd1 AndreasLustro: ok, I think I understood
07:27 remyd1 thx babilen and AndreasLustro. However if it is supposed to change, why not using onchanges rahter than prereq ?
07:28 babilen remyd1: That would run it *afterwards*
07:28 babilen It is about performing an action before another state if that one has changes
07:28 oyvindmo joined #salt
07:28 babilen Think of a service that can't be running if you tinker with something else
07:29 babilen If you don't tinker you don't want to shut it down, but if you do then you have to shut it down before you change things
07:30 remyd1 Ok; thanks. That is pretty clear :)
07:30 mosen ah very good explanation
07:33 wilsonhuang joined #salt
07:36 wilsonhuang Hi there, I encounter a strange behaviour of salt. In top.sls of state, I added these two lines:
07:36 wilsonhuang 'prod-pg02':     - crons.prod-pg02
07:37 wilsonhuang these two lines are used to deploy cron jobs on minion 'prod-pg02'
07:37 wilsonhuang what I expect is only minion 'prod-pg02' can apply this setting
07:38 babilen Is any of you guys using vagrant and in a position were they could spin up a jessie box easily? If so I'd appreciate it if you could test running "wget -O bootstrap_salt.sh https://bootstrap.saltstack.com", "sudo bash bootstrap_salt.sh -M" and "cat /var/log/salt/master" for me
07:38 babilen (also paste the log output to http://refheap.com, http://paste.debian.net, https://gist.github.com, http://sprunge.us, … )
07:38 wilsonhuang But I run "salt-call state.apply crons.prod-pg02" on another minion "abc", those cronjobs are installed successfully
07:38 wilsonhuang This is not what I want
07:38 babilen wilsonhuang: Well, you are executing the state explicitly
07:39 babilen If you were to run "salt-call state.highstate" on that other minion that state wouldn't be included
07:39 babilen You can, naturally, run whatever states you want by explicitly running them with "salt-call state.sls .." or "salt-call state.apply ..."
07:41 wilsonhuang Oops, won't it cause security problem? I might put some sensitive settings in salt master for some servers, but another servers can fetch those settings if they want.
07:44 jakshi joined #salt
07:44 warpaint joined #salt
07:44 jakshi Ohai All. I have issue with installing packages with salt. when I do it with salt it takes:     Duration: 706343.772 ms
07:45 jakshi may be salt have some specifics about installing packages?
07:45 jakshi if you install the same package manually from console it installed almost immeditately
07:48 babilen wilsonhuang: Everything you put in states is available to all minions .. if you want to keep things private then keep them in pillars. They are meant to be used for sensitive data. Also: Do not target those pillars based on grains as you can't trust them (a minion can claim to have whatever grains it wants)
07:48 babilen jakshi: Which version/platform?
07:49 babilen (version of salt that is)
07:49 jakshi salt 2016.03 platform gentoo
07:49 jakshi I use binary packages
07:49 jakshi EMERGE_DEFAULT_OPTS="--jobs 1 --usepkg --usepkgonly"
07:49 babilen jfindlay: ^^ frequent reports such as jakshi's are the reason why I thought that it hasn't been solved yet
07:50 babilen jakshi: Could you run "salt-call -ldebug state.sls YOURSTATE" and paste the result to one of http://refheap.com, http://paste.debian.net, https://gist.github.com, http://sprunge.us, … ?
07:50 hoonetorg joined #salt
07:50 dgutu joined #salt
07:51 jakshi sure, just a moment
07:51 babilen (with the packages not installed naturally)
07:52 babilen Hmm .. that would take a while though :-/
07:52 babilen jakshi: Run that command on the minion btw
07:53 jakshi okay sure
07:54 wilsonhuang babilen: Thanks for your help, I'll try
07:57 ivanjaros joined #salt
08:00 flowstate joined #salt
08:01 babilen jakshi: Alternatively: Stop the minion, start it with "salt-minion -ldebug" and run the command from the master
08:04 jakshi thank you
08:04 jakshi I think I solved an issue for my config
08:04 jakshi when I first run debug
08:04 jakshi I saw
08:04 jakshi [DEBUG   ] Called modules.pkg.install: {'name': 'base_packages', 'refresh': True, 'sources': None, 'pkgs': [{'app-misc/tmux': None}], 'binhost': None, 'kwargs': {'normalize': True, 'saltenv': 'base', 'skip_verify': False, 'version': None, 'allow_updates': False, 'reinstall': False}}
08:05 jakshi so I added no sync and force binpkg
08:05 josuebrunel joined #salt
08:05 jakshi and now it works much faster
08:05 jakshi Duration: 24587.919 ms
08:05 babilen Good
08:05 jakshi [DEBUG   ] Called modules.pkg.install: {'name': 'app-misc/tmux', 'refresh': False, 'sources': None, 'pkgs': None, 'binhost': 'force', 'kwargs': {'normalize': True, 'saltenv': 'base', 'skip_verify': False, 'version': None, 'allow_updates': False, 'reinstall': False}}
08:05 babilen So it did the gentoo thing of compiling it from source?
08:06 jakshi it installed package from binary source
08:07 jakshi - name: app-misc/tmux
08:07 jakshi - binhost: force
08:07 jakshi - refresh: False
08:07 jakshi
08:07 jakshi this is resulting config
08:07 jakshi in state
08:08 jakshi thank you very much for useful command and advice
08:08 edrocks joined #salt
08:11 Miouge_ joined #salt
08:15 lero joined #salt
08:16 s_kunk joined #salt
08:19 babilen jakshi: No, I meant: "Did it compile it when it took so long?"
08:20 GreatSnoopy joined #salt
08:24 my50c joined #salt
08:25 kbaikov joined #salt
08:28 krymzon joined #salt
08:28 keimlink joined #salt
08:29 jakshi @babilen: No, it did eix-sync. Our gentoo setup forbid packages compilation. Only binary packages install is allowed.
08:33 user__ joined #salt
08:33 user__ hi
08:33 babilen jakshi: What is eix-sync?
08:34 user__ No clue
08:35 user__ Why my minion not returning anythhing
08:38 user__ Hello
08:38 user__ Anyone home
08:38 babilen user__: Maybe you haven't targeted anything at your minion? Why do you think that i ....
08:39 babilen nvm
08:40 jakshi @babilen eix is external utility for providing info about installed and available packages. eix-sync synchronize packages database.
08:40 jakshi it's shorthand for
08:40 jakshi root #emerge --sync
08:40 jakshi root #cp -a /var/cache/eix/portage.eix /var/cache/eix/previous.eix
08:40 jakshi root #eix-update
08:40 jakshi root #eix-diff
08:40 babilen Sounds like something you want to do if you expect salt to provide up-to-date information
08:41 user__ I have accepted key as .pub file
08:42 user__ minion_id1:     Minion did not return. [No response]
08:42 babilen user__: How did you accept it?
08:42 user__ salt 'minion_id1' test.ping
08:43 Nothos927 joined #salt
08:43 babilen No, I meant: How did you accept the key?
08:43 jakshi @babilen in theory - yes. in practice wait 700 seconds to install tmux is too much.
08:44 user__ cp glob.pub /etc/salt/pki/master/minions/minion_id1
08:44 babilen jakshi: Sure, but that sounds like a problem with the way Gentoo implements their "sync" database. On Debian, for example, you simply download a couple of diffs or, if there are too many, a few files that will be downloaded in a short time.
08:44 babilen user__: Any particular reason why you didn't run "salt-key -A" ?
08:45 babilen And what is "glob.pub" ? Where is it from?
08:45 jakshi @babilen on gentoo you usually do the same as on debian.
08:45 jakshi Sync the Portage tree using the mirrors by obtaining a Portage snapshot that is at most a day old:
08:45 jakshi root #emerge-webrsync
08:45 user__ The key glob '*' does not match any unaccepted keys.
08:45 kbaikov joined #salt
08:45 Ayo joined #salt
08:45 babilen user__: That's what happened before?
08:46 honestly ugh, is there a way to make salt error out when a pillar render fails? it's extremely stupid that it will just happily apply whatever states it's told to when there is no / a completely broken pillar
08:46 user__ @bab yeah man\
08:46 babilen honestly: It does that .. unless it is an external pillar, but the way that is being handled changed a lot as well
08:47 babilen honestly: IIRC with external pillars they now differentiate between: 1. Pillar returned data 2. Pillar returned an empty dict 3. Pillar raised exception
08:47 user__ @bab I started Salt 8 hours ago
08:47 honestly it's not an external pillar.
08:47 honestly it's a merged pillar.
08:47 babilen user__: So .. where is glob.pub from?
08:47 user__ explain it like you are doing it for 8 year old child
08:48 MadHatter42 joined #salt
08:48 user__ in root
08:48 babilen user__: Which root?
08:48 user__ my ubuntu root
08:48 yuhlw joined #salt
08:48 babilen 'root' as in the user or root as in / in the filesystem?
08:50 user__ How to find out?
08:50 AndreasLutro I think before you use salt you should have some basic understanding of how a linux system works
08:50 babilen I don't know .. it would be great if you could remember what you did
08:50 user__ I used sudo -i
08:51 yuhlw joined #salt
08:53 fracklen joined #salt
08:55 fracklen joined #salt
08:56 yuhlw joined #salt
08:57 user__ Yo @bab
09:00 babilen user__: There is little I can do if you can't tell me what you did exactly. I asked you where "glob.pub" was from and "sudo -i" is not related to that at all. I am not exactly sure where the problem lies, but if you want help on IRC you should be able to tell people which commands you ran, what you expected to happen and what did happen.
09:01 user__ Minion did not return. [No response] Why is this coming and how should I rectfy it
09:01 flowstate joined #salt
09:02 babilen So, back to square one: 1. Where did you find the "glob.pub" file 2. Why didn't you use "salt-key -A" to accept the minion's key? 3. How did you configure your master *and* minion? (paste their configuration files without commented bits)
09:03 berserk joined #salt
09:04 user__ 1, When I used ls at root@username:~# ls, it gave me this glob.pub
09:04 user__ It is a public key
09:05 user__ I want to it to return some valur
09:05 N-Mi joined #salt
09:05 user__ value*
09:05 user__ I didn't used salt-key -A cz I didn't had a unaccepted key
09:06 rakan joined #salt
09:07 user__ I created one using cp
09:10 jakshi @babilen in our specific setup of gentoo we have only one host that sync gentoo packages database. and the same hosts then build binary packages. and then it share all that to all other gentoo hosts. so we could be sure that all gentoo nodes uses the same database/packages. so we don't need sync with gentoo servers before installing package. This scheme is pretty usual for big gentoo setup.
09:10 berserk joined #salt
09:15 rakan drawsmcgraw: Hi... just tried your command for setting a pillar into the the minions local.cmd('*', 'test.ping', pillar="{'foo': 'bar'}")... then once it's done, i tried doing salt pillar.ls on one of the minions but the pillar is not listed. Does it have a limited scope (lifetime) until the end of the command it was passed with?
09:18 rbjorklin rakan: Pretty sure that's how it works yes.
09:20 rakan rbjorklin: i see. i'll try executing pillar.get instead of test.ping to double check
09:29 dmaiocchi joined #salt
09:38 bmcorser does salt have a noop mode like puppet?
09:39 babilen jakshi: Right, I can appreciate that it would be a total nightmare if every single box in a large cluster would have to compile every single package.
09:40 haaj joined #salt
09:40 babilen bmcorser: "test=True" does that, doesn't it?
09:40 bmcorser oh yeah
09:48 rsanting joined #salt
09:54 bmcorser anyone here have any experience with puppet?
09:54 bmcorser i never used it because ewwww ruby but i've got a job coming up that wants me to work with puppet
09:55 bmcorser what can i say to convince them to use salt
09:55 bmcorser they are technical people
09:59 flowstate joined #salt
10:01 manji joined #salt
10:03 babilen "eeeew Ruby" doesn't cut it?
10:05 babilen bmcorser: There are some articles that compare different tools. You might also want to implement the same problem in both, Puppet and Salt, and then compare them.
10:06 bmcorser i think puppet uses https as its main transport, where salt uses zmq afaik
10:07 bmcorser that's a pretty good argument for speed and security or whatever
10:07 rakan rbjorklin: pillar="{'foo':'bar'}" doesn't seem to work when passing it directly to cmd. Should it be something like kwarg={'pillar': {}} ?
10:08 jgelens joined #salt
10:11 edrocks joined #salt
10:17 fracklen joined #salt
10:17 fracklen joined #salt
10:25 Miouge joined #salt
10:31 Miouge joined #salt
10:37 Miouge joined #salt
10:37 colegatron joined #salt
10:37 haaj joined #salt
10:51 fredvd joined #salt
10:53 dendazen joined #salt
10:54 Miouge joined #salt
11:00 Miouge joined #salt
11:06 Miouge joined #salt
11:06 fracklen joined #salt
11:07 fracklen joined #salt
11:13 Garo_ joined #salt
11:14 amcorreia joined #salt
11:29 haaj joined #salt
11:42 Miouge_ joined #salt
11:44 inad922 joined #salt
11:45 Miouge joined #salt
11:47 Miouge joined #salt
11:47 numkem joined #salt
11:48 Qlawy How to clean unneeded tunnels in neutron ovs?
11:49 abednarik joined #salt
11:50 hopthrisC joined #salt
11:51 babilen Qlawy: Are you sure you meant to ask that in #salt ?
11:51 drawsmcgraw bmcorser: I tell people Salt is a platform on which you build great capabilities. At the risk of shameful self-promotion, it was the topic of my talk at this last Saltconf - http://www.slideshare.net/DrewMalone/saltconf16-salt-is-not-configuration-management
11:51 Miouge_ joined #salt
11:55 Qlawy babilen: arw.. again :(
11:55 * Qlawy crock
11:55 Qlawy -_-
11:58 mage_ any idea how to gpg encode a ssl private key ?
11:58 mage_ the echo -n 'xxx' | gpg --armor --batch --trust-model always --encrypt -r mykey isn't very practical for such stuff ... :(
11:59 ninjada joined #salt
12:02 honestly AndreasLutro: do you know of an easy way to determine whether a salt-ssh call had failed states in bash? the obvious way (return code) doesn't work, of course
12:03 AndreasLutro step 1 would be not to use bash
12:03 AndreasLutro I've found no reliable way to check if a state run was succcessful other than iterating through the state return data
12:04 honestly euughhhh
12:04 honestly I want user-readable output
12:05 honestly and this bash script is exactly what bash is the right tool for, it's just a collection of commands that would otherwise copy-pasted from an article in an internal wiki
12:05 honestly (plus "|| echo panic; exit 1" appended to every command_
12:05 honestly )
12:07 manji joined #salt
12:07 martoss joined #salt
12:09 mage_ cant I run a 2016.3.0 master with 2015.8.3 clients ?
12:09 AndreasLutro you probably can
12:09 AndreasLutro wouldn't be surprised if there were subtle bugs though
12:09 mage_ ok ..
12:13 edrocks joined #salt
12:13 hlub does salt-ssh upload custom exectuion modules?
12:14 AndreasLutro yes hlub
12:15 markm__ joined #salt
12:15 hlub I try to run state.sls some_sls_file but results with zero states executed. I've a custom function that loads the data from pillar and the sates are enclosed by jinja conditions.
12:15 hlub this thing works normally but not with salt-ssh.
12:16 AndreasLutro what version of salt are you on?
12:16 AndreasLutro and in what way does it not work
12:16 hlub 2015.8.10
12:17 AndreasLutro both salt-ssh and regular salt?
12:17 ssplatt joined #salt
12:17 hlub actually both are 2015.8.8.2
12:18 AndreasLutro mm
12:18 AndreasLutro I made a fix for salt-ssh module execution in 2015.8.9
12:18 AndreasLutro you might want to try and upgrade
12:18 hlub yeah
12:18 radhac joined #salt
12:20 tracphil joined #salt
12:23 manji joined #salt
12:23 haaj joined #salt
12:26 thenut joined #salt
12:27 hoonetorg joined #salt
12:28 thenut is there any workaround or alternative module for managing ssh keys on a system running in fips mode (MD5 is disabled)?  salt.modules.ssh fails immediately on those systems
12:28 manji joined #salt
12:34 TooLmaN joined #salt
12:39 honestly well I'm sure whatever ssh lib salt uses underneath has this already fixed, so try updating that maybe?
12:40 dgutu joined #salt
12:40 honestly or just use file.managed for '/home/{{user}}/.ssh/authorized_keys'...
12:41 honestly what I used to do was set up an alternative authorized_keys file (cleverly named /home/{{user}}/.ssh/authorized_keys2) that I just file.managed
12:42 evle1 joined #salt
12:43 dendazen joined #salt
12:44 fracklen joined #salt
12:44 fracklen joined #salt
12:50 haaj joined #salt
12:53 thenut honestly: the salt documentation indicates that this is not fixed
12:53 thenut i believe it is used for managing old known_hosts files that would actually use md5
12:53 dgutu joined #salt
12:53 thenut but the md5 piece gets loaded irrespective of whether it's needed, so the whole module bombs out
12:54 rem5 joined #salt
12:59 impi joined #salt
12:59 rsanting joined #salt
13:00 tapoxi joined #salt
13:01 jerematic joined #salt
13:01 Tyrm joined #salt
13:02 Tyrm joined #salt
13:02 _JZ_ joined #salt
13:03 GreatSnoopy joined #salt
13:04 stanchan joined #salt
13:05 bluenemo joined #salt
13:07 nmadhok joined #salt
13:08 gh34 joined #salt
13:09 mikecmpbll joined #salt
13:10 subsignal joined #salt
13:12 haaj_ joined #salt
13:18 flowstate joined #salt
13:19 tmclaugh[work] joined #salt
13:21 flowstat_ joined #salt
13:21 s_kunk joined #salt
13:21 aagbds joined #salt
13:23 subsignal joined #salt
13:24 stanchan joined #salt
13:25 DEger joined #salt
13:25 Electron^- joined #salt
13:26 komputes joined #salt
13:26 remyd1 is there a way to test salt wheel locally on my master ? I would like to remove / add minions key without using salt-key (to automate it) with this: https://docs.saltstack.com/en/latest/ref/wheel/all/salt.wheel.key.html (like that : https://groups.google.com/forum/#!topic/salt-users/EEUucQH2yEI which is not working actually)
13:32 AndreasLutro remyd1: yeah, you can use the python APIs/modules somewhat easily, but in my experience the wheel module does not work
13:33 remyd1 :(
13:33 AndreasLutro keys = salt.wheel.key.gen_accept(hostname)
13:33 AndreasLutro this will generate a keypair and accept the public key
13:34 AndreasLutro we use cp.recv to distribute the public key across masters
13:34 subsigna_ joined #salt
13:37 remyd1 import salt.wheel
13:37 remyd1 keys = salt.wheel.key.list_all()
13:37 remyd1 AttributeError: 'module' object has no attribute 'key'
13:37 AndreasLutro you need import salt.wheel.key
13:39 joe_____ joined #salt
13:39 remyd1 NameError: global name '__opts__' is not defined
13:39 joesusecom joined #salt
13:40 remyd1 it will gonna work
13:40 AndreasLutro haha
13:40 AndreasLutro oh yeah I have that hacked in as well
13:40 AndreasLutro self.client = salt.client.LocalClient(c_path=conf_path)
13:40 AndreasLutro salt.wheel.key.__opts__ = self.client.opts
13:42 ldelossa joined #salt
13:42 remyd1 conf_path <= what did you put here ?
13:42 remyd1 "/etc/salt" ?
13:42 AndreasLutro you can leave it out, it defaults to /etc/salt/master
13:42 mikecmpbll joined #salt
13:44 remyd1 Ok, it works ;) thx
13:45 rgrinberg joined #salt
13:45 perfectsine joined #salt
13:48 bastiandg joined #salt
13:50 mpanetta joined #salt
13:50 remyd1 left #salt
13:51 remyd1 joined #salt
13:51 remyd1 Still I do not understand why it works with API and not through my orchestrate
13:51 andrew_v joined #salt
13:52 abednarik joined #salt
13:53 DanSlimmon joined #salt
13:54 rem5 joined #salt
13:55 mapu joined #salt
13:57 rem5 joined #salt
13:59 racooper joined #salt
14:00 jerredbell joined #salt
14:02 Sylvain31 hi, is the label "base:" in top.sls for pillar and state is mendatory or it c
14:02 Sylvain31 can be something else?
14:03 Sylvain31 like pillar: and sate: for example?
14:06 ssplatt i think you can change it if you also change the env_order:
14:08 cyborg-one joined #salt
14:10 Sylvain31 ssplatt: I check. Thanks. Can dump all master config values
14:10 Sylvain31 ?
14:11 ssplatt sal-call config.items ?
14:11 menglish joined #salt
14:11 * ssplatt looks for the link to List of All Modules
14:12 ssplatt https://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.config.html#module-salt.modules.config   i guess config.get is the best you can do
14:14 DEger joined #salt
14:15 spuder joined #salt
14:15 DEger_ joined #salt
14:15 edrocks joined #salt
14:16 sjorge joined #salt
14:18 gquentin joined #salt
14:18 komputes joined #salt
14:18 gquentin hi folks
14:18 pcn Good morning
14:19 SheetiS joined #salt
14:19 gquentin is this the good place to ask about strange saltstack behaviour? ;-)
14:20 GreatSnoopy joined #salt
14:20 brew joined #salt
14:21 sjorge joined #salt
14:25 Ayo joined #salt
14:25 zmalone joined #salt
14:25 manji joined #salt
14:26 gquentin on salt 2016.3 (and on 2015.8) , i have 2 pillar_roots on master
14:26 gquentin - path1 and -path2
14:26 gquentin (in local directories)
14:26 gquentin path2 is ignored...
14:26 mage_ what would be the easiest way to encrypt       -----BEGIN PRIVATE KEY----- .... -----END PRIVATE KEY----- stuff .. ? the echo -n ""|gpg ... isn't very practical :/
14:27 gquentin even if logs says that search path is the 2 paths
14:28 gquentin (Jinja search path: [ path1, path2]
14:28 gquentin an idea?
14:29 DanSlimmon joined #salt
14:31 Heartsbane joined #salt
14:31 haaj joined #salt
14:32 abednarik joined #salt
14:32 haaj__ joined #salt
14:33 hasues joined #salt
14:33 hasues left #salt
14:34 haaj_ joined #salt
14:34 mikecmpb_ joined #salt
14:35 fannet joined #salt
14:36 manji joined #salt
14:36 fannet hi everyone - we had to recover a salt-master to a new machine. We restored all the PKI but for some reason the salt-master cannot issue commands. It can however response to when from the minion we run salt-call . Any ideas?
14:37 haaj joined #salt
14:39 jebise joined #salt
14:41 spuder joined #salt
14:47 rsanting joined #salt
14:47 tapoxi am I using the cache roster properly? salt-ssh \* --roster=cache service.stop 'salt-minion' --user root --askpass -i
14:47 jebise OS X question:  'salt \* pip.install whatever' returns with "...Could not find a `pip` binary."
14:47 jebise Pip is installed and works just fine when run locally as a user or root.  Any ideas on how to get pip.install to work?
14:47 pcn I've got no experience with this kind of restoral, but I guess some details, like what does salt-key -L say, and similar would help understand what the master things
14:48 jebise I tried manually setting the 'shell' grain and ran 'chsh -s /bin/bash' for the root account.
14:48 flowstate joined #salt
14:49 pcn jbrnds: are you running in a virtualenv on os x?
14:50 pcn gquentin: how are you determining that path2 is ingored?  What are you trying to do?
14:50 remyd1 fannet: I think it is not the good way, but perhaps you could try to remove all minions and then reimport all minions back ?
14:50 remyd1 or cyou could also minions PKI
14:51 remyd1 you could also check*
14:52 gquentin pcn:  i cant get pillars defined in path2 subdirs. and i see in master log (debug mode) that  jinja never render from path2
14:52 scottk_ joined #salt
14:52 scottk_ has anyone used the state module file.line?
14:52 gquentin salt-call pillar.items never send path2 contents
14:53 jad_jay Hi is there a workaround to not check everytime pkg.installed
14:53 jad_jay with require,watch or onchange ?
14:53 gquentin pcn: but it works using gitfs ....
14:54 gquentin pcn: it is only on local dirs that it doesn work
14:54 jad_jay because yumpkg is a pain in the ass
14:56 berserk joined #salt
14:57 remyd1 fannet: I just created https://github.com/remyd1/salt_modules/blob/master/customkeys.py thanks to AndreasLutro. BTW you can do the same with accept_dict or delete_dict: https://docs.saltstack.com/en/latest/ref/wheel/all/salt.wheel.key.html
14:57 pcn gquentin: have you restarted the master since you populated path2?
14:57 remyd1 But you'll need to restart the salt-minion minion
14:58 gquentin yes , rebooted several times, and reinstalleds on other servers. currently i am on a lxd container.
14:58 gquentin pcn: is there a way to know if master read top.sls of the path2?
15:00 ajw0100 joined #salt
15:00 tapoxi ok, this is weird. I've upgraded from 2015.8.10 to 2016.3.0 and now my salt-master has died twice
15:00 Electron^- hi guis, is possible to check in a state if a file.managed/file.recurse source is present so it doesn't get error when executed?
15:00 perfectsine joined #salt
15:00 tapoxi I've noiced the log say it was unable to clear old jobs after a simple test.ping, it gets 99% CPU usage, then I need to reboot the box via the aws cli
15:01 menglish joined #salt
15:01 pcn gquentin: I believe it is not supposed to
15:03 pcn gquentin I mis-remembered: https://docs.saltstack.com/en/latest/ref/states/top.html#how-top-files-are-compiled
15:05 gquentin pcn: this is for states, not pillars. and as i said, this works with ext_pillar and gitfs
15:06 tapoxi http://hastebin.com/totekiyuye.py
15:06 tapoxi I'm seeing a ton of errors like that
15:07 ToeSnacks joined #salt
15:08 tapoxi this is on cent 7.2 if it matters
15:08 liviudm joined #salt
15:08 jfindlay babilen: my understanding is that was a redhat-specific problem
15:09 komputes joined #salt
15:09 copelco joined #salt
15:09 gquentin pcn: on master logs salt.template compile only path1/*.sls
15:10 mdhas joined #salt
15:10 pcn gquentin: An easy way to test if it works is to move path1's top.sls out of the way, and see what happens
15:10 jbrnds2 joined #salt
15:11 scoates joined #salt
15:13 coval3nce joined #salt
15:13 edrocks joined #salt
15:15 tapoxi any thoughts? this seems completely unusable right now
15:15 loveTOscoot Dropped some notes into the channel last night starting @ 9PM re: gitfs backend not being able to pull from https: remote sources
15:16 jfindlay tapoxi: that is fixed by https://github.com/saltstack/salt/pull/33555
15:16 saltstackbot [#33555]title: Fix crashing Maintenence process | The first time through the loop we deleted the dir and then stack...
15:16 gquentin pcn: you re right: renaming the first top.sls, it goes on the path2/top.sls
15:16 tapoxi @jfindlay im on 2016.3 not 2015.8
15:16 winsalt joined #salt
15:16 loveTOscoot Appears to be totally repeatable from fresh Ub16.04x64 install.  There were a couple of linked notes of users who had this exact same problem in the past but there was no resolution.
15:17 gquentin pcn: but why i there a difference between local dirs and gitfs dirs?
15:17 jfindlay tapoxi: branches are merged forward
15:17 loveTOscoot Was hoping to get some info on how to debug this more than simply running "salt-run fileserver.update -l debug"
15:18 tapoxi @jfindlay ah, ok. thanks!
15:19 jfindlay tapoxi: no problem, it's easy to forget sometimes that not everyone is as familiar with the salt development process as I am :)
15:20 tapoxi @jfindlay this doesn't seem to be what causes the max cpu and growing ram usage though, I have plenty of free disk & inodes.
15:20 tapoxi I guess its just also happening
15:22 kus joined #salt
15:23 spuder joined #salt
15:24 garphy joined #salt
15:24 fannet_ joined #salt
15:25 akhter joined #salt
15:26 remyd1 Is it possible to execute the exact same function in a state with onfail ?
15:27 pcn gquentin: I'm not sure.  What happens if you move path1's top.sls back?
15:27 khaije1 joined #salt
15:27 pcn e.g. what it there is some negative caching or a similar effect?
15:27 abednarik joined #salt
15:27 remyd1 to loop continuously on a function while you have a fail state with onfail
15:27 khaije1 Awesome to see all the conference videos hit youtube!
15:27 remyd1 like until / while
15:28 winsalt Has anyone seen ext_pillars fail to load with: Failed to load ext_pillar : IOLoop is already running?
15:29 khaije1 Is the rest_tornado capable of the same things as the rest_cherrypy net-api ?
15:29 gquentin pcn: it go back on path1, and path2 is ignored. only the first path where there is a top.sls is taken
15:29 jubalh joined #salt
15:29 jubalh cmd.run 'DISPLAY=:0 scrot /tmp/test.png' <- cant i send this via salt?
15:30 jubalh i always get:
15:30 jubalh Passed invalid arguments to cmd.run: run() takes at least 1 argument (0 given)
15:31 jenastar joined #salt
15:31 edrocks joined #salt
15:32 gquentin pcn: FYI a have this on master conf: pillar_merge_lists: True and pillar_source_merging_strategy: recurs
15:34 tapoxi @jfindlay I applied your patch, and it helped! but it was masking my real issue. apparently when I run a job, say 'test.ping' minions continue to return data and the master doesn't acknowledge it, meanwhile the master grows in CPU and RAM consumption
15:34 tapoxi it just ate 5.0 GB before I had to kill it
15:36 pcn gquentin: What happens if you configure path2 with a separate environment and target your test host at the 2nd env?
15:37 Miouge_ joined #salt
15:40 Miouge joined #salt
15:40 jubalh can i do a cmd.run as a certain user?
15:41 gquentin pcn: i will do that tomorrow. i must leave. thant you for your help
15:43 pcn Have a good day!
15:43 gquentin thanks
15:43 gquentin exit
15:43 gquentin lol
15:46 Miouge joined #salt
15:47 izaki joined #salt
15:48 dfinn joined #salt
15:49 jfindlay tapoxi: I would strongly suggest filing an issue
15:50 edrocks how do you accept a single key in salt-key? all I see is an option to accept all
15:51 edrocks nevermind
15:51 tapoxi @jfindlay yeah I'll go ahead and create one, it seems that some of my minions were in an weird state after the upgrade and that made the master upset. doing a salt *\ service.restart salt-minion seems to have fixed it
15:54 rgrinberg joined #salt
15:56 jubalh left #salt
15:58 josuebrunel joined #salt
15:58 jad_jay I can't understand why who cant have :
15:58 jad_jay My state for this;
15:58 jad_jay file.recurse:
15:59 jad_jay - name: /tmp/toto
15:59 jad_jay file.recurse:
15:59 jad_jay - name: /tmp/tata
15:59 winsalt use a gist if you are going to do codeblocks
15:59 jad_jay s/;/:
15:59 jbrnds joined #salt
15:59 flowstate joined #salt
15:59 jad_jay I fall with conflict id
16:00 jad_jay they have different id they have different name
16:00 Electron^- you should use different id for same states
16:00 winsalt the top level "My state for this:" is the id
16:00 jad_jay winsalt,
16:00 jad_jay ok
16:00 jad_jay winsalt, ok
16:01 Electron^- my_state_1:
16:01 Electron^- file recurse:
16:01 Electron^- -name :  /tmp/toto
16:01 Electron^- my_state_2:
16:01 Electron^- file.recurse:
16:01 Electron^- -name: /tmp/tata
16:01 jad_jay hmmm but it's not elegant
16:02 Electron^- I'm with you, but this is the way it works
16:02 jad_jay for httpd state I need multiple same stuff
16:02 jad_jay Electron^-, so is Ansible better for this  ?
16:02 Electron^- separate states is are needed if you have the same function
16:03 jad_jay this sad
16:03 Electron^- jad_jay, never used ansible...
16:03 roadgear joined #salt
16:03 jad_jay this s**s sadly
16:03 Electron^- salt is my first automation tool
16:04 jad_jay this id stuff is really really anoying me
16:06 winsalt why dont you use the folder path as the id
16:12 tapoxi can I do a cmd.run service salt-minion stop && sleep 10 && service salt-minion start? are commands kicked off as child processes from the minion?
16:13 Electron^- jad_jay,  winsalt is right, you can also create an array with the directory on witch execute the file.recurse and use a for to create the state id with like: http://pastebin.com/hdJVUay5
16:14 onlyanegg joined #salt
16:15 Electron^- tapoxi, accordly to the documentation (https://docs.saltstack.com/en/latest/faq.html#what-is-the-best-way-to-restart-a-salt-daemon-using-salt) you can do this: http://pastebin.com/ZpYzTQyM
16:15 Electron^- see you guys
16:16 tapoxi Electron^- ahh, use at. thats a decent idea. thanks
16:17 roadgear joined #salt
16:17 debian112 joined #salt
16:17 Electron^- welcome tapoxi... say thank you to the developers ;)
16:25 manji joined #salt
16:26 zer0def joined #salt
16:30 keimlink_ joined #salt
16:31 abednarik joined #salt
16:33 keimlink joined #salt
16:34 mbrgm joined #salt
16:34 Sammichmaker joined #salt
16:34 ivanjaros joined #salt
16:34 mbrgm hey! is someone here, who managed to get the new ldap state working?
16:35 jab416171 no
16:35 mbrgm I'm always getting an error 'STRONG_AUTH_REQUIRED' when I run the state provided in the docs (domain suffix adjusted) against a vanilla slapd installation on debian jessie.
16:37 khaije1 mbrgm: I wasn't aware it existed until now, wow!
16:38 mbrgm yeah it looks promising, but I guess I'm too stupid to get it to do what I want :D
16:40 jhauser joined #salt
16:40 writtenoff joined #salt
16:41 nidr0x joined #salt
16:44 stanchan joined #salt
16:56 Lionel_Debroux joined #salt
16:57 khaije1 mbrgm: nah, it's hard to do complicated things for the first time
17:06 komputes joined #salt
17:12 ahammond I'm planning to generate cloud-config.yaml files for hand-off to salt-cloud to spin up coreos boxes in Digital Ocean. Anyone done anything like this before? Seems unreasonably straight forward, so I'm wondering if maybe there are some pitfalls I haven't considered.
17:12 punkoivan joined #salt
17:13 mbrgm joined #salt
17:13 amcorreia joined #salt
17:16 abednarik joined #salt
17:17 DEger joined #salt
17:18 rawzone^ joined #salt
17:23 lero joined #salt
17:23 DEger joined #salt
17:24 DEger joined #salt
17:25 DEger joined #salt
17:25 DEger joined #salt
17:26 DEger joined #salt
17:27 mbrgm ok, I'm one step further... it doesn't try to bind at all :-/
17:28 jfindlay SLC saltstack meetup will be streamed if anyone wants to watch: http://www.meetup.com/SaltStack-user-group-Salt-Lake-City/events/231539677/
17:29 aagbds joined #salt
17:29 wendall911 joined #salt
17:30 mbrgm BITE ME YAML !!! :(
17:30 mbrgm two damn spaces of indentation messed up the whole thing ^^
17:32 debian112 joined #salt
17:33 akhter Hey guys, is there a way to run salt execution modules within state files?
17:35 Deliant joined #salt
17:35 Ch3LL akhter: yep-> https://docs.saltstack.com/en/latest/ref/states/all/salt.states.module.html
17:35 akhter Ch3LL: Thanks, I was already looking at that.
17:35 Ch3LL no problem
17:35 akhter I was hoping there would be something like __salt__['insert module here']('insert arguments')
17:38 Ch3LL you can do things like this: `salt['grains.get']` within jinja
17:38 Ch3LL not sure if thst what you are looking for
17:45 edrocks joined #salt
17:48 sjorge joined #salt
17:51 akhter chesty: I was looking something like salt['cpan.install']
17:53 DEger joined #salt
17:59 flowstate joined #salt
17:59 tapoxi anything cool being discussed at this meetup?
18:04 akhter Ch3LL:  I was looking something like salt['cpan.install']
18:05 akhter Ch3LL: I was using something like this   salt['cpan.install']('DateTime Switch Sys::Syslog LWP::Protocol::https Digest::SHA Bundle::LWP6 LWP')
18:05 akhter Didn't work though, says list is out of range.
18:05 akhter I wonder if it only accepts one item.
18:07 felskrone joined #salt
18:10 abednarik joined #salt
18:17 komputes joined #salt
18:20 toanju joined #salt
18:23 jfindlay tapoxi: Tom is talking about why salt was created, also open questions
18:36 aagbds joined #salt
18:45 mikecmpbll joined #salt
18:49 s_kunk joined #salt
18:52 cliluw joined #salt
18:54 nmadhok joined #salt
18:55 khaije1 for weird reasons I wanted to copy of a minion, so would like to renamed it to "--minion.original-fqdn--label" so that it's not matched by anything accidently, but how do i address it from the CLI ?
18:55 nmadhok @khaije1 what do you mean?
18:56 deniszh joined #salt
18:59 flowstate joined #salt
19:02 beneggett joined #salt
19:03 Mowens Hello - I have a question about reactor SLS files. If it is being triggered off of an event from the event bus, how can I extract data from the
19:03 Mowens oops wasnt done typing, more coming. :)
19:09 komputes joined #salt
19:09 ahammond Upgrade to 2016.3 is going pretty smoothly. Kudos people. :)
19:11 mpanetta joined #salt
19:11 beardedeagle joined #salt
19:12 rem5 joined #salt
19:12 mpanetta joined #salt
19:13 khaije1 nmadhok: when I specify: salt '--vm1.localdomain--legalhold' on the cloned VM it says "no such argument: --vm1.localdomain--legalhold"
19:16 khaije1 I dont expect this to be a common occurence but I'm wondering if I can include something like this in my naming convention to keep "oddball" machines joined to the salt graph but in a clearly delineated way
19:19 abednarik joined #salt
19:24 fracklen joined #salt
19:27 bltmiller joined #salt
19:28 rgrinberg joined #salt
19:33 manji joined #salt
19:36 iggy jfindlay: do you know what version of salt SSE is based on?
19:42 scottk_ joined #salt
19:43 scottk_ I'm running into an issue with file.blockreplace. It is not making a new line for the marker_end. instead it just appends the marker_end to the end of the content string. Has anyone experienced this, or know the fix?
19:46 jenastar joined #salt
19:49 mapu joined #salt
19:53 DEger joined #salt
19:54 deniszh1 joined #salt
19:57 komputes joined #salt
19:58 ajw0100 joined #salt
19:59 menglish1 joined #salt
19:59 flowstate joined #salt
20:01 debian112 joined #salt
20:01 jfindlay iggy: there are SSE equivalent packages for all of the releases, but we are transitioning away from SSE in general
20:08 fannet joined #salt
20:10 brew joined #salt
20:10 ssplatt joined #salt
20:12 AirOnSkin joined #salt
20:13 AirOnSkin joined #salt
20:14 iggy jfindlay: why? How are people going to get the shiny web ui?
20:14 ssplatt i’m trying to figure out why my multiline pillar data isn’t working out.  eventually i want to use a gpg block for my cert info but i’m mocking it up with a dummy cert for now.  https://gist.github.com/ssplatt/2e21eea40417b84559562a524a9023f4
20:14 ssplatt i had the cert and key contents without the “” before but salt complained that it couldn’t render
20:15 iggy ssplatt: after | the next lines need to be indented extra
20:15 komputes joined #salt
20:15 iggy and no quotes
20:15 ssplatt more than just the 2 spaces?
20:15 iggy yes
20:15 ssplatt 4 spaces?!
20:15 ssplatt thats insanity
20:15 iggy https://docs.saltstack.com/en/latest/topics/troubleshooting/yaml_idiosyncrasies.html
20:15 jfindlay iggy: the enterprise console is different from the enterprise packages, I might have confused the two
20:15 iggy learn it, love it, live it
20:16 iggy jfindlay: so... a company could use the packages they already have and just get the gui?
20:17 ssplatt nope spaces aren’t doing it
20:18 ssplatt - contents: -----BEGIN CERTIFICATE-----
20:18 ssplatt MIIDgjCCAmqgAwIBAgIYMC40MzcyMDMxNDY0ODk3MjI3X9SrY4TcMA0GCSqGSIb3
20:18 ssplatt DQEBCwUAMHkxCzAJBgNVBAYTAlVTMQ0wCwYDVQQIDARVdGFoMRcwFQYDVQQHDA5T    <======================
20:18 bltmiller joined #salt
20:19 beardedeagle - content: |
20:19 beardedeagle - contents: |
20:19 ssplatt contents: |
20:19 ssplatt -----BEGIN CERTIFICATE-----
20:19 babilen jfindlay: Is there a demo or are there pictures/video/something of the console online?
20:19 ssplatt the first one was the render output
20:19 abednarik joined #salt
20:19 ssplatt second is my yaml
20:20 babilen you need four spaces, con't you?
20:20 ssplatt i did 4. now 6
20:20 dayid joined #salt
20:20 babilen Isn't that 6 and 8?
20:20 ssplatt maybe in my sls, it doesn’t like the {{ api.key.content }}
20:21 bltmiller joined #salt
20:21 ssplatt babilen: did you see my gist link above.
20:21 babilen I did not (yet)
20:21 ssplatt i’ve tried it with and without the quotes.
20:21 ssplatt the quotes at least renders and drops in the data/
20:21 babilen Yeah, you need two more spaces and to drop the "..."
20:22 jfindlay iggy: correct
20:22 iggy gist the latest thing you tried
20:23 ssplatt https://gist.github.com/ssplatt/2e21eea40417b84559562a524a9023f4
20:24 ssplatt the pillar is rendering “right” but the sls state doesn’t like it
20:24 ssplatt - contents: {{ saltstack.api.cherrypy.cert.contents }}
20:25 babilen Does any of you guys have a fresh jessie vagrant box around and could try something for me? It would be great if you could run "wget -O bootstrap_salt.sh https://bootstrap.saltstack.com", "sh bootstrap_salt.sh -M" and then paste the output of "cat /var/log/salt/master" and "systemctl status salt-master.service"
20:25 babilen ssplatt: Too deeply indented .. you need four spaces
20:26 babilen (couting from c in contents)
20:26 jfindlay babilen: I can get you in contact with someone who can give you a demo
20:27 ssplatt babilen: still no
20:28 Miouge joined #salt
20:29 babilen jfindlay: That would be nice
20:29 babilen ssplatt: I am using https://www.refheap.com/119882 sucsessfully .. with two spaces.
20:29 babilen ssplatt: In many places
20:29 iggy ssplatt: contents_pillar ?
20:31 babilen Ah, yeah .. you want contents_pillar or reference it in the template
20:31 ssplatt hmm
20:32 iggy the other way in the state would be '    - contents: |\n{{ pillar_data|indent(8) }}'
20:32 ssplatt ok that should work.
20:33 ssplatt i’m assuming once the gpg renders out it’ll be the same
20:34 edrocks joined #salt
20:34 ssplatt contents_pillar worked. nice.  thanks
20:34 ssplatt just needed to scroll down teh docs a little more....
20:37 armguy joined #salt
20:37 deniszh joined #salt
20:40 tawm04 joined #salt
20:43 ajw0100 joined #salt
20:45 tracphil joined #salt
20:47 obimod joined #salt
20:48 obimod hi everyone!
20:48 obimod i'm wondering if i can use {% extends "base_file" %} within jinja sources for file.managed
20:51 obimod mmm nvm, i think i'll just use a single jinja file and add the 'context' property
20:55 menglish joined #salt
20:59 flowstate joined #salt
21:00 GreatSnoopy joined #salt
21:01 beardedeagle Sure am getting a ton of An un-handled exception from the multiprocessing process was caught errors in my master log since upgrading to 2016
21:02 beardedeagle keeps looking for job directories that can't possibly exist
21:03 benegget_ joined #salt
21:16 ageorgop joined #salt
21:20 Ahlee somebody remind me how to precedence in jinja, as https://gist.github.com/jalons/6520f8d5fcbd6ec7e833c280ba5f47c6 isn't working
21:20 Ahlee and i can't just do grains['physical'] as that's even less reliable than manufacturer
21:20 tapoxi joined #salt
21:20 iggy Ahlee: !=
21:21 iggy vs not .... == ...
21:25 Ahlee some day i'll sit down and atually read through the jinja spec
21:25 Ahlee thanks iggy
21:25 Ahlee != foo and != bar
21:28 iggy glad you got it working
21:28 fracklen joined #salt
21:30 frozenfoxx left #salt
21:34 sjorge joined #salt
21:35 fracklen joined #salt
21:35 yomilk joined #salt
21:37 subsignal joined #salt
21:39 yomilk joined #salt
21:43 sjorge joined #salt
21:45 armguy joined #salt
21:46 tracphil joined #salt
21:48 sjorge joined #salt
21:50 sjorge joined #salt
21:52 smcquay joined #salt
21:52 smcquay good day everyone.
21:53 DEger joined #salt
21:55 armguy joined #salt
21:57 smcquay I've authored a module (let's call it foo, with a function 'install' in it), and I'd like to author a state that would give me foo.installed. I've noted that for say pip there's a modules/pip.py and a states/pip_state.py ... is the module naming required?
21:58 flowstate joined #salt
22:06 iggy smcquay: you can name the files whatever... it's the __virtualname__ that matters
22:06 iggy the pip one has a different name so it doesn't clash with the actual python pip module
22:09 smcquay but I also have a foo module, so it seems like I'll have to play the same trick, yeah?
22:10 beneggett joined #salt
22:11 linjan__ joined #salt
22:20 smcquay iggy: the error I'm coming across is: No matching sls found for 'foo.installed' in env 'smcquay'
22:21 smcquay Is there other machinery I need in place for something in _states/foo_state.py (with a __virtualname__ = 'foo') to be intepreted correctly?
22:24 ninjada joined #salt
22:28 onlyanegg joined #salt
22:29 Deliant joined #salt
22:33 iggy smcquay: the virtual function has to return __virtualname__
22:36 ninjada joined #salt
22:41 _JZ_ joined #salt
22:49 smcquay iggy: thanks but I still get same issue. I'm guessing it's something with our file_roots
22:50 smcquay I'm trying to call approximately this: sudo salt -l debug '*something*' state.sls foo.installed name=hugo saltenv=sm
22:50 smcquay I'm likely holding it wrong. I'm not super savvy with how to deal with my own file_roots and calling out to salt. thanks for the suggestion though.
22:51 clburlison joined #salt
22:53 iggy smcquay: state.single
22:53 iggy state.sls runs an sls file
22:54 druonysus joined #salt
22:56 smcquay ah, closer! thanks!
22:58 flowstate joined #salt
22:59 ajw0100 joined #salt
23:01 ninjada joined #salt
23:02 nmadhok joined #salt
23:07 GreatSnoopy joined #salt
23:17 om2 Hi all
23:17 om2 I have a minion that keeps pulling some old top.sls
23:17 om2 into cache
23:17 om2 I remove the cache manually, then saltutil_syncall
23:18 om2 still pulls an old top.sls file that is not even on the master .... I don't understand
23:18 om2 any ideas?
23:18 om2 the minion key is on the master
23:19 om2 the top.sls has the minion id
23:19 om2 but the top.sls cached on the minion does not have the minion id inside
23:19 om2 so it's an old top.sls
23:19 om2 I don't know where it's getting it from
23:34 drawsmcgraw left #salt
23:39 om2 any ideas?
23:39 om2 I'm at a loss here... :|
23:40 om2 I upgraded to 2015.8.10 on master and minion hoping this would work...
23:41 om2 one thing is, another tech added the wrong version of salt-minion 2016.3 but I uninstalled it and removed salt dir to make sure it's gone.  problem persists
23:48 rem5 joined #salt
23:51 om2 seems it might not find the correct file_roots
23:51 om2 even though they are inside the /etc/salt/master
23:51 Lee- joined #salt
23:52 om2 using environments...
23:54 ajw0100 joined #salt
23:55 mosen joined #salt
23:58 om2 here are file and pillar roots defined as before when it was working:
23:58 om2 https://gist.github.com/andrebron/b1299564c199bfd836b1f8b3f75846de
23:59 flowstate joined #salt

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary