Perl 6 - the future is here, just unevenly distributed

IRC log for #salt, 2016-07-09

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:00 pcdummy Just pushed: https://github.com/saltstack/salt/pull/34566 :)
00:00 saltstackbot [#34566][OPEN] WIP: Implement includes for the mongo ext_pillar. | What does this PR do?...
00:02 onlyanegg joined #salt
00:10 mpanetta joined #salt
00:11 flowstate joined #salt
00:18 badon joined #salt
00:32 rem5 joined #salt
00:38 ageorgop joined #salt
00:39 mpanetta joined #salt
00:39 colegatron joined #salt
00:44 mpanetta joined #salt
00:46 rem5 joined #salt
01:03 Yoda-BZH joined #salt
01:03 Yoda-BZH joined #salt
01:06 toastedpenguin joined #salt
01:11 flowstate joined #salt
01:18 fannet joined #salt
01:19 west575 joined #salt
01:21 Nahual joined #salt
01:26 iggy pcdummy: haven't looked at it (or used that ext_pillar), but so long as it maintains backward compatibility out of the box, it shouldn't be a hard sell
01:28 catpiggest joined #salt
01:32 pcdummy iggy: ty for reply, it maintains backward compabitibility, yes
01:37 keimlink joined #salt
01:39 btorch left #salt
01:57 wwalker I've stopped salt-master, set hash_type to sha256, I've wiped the pem and pub files in /etc/salt/pki/master, and all of /var/cache/salt, then started salt-master.  Yet salt-key -F master still gives me  MD5 checksums, not sha256.
01:58 brent_ joined #salt
01:58 wwalker I'm about ready to wipe the master and start over from bare metal.  Yet, I should not need to.  Any ideas?
02:00 whitenoise joined #salt
02:00 Eugene joined #salt
02:00 wwalker the entire content of /etc/salt/master excluding blank lines, comments is: [root@salt-master pki]# cat /etc/salt/master | grep . | grep -v ^#
02:00 wwalker hash_type: sha256
02:04 subsignal joined #salt
02:08 zlittle joined #salt
02:12 flowstate joined #salt
02:18 hemebond wwalker: How did you install?
02:19 hemebond Do you have anything in /etc/salt/master.d/
02:20 wwalker hemebond: I installed the version from EPEL.  I gave up 5 minutes ago.
02:20 wwalker I just installed via bootstrap
02:20 hemebond Also, does the master not create a new key if you start it without one?
02:21 wwalker hemebond: it is creating a new key, but it continues to give me an MD5 fingerprint from "salt-key -F master"
02:22 wwalker and therefore I can't get a minion to connect.  (I can assume that the key the minion reports is the right one, but salt-key should work
02:23 hemebond Hmm. That -f gives a finger-print.
02:23 hemebond How are you using that?
02:24 hemebond Is your minion configured with the same property?
02:24 wwalker putting the fingerpint in the minion
02:24 hemebond Why are you doing that? Some sort of pre-configuration?
02:24 hemebond Or preseeding or something?
02:27 wwalker "Print the master key fingerprint by running salt-key -F master on the Salt master. Copy the master.pub fingerprint from the Local Keys section, and then set this value as the master_finger in the minion configuration file. Restart the Salt minion."
02:27 wwalker from https://docs.saltstack.com/en/latest/topics/tutorials/walkthrough.html
02:28 wwalker But the point is that, on the master, salt-key -F master should be outputing a sha256 fingerprint, not an md5 fingerprint.
02:28 hemebond I see.
02:29 hemebond I've never, ever done that verification this so I've not had to deal with this kind of thing. Lemme see if I can get a sha256 hash.
02:30 wwalker so, you just let the minion accept whatever key the master gives it?
02:30 hemebond Okay adding the property hash_type: sha256 to the config, and without restarting, I do get a longer finger.
02:30 hemebond Correct.
02:31 hemebond Minion connects to master, on master I accept the key, connection done.
02:31 wwalker if you are doing that across the internet, there is a possibility of a MITM .
02:31 hemebond Do you get the exact same fingerprint?
02:31 hemebond That's very true.
02:32 hemebond Right now I don't use Salt in production and I control the environments the minions are in.
02:32 hemebond Also, the risk of a MitM attack is very low for me.
02:33 wwalker no, the mast command outputs a finger that is clearly an md5:
02:33 wwalker master.pub:  7e:69:23:c9:e6:ee:0c:78:4e:92:ac:f3:d0:de:ab:24
02:33 wwalker I've only detected MITM a few times over the years, but they've happened.
02:33 wwalker they were in ssh, not salt, but essentially the same
02:34 wwalker rather than a proper sha256 (from another master):
02:34 wwalker master.pub:  f8:56:9a:6f:ab:a3:d7:ef:a6:1d:ba:e2:bf:4b:67:cd:b5:a5:0f:ce:01:ca:25:10:17:0f:fa:62:d0:bf:fa:a8
02:35 hemebond That's very strange. And your master was installed with bootstrap?
02:35 wwalker Now I have to decide which way to install (since I see that 2016.3.1 is out and EPEL only has 2015.5.10....)
02:35 wwalker no that was with EPEL
02:36 hemebond I've found PIP to be a good way to install and stay up to date.
02:36 hemebond Oh. Which version? 2015.5.10?
02:38 wwalker woo hoo.
02:38 wwalker the new version I just did via bootstrap works!
02:39 hemebond New master?
02:39 wwalker I do everything else with rpms, If EPEL was up to date, I'd stick with RPMs
02:39 djgerm joined #salt
02:39 wwalker yes, wiped everything salt off the mavhine, then installed with bootstrap.
02:40 wwalker probably a bug in salt-key (ignoring the hash_type from the config) that has been fixed.
02:40 hemebond Which version is your master now? 2016.3.1?
02:40 wwalker yes
02:40 wwalker Thank you!
02:42 hemebond Glad you got it going :-)
02:43 marie1972 joined #salt
02:47 wwalker and now I found an error that explained why the saltstack.repo didn't work the first time, so now I can install via RPM and get the latest version like I wanted.
02:47 wwalker doh!
03:10 flowstate joined #salt
03:16 colegatron joined #salt
03:19 fannet joined #salt
03:21 treaki__ joined #salt
03:49 Jimlad joined #salt
03:55 subsignal joined #salt
03:58 colegatron joined #salt
03:58 stanchan joined #salt
03:58 brent_ joined #salt
04:08 racooper joined #salt
04:11 flowstate joined #salt
04:28 mpanetta joined #salt
04:30 mpanetta joined #salt
04:32 luketheduke0 joined #salt
04:32 luketheduke0 hello everyone
04:33 luketheduke0 is this channel about discussing all kinds of salt, or just sodium chloride?
04:33 onlyanegg joined #salt
04:43 MTecknology joined #salt
04:50 hemebond Just Saltstack
05:12 flowstate joined #salt
05:20 fannet joined #salt
05:20 debian112 joined #salt
05:22 onlyanegg joined #salt
05:30 brent_ joined #salt
05:53 JPT joined #salt
06:06 ComesIn3s joined #salt
06:07 ComesIn3s left #salt
06:11 flowstate joined #salt
06:53 POJO joined #salt
06:53 POJO joined #salt
07:07 deniszh joined #salt
07:11 flowstate joined #salt
07:21 fannet joined #salt
07:34 dmaiocchi joined #salt
07:39 toanju joined #salt
08:01 barmaley joined #salt
08:02 toanju joined #salt
08:04 iceyao joined #salt
08:10 lero joined #salt
08:24 pranav joined #salt
08:32 TyrfingMjolnir joined #salt
08:38 toanju joined #salt
08:58 jhauser joined #salt
09:10 flowstate joined #salt
09:13 armyriad joined #salt
09:15 fannet joined #salt
09:49 goudale joined #salt
10:01 deniszh joined #salt
10:01 lero joined #salt
10:12 flowstate joined #salt
10:31 stack joined #salt
10:32 stack hi, if I define a state that has a bunch of managed files and packages, and I want to remove that state and associated files, should I create another state that does file.absent or the thing is already done out of the box?
10:47 babilen You'd have to write the inverse yourself (if possible)
10:54 manji joined #salt
10:58 stack mh this could be a pain
11:01 amcorreia joined #salt
11:11 flowstate joined #salt
11:20 hemebond joined #salt
11:23 bluenemo joined #salt
11:38 goudale joined #salt
11:42 toanju joined #salt
11:51 KingJ joined #salt
11:59 Electron^- joined #salt
12:01 JPT joined #salt
12:11 flowstate joined #salt
12:15 impi joined #salt
12:31 POJO joined #salt
12:33 iceyao joined #salt
12:39 stack I can't understand what is the error here http://paste.debian.net/779897/ , any hint?
12:41 west575 joined #salt
12:41 manji stack, in yaml we use :
12:42 manji instead of =
12:42 stack argh, probably needing a coffe
12:42 manji unless you are trying to do something different here
12:42 manji hehe maybe
12:59 v12aml joined #salt
13:30 infrmnt joined #salt
13:58 ronnix joined #salt
14:08 west575 joined #salt
14:45 c4t3l joined #salt
14:57 ronnix joined #salt
15:01 aidin joined #salt
15:04 west575 joined #salt
15:12 impi joined #salt
15:15 colegatron joined #salt
15:24 nidr0x joined #salt
15:26 Sylvain31 joined #salt
15:28 Sylvain31 hi, is their a simple state file.manage or something.else to change a /etc/default/package ENABLE=0 to ENABLE=1 ?
15:40 pcdummy Just have written another HOWTO for saltstack: https://rene.jochums.at/howto-move-saltstack-tops-and-pillar-contents-to-mongodb
15:50 bluenemo joined #salt
15:51 bluenemo joined #salt
15:55 c4t3l joined #salt
16:05 c4t3l joined #salt
16:18 flowstate joined #salt
16:20 CeBe joined #salt
16:23 stanchan joined #salt
16:40 arif-ali joined #salt
17:02 squishypebble joined #salt
17:03 anotherZero joined #salt
17:07 amcorreia joined #salt
17:11 iggy nice
17:14 ageorgop joined #salt
17:15 hosttor joined #salt
17:37 vadimck joined #salt
17:46 colegatron joined #salt
17:49 zlittle joined #salt
18:00 bluenemo joined #salt
18:05 sjmh joined #salt
18:12 flowstate joined #salt
18:18 dmaiocchi joined #salt
18:33 amcorreia joined #salt
18:33 _JZ_ joined #salt
18:33 brent_ joined #salt
18:35 c4t3l joined #salt
18:41 colegatron joined #salt
18:48 kranthi joined #salt
18:49 kranthi hi
18:56 mohae joined #salt
19:04 onlyanegg joined #salt
19:07 btorch joined #salt
19:08 garphy joined #salt
19:10 flowstate joined #salt
19:12 dmaiocchi joined #salt
19:13 c4t3l joined #salt
19:22 POJO joined #salt
19:25 zzzirk joined #salt
19:40 ageorgop joined #salt
19:59 impi joined #salt
20:03 badon left #salt
20:08 ignarps joined #salt
20:09 felskrone joined #salt
20:10 flowstate joined #salt
20:24 Jimlad_ joined #salt
20:29 c4t3l joined #salt
20:35 colegatron_origi joined #salt
20:39 p3rror joined #salt
20:42 subsignal joined #salt
20:44 kevinquinnyo1 joined #salt
21:04 c4t3l joined #salt
21:07 badon joined #salt
21:10 flowstate joined #salt
21:19 barajasfab joined #salt
21:27 mohae joined #salt
21:29 akw joined #salt
21:30 flowstate joined #salt
21:34 djgerm joined #salt
21:51 hasues joined #salt
21:51 hasues left #salt
22:04 c4t3l joined #salt
22:08 mrueg joined #salt
22:10 flowstate joined #salt
22:18 afics joined #salt
22:37 rylnd joined #salt
22:54 amcorreia joined #salt
23:05 zzzirk joined #salt
23:07 snaggleb joined #salt
23:10 flowstate joined #salt
23:37 subsignal joined #salt

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary