Perl 6 - the future is here, just unevenly distributed

IRC log for #salt, 2017-06-18

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:02 zulutango joined #salt
00:09 whyzgeek joined #salt
00:27 fracklen joined #salt
00:35 asyncsec joined #salt
00:39 mt5225 joined #salt
00:42 fritz09 joined #salt
01:25 justan0theruser joined #salt
01:41 mikea Wrote a salt stack module to interact with pulp, then wrote a state module to call that module.. work's pretty well :-)
01:49 ilbot3 joined #salt
01:49 Topic for #salt is now Welcome to #salt! <+> Latest Versions: 2016.3.6, 2016.11.5 <+> Support: https://www.saltstack.com/support/ <+> Logs: http://irclog.perlgeek.de/salt/ <+> Paste: https://gist.github.com/ <+> See also: #salt-devel, #salt-offtopic <+> We are volunteers and may not have immediate answers <+> The call for speakers for SaltConf17 is now open: http://tinyurl.com/SaltConf17
01:49 mt5225 joined #salt
01:51 DammitJim joined #salt
02:08 hemebond joined #salt
02:20 darvon joined #salt
02:21 Bock joined #salt
02:21 ponyofdeath joined #salt
02:55 rihannon joined #salt
02:56 cyborg-one joined #salt
03:01 mt5225 joined #salt
03:06 fracklen joined #salt
03:09 fracklen joined #salt
03:30 donmichelangelo joined #salt
04:03 watersoul joined #salt
04:10 mt5225 joined #salt
04:39 icebal joined #salt
04:43 keltim joined #salt
04:46 wangofett joined #salt
05:20 mt5225 joined #salt
05:28 edrocks joined #salt
05:36 _KaszpiR_ joined #salt
05:56 jeffspeff joined #salt
06:17 ivanjaros joined #salt
06:22 borgstrom joined #salt
06:23 brokensyntax joined #salt
06:30 mt5225 joined #salt
06:36 ahrs joined #salt
06:43 evle joined #salt
06:48 fracklen joined #salt
06:49 StolenToast joined #salt
06:57 GnuLxUsr joined #salt
07:01 rgrundstrom joined #salt
07:02 rgrundstrom good morning people.
07:14 eseyman joined #salt
07:18 ahrs joined #salt
07:29 fracklen joined #salt
07:40 mt5225 joined #salt
07:40 Razva joined #salt
07:41 onlyanegg joined #salt
07:41 Razva hey folks! can you please give me a hint regarding external auth (except the docs)? I've setup saltpad and I *really* cannot understand how the login system works, except that it's depending on salt's own external auth system. I don't have ldap etc.
07:48 Razva I've set this - https://gist.github.com/anonymous/33f54550ae1d7e329d44a164b907bfe1 - in the conf, still saltpad posts "Network Error"
07:49 hemebond Razva: PAM is the local authentication system.
07:49 Razva exactly
07:49 Razva I've tried to login with a local user
07:50 Razva I've set Pad with rest_cherrypy,
07:51 hemebond I also have '@runner', '@wheel' and '@jobs' list under permissions.
07:51 Razva salt-api 2016.11.5 (Carbon)
07:51 hemebond What does the rest of your config look like?
07:53 Razva https://gist.github.com/anonymous/096c18f285919a93880c1433c15434a9
07:54 Razva also please check this https://gist.github.com/anonymous/7174a5898336874f1178a7c7ad3cfeeb
07:56 Razva here's the login from CLI: https://gist.github.com/anonymous/6a5dac6c5f318d2a4074e275abf3c080
07:59 hemebond Have you tested things with https://docs.saltstack.com/en/latest/ref/netapi/all/salt.netapi.rest_cherrypy.html ?
07:59 tellendil joined #salt
08:01 tellendil joined #salt
08:03 Razva interesting, can you please check this out
08:03 Razva https://gist.github.com/anonymous/cc3af117ba11155a190c19ad30306e42
08:04 Razva ^ did the login failed?
08:04 hemebond Try `eauth=pam` in the command line.
08:04 hemebond Yes it failed.
08:04 hemebond You have a local user called `bob` yes?
08:04 hemebond Wai, I mean `gru`
08:04 hemebond gru@gru?
08:05 Razva gru and password bob
08:06 Razva <p>Could not authenticate using provided credentials</p>
08:06 hemebond Try `eauth=pam` and also try putting single-quotes ' around the password.
08:07 hemebond It appears eauth=pam is what makes it work for me.
08:08 Razva https://gist.github.com/anonymous/6495e83163a39a586bfffb7b15ee030b
08:09 hemebond Well that first line is completely wrong. You have two commands on the same line.
08:10 Razva oh?
08:10 Razva just a sec to clean it
08:10 hemebond Also, you're missing the `-d` in front of `eauth=pam`
08:11 hemebond curl -sSk http://localhost:8000/login -H 'Accept: application/x-yaml' -d username=gru -d password=bob -d eauth=pam
08:12 _KaszpiR_ joined #salt
08:12 Razva just done that
08:12 Razva it results in..mmm...nothing
08:12 Razva ah it works
08:12 Razva https://gist.github.com/anonymous/eeb8e1d8d6508cdd31851c9fb5f33420
08:12 hemebond ????
08:13 Razva yeah but pad refuses to work... :\
08:13 hemebond saltpad?
08:13 Razva yup
08:14 hemebond Hmm, I don't have saltpad setup anymore.
08:14 Razva I get "Network Error"
08:14 hemebond (it didn't really do much when I last looked)
08:14 hemebond Mmm? What do you mean?
08:16 Razva check the URL in PM if you don't mind
08:17 Razva you know the u/p
08:18 hemebond Hmm
08:18 hemebond Your settings seem to be wrong./
08:18 hemebond I don't think saltpad proxies your requests to the API.
08:18 oida joined #salt
08:19 hemebond It's just a frontend and so your settings.json has to reflect that the API requests will come from your computer, not from the saltpad server.
08:19 hemebond Right now it has API_URL: "localhost:8000"
08:19 Razva here's the conf: https://gist.github.com/anonymous/d7bcc46a9544f8541b3558b3e1354f85
08:20 hemebond Yeah, I'm talking about settings.json in the saltpad directory.
08:20 Razva ah ok, just a sec
08:21 Razva {
08:21 Razva "API_URL": "localhost:8000",
08:21 Razva "SECURE_HTTP": false,
08:21 Razva "FLAVOUR": "rest_tornado"
08:21 Razva }
08:21 hemebond Yip, you need to update that.
08:21 hemebond API_URL is the _external_ URL to your API.
08:21 Razva done, let's see
08:21 Razva same
08:22 Razva https://www.irccloud.com/pastebin/4r5uXWU6/
08:22 hemebond You need to change rest_tornado to rest_cherrypy
08:22 hemebond rest_tornado is a different API server.
08:23 Razva doing exactly that
08:23 Razva same
08:24 Razva https://www.irccloud.com/pastebin/7HtLMHPY/
08:24 * Razva is pulling his hair
08:24 hemebond Port 8000 is not open to your server.
08:24 * Razva facepalms
08:25 hemebond Not for me at least.
08:25 Razva does it need to be publicly open?
08:25 hemebond Might be to you.
08:25 Razva it's not
08:25 hemebond It has to be accessible from your browser.
08:25 Razva k, let me try that as well
08:25 hemebond saltpad is just a single webpage application.
08:25 hemebond It doesn't run anything through the saltpad server.
08:25 hemebond It makes requests against the API directly.
08:25 hemebond So the API has to be _directly_ accessible from your web browser.
08:27 Razva https://www.irccloud.com/pastebin/eBfrvhvf/
08:28 hemebond I don't know what that does but it hasn't opened the port for me. Can you access the server on port 8000?
08:28 Razva curl: (7) Failed connect to gru.neutralisp.com:8000; Connection refused
08:28 Razva but when using localhost it works
08:28 Razva hmmmm
08:29 hemebond Ah. Then you haven't got the API listening on a public interface.
08:29 Razva maybe...
08:29 Razva let me check that as well
08:29 hemebond You've got `host: 127.0.0.1`
08:30 hemebond Needs to be `host: 0.0.0.0`
08:30 Razva yup
08:30 Razva YEEEES
08:31 Razva thank you so so much!
08:31 hemebond You're welcome.
08:31 hemebond Now lock it down tight :-)
08:31 Razva maybe somebody might want to note those things on saltpad's doc
08:32 Razva I was positive that the API port can be open just locally, as I was proxying the requests
08:32 Razva buuut it seems that's not the case
08:33 Razva any security recommendations? I don't have a static IP so firewall whitelisting is not a good trick in my case
08:33 Razva (yes, I'll ssl it)
08:34 hemebond I haven't got it running so I've never really tried to lock it down.
08:34 hemebond I suppose if you've got eauth configured correctly it should be fine.
08:35 Razva mmmmmm...but...what the heck does it do? it doesn't even lists the minions... :\
08:35 gmoro joined #salt
08:35 hemebond Yeah, it hasn't been updated since September last year.
08:36 hemebond Looks like there's another web UI project https://github.com/martinhoefling/molten
08:36 * Razva facepalms
08:39 babilen That one hasn't been active in a (short) while either :(
08:39 hemebond Last commit 25th April
08:40 hemebond A little better than Saltpad :-)
08:40 hemebond I wonder how good the enterprise interface is.
08:40 babilen I've never been given the chance to try it
08:42 Razva hmmm, https://github.com/martinhoefling/molten-formula#id1
08:42 Razva so I should insert the states into the master conf?
08:42 hemebond No, that's for deploying molten.
08:42 hemebond via a salt minion.
08:44 Razva aaaha, ok, so "A saltstack formula to install, configure and maintain the Molten Salt UI." < how can I use that. sorry for the newb question!
08:44 hemebond You only need to use that if you want to automate the installation.
08:44 hemebond If you're installing manually then you don't need it.
08:49 hemebond joined #salt
08:49 Razva https://www.irccloud.com/pastebin/18lTJmTZ/
08:49 Razva should I set the app_base_url to '' ?
08:49 Razva because nginx is set to just use the main host
08:49 hemebond Whatever API_URL was in your Saltpad config.
08:50 Razva and app_base?
08:51 hemebond Hmm, dunno, I've never used Molten. I'd have to go through the docs.
08:51 fracklen joined #salt
08:52 onlyanegg joined #salt
08:52 Razva https://github.com/martinhoefling/molten/blob/master/doc/Setup.md < this is the ONLY information they give
08:53 mt5225 joined #salt
08:54 hemebond Right, so APP_PATH should match app_path
08:55 hemebond Sorry, I mean APP_BASE_URL == app_path
08:58 Razva https://gist.github.com/anonymous/bf9502f3d259d4ef26f659d60e8a1d9f
08:58 Razva ^ full configs
08:58 hemebond Does it work?
08:58 Razva http://gru.neutralisp.com < I get the html title, but nothing more
08:59 Razva nothing in nginx's error_log
09:00 Razva I can see your traffic in access_log: [18/Jun/2017:08:59:25 +0000] "GET /assets/contrib/toastr.min.js HTTP/1.1" 200 766 "http://gru.neutralisp.com/login
09:00 hemebond Your Nginx is returning CSS as text/html
09:00 hemebond Because it's returning the index page.
09:01 hemebond Is there an `/opt/molten/assets/` directory?
09:01 Razva nope
09:01 Razva [root@gru molten]# ls
09:01 Razva config.js  contrib  favicon.png  index.html  molten
09:01 hemebond Then you've setup static_path wrong.
09:01 Razva well there's not assets directory *at all*
09:02 hemebond Yeah. The app is looking for `/assets/contrib/toastr.min.css`
09:02 hemebond So you need to adjust the paths and settings accordingly.
09:02 hemebond It looks like static_path should be /
09:04 Razva https://github.com/martinhoefling/molten/releases/tag/v0.3.1 < swear to God that I can find no "assets" directory
09:04 hemebond There probably isn;t.
09:04 Razva toastr.min.js is in contrib, not in assets
09:04 hemebond But your configuration is telling the app to look under /assets/ for static files.
09:04 hemebond You need to fix your config.
09:04 Razva aha, ok
09:04 Razva roger roger
09:05 Razva https://www.irccloud.com/pastebin/Jr0PsV07/
09:06 Razva is it me or it's still asking for assets...?
09:06 hemebond It is. Have you fixed your rest_cherrypy config?
09:06 Razva yup
09:07 Razva I suppose I need to make an /assets nginx redirect...?
09:08 Razva because the source code is full of /assets
09:08 hemebond Try '/' as the setting.
09:08 hemebond Ah, yeah, it's hardcoded.
09:08 hemebond So you need an alias in your nginx config.
09:09 hemebond I wonder if that config.js is just for compiling.
09:10 Razva yeah, made the most newb thing and it seems to get alive
09:10 Razva ^ made a new assets dir and copied everything there as well
09:11 Razva but guess what, it doesn't connects to the API
09:11 Razva this looks far more unpolished than saltpad... :\
09:11 hemebond Well it is only version 0.3.1
09:11 hemebond Oh, although it is two years old.
09:15 Razva ehm, from here https://github.com/Lothiraldan/saltpad where do you find the "html code"?
09:16 Razva because I really cannot find any index or whatever files
09:19 hemebond index-prod.html or index-dev.html
09:19 hemebond But it's compiled, so, these are just source files, not what actually gets served.
09:20 Razva yeah, noticed
09:20 hemebond (or maybe it is, I dunno)
09:20 Razva so long story short, there's not UI alternative for Enterprise?
09:20 Razva (except foreman)
09:20 hemebond What do you mean?
09:20 hemebond Do you mean an open-source alternative to the enterprise web interface?
09:24 Razva yup
09:24 hemebond Not that I know of.
09:30 Razva great success
09:30 Razva well, in this case I'm better off with the CLI :)
09:31 Razva is there any way to execute stuff for minions that have a specific OS, rather than making nodegroups?
09:32 rebbdohr joined #salt
09:32 Razva for example I would like to yum update all centos minions, but without specifically creating a "centos" nodegroup
09:33 fracklen joined #salt
09:33 hemebond Yes, you can target using grains.
09:33 hemebond Have you been through the Salt tutorials?
09:34 Razva just setup the master + minions + keys
09:41 hemebond Looking at the tutorials they dive in pretty darn quickly...
09:41 hemebond https://docs.saltstack.com/en/latest/topics/targeting/index.html
09:42 hemebond Start with that. Send some commands. Query the grains (grains.get)
09:42 hemebond Get an idea on how the parts fit together.
09:44 Razva got it
09:45 Razva right now I'm trying to understand how to install the minions without bootstraping
09:45 Razva because it seems that some OSs are not supported (like CloudLinux)
09:48 Razva here's an interesting thing
09:49 Razva I have a minion that connects to the master, everything is fine. after the master accepts they key, the minion just refuses to start ([CRITICAL] The Salt Master server's public key did not authenticate!)
09:49 Razva any hints?
09:50 hemebond Master and minion the same version?
09:50 hemebond Got both ports 4505 and 4506 open?
09:51 Razva salt-minion 2015.5.10 (Lithium)
09:51 Razva salt-master 2016.11.5 (Carbon)
09:51 Razva snap
09:51 Razva ok let's see what repo is salt using
09:55 Razva CentOS's epel minion is outdated
09:58 Razva using the RH salt repo fixes this :)
10:03 mt5225 joined #salt
10:05 fracklen joined #salt
10:09 Praematura joined #salt
10:10 seffyroff joined #salt
10:15 absolutejam Mkea is that the advised way?
10:15 absolutejam Didn't think of that but it makes sense if you're writing a stats
10:25 coredumb Razva: yes matching grains
10:26 coredumb ooops late reply :D
10:31 edrocks joined #salt
11:04 lietu joined #salt
11:06 lietu I've just been looking into Salt Mine for service discovery type things, i.e. that I could easily identify e.g. the HTTP servers to put behind a load balancer .. now I see that the mine functions will be automatically triggered at an interval, and I can use the data from the results in templates, but I assume this doesn't mean that when the data in the mine changes the state that generated the template gets automatically re-applied, does it?
11:06 lietu and if not, how would I make that happen? i.e. when a new machine reports in as a HTTP server, the LB states would get applied automatically to update the configuration
11:10 lietu ah, so that would then be reactor?
11:14 mt5225 joined #salt
11:29 Yoda-BZH joined #salt
11:30 Yoda-BZH joined #salt
11:48 farcaller how do I debug saltutil.sync_all not syncing anything over salt-ssh
11:48 farcaller ?
11:52 hemebond left #salt
12:01 orga joined #salt
12:21 samodid joined #salt
12:25 mt5225 joined #salt
12:25 hoonetorg joined #salt
12:33 _KaszpiR_ joined #salt
12:39 _KaszpiR_ joined #salt
12:42 rebbdohr joined #salt
12:50 Praematura joined #salt
12:58 wryfi joined #salt
13:04 samodid joined #salt
13:26 sh123124213 joined #salt
13:37 mt5225 joined #salt
14:08 preludedrew joined #salt
14:35 evle joined #salt
14:45 patrek joined #salt
14:47 mt5225 joined #salt
14:55 Inveracity joined #salt
15:09 LostSoul joined #salt
15:24 asyncsec joined #salt
15:27 rihannon joined #salt
15:29 smkelly_ left #salt
16:01 mt5225 joined #salt
16:03 keltim_ joined #salt
16:04 cyborg-one joined #salt
16:10 dober joined #salt
16:10 dober joined #salt
16:34 bbradley joined #salt
16:37 edrocks joined #salt
16:44 asyncsec joined #salt
16:45 fracklen joined #salt
17:19 buhm joined #salt
17:37 Trauma joined #salt
17:53 Lionel_Debroux_ joined #salt
17:57 armguy joined #salt
18:03 armguy joined #salt
18:07 aldevar joined #salt
18:07 aldevar left #salt
18:11 Praematura joined #salt
18:50 fracklen_ joined #salt
18:54 mavhq joined #salt
19:17 sh123124213 joined #salt
20:07 sh123124213 joined #salt
20:12 Praematura joined #salt
20:21 cyteen joined #salt
20:36 beardedeagle joined #salt
20:47 Yoda-BZH joined #salt
20:47 Yoda-BZH joined #salt
20:47 armguy joined #salt
20:51 fracklen joined #salt
20:52 exegesis joined #salt
21:25 shanth_ joined #salt
21:25 shanth_ left #salt
21:27 shanth_h joined #salt
21:28 shanth_h trying to find an explanation of how using context works but i dont get it
21:29 shanth_h anyone understand context?
21:34 shanth_h trying to figure out what it does - http://dpaste.com/14773CB
21:38 guerby joined #salt
21:42 guerby joined #salt
21:46 osmola joined #salt
21:46 armguy joined #salt
22:01 toabi joined #salt
22:31 shanth_h joined #salt
22:42 edrocks joined #salt
22:44 hemebond joined #salt
22:48 cyteen joined #salt
22:51 haam3r_ shanth_h: Context means passing data to the file being managed...In your example: you could use a variable called "animal" to place the word "kitten"  inside the file "/tmp/context.conf"
22:52 haam3r_ shanth_h: That make it more understandable?
22:52 shanth_h i think i just figured it out haam3r_ i need to call that variable using {{ animal }}
22:52 shanth_h works now
22:52 shanth_h it was driving me crazy
22:52 haam3r_ shanth_h: yep...goog
22:52 haam3r_ shanth_h: yep...good
22:54 shanth_h now context works and makes sense too haam3r_ huzzahhh
22:58 onlyanegg joined #salt
23:03 SamYaple joined #salt
23:10 keltim joined #salt
23:19 bowhunter joined #salt
23:21 shanth_h if i want to only show a specific grain for all minions why doesn't this work? 'salt '*' grains.ls id'
23:23 hemebond shanth_h: You want grains.get
23:23 hemebond grains.ls lists all grains.
23:23 shanth_h thanks hemebond
23:26 pbandark joined #salt
23:32 pbandark joined #salt
23:37 shanth_h hemebond: is there any different in these two grains.get calls? http://dpaste.com/3AYS8HS
23:38 shanth_h difference*
23:38 hemebond shanth_h: The second one is better.
23:38 whytewolf there is no difference
23:38 hemebond The first access the grains as a regular dict.
23:38 shanth_h i saw both examples in the docs - i wonder why
23:38 whytewolf no it does not
23:38 hemebond The second has special powers and is the preferred method.
23:38 shanth_h lol
23:39 whytewolf it does not access the grains as a dict. that is grains.get
23:39 whytewolf the first is a shortcut for the second
23:39 shanth_h which method is prefered whytewolf?
23:39 whytewolf which ever you can read better
23:39 shanth_h ah
23:40 shanth_h another piece learned :)
23:40 hemebond Does "foo:bar" work with the first syntax?
23:40 whytewolf https://docs.saltstack.com/en/latest/topics/jinja/index.html#calling-salt-functions
23:40 whytewolf yes
23:40 whytewolf since it is just called the second
23:41 shanth_h so im slowly realizing that, the salt.grains.get is just salt calling a module?
23:41 whytewolf yes
23:41 shanth_h so i could salt.anymodule.function really?
23:41 whytewolf yes
23:41 shanth_h nice
23:41 whytewolf as long as you are on 2014.7 or later
23:41 shanth_h is it limited to execution modules or any particular type?
23:42 whytewolf exacution modules
23:44 shanth_h that's enough salt for today
23:45 whytewolf there is one issue with the salt.module.function
23:45 whytewolf https://github.com/saltstack/salt/issues/41794
23:45 whytewolf it doesn't work with salt-ssh
23:45 shanth_h haha i thought that name looked familiar, Ch3LL is always on the github tickets
23:46 shanth_h learning all the features and learning when to use them is quite the challenge whytewolf
23:47 shanth_h now i see why the use jinja sparingly advice
23:47 whytewolf yeah, learn the basics before you get into advanced tempalting.
23:48 shanth_h every time i read the docs i learn something new - it's kinda fun
23:58 babilen joined #salt

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary