Perl 6 - the future is here, just unevenly distributed

IRC log for #salt, 2015-03-07

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:00 pdayton joined #salt
00:01 RK joined #salt
00:02 RK why do minions keep reauthing,  tried everything
00:02 pdayton joined #salt
00:04 mdln joined #salt
00:07 cotton joined #salt
00:12 holms guys how can I use one formula from another?
00:12 holms let say setting up mysql databases and users
00:12 eliasp holms: http://docs.saltstack.com/en/latest/ref/states/include.html
00:13 holms ok, and how to specify pillar stuff then
00:13 holms for mysql formula, from my formula?
00:13 holms i couldn't find this anywhere :)
00:14 mafro joined #salt
00:14 holms eliasp: these docs doesn't explain how to pass pillar config
00:14 eliasp holms: ah, so you want to influence the pillars passed to the formula you're including in a state?
00:14 holms yeap
00:15 holms let's say creating specific db with mysql formula, from my own formula :)
00:16 triplecorn joined #salt
00:17 holms eliasp: is this is something that's impossible?
00:17 holms i mean, how do you split pillar config for one formula
00:17 eliasp holms: with plain YAML/SLS unfortunately more or less
00:17 holms one server has one nginx setup, another server another..
00:18 eliasp holms: I've struggled with the same issue in the past and ended up with some dirty Jinja/include hacks
00:19 eliasp but the proper way would probably be to use the Py renderer and handle this in Python
00:19 holms this sounds overcomplicated =/
00:19 holms passing different pillar config for same formula is something that's difficult?
00:19 holms seems to be regular featre in any automation system outhere
00:20 holms feature*
00:20 paramik joined #salt
00:20 paramik left #salt
00:21 paramik joined #salt
00:21 holms ok..
00:21 holms found it
00:21 holms eliasp: http://docs.saltstack.com/en/latest/topics/pillar/#including-other-pillars
00:21 holms simple as that, finally
00:21 eliasp holms: this is only to include a pillar within another pillar
00:21 che-arne joined #salt
00:22 holms hmz
00:22 holms will be ok for now
00:23 eliasp holms: https://github.com/saltstack/salt/issues/8878
00:24 cotton joined #salt
00:26 holms so reusing formulas in here
00:26 holms is almost impossible
00:27 mimianddaniel joined #salt
00:31 iggy stop trying to think of everything in terms of translating puppet/chef features to salt
00:32 iggy they may achieve some of the same goals, but they are inherently wildly different in how they go about that
00:32 holms i'm not sure how to think otherwise in here :)
00:32 holms I have different machine, where i want to use same formulas with different configs
00:33 holms why this is bad?
00:33 holms isolating one formula config, into my own state makes huge sense to me
00:33 holms having everything in one place
00:34 iggy sure, then you have 2 different pillars targeted at the different hosts
00:34 holms what about having two pillars targeted at different grains/roles :)?
00:34 iggy works
00:34 holms (not even sure how to achieve your proposal)
00:34 iggy I have 3 different kinds of nginx servers that all use the same nginx states with different pillars
00:35 holms can I ask for example please? i'm so struggling in here with this..
00:35 iggy let me try to paste some of it to see if I can make it clearer
00:37 holms would be gratefull :)
00:37 otter768 joined #salt
00:41 paramik left #salt
00:43 iggy https://gist.github.com/iggy/09a265944d37055e61d7
00:43 iggy and hooray, gist reordered my files
00:44 iggy look at the states-top.sls, you can see it's assigning a nginx formula to 3 different grains
00:45 * holms investigating
00:46 iggy then in the pillar-top.sls, it's assiging different sets of pillar data to our rest servers and our repo server
00:47 holms iggy: how does nginx.dev calls pillar-nginx-dev.sls?
00:47 iggy so... gist doesn't let you put slashes in file names
00:48 holms ah :D
00:48 iggy so pillar-nginx-dev.sls is /srv/pillar/nginx/dev.sls
00:48 iggy effectively
00:48 iggy pillar-top is /srv/pillar/top.sls
00:48 holms now the only question i have is...
00:48 iggy and so on
00:49 garthk joined #salt
00:49 holms ok so having web app installation under one formula is probably bad idea in hre
00:49 iggy this is kind of a simplified example... our pillars actually have more data than that in them
00:49 holms here*
00:49 cotton joined #salt
00:49 iggy it depends what it is
00:50 iggy this works for us because we have all those roles on separate hosts
00:50 holms well i'd like to move database creating stuff (like settings users, creating db's..)
00:50 holms to the webapp formula
00:51 holms and db creation stuff is using mysql formula, cause those has a good module for achieving that
00:52 intellix joined #salt
00:52 iggy I mean formulas can't solve every problem for everybody
00:52 nich0s joined #salt
00:53 iggy at best they work for a subset of users with certain requirements
00:53 iggy at worst they are a starting point or example to use as inspiration (read: lift code from)
00:53 holms i just would like to use this https://github.com/saltstack-formulas/mysql-formula/blob/master/pillar.example
00:53 holms in my formulas pillar
00:53 holms or even inside my formula state
00:54 iggy what is a formulas pillar?
00:54 holms ok let's say i have a formula called myapp-formula
00:54 holms this myapp-formula has a pillar config
00:54 holms in which i'd like to pass those mysql-formula settings
00:55 holms which would call mysql-formula :)
00:55 holms or similar in myapp-formula sls file
00:55 iggy it won't "call" mysql-formula
00:55 holms so i'm actually wondering how to "call" mysql-formula fro myapp-formula
00:55 holms with specific pillar configuration
00:55 holms from*
00:56 iggy you don't
00:56 iggy you assign pillars to hosts and you assign states/formulas to hosts
00:56 I3olle joined #salt
00:56 holms you'e showed me docs where you can "include" formula to state
00:57 holms so all i'm wondering is how to pass pillar config to that included formula
00:57 baweaver joined #salt
00:57 holms or to "specify" pillar config to that included formula :)
00:57 iggy you assign pillars via the top file
00:58 holms so point is having "mysql-formula" in top.sls which will have own pillar config, and myapp-formula with inculded mysql-formula would have own pillar config too
00:58 Terminus- joined #salt
00:58 holms iggy: that's how they are doing this http://docs.ansible.com/playbooks_roles.html#role-dependencies
00:58 iggy I may be misunderstanding what you're trying to achieve (late to the game here as I was traveling back from saltconf)
00:58 holms difficult to explain in saltstack terms ))
00:59 iggy yeah, like I said stop trying to translate other systems functionality
00:59 iggy start by asking what it is you really want to do, and then go from there
00:59 ntropy holms: it sounds like you want to make a particular part of mysql-formula available to myapp-formula
00:59 ntropy i think macros would do what you want
00:59 holms YES :D
01:00 ntropy i dont think that mysql-formula has macros, but they're easy
01:00 iggy honestly you generally wouldn't want your application running on the same hosts as mysql
01:00 iggy so you've already got a problem there
01:01 holms iggy: but i want to set mysql database routines from myapp-formula
01:01 holms not from mysql-formula :)
01:01 baweaver joined #salt
01:01 iggy so don't use mysql-formula
01:01 holms and I want to use avaible module of mysql-formula in myapp-formula
01:01 holms same goes to nginx
01:02 holms let's say i'll have 5 soa applications formulas
01:02 holms each of them has own nginx config
01:02 holms so this could be instructed via nginx-formula (it's pillar) to set nececery config
01:02 holms so the same would be for mysql-formula. each app would specify which db to create, and whcih users to create
01:03 iggy the mysql-formula may just not be setup to work the way you want
01:03 holms each app-formula*
01:03 iggy but here's your problem
01:03 holms i'm talking about
01:03 holms https://github.com/saltstack-formulas/mysql-formula/blob/master/pillar.example#L19-L27
01:03 holms same goes to users down below
01:04 holms that's how you'd reuse functionality of formula :)
01:04 iggy but your myapp-formula runs on your web nodes
01:04 iggy the mysql-formula should run on your mysql nodes
01:04 bhosmer_ joined #salt
01:04 holms regarding mysql you're right in here
01:04 holms nginx example would be more interesting then
01:05 iggy I don't know much about the nginx formula because it sucked balls when we started pushing out nginx
01:05 iggy so we wrote our own
01:05 holms i see..
01:08 JDiPierro joined #salt
01:08 iggy it almost sounds like what you're really after is orchestrate: "run the mysql-formula on roles:mysql nodes with mysql.app1 pillar, then run app1 formula on roles:web nodes with apps.app1 pillar, then run nginx-formula on roles:web nodes with nginx.app1 pillar"
01:09 holms seems to be like this
01:10 holms you can do like so in other systems too, but they usually prefer, to pass pilar config of some formulas inside your own formula
01:10 holms so that you'd got monolithic configuration in the end
01:10 iggy that's not how salt works... everything should be targeted via the top file
01:10 holms k
01:10 iggy let me see if I can give you some sort of example
01:11 holms even in another system sometimes i've been lazy to access different formulas
01:11 holms so i've ended up with state files which manually just moves config files :)
01:11 holms of nginx for example, after nginx formula been executed before
01:13 holms also as having own mysql state inside myapp-formula where i'd use this state: http://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.mysql.html
01:13 holms is this considered ok like this in salt)?
01:16 iggy that's a module, not a state
01:17 holms thanks
01:17 iggy but yes, feel free to use any states you want inside your own "formula"
01:17 pdayton joined #salt
01:17 holms i just thought to save my time in here with mysql-formula modules
01:17 holms as they have nice pillar config available for tons of things
01:17 holms but probably gonna use them as reference then :)
01:18 holms iggy: thanks for pillar example anyway, this is insanely usefull for me in here
01:18 holms i'll bump into that soon
01:19 iggy https://gist.github.com/iggy/0441dec0a77bbc549eb7
01:19 iggy holms: take a peek at that
01:21 holms yeah, and all is left to copy paste state files from nginx-formula/mysql-formula, which can accept such nice confi :)
01:21 I3olle_ joined #salt
01:21 holms to app1-formula
01:21 holms right?
01:22 Vynce1 joined #salt
01:22 iggy no app1-formula is going to be whatever you need to setup your actual app
01:22 Vynce1 what sort of argument am i supposed to pass to salt-key -a ?
01:22 ntropy Vynce1: minion id
01:22 iggy the states-top file already has the mysql formula targeted at your mysql nodes and the nginx formula targeted at your web nodes
01:22 holms m
01:23 holms ok this will do
01:23 Vynce1 hm. that's what i thought; i tried that,a nd it said it didn't match.
01:23 Vynce1 ugh.  because i had a typo.
01:23 iggy you can get more complicated if necessary and have this done via a reactor (so you know Step1 is done before step2 is done before step3... etc)
01:24 iggy but probably not needed at this point
01:24 holms gonna try this now :)
01:26 Vynce1 @ntropy thanks.
01:26 mike2512 left #salt
01:26 iggy holms: don't try to make your first salt deployment perfect... it's not going to be... expect that you'll have to rewrite parts of it
01:27 iggy I've been using salt for a while now and still routinely write stuff that sucks and I have to go back and rewrite/rework parts of it
01:27 holms yeah you right, it's just going completely wrong way from the beginning doesn't sound nice to me :D
01:27 iggy (in particular, I have a particular deployment that doesn't use formulas at all)
01:28 holms lol :D
01:28 iggy and there are others in here that despise formulas
01:28 * iggy won't mention any names
01:28 holms )))
01:30 holms iggy: issue from a week ago: seems to be accepted https://github.com/saltstack/salt/issues/21140
01:30 holms so i've found a bug
01:34 aurynn joined #salt
01:43 baweaver joined #salt
01:48 viq joined #salt
01:48 viq joined #salt
01:50 jchen joined #salt
01:50 jchen left #salt
01:55 ahammond rather than using a reactor, you might want to use orchestrate. It seems to be a very elegant solution to the problem you're describing there.
01:57 subsignal joined #salt
01:57 jchen joined #salt
01:58 cotton joined #salt
02:00 hasues joined #salt
02:01 hasues left #salt
02:02 teall joined #salt
02:03 felskrone joined #salt
02:09 nich0s joined #salt
02:17 baweaver joined #salt
02:17 donmichelangelo joined #salt
02:23 favadi joined #salt
02:33 catpigger joined #salt
02:35 badon joined #salt
02:38 otter768 joined #salt
02:47 cotton joined #salt
02:52 zwi joined #salt
02:53 holms and how do you achieve that: https://github.com/BigglesZX/salt-common/issues/4
02:53 Vynce Can anyoen confirm that I understand this correctly? salt pillars are not about passing data directly to the machine running the minion so much as making them available for the minion to use in other salt-powered behaviors, e.g., supplying a password to use *when salt does something*.
02:56 aurynn left #salt
02:56 Vynce (what i want to do, at the moment, is have a file on a machine synced to a file on the master; that file contains sensitive data. at some point i got the message "sensitive data => pillars" but i'm thinking now this is not correct for my situation.)
03:02 holms Vynce: are you seeking to encrypt sensitive data?
03:05 teall joined #salt
03:10 Vynce mmm… my understanding was that all teh data transfered by salt was encrypted for transfer anyway; i'm fine starting with it being in plain text at each end
03:10 Vynce (salt as iterative process, plus i really need to have *some* visible progress on this this week, and it's 7pm on a friday)
03:11 holms the point is do you want to store your sensitive data in git in plain text or not
03:11 holms :)
03:11 holms anyway.. i'd use this http://docs.saltstack.com/en/latest/ref/renderers/all/salt.renderers.gpg.html#module-salt.renderers.gpg
03:11 Vynce no.  i don't want my data in git at all.  that's why i'm using salt
03:12 Vynce that seems like a massive step sideways from what i'm trying to do.
03:12 holms do you have any background in other automation systems? would be easier for me to understand you
03:12 Vynce i mean, sure, maybe, later… but right now i jstu want to have a file on the master that also gets replicated on the minion.
03:13 Vynce background in other automation systems: well, i can set an alarm clock
03:13 Vynce usually
03:13 holms :D
03:13 Vynce unless the UX sucks
03:13 holms sorry i'm not familiar with master setup yet
03:14 mafro joined #salt
03:14 holms we store our sensitive data in minion itself
03:15 holms and prod minion is encrypted
03:15 holms stored in VCS and only two people can deploy for now
03:15 holms to prod :)
03:15 Vynce "store sensitive data on minion" — yes, thats teh end goal.  but how does it get there?  from the master, i would think, or you copy it over by hand — and if i'm copying it over by hand, what is salt accomplishing?
03:15 holms same is for chef, puppet, ansible before :)
03:15 smcquay_ joined #salt
03:15 holms hmz
03:16 holms Vynce: this should be asked to someone else, i'm using vagrant in here which copies everything from my local dir to vm or digital ocean vm or aws :)
03:16 Vynce i don't even understand what a "renderer" is yet.  i really don't have a good toe hold on salt at all.
03:16 holms i heard some using boto, or salt-cloud
03:17 holms but that's for masterless i'm talking in here
03:17 Vynce yeah, we're apparently speaking different languages, and i don't even know what language i'm speaking.
03:17 Vynce i jsut found these tattered remnants of a phrasebook on the ground, and i'm trying to figure out where to take a hovercraft full of eels.
03:18 holms familiar with this situation ))) when i'm trying to ask something it's almost impossible, even if using correct terms, no one understands what i want
03:19 jerematic joined #salt
03:19 cotton joined #salt
03:22 Vynce well, salt in particular seems to be a minefield of questionably-named things. I don't get it at all.
03:24 Vynce (it doesn't helpthat teh docs are very longwinded without actualyl explaining anything. "Consider the following … [buncha stuff] … in order for this to work, these prerequisites must be true:…" — in order for it to work to do what?  i cannot follow it at all, and i can't find where in the documentation it stops talking liek this and starts explaining WTF anything does
03:24 holms same here, that's why i'm ansible fan
03:25 holms but for clusters, salt is better
03:25 holms and i was still thinking between chef and salt
03:25 holms in chef, i'd automate  everything gazillion time faster
03:25 holms but their ssh way, and no push - sux
03:25 holms thought gonna try saltstack..
03:25 holms and i'm stuck with tons of things
03:26 holms everything not they way 5 other automatino was doing..
03:26 holms automation* systems*
03:26 dennisharper_ii joined #salt
03:30 Vynce i know none of these and was told that salt was "great" for what i needed to do and it could be done in "about an hour'
03:31 llua famous last words.
03:31 holms :D
03:31 decci joined #salt
03:31 decci Hello
03:31 neogenix joined #salt
03:31 Vynce i mean, at this point i'm seriosuly considering scp and a cron job
03:32 decci I am new to saltstack and lookign for the following stuffs:1 Get all VM for all server created with salt running 2 hangout removal for all gmail account 3 subscribe to voice ( i will fix the dtmf problem today ) 4 setup each VM to run at the background in headless mode
03:32 decci The first point I could deploy through http://docs.saltstack.com/en/latest/topics/virt/
03:32 decci How to achieve 2nd and 3rd points
03:33 yomilk joined #salt
03:33 Vynce off the top of my head, "hangout removal for all gmail accounts" sounds like a pipedream that has nothing to do with salt, but perhaps you know something i don't.
03:33 holms i don't even get that line too
03:34 holms if people would start with vagrant, and or aws, they'd understand what to do next, on psyhical machines
03:34 holms or whatever he tries to achieve in here :D
03:34 CeBe joined #salt
03:35 holms "running vm in the background".. there's other way to run vm's?
03:36 holms Vynce: i have no idea how to implement this :) https://github.com/BigglesZX/salt-common/issues/4
03:36 holms writing module probably is the only way
03:37 Vynce do you always want the same TZ, or do you want a user-interactive-thing that sets the TZ?
03:37 holms same
03:37 Vynce then i'd think you can do the first 4 steps once, then just automate the last step.
03:37 holms actually i just need this line ; mysql_tzinfo_to_sql /usr/share/zoneinfo | mysql -u root -p mysql
03:38 Vynce er, sorry, first 3 steps once
03:38 Vynce automate the last two
03:38 Vynce make a zoneinfo file once
03:38 holms but this should be done, only if it's not done before :) or you'll get exit code 1
03:38 Vynce i have no idea what that means
03:39 holms well it puts zoneinfo file to mysql table
03:39 holms to newly created mysql table*
03:39 holms that means, next time it will fail :)
03:39 holms that means writing module probably the only way to automate this :D
03:39 Vynce OK… so only do it once?  i don't understand your situation, so i cannot pretend to be of any more help.
03:40 holms with salt you can't do something "once"
03:40 holms if there's not module which check if it's been done before
03:40 holms wonder if there's any state which checks if mysql table exists
03:40 Vynce so, with salt, you're installing mysql every time you want to run it?
03:41 holms i wonder do you understand what that command does or not :)
03:41 Vynce i do
03:41 holms ok tell me :)
03:41 Vynce you do too.
03:42 holms would be nice to compare because aparantly we talking about different things
03:42 holms mysql_tzinfo_to_sql converts /usr/share/zoneinfo file to SQL commands
03:42 Vynce yeah, but not at that step.
03:42 Vynce we agree that step should be done once,.
03:42 holms then you just execute that in mysql :)
03:43 Vynce you claimt here's no way to tell salt to do something only once — i thinkt hat must be false, but obviously have never correctly gotten salt to do anything, so maybe i'm wrong.
03:43 holms so because there's no state/module to support mysql_tzinfo_to_sql command, this should be executed with cmd state
03:43 Vynce i have no idea what that means
03:43 mimianddaniel joined #salt
03:43 holms and that means it will be done allover again with each provisioning
03:44 Vynce i hav no idea what *you* mean, most of the time. and i don't know salt, so i doubt i can be much help, so i really don't know what to tell you.
03:45 holms well you need to learn such terms as: states, modules, formulas, pillar, to actually start talking about issues
03:45 holms :D
03:45 Vynce my suggestion is, *actually exactly once* you run steps 1,2,3.
03:46 holms that not how saltstack works
03:46 Vynce hen setting up a new machin, you *once per machine* import that TZ info as par tof gettign that machines set up.
03:46 Vynce yes, i know i need to learn those terms.  i'm pretty sur ei mentioned about an hour ago that i don't understand salt or what any of it means.
03:47 holms you can do it once, only if your "bash command" has salt-stack module/state available :)
03:47 holms if not you're doomed
03:47 holms unless you want to write your own module
03:47 Vynce uh… i'm pretty sure that's false.
03:47 holms with python
03:47 holms thats how all automation system works
03:47 Vynce i can, for instance, "satl "*" test.ping" and it will ping.
03:47 Vynce once
03:47 Vynce and then never again, if i don't type that command again.
03:47 holms i'm talking about formulas in here
03:47 holms :)
03:48 holms "automation scenarious"
03:48 Vynce my point is you only stall mysql once.
03:48 Vynce so you can import that TZ when you install, and then never again.
03:48 holms and what's gonna happen when you re-run provisioning :)
03:48 holms all action which been done before will be skipped
03:49 holms but ONLY if you have salt-stack module used
03:49 holms if you using plain command
03:49 holms it will repeat command :)
03:49 holms have fun to execute command just once
03:49 Vynce i'm really not sure why we're having this conversation.
03:49 holms no way to do this
03:49 Vynce you don't believe that what i'm saying is true, and i don't understand what you're saying, so it seems like kindof a waste of time
03:50 holms i'm not a believer, i'm just saying what docs states
03:50 Vynce tell me wher ein teh docs it says "you cannot make salt do something only once"
03:52 holms cmd.run runs things all over again
03:52 holms everytime you run provisioning :)
03:52 Vynce who said you had to put it in cmd.run?
03:53 holms you know any other methods to execute commands in saltstack formulas?
03:53 holms states*
03:53 Vynce look, again, i don't understand you. i'm sorry.  please stop trying to explain thigns to me.
03:53 holms docs has said that http://docs.saltstack.com/en/latest/ref/states/all/salt.states.cmd.html
03:53 holms ok have fun, i prefer to learn salt more before discussing anything
03:53 holms advice*
03:54 Vynce that's what i said an hour ago
03:58 cotton joined #salt
04:03 germs_ joined #salt
04:04 germs_1 joined #salt
04:08 malinoff joined #salt
04:16 mafro joined #salt
04:19 mlanner joined #salt
04:21 p0rkbelly joined #salt
04:39 Deevolution joined #salt
04:39 Gareth joined #salt
04:39 phil joined #salt
04:39 otter768 joined #salt
04:49 otter768 joined #salt
04:51 bhosmer_ joined #salt
04:54 rsimpkins joined #salt
04:56 malinoff joined #salt
05:10 pdayton joined #salt
05:13 patrek joined #salt
05:14 ampex joined #salt
05:14 ph8 joined #salt
05:32 Linuturk1 joined #salt
05:39 monkey66 joined #salt
05:40 VSpike joined #salt
05:56 monkey66 joined #salt
05:59 Vynce anybody here understand jinja? I think i see a mistake in the salt docs, but I'd like a second opinion.
06:07 favadi praytell
06:11 Vynce at http://docs.saltstack.com/en/latest/topics/targeting/grains.html#matching-grains-in-the-top-file
06:11 Vynce the second box, the jinjafied version — where does self come from?
06:11 intellix joined #salt
06:12 Vynce or — i suspect — set node_type = should be set self = and if node_type should be if self
06:14 Vynce (@favadi)
06:17 tmh_ joined #salt
06:17 pravka joined #salt
06:20 lazybear joined #salt
06:21 robinsmidsrod joined #salt
06:32 jerematic joined #salt
06:44 favadi joined #salt
06:49 Ryan_Lane joined #salt
06:50 lazybear joined #salt
06:53 lifelearner joined #salt
06:58 robinsmidsrod joined #salt
06:59 otter768 joined #salt
07:05 mlanner joined #salt
07:07 ndrei joined #salt
07:07 Vynce favadi: you pinged out once. Did you see the details?
07:09 favadi Vynce: it looks like an error for me
07:09 favadi {{ self }} should be {{ node_type }}
07:11 favadi https://github.com/saltstack/salt/commit/ccc7665c426900c41732da97ca2aea64aab64585#diff-561853ea4963c6a432c8e770621a6463
07:12 favadi you should submit a PR to fix it
07:17 mafro joined #salt
07:22 dthorman joined #salt
07:23 Vynce ah, beautiful catch, thanks.
07:57 JoeHazzers joined #salt
08:02 kawa2014 joined #salt
08:11 johanek joined #salt
08:26 iggy Vynce: pillar data that is targeted at a specific system isn't available to other systems... so in that sense it's "sensitive data"
08:26 iggy woah, was scrolled way up
08:26 Vynce @Iggy: yeah.  but thanks.
08:27 Vynce yeah, i get how pillar data is useful for sensitive data, i jsut didn't understand that it wasn't essentially file.managed but somehow more secured.
08:27 Vynce it's really unclear, in general, *what* a thing is salt fundamentally is.
08:29 iggy yeah, it's different than other config mgmt systems in a lot of ways
08:29 Vynce and even now that i'm startign to have conf files that (i think) do what i want, i don't know what, if anything, i need to do to make those conf files *do* anything. i mean, i have a minion and a master, and there's a file.managed rule in a file that top.sls refers to… but how do i get that state to *happen*?
08:29 Vynce oh, i'm not even comparing it to anything else; i don't *know* anything else. I'm coming in cold and totlly lost.
08:29 Vynce the docs are frankly terrible.
08:29 iggy sudo salt '*' state.highstate
08:30 Vynce and then do i have to do that every time i change the source file?
08:30 iggy they hired someone just for docs
08:30 iggy Vynce: generally speaking, yes
08:31 iggy but once you get up to speed, you'll use state.sls foo.state to test
08:31 Vynce OK. well, that's easy enough; .. wait, what?
08:31 iggy and once you have it the way you want, you won't have to many highstates to do
08:31 Vynce uh… i won't? ar eyou saying tha tbecaus eyou expect my source file isn't changing often?
08:32 Vynce because i am not ready to make that assumption.
08:32 garthk Vynce: pretty much
08:32 Vynce that's why i'm using salt instead of distributing it by hand
08:32 garthk Vynce: I only highstate when I’m setting up a brand new machine, changing what a machine does, or rolling out more salt automation
08:32 Vynce when i say "source file" here i mean the file at the source nd of a file.managed
08:33 iggy f.ex. I run state.sls minutely in dev, state.highstate fairly often in dev, state.highstate _maybe_ weekly in qa, state.highstate monthly in prod
08:33 garthk Vynce: if you’re half way through editing a set of files (e.g. the state and the templates it’s using), it’s rarely useful to have the state applied automatically
08:34 Vynce sure. I'm jsut questioning "won't have that many highstates to do"
08:34 forrest joined #salt
08:35 Vynce my source file is likely to change not infrequently; as i understand it, i'll have to highstate (what a friggin strange verb) every time that happens
08:35 Vynce i'm not complaining about that, jsut trying to make sure i understand what i'm being told and what that means for me.
08:37 Vynce i'm literally using this (so far) to keep one file in one of two different states on four machines.  i'm hoping to use it for more, eventually, but that's all i'm doing so far.
08:39 iggy the best way to figure things out is to paste code, ask questions, and let the smart people (generally not me) answer
08:40 Vynce yeah, that's mostly working so far. ( :
08:40 Vynce (when people are around)
08:40 Vynce anyway, the digression about assumptions about how often my source file changes aside, you said something about "state.sls foo.state" — what was that?
08:45 garthk Vynce: that causes the minion to execute your state.
08:45 garthk So, either salt hostnamespec state.sls statename # on your master
08:46 garthk Or, salt-call state.sls statename on your minion
08:46 garthk so you’ll get the state from (say) /srv/salt/base/statename.sls or /srv/salt/base/statename/init.sls applied
08:46 garthk with the /srv/salt/base bit determined by your file root settings etc
08:47 Vynce which, by default, is jsut /srv/salt, right?
08:47 garthk the “highstate” is determined by top.sls, which chooses what states are part of the highstate for any given minion
08:47 garthk yeah, I think so
08:47 garthk so if top.sls has ‘hostname*’: statename
08:48 garthk then root@master: salt hostname\* state.highstate
08:48 Vynce so the comand is literally "state.sls" ? then then <somename> which then looks for a file called somename.sls? this syntax is really opaque.
08:48 garthk or root@hostname: salt-call state.highstate
08:48 garthk will both run the state.highstate command (yep!) on hostname
08:48 garthk which will fetch the highstate as dictated by top.sls
08:48 garthk which includes statename
08:48 garthk and then it’s as if you used the state.sls command for each state in the highstate
08:49 garthk pant, wheeze
08:49 garthk other commands include grains.items to see what the master knows about the minion to use in templates etc
08:49 garthk pillar.items to see private information held by the master and sent to just that particular minion
08:49 garthk test.ping to see if anyone’s home
08:49 garthk etc
08:50 Vynce yeah, grains is a giant confusing pile, to me.  it hought i understood it — i thought it was just an entry in a dict of facts aout each minion.  but then in other places it seems to mean the whole dict, and … yeah.  super confusing.
08:50 garthk the learning curve is a little steep at this point, but it gets a lot easier soon, trust me — you’re nearly at the point of getting a whole lot done
08:50 Vynce but most of this is irrelevant to me
08:51 Vynce well, I'm not going very far on the learning curve (i hope).  as i said, i'm not a sysadmin, and don't hope to be tricked into doing it. ( :
08:57 garthk oh, what’s your usual role?
08:57 I3olle joined #salt
08:59 tmh1999 joined #salt
09:00 otter768 joined #salt
09:07 Fiber^ joined #salt
09:15 mafro joined #salt
09:18 andreyst joined #salt
09:19 ndrei joined #salt
09:22 crack_ left #salt
09:36 I3olle_ joined #salt
09:39 felskrone joined #salt
09:42 bluenemo joined #salt
09:49 jri joined #salt
09:52 jri_ joined #salt
09:52 SheetiS joined #salt
09:54 chiui joined #salt
09:58 mikeywaites joined #salt
09:58 linjan joined #salt
10:05 aquinas joined #salt
10:07 Vynce garthk: developer
10:12 Vynce bleah:     Comment: Unable to render top file. No targets found.
10:12 aquassaut joined #salt
10:13 agj joined #salt
10:15 ajw0100 joined #salt
10:15 Vynce i can't find any explanation about top file "environments" that seems to mean anything
10:17 Vynce otoh… holy crap. i think i jsut got my file synced onto one out of four servers.
10:18 __gotcha joined #salt
10:19 linjan joined #salt
10:19 felskrone joined #salt
10:21 yidhra joined #salt
10:24 jri joined #salt
10:30 yidhra joined #salt
10:30 smcquay_ joined #salt
10:37 evle joined #salt
10:47 CeBe joined #salt
10:48 yidhra joined #salt
10:49 yidhra joined #salt
10:55 yidhra joined #salt
11:01 otter768 joined #salt
11:02 linjan_ joined #salt
11:04 intellix joined #salt
11:10 yidhra joined #salt
11:21 amcorreia joined #salt
11:38 johtso joined #salt
11:50 Jouke In a state I want to set a mine_interval to a minion in /etc/salt/minion.d/mine.conf . What would be the best way to let the minion know to use that config file if it's changed?
11:55 devweasel joined #salt
11:58 jri joined #salt
12:04 I3olle joined #salt
12:05 TyrfingMjolnir joined #salt
12:07 xsteadfastx joined #salt
12:18 favadi joined #salt
12:25 yomilk joined #salt
12:27 devweasel joined #salt
12:40 andreyst joined #salt
12:42 bhosmer joined #salt
12:45 JlRd joined #salt
13:00 toddnni joined #salt
13:01 devweasel joined #salt
13:02 otter768 joined #salt
13:11 Andre-B joined #salt
13:14 xsteadfastx joined #salt
13:16 mafro joined #salt
13:16 aphoriser joined #salt
13:21 aphorise joined #salt
13:26 aphoriser joined #salt
13:27 javaserver joined #salt
13:31 devweasel joined #salt
13:31 zwi joined #salt
13:31 keekz joined #salt
13:41 iMil joined #salt
13:49 yomilk joined #salt
14:02 __gotcha joined #salt
14:23 __gotcha joined #salt
14:24 yidhra joined #salt
14:25 yidhra joined #salt
14:32 I3olle joined #salt
14:33 zwi joined #salt
14:42 Auroch joined #salt
14:42 jerematic joined #salt
14:47 Asyn joined #salt
14:50 yomilk joined #salt
14:53 jonher937 exit
15:03 otter768 joined #salt
15:06 jespada joined #salt
15:22 brianfeister joined #salt
15:22 brianfei_ joined #salt
15:23 clintberry joined #salt
15:23 aphorise joined #salt
15:23 bhosmer joined #salt
15:27 zwi joined #salt
15:28 germs_ joined #salt
15:29 sander_____ joined #salt
15:31 Vye joined #salt
15:31 germs_1 joined #salt
15:31 bluenemo_ joined #salt
15:37 triplecorn joined #salt
15:38 Jouke 2014.7.2 is not yet in the ubuntu ppa right?
15:39 ccarney_ROCC joined #salt
15:40 triplecorn joined #salt
15:40 andreyst joined #salt
15:41 pdayton joined #salt
15:44 ndrei joined #salt
15:47 zwi1 joined #salt
15:47 N-Mi joined #salt
15:51 zwi joined #salt
15:53 pcdummy joined #salt
16:02 bfoxwell joined #salt
16:02 zwi joined #salt
16:07 zwi1 joined #salt
16:13 ndrei joined #salt
16:15 mimianddaniel i notice that each time minion restarts saltutil.sync_grains job is ran
16:15 mimianddaniel is this initiated from the master ?
16:16 mimianddaniel i am checking the events fired from the master but i dont see this jid but i do see the jid in the ret tho
16:16 ccarney_ROCC left #salt
16:17 mimianddaniel joined #salt
16:18 SheetiS joined #salt
16:28 warpaint joined #salt
16:32 dude051 joined #salt
16:36 thayne joined #salt
16:36 iggy mimianddaniel: it's likely initiated by a reactor or the minion itself
16:37 sander_____ aikar are you around?
16:39 yomilk joined #salt
16:42 mimianddaniel iggy: just tried doing it with salt-call, different output in the log
16:46 jhauser joined #salt
16:50 __gotcha joined #salt
16:51 mimianddaniel does anyone have zmq_monitor:True set ?
16:51 mimianddaniel i have been monitoring the log at debug with this set on the minions and i dont see anything particular related to zmq
16:52 mimianddaniel i wonder if i specifically require zmq lib installed to use this setting
16:52 mimianddaniel only have python bindings to zmq installed
16:53 rgarcia_ joined #salt
16:55 mimianddaniel just installed zeromq higher than 4.0 and trying again..
16:55 mimianddaniel nothing in the log so ar
17:00 teall joined #salt
17:02 GabLeRoux joined #salt
17:04 otter768 joined #salt
17:06 linjan_ joined #salt
17:06 jonher937 joined #salt
17:07 hal58th joined #salt
17:08 catpig joined #salt
17:14 Vynce joined #salt
17:15 mafro joined #salt
17:31 dyasny joined #salt
17:32 mikeywaites joined #salt
17:37 tomh- joined #salt
17:39 pravka joined #salt
17:46 smcquay_ joined #salt
17:50 jri joined #salt
17:52 sander_____ What is the best way to restart all minions?
17:54 hal58th ahhhh, salt '*' cmd.run 'service salt-minion restart'
17:56 sander_____ Thanks hal58th I was going to try that, but I thought there might be a specific command just to restart the minion. The closest I found was saltutil.clear_cache:
17:56 hal58th what's the reason  you want to restart the minion sander_?
17:58 sander_____ I'm pushing out new config files into minion.d/ I suppose there is a way to tell it to restart the service when these files are updated, but I'm not there yet.
17:58 devweasel joined #salt
17:59 iggy salt '*' service.restart salt-minion
18:00 iggy sander_____: look at watch/listen/etc
18:10 hasues joined #salt
18:10 hasues left #salt
18:14 peters-tx2 joined #salt
18:16 fllr joined #salt
18:18 bhosmer_ joined #salt
18:18 peters-tx2 I'm guessing the codebase of Salt is migrating to Python 3 ?
18:21 GabLeRoux joined #salt
18:22 scarcry joined #salt
18:23 iggy peters-tx2: no, they are using six to maintain compatibility between multiple versions of python
18:23 iggy 2.6, 2.7, 3.4 I think is what they said were targetting
18:24 sander_____ ubuntu says they want to make python3 default in the next trusty update I believe
18:24 peters-tx2 iggy, Ok
18:24 peters-tx2 iggy, I never figured out how to get my Master to call the drac.* module on my Minion btw, but honestly haven't spent as much time on it as I wanted 8/
18:25 peters-tx2 ...I'll get it working sooner or later
18:26 iggy you'd need a custom runner or something
18:26 iggy maybe enable publish
18:26 peters-tx2 iggy, Ok, I'll check into that
18:28 yomilk joined #salt
18:28 alexbst_ joined #salt
18:34 gcw|rMBP01 joined #salt
18:36 GabLeRoux joined #salt
18:42 dude051 joined #salt
18:48 mdln joined #salt
18:48 pdayton joined #salt
18:49 otter768 joined #salt
18:51 GabLeRoux joined #salt
18:54 peters-tx2 iggy, I believe I figured out the problem and am working on a fix; it has to do with PATH
18:54 peters-tx2 iggy, racadm binary isn't in Salt minion's path, so the module errors out generically
18:55 peters-tx2 iggy, Working on how you add more to the PATH available to the minion (right now it is REALLY small, like /sbin and /usr/sbin or somesuch)
18:56 jespada joined #salt
18:56 Ahrotahntee left #salt
18:57 iggy something in the init script maybe?
18:57 GabLeRoux joined #salt
18:58 peters-tx2 I think it's pretty normal behavior.  running-as-root scripts typically get a much smaller PATH than interactively-running-as-root
19:00 Aikar sander_____: i am now
19:00 peters-tx2 iggy, Added "export PATH=$PATH:/opt/dell/srvadmin/sbin/" to /etc/default/salt and now the PATH is better...Surely there's a better way.
19:00 peters-tx2 iggy, It works
19:05 jespada joined #salt
19:09 sander_____ aikar hey
19:11 sander_____ I tried your mine.sls https://gist.github.com/aikar/3bcbb84ac55f19c41894 but I get an error when I add that as the base file from top.
19:11 bash1245_ joined #salt
19:12 sander_____ I'm calling that exact file directly from top.sls...
19:12 iggy sander_____: which top.sls?
19:13 iggy also, the spacing on that is bad
19:13 sander_____ the main /srv/salt/top.sls I didn't put in under '*" but under another entry which filters for the gain on centos
19:14 sander_____ I get this error:     Data failed to compile: ----------     Too many functions declared in state 'network' in SLS 'mine'
19:18 iggy it should be in a pillar, not states
19:18 StDiluted joined #salt
19:18 logix812 joined #salt
19:19 logix812 I have a vars.jinja located in my salt/{{app_name}} folder. Is it possible to import that jinja file into a pillar file?
19:19 logix812 so I can reuse the values of the vars there as well?
19:19 jespada joined #salt
19:21 sander_____ iggy OK that makes sense now. I think I got around it by adding mine_interval: 5 to my minion configs which populated the mine with all grain info. I'm just wondering how I can get that into my configs now.
19:22 iggy we use salt-formula, but anything will do
19:23 babilen sander_____: You can also run http://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.mine.html#salt.modules.mine.update once to update it. No need to increase the interval just for that (information in the mine seems to be relatively static)
19:25 sander_____ babilen: I ran that a bunch of times last week and nothing happened. I added that entry restarted the minions and boom!
19:25 sander_____ Although I may decrease the frequency now that they have populated.
19:26 babilen sander_____: Was that before you had the mine definitions in order (as discussed some minutes ago) ?
19:26 ckao joined #salt
19:27 sander_____ I don't have any mine definitions that I know of now. I just increased the update frequency, but it could be inside one of the formulas I have installed. Is there a command which will show the running config on the master?
19:29 babilen sander_____: iggy just mentioned that your mine definitions belong in your pillar not in /srv/salt/top.sls (or rather a file referenced in there) as you indicated before
19:31 sander_____ babilen: Yes I didn't add that to the mine.sls state. The only mine.sls entry now adds this file:  /etc/salt/minion.d/mine.conf:mine_interval: 5. That said I do have SheetiS nagios forumla installed which may cause the grains to popluate
19:35 babilen Populate grains?
19:37 GabLeRoux joined #salt
19:37 babilen sander_____: Mine functions (cf. http://docs.saltstack.com/en/latest/topics/mine/#mine-functions) are defined in the pillar. If you don't have any of them defined then the mine will not be populated.
19:38 sander_____ I am verifying the mine population by running: `salt '*' mine.get '*' grains.items`
19:38 babilen You pasted https://gist.github.com/aikar/3bcbb84ac55f19c41894 earlier, which is *not* a state, but belongs in the pillar. I therefore assume that, up until the point iggy pointed out your mistake, you did not have anything in your pillar and that, therefore, no mine functions had been defined
19:39 SheetiS sander_____: the mine wouldn't populate unless you had a mine function in your config or your pillar.
19:39 sander_____ Son of a gun I did enable it when I was messing around last weekend:/srv/pillar/munin.sls:mine_functions: /srv/pillar/munin.sls-  grains.items:
19:39 babilen Son of a gun?
19:40 babilen (US American detected!)
19:40 sander_____ OK so through my poor understanding of pillars and states I did have it working.
19:40 babilen s/through/despite ;)
19:40 sander_____ babilen: indeed!
19:40 SheetiS btw that nagios formula was a PoC I made when I first started using salt to see if I could have the mine auto-populate checks for minions.  I have no idea how well it would work in a real world vs my local test environment.
19:41 Aikar sorry was busy but i see your squared away
19:42 sander_____ OK now how can I get jinja to populate the hosts file? The hosts file is currently populated manually via munin pillar. Would I need to create a map.jinja in the munin formula or can I call the jinja code from the pillar?
19:43 SheetiS hosts file as in /etc/hosts on a system?
19:43 sander_____ https://github.com/saltstack-formulas/munin-formula/blob/master/pillar.example
19:44 sander_____ I am manually entering them in a pillar derived from that example.
19:45 sander_____ My goal was to get munin work as best I could so I could try to build a ganglia formula from that and probably your SheetiS nagios.
19:45 babilen Ah, mine data in pillars ... yet another chicken 'n egg problem in salt
19:45 SheetiS sander_____: you could use a state to populate a hosts file with mine data if you wanted to get the hosts from a minion.  I have an example that uses grains mine functions but would be better served by using network.*.  Complex mine functions weren't as great in 2014.1
19:46 SheetiS (when i first wrote this)
19:46 fllr Where can I find documentation for salt wheel modules?
19:46 SheetiS babilen: so true. I used to put all-the-things into grains and then when I saw grains change reactor would trigger a 2nd highstate
19:46 SheetiS http://docs.saltstack.com/en/latest/ref/wheel/all/index.html
19:48 SpX joined #salt
19:48 SheetiS sander_____: I used this as a proof-of-concept for a manged-with-mine-data hosts file.  It was on a server running dnsmasq in my test environment and provided a semi-fake dns server for the rest of hte env thru dnsmasq: https://bpaste.net/show/9b31b287ec40
19:48 SheetiS Again the only reason I used grains in the mine data is because I already had it in the mine_funcitons for use elsewhere
19:48 babilen SheetiS: Mine data really should be available in pillars. Without it the whole pillar-driven approach advocated in formulas is, well, quite limited.
19:49 SheetiS It would be much better to use network.ip_addrs
19:49 SheetiS babilen: I really agree.
19:49 babilen Definitely, even better with specific CIDR masks for your (various) networks
19:49 sander_____ SheetiS: how would I use network? I'm assuming salt works like the rest of the configuration where the local machine actually generates the file so it needs to know all the information from other hosts, not the master.
19:52 SheetiS sander_____: I'd probably setup my mine functions so that network.ip_addrs and network.get_hostname were mine functions
19:52 GabLeRoux joined #salt
19:53 SheetiS Then I'd mine.get those instaead of grains.items['ipv4'][0] and grains['id'] or whatever
19:53 sander_____ SheetiS: The code you posted just now would go in what type of file? (e.g. pillar, state)
19:53 SheetiS that's a state to manage individualy hosts in /etc/hosts for a particular system
19:54 SheetiS if you are not using dnsmasq, I'd recommend getting rid of that if block.
19:56 linjan_ joined #salt
19:59 sander_____ OK so I could use aikar's mine function instead of yours in my pillar since I only need ip addresses and hostnames. Could I mix the state and pillar information to combine static with dynamic entries or would I have build a state which would manage that file entirely?
19:59 babilen You can't reference the mine in pillars right now
20:00 sander_____ bummer.
20:00 babilen Indeed
20:00 sander_____ Is that fixed in 2015.x?
20:00 babilen So all references to the mine have to be in a specific state. That is exactly what I meant with "Mine data really should be available in pillars. Without it the whole pillar-driven approach advocated in formulas is, well, quite limited."
20:01 babilen No, it isn't
20:01 fllr Hey guys. I'm trying to setup rolling updates for my machines right now. Let's say I have n web servers, and I wanna bring down a third of them at a time (flush the web requests on my load balancers before doing so), update them, bring them back up, add them again to the load balances, notify me when this process starts, progresses, finishes. How do I accomplish this in salt?
20:02 dude051 joined #salt
20:04 felskrone joined #salt
20:05 Aikar though your main use will be in the state itself, so not a real issue?
20:05 babilen fllr: First you would want a reactor driven configuration of your LB. Look into the haproxy example on http://docs.saltstack.com/en/latest/topics/reactor/ for an example
20:06 Aikar babilen:  so when a web server starts, that triggers a reactor event to issue a state on load balancer?
20:06 Aikar thats something were looking to work with next is reactor
20:06 babilen fllr: Secondly I wouldn't necessarily make them "auto update", but run that manually, but nothing prevents you from scheduling updates with http://docs.saltstack.com/en/latest/topics/jobs/schedule.html (pkg.upgrade or a more complex state)
20:07 sander_____ OK I think I can use SheetiS state example to generate a dynamic host list file in put it in the conf.d directory.
20:07 Aikar i was using mine to populate mod_rpaf config since it didnt support /24 style notation, but just switched to mod_remoteip which is leaps better
20:07 Aikar (if anyone recalls I asked about PHP and FastCGI, mod_remoteip works to get the real IP sent to PHP where as mod_rpaf doesn't)
20:07 babilen fllr: But honestly: You probably want to look into tools such as Zookeeper or consul as well
20:08 fllr babilen: Oh, nice. I wasusing haproxy, so that's perfect...
20:09 Aikar sander_____: if you need a space separated list of your mine IP's, heres an example I got yesterday
20:09 Aikar {% set lb = salt['mine.get'](pillar['role_lb']+'*', 'network.ip_addrs').values()|join(' ', attribute=0) %}
20:09 babilen We populate some nginx lb setups with data from the salt mine and trigger updates of that whenever the presence_event status of a minion changes, but there are other approaches for setup like that (the aforementioned tools for example)
20:09 Aikar RPAFproxy_ips = {{ lb }}
20:09 Aikar with pillar role_lb: defined as the machine id prefix of what minions fill the role of load balancer
20:10 Aikar so for our example role_lb: prod-nginx
20:10 fllr babilen: What do you mean by not letting them auto update, though? I'm just pulling stuff from git, and restarting uwsgi. Does zookeeper improve on that workflow? (honest question... not trying to snarky here...)
20:10 babilen It works, but you don't really get the "react to service unavailability" but rather "minion dropped out/became available"
20:11 babilen fllr: I meant that I am not a huge fan of making package upgrades part of my highstate
20:11 babilen fllr: And no, ZK won't improve on that workflow.
20:11 fllr babilen: Oh, right right... That's exactly what I'm trying to do, actually...
20:12 fllr babilen: I removed all the watches from my states, and I was trying to write a runner that would do all of that for me...
20:12 fllr babilen: But I've been running into some issues there...
20:12 babilen Then either schedule your "update state" or a highstate (which includes your "update state")
20:12 cberndt joined #salt
20:12 thayne joined #salt
20:13 fllr babilen: Well... I'm still looking into zookeeper now... got curious... :)
20:13 linjan joined #salt
20:15 babilen fllr: Look into https://consul.io/ too. I have it on my "play with it" list for a while now and a ZK afficionado colleague is quite taken with its idea.
20:15 fllr babilen: Cool, cool. Thanks! :D
20:17 yomilk joined #salt
20:36 mt joined #salt
20:57 thayne joined #salt
21:01 micko joined #salt
21:14 p5y_ joined #salt
21:16 mafro joined #salt
21:18 Andre-B joined #salt
21:19 p5y_ left #salt
21:21 otter768 joined #salt
21:26 badon joined #salt
21:32 yomilk joined #salt
21:41 GabLeRoux joined #salt
21:43 nich0s joined #salt
21:48 _JZ_ joined #salt
21:59 peters-tx joined #salt
22:07 sander_____ Well I was finally able to generate the munin nodes file from mine data and jinja template. Its a little rough but this has been educational. Thanks SheetiS Aikar babilen iggy!
22:11 meefs joined #salt
22:11 mafro joined #salt
22:12 pviktori joined #salt
22:12 aquassaut joined #salt
22:12 forrest joined #salt
22:16 felskrone joined #salt
22:17 [vaelen] joined #salt
22:17 xenoxaos joined #salt
22:18 iggy sander_____: paste it, maybe someone will have suggestions to improve
22:18 Aikar so if you want to create a state thats simply for the sake of executing multiple other state .sls files, would you make an .sls thats nothing but includes?
22:18 Hell_Fire Hi all, question, wanting to randomly generate a bunch of passwords (for rabbitmq in particular) on the rabbitmq minion, and then distribute them.  In the past I've been saving the passwords into pillar and just setting them in rabbitmq and the eventual end minion alike, but I'm starting to look for ways in general to share states/files between minions for some more complicated Openstack/Ceph setups
22:19 Hell_Fire Question is, easy way to do this without pregenerating a bunch of passwords in pillar, or is it still a pain? :P
22:19 Aikar Hell_Fire: im far from an expert, but immediately comes to mind is define your own salt mine function and expose the password in the mine?
22:20 Aikar or maybe grains is the better approach for that
22:21 Hell_Fire Can't query grains across other minions, so mine will have to be it, unless I find a thin distributed FS for config items or something
22:22 sander_____ iggy: Will do another day once I've had a chance to work on it a little more, and I have to go now.
22:23 thehaven joined #salt
22:23 iggy Hell_Fire: you could generate them in a state and use the pillar wheel to push the generated passwords back into the pillar
22:24 thonrycrackers joined #salt
22:25 Hell_Fire iggy: Ahh, first I've seen of wheel, will look into it :) thanks
22:30 Laogeodritt joined #salt
22:31 CheKoLyN joined #salt
22:32 MaZ- joined #salt
22:33 yomilk joined #salt
22:46 otter768 joined #salt
22:55 ajw0100 joined #salt
22:56 [7hunderbird] joined #salt
22:57 quixoten joined #salt
22:57 [7hunderbird] ohai quixoten
22:57 quixoten hola
22:58 Zachary_DuBois joined #salt
22:59 [7hunderbird] I'm trying to setup a state file and gather output from the STDOUT and store it as a variable.  I found this module, but how do I store it into a variable? http://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.cmdmod.html#salt.modules.cmdmod.run_stdout
23:05 Hell_Fire [7hunderbird]: if you just need a point in time for throughout your state, {% set foo = salt['cmd.run']('echo bar') %}
23:09 bluenemo joined #salt
23:09 bluenemo joined #salt
23:09 bfoxwell joined #salt
23:10 [7hunderbird] ah I see what you mean Hell_Fire
23:10 iggy that's generally frowned upon
23:10 yomilk joined #salt
23:10 [7hunderbird] what would you do iggy?
23:10 helderco joined #salt
23:10 iggy depends
23:11 Hell_Fire Yeah, it really depends what you're end goal is
23:11 iggy you didn't say what you were trying to achieve, just how you were trying to achieve it
23:15 quixoten iggy: we're trying to setup icinga2 on an agent. it requires running a command on a remote node (the icinga2 master), and using the output of that command to request the actual signing (a command that runs on the agent node)
23:16 quixoten we want all this to happen as part of the icinga2_agent.sls
23:16 yomilk joined #salt
23:17 iggy not familiar with the software, but did you look at the icinga formula to see if/how it handles it?
23:17 quixoten i haven't yet
23:19 quixoten iggy: yeah, it doesn't look like it handles it.
23:20 quixoten ultimately, we need to run the follwing command on the agent: icinga2 pki request --ticket {{ result_of_running_remote_command_on_master }}
23:21 yomilk joined #salt
23:22 iggy ticket is different for each minion?
23:22 quixoten yeah
23:23 iggy the set line might be your best bet
23:23 iggy it's just expensive
23:24 quixoten timewise ?
23:25 iggy yeah, if it's in a state, it's going to be run every render of the states
23:26 quixoten i could wrap it in an if block to prevent it from running if the signed key already exists. would that be a viable solution?
23:27 iggy yeah, workable
23:27 iggy how are you running the command on the master?
23:28 quixoten i was hoping you could tell me that. i'm in the process of comparing salt with ansible, and this is one of the areas that ansible handles really well.
23:29 iggy you can use publish
23:29 yomilk joined #salt
23:29 iggy it takes a little setup
23:30 quixoten i will look into it. thanks for your help.
23:31 iggy you could also use an orchestrate job to run the command on the master, write the key using pillar wheel, then run the agent side
23:34 thornycrackers joined #salt
23:35 thornycrackers Does anyone know what the ssh_key_file: option in a cloud profile file actually does?
23:38 luask joined #salt
23:38 triplecorn joined #salt
23:39 tmwsiy joined #salt
23:51 yomilk joined #salt
23:53 esogas_ joined #salt
23:56 yomilk joined #salt

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary