Perl 6 - the future is here, just unevenly distributed

IRC log for #salt, 2015-07-02

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:05 favadi joined #salt
00:16 dimeshake joined #salt
00:17 linjan joined #salt
00:17 murrdoc joined #salt
00:17 john joined #salt
00:20 ajw0100 joined #salt
00:21 Guest91569 hi, I was hoping someone might be able to help me with a salt newbie question
00:21 Guest91569 I have a master and minion setup and I'm looking to run a command on my minion
00:21 julez joined #salt
00:22 Guest91569 the command is custom as it uses aliases
00:22 Guest91569 so I have to run a bash script to setup the enviornment with envvars and aliases before I can run it
00:23 Guest91569 I've tried daisy chaining the commands together on the salt master (with the cmd.run) command but it's complaining that my main command I want to run, that it's not found
00:23 Guest91569 which means that it's running the commands but not keeping the same environment in between the commands
00:24 Guest91569 does anyone have thoughts on this or how to retain the environment while I'm running multiple commands?
00:27 Ludo- you don't want to do a state file instead?
00:28 Guest91569 I could, I should probably read more about states
00:29 Guest91569 I'm unfamiliar with it as I am brand new to salt
00:30 Guest91569 I was under the impression that states were for environments that weren't changing much, e.g. if you wanted to setup a LAMP server quick
00:30 Guest91569 but the custom command I run will be changing from time to time
00:38 forrest joined #salt
00:38 Aidin joined #salt
00:39 otter768 joined #salt
00:42 subsignal joined #salt
00:52 catpig joined #salt
00:58 JDiPierro joined #salt
00:59 jradd joined #salt
01:00 quasiben joined #salt
01:07 chefdude joined #salt
01:12 Guest91569 I'll give an example. I want to run the script helloWorld.sh
01:13 Guest91569 inside helloWorld.sh it has an alias called runMe and you can give it a variable
01:13 Guest91569 so I'd like to type into salt "runMe -now"
01:13 Guest91569 but it doesn't know that runMe exists as a command
01:14 Guest91569 when I try to do cmd.run 'helloWorld.sh; runMe -now" it says that runMe isn't defined
01:22 Ludo- Guest91569: the commands need to exist on your minion
01:22 Ludo- if it doesn't exist, you need to do a salt-cp
01:23 Ludo- of your script
01:23 Guest91569 hmmm
01:23 Ludo- salt-cp '*' runMe /tmp/runMe
01:23 Guest91569 there's no other way to do it?
01:23 Ludo- salt '*' cmd.run '/tmp/runMe -m'
01:29 cberndt joined #salt
01:34 beauby joined #salt
01:36 otter768 joined #salt
01:38 juanito joined #salt
01:47 ilbot3 joined #salt
01:47 Topic for #salt is now Welcome to #salt | 2015.5.2 is the latest | Please use https://gist.github.com for code, don't paste directly into the channel | Please be patient when asking questions as we are volunteers and may not have immediate answers | Channel logs are available at http://irclog.perlgeek.de/salt/
01:49 tkharju joined #salt
01:51 c10 joined #salt
02:03 Ryan_Lane Guest91569: it sets up aliases? does it do that in .bashrc or something?
02:03 Ryan_Lane if so that won't work because the alias wouldn't exist. that wouldn't work from your own shell either
02:04 Ryan_Lane this might work, though: 'helloWorld.sh; source .bashrc; runMe -now'
02:04 Ryan_Lane oh. if the script doesn't exist on the minion that's a problem too
02:04 Ryan_Lane I believe there's a way to run a script from the master on the minion. though
02:05 mosen worst case file.managed ?
02:05 Ryan_Lane http://docs.saltstack.com/en/latest/ref/states/all/salt.states.cmd.html#salt.states.cmd.script
02:06 mosen ahh good to know RL
02:09 beauby joined #salt
02:18 ITChap joined #salt
02:26 napsterX joined #salt
02:27 favadi joined #salt
02:28 cberndt joined #salt
02:31 yomilk joined #salt
02:33 beauby joined #salt
02:41 ITChap joined #salt
02:41 aphor joined #salt
02:43 icflournoy joined #salt
02:44 mapu joined #salt
02:45 radd joined #salt
02:55 Furao joined #salt
02:57 Cidan does anyone know if it's possible to change the jinja variable start string in salt?
03:02 aphor Cidan: I don't think salt implements that.
03:02 Cidan hm
03:02 Cidan damn.
03:03 aphor Cidan: what exactly do you want to change?
03:03 Cidan <% %>, etc
03:03 Cidan sorry {%
03:03 Cidan etc
03:04 aphor I think salt is like "WTF is this file? a Jinja template? Hey Jinja, WTF is this supposed to be fully rendered?"
03:04 Cidan Yeah, outside of start you can set the strings jinja will use to mark the start of a variable, end, etc
03:04 aphor and then Jinja is like "Dude, the file is 'boa blah bwah"
03:05 Cidan *salt
03:05 aphor I'm pretty sure unless you tell salt to use another template engine, all files are sent to Jinja for preprocessing.
03:05 aphor Remember CPP?
03:05 subsignal joined #salt
03:05 aphor It's like that, but Jinja
03:06 aphor I could be way off, but I would be freaked out surprised if it worked some more complicated way.
03:07 cberndt joined #salt
03:08 aphor SO... if you want your preprocessor substitution to recognize something besides {{ inplace.replacement }} or {% some logic %} what you want is a different template engine.
03:08 sunkist joined #salt
03:11 beauby joined #salt
03:14 radd joined #salt
03:16 SheetiS joined #salt
03:17 Aidin joined #salt
03:18 Aidin left #salt
03:25 linjan joined #salt
03:30 darknight87 joined #salt
03:37 gcfhvjbkn joined #salt
03:39 clintberry joined #salt
03:44 madpenguin joined #salt
03:47 jahmed joined #salt
03:59 p0rkbelly joined #salt
04:00 hasues joined #salt
04:00 hasues left #salt
04:09 otter768 joined #salt
04:11 juanito joined #salt
04:18 MatthewsFace joined #salt
04:19 bfoxwell joined #salt
04:22 cberndt joined #salt
04:23 N-Mi joined #salt
04:23 N-Mi joined #salt
04:26 c4urself left #salt
04:28 radd joined #salt
04:32 aparsons joined #salt
04:35 jalbretsen joined #salt
04:41 stoogenmeyer__ joined #salt
04:43 jasonrm joined #salt
04:44 N-Mi joined #salt
04:44 gcfhvjbkn joined #salt
04:46 gcfhvjbkn joined #salt
04:52 N-Mi joined #salt
04:54 jasonrm joined #salt
04:57 GabLeRoux joined #salt
05:02 djinni` joined #salt
05:03 napsterX joined #salt
05:08 jasonrm joined #salt
05:15 cberndt joined #salt
05:16 MatthewsFace joined #salt
05:17 napsterX joined #salt
05:24 rdas joined #salt
05:31 prathee joined #salt
05:33 dopesong joined #salt
05:33 napsterX joined #salt
05:33 ajw0100 joined #salt
05:33 prathee hey all! good day! :) towards the end of http://docs.saltstack.com/en/latest/ref/returners/all/salt.returners.mysql.html#module-salt.returners.mysql , it is said that we should append --return mysql to our salt commands... how to automate this part such that everytime highstate runs (highstate has already been scheduled every 30 mins) the job info is stored in the db?
05:34 spookah joined #salt
05:38 prathee or...rather...what should i do to be able to store every job details onto some file?
05:39 darknight87 joined #salt
05:43 napsterX joined #salt
05:47 julez joined #salt
05:48 TyrfingMjolnir joined #salt
05:54 AndreasLutro joined #salt
05:54 catpigger joined #salt
05:55 stoogenmeyer__ joined #salt
05:57 colttt joined #salt
05:57 malinoff joined #salt
05:58 jahmed joined #salt
05:59 aphor left #salt
06:01 andygabby joined #salt
06:01 madpenguin joined #salt
06:07 N-Mi joined #salt
06:08 ramteid joined #salt
06:10 otter768 joined #salt
06:14 dopesong joined #salt
06:15 prathee_ joined #salt
06:15 N-Mi joined #salt
06:16 gcfhvjbkn joined #salt
06:22 evle1 joined #salt
06:24 joeto joined #salt
06:25 donmichelangelo joined #salt
06:26 c10 joined #salt
06:27 catpiggest joined #salt
06:32 flyboy joined #salt
06:34 N-Mi joined #salt
06:41 kawa2014 joined #salt
06:43 darknight87 joined #salt
06:45 ndrei joined #salt
06:45 wabkia joined #salt
06:47 TyrfingMjolnir joined #salt
06:49 catpiggest joined #salt
06:50 jhauser joined #salt
06:53 catpigger joined #salt
06:53 jahmed joined #salt
07:00 otter768 joined #salt
07:05 sectionme joined #salt
07:05 sirex joined #salt
07:06 sirex How can I set default user group without hardcoding git? For example I want to set www-data as default user group, but I don't know gid of www-data.
07:06 sirex s/git/gid/
07:07 N-Mi joined #salt
07:09 eseyman joined #salt
07:20 Romlok joined #salt
07:21 jahmed joined #salt
07:21 impi joined #salt
07:23 eseyman joined #salt
07:23 napsterX joined #salt
07:27 Gareth joined #salt
07:32 N-Mi joined #salt
07:33 huluwa joined #salt
07:34 markm joined #salt
07:34 julez joined #salt
07:41 catpiggest joined #salt
07:42 prathee joined #salt
07:43 lb1a joined #salt
07:45 radd joined #salt
07:55 devops joined #salt
08:00 ndrei_ joined #salt
08:00 chiui joined #salt
08:05 CeBe joined #salt
08:06 SubOracle joined #salt
08:08 jaybocc2 joined #salt
08:13 jahmed joined #salt
08:13 aqua^c joined #salt
08:14 Smoked_Duck joined #salt
08:15 lionel joined #salt
08:19 Xevian joined #salt
08:21 julez joined #salt
08:22 s_kunk joined #salt
08:24 jaybocc2 joined #salt
08:27 c10 joined #salt
08:27 paolo joined #salt
08:34 sectionme joined #salt
08:37 keimlink joined #salt
08:38 morsik_ joined #salt
08:38 morsik_ hi, I found strange problem with include pillar and getting pillar value in other
08:40 morsik I have simple pillarA that contains 'a: test'   and  pillarB that contains 'include:\n  - pillarA\n\nzzz: {{ salt['pillar.get']('a', 'default value') }}'
08:40 morsik problem is… using salt-call pillar.items i'm getting   zzz: test
08:41 morsik but when i'm using master, i'm getting   zzz: default value
08:41 morsik well… minion version is salt-2015.5.0-1.el7.noarch but master is salt-2014.7.5-1.el6.noarch
08:42 morsik salt-call above is used in docker in master-less mode and returns correct value. salt-call that's connected to master returns only default and can't see another pillar
08:42 morsik I hope I explained good this :D
08:43 raygunsix joined #salt
08:44 leszq joined #salt
08:44 AndreasLutro morsik: I don't think pillar.get in pillars is supported
08:46 xmj joined #salt
08:46 xmj moni
08:46 xmj has anyone seen zloidemon here, recently?
08:48 darknight87 joined #salt
08:51 xmj (lobbing in cedwards... NV, viq, for added FreeBSD knowledge)
09:00 supersheep joined #salt
09:01 otter768 joined #salt
09:06 morsik AndreasLutro: strange… there are many issues on github about this and looks like it should works…
09:06 morsik AndreasLutro: also… why master-less mode works correctly? :<
09:11 cast joined #salt
09:12 phix joined #salt
09:12 phix hi :)
09:12 roberth1990 joined #salt
09:12 phix If channel was highly recommended
09:12 phix s/If/This/
09:13 roberth1990 salty
09:14 roberth1990 left #salt
09:14 cast is there a there a way to disable a long list of services, without repeating servicename\n: service:\n- dead\n- enable: False for each one? i could use templating, but i'm wondering if there's a way akin to how one can list packages in pure yaml
09:17 N-Mi joined #salt
09:17 N-Mi joined #salt
09:17 napsterX joined #salt
09:26 Antiarc joined #salt
09:29 darknight87 joined #salt
09:29 soren joined #salt
09:31 viq xmj: hm?
09:31 unixlike joined #salt
09:31 unixlike Hi there !
09:32 unixlike Is it possible to run cmd.run on specific environment ?
09:32 xmj viq: seen zloidemon recently?
09:32 AndreasLutro morsik: not sure why it works in salt-call, probably a bug
09:32 viq xmj: hasn't been really looking, so no
09:32 AndreasLutro cast: no
09:33 morsik AndreasLutro: i found also something like this: https://github.com/saltstack/salt/issues/4326
09:33 viq haven't, gah, can't into english apparently :P
09:33 morsik also some workaround here: https://github.com/saltstack/salt/issues/6955#issuecomment-110793057
09:33 morsik maybe i'll use it then…
09:33 AndreasLutro unixlike: you can do {% if salt.environment == 'dev' %}
09:34 xmj viq: can haz `grep zloidemon #salt.log' maybe?
09:34 unixlike AndreasLutro: Thanks ! But  i want do it via python console
09:34 unixlike grains_list = local.cmd('*','cmd.run','hostname',env='opensuse_hosts')
09:34 AndreasLutro ah
09:35 AndreasLutro don't know then
09:35 unixlike AndreasLutro: All the way thanks for your answer
09:36 viq xmj: last line spoken by that nick that's in my logs is from 2013-12-16 ;)
09:36 viq as for joins/quits, I disabled those
09:37 xmj viq: oops
09:37 xmj viq: tyvm
09:37 viq xmj: http://irclog.perlgeek.de/salt/search/?nick=zloidemon&amp;q=
09:37 * xmj goes find out mail
09:46 drawsmcgraw joined #salt
09:48 ingslovak joined #salt
09:51 markm joined #salt
09:51 al0 joined #salt
09:52 s_kunk joined #salt
09:58 hacfi joined #salt
09:58 daemonkeeper joined #salt
09:59 lb1a joined #salt
10:11 NotAvailable joined #salt
10:11 NotAvailable hi everyone
10:11 NotAvailable could anyone guide me through the setup of a formula? I'm doing it, but I'm not sure I'm doing it right so if anyone has the patience, please?
10:12 NotAvailable I've been RTFMing, yes
10:12 AndreasLutro NotAvailable: ask away
10:13 NotAvailable awesome
10:14 NotAvailable so I want to install zabbix-agent on all of my servers linked to salt, I'm using https://github.com/saltstack-formulas/zabbix-formula , forked it from git in /srv/formulas, got a zabbix-formula directory which has a zabbix subdirectory. Added /srv/formulas/zabbix-formula to my /etc/salt/master.d/personal.conf file_roots: base:
10:15 NotAvailable now this is where I get a bit confused
10:15 NotAvailable I have my top.sls file
10:15 NotAvailable it looks like base: '*': - zabbix
10:15 NotAvailable creted a zabbix.sls file
10:15 ITChap joined #salt
10:15 zerthimon joined #salt
10:15 NotAvailable my zabbix.sls file looks like this: https://gist.github.com/anonymous/cfec968bcc40f772deca
10:16 NotAvailable what I don't get is, how does this link to the formula? It just find it?
10:16 NotAvailable *finds
10:16 NotAvailable or there's an extra step that I need to do?
10:17 AndreasLutro NotAvailable: you created a zabbix.sls in /srv/pillar right?
10:17 NotAvailable no, I have zabbix.sls in /srv/salt next to top.sls
10:17 NotAvailable based on this http://docs.saltstack.com/en/latest/topics/tutorials/states_pt1.html
10:18 AndreasLutro well that tutorial doesn't involve formulas at all
10:18 AndreasLutro so you may want to not use that as a reference
10:18 NotAvailable okay, understood
10:18 AndreasLutro you don't need to create zabbix.sls in /srv/salt, the formula provides the states for you
10:18 NotAvailable so the states are basically the formulas?
10:18 AndreasLutro you just need to provide the pillar data
10:19 AndreasLutro NotAvailable: more accurate would be to say that the formula provides states
10:19 AndreasLutro you can have your own states and other formulas in addition to it
10:19 NotAvailable got it
10:19 NotAvailable so the pillar is actually the configuration for the formula?
10:20 AndreasLutro NotAvailable: yeah
10:21 NotAvailable okay, so I need to figure out how to create the pillar and how to link to it from my top.sls ?
10:21 NotAvailable because top.sls is where it all starts, as far as I understood
10:21 AndreasLutro you have two separate top.sls, one for states (/srv/salt) and one for pillars
10:21 AndreasLutro you need to create the zabbix.sls pillar, then include - zabbix in both of your top.sls
10:22 NotAvailable the zabbix.sls pillar is the one I pasted? https://gist.github.com/anonymous/cfec968bcc40f772deca
10:22 AndreasLutro yeah, though you may need to include more stuff from the formula's pillar.example
10:23 NotAvailable looking at the example https://github.com/saltstack-formulas/zabbix-formula/blob/master/pillar.example I need to include everything until zabbix-server
10:23 NotAvailable obviously exluding the stuff I don't need, like custom.vfs.dev.* etc.
10:25 supersheep joined #salt
10:28 NotAvailable after modifyng the setup I have the following directories and files: /srv/formulas/zabbix-formula, /srv/pillar with top.sls containing base: '*': - zabbix and zabbix.sls containing data from the formula pillar.example, /srv/salt with top.sls containing base: '*': zabbix, what does my zabbix.sls need to contain here?
10:28 aqua^c joined #salt
10:29 ksj morning. I asked this yesterday but didn't really explain myself well. Basically, I want a string variable of the form myvar='pillar[a][x]+"/"+pillar[a][y]+"/"', that I can "eval" in jinja - i.e. {{ myvar }} should produce the output of the pillars, not print the string. The only way I can see to do it is to change the renderer chain so that, say, mako renders the string first before jinja does the rest, but
10:29 ksj this is a little messy
10:29 AndreasLutro you don't need anything in /srv/salt NotAvailable, the formula provides that bit
10:30 NotAvailable alright, so this should be it
10:30 kevc names
10:30 NotAvailable well, I'll test it all, if smth's wrong, it's with the configuration
10:31 AndreasLutro ksj: you're still not explaining yourself very well if you ask me :p
10:32 madpenguin joined #salt
10:32 ksj AndreasLutro: sorry. ok. I'll write something longer and put it in a pastebin
10:33 ksj basically I just want jinja to process a string as if it was written explicitly
10:33 AndreasLutro define "process"
10:33 AndreasLutro and how can you implicitly write a string?
10:33 AndreasLutro I don't know what this means
10:33 ksj if I do this {{ pillar[a][x] }}, jinja will print the correct pillar entry
10:34 ksj I want a variable that contains that. e.g. {% set myvar = 'pillar[a][x]' %}
10:34 AndreasLutro just remove the quotes?
10:34 ksj and I want a way to do {{ myvar }} that doesn't print the string, but prints the value from the pillar
10:35 AndreasLutro or do you need lazy execution for some reason
10:35 ksj yes. assuming lazy execution is equivalent to the shell eval
10:35 AndreasLutro okay well then what I'd do is
10:36 jaybocc2 joined #salt
10:36 AndreasLutro {% set key = "a.x" %}
10:36 AndreasLutro sorry
10:36 AndreasLutro {% set key = "a:x" %}
10:36 AndreasLutro then {{ salt['pillar.get'](key) }}
10:36 ksj basically, the final objective is that I can define a directory structure in pillar, like this: dirstructure: basedir + app + env
10:37 AndreasLutro but I think you should just try {% set myvar = pillar[a][x] %} and see if that's good enough
10:37 ksj and then if I change that structure around, all the directories get rewritten. the.....dammit I'm really not explaining myself well. sorry. I'm just trying to avoid having the directory ordering in the state/template files
10:37 ksj I want one location that defines how we order directories
10:38 ksj the hierarchy needs to be based in the pillar
10:38 AndreasLutro aha
10:38 AndreasLutro ok well salt['pillar.get']('a:b:c') is the same as pillar[a][b][c]
10:38 AndreasLutro so you can replace 'a:b:c' with a variable
10:38 ksj that's why yesterdaty I was asking about functions. in code, you would write a function that returned the correct dir structure depending on what parameters you pass to the function
10:38 AndreasLutro I think that should do what you need
10:38 ksj ahhh ok, cool
10:39 ksj yeah, that should do it, I think
10:39 ksj thanks....I think that might work
10:39 AndreasLutro at least I use that sometimes. in a pillar I'll specify the pillar key for something else in that notation
10:39 AndreasLutro then I can do {{ salt['pillar.get'](salt['pillar.get']('some_pillar_key')) }}
10:42 stoogenmeyer_ joined #salt
10:44 seb` joined #salt
10:46 phx joined #salt
10:51 julez joined #salt
10:51 jaybocc2 joined #salt
10:53 fe92 joined #salt
10:54 NotAvailable when I run salt 'minion-id' state.highstate I get "Comment: No Top file or external nodes data matches found
10:55 NotAvailable where do I look?
10:55 ksj NotAvailable: you have a top.sls file in your states dir?
10:57 NotAvailable that should be the /srv/salt dir?
10:58 devops joined #salt
10:58 ksj if that's where your state files are, yes. not sure what the default is, but it's defined by file_roots in the master config
10:59 NotAvailable then /srv/salt is that dir, AndreasLutro told me I don't need a top file in there, only in /srv/pillar dir
11:01 ksj you need one in srv/salt if you want to run a highstate. the top.sls defines what states get run on what machines
11:01 N-Mi joined #salt
11:01 ksj if you just want to run individual modules, then you don't need one
11:02 NotAvailable then maybe I'm using the wrong command? I Want to install the zabbix-agent, the formula is in /srv/formulas, I have my top.sls and zabbix-agent.sls in /srv/pillar
11:02 otter768 joined #salt
11:04 drawsmcgraw NotAvailable: so you have three directories,  1) /srv/salt  2) /srv/formulas  3) /srv/pillar
11:04 drawsmcgraw Is that right?
11:05 NotAvailable yes
11:05 ksj NotAvailable: pillars are for data, /srv/salt (in your config) is for state files that define what happens. if you just want to run the formula, then do salt \* state.sls zabbix-agent
11:06 giantlock joined #salt
11:06 ksj I think....been a while since I ran states individulally
11:06 drawsmcgraw ksj: the zabbix state is in /srv/formula
11:06 drawsmcgraw NotAvailable: You can do one of two things
11:06 * NotAvailable pays attention
11:06 drawsmcgraw Either "mv /srv/formulas /srv/salt/."
11:07 drawsmcgraw Or update your Salt config to include /srv/formulas in your file_roots
11:07 drawsmcgraw As it is, Salt cannot see your zabbix formula
11:07 NotAvailable my salt config has /srv/formulas/zabbix-formula
11:07 drawsmcgraw oh!
11:07 drawsmcgraw okay
11:07 drawsmcgraw so
11:08 drawsmcgraw what you do it -> salt 'minion-id' state.sls zabbix-formula
11:08 NotAvailable this is how it looks https://gist.github.com/anonymous/05b71aba80c3f50c96bb
11:08 drawsmcgraw perfect. What's the contents of /srv/formulas/zabbix-formula?
11:08 matthew-parlette joined #salt
11:09 NotAvailable https://gist.github.com/anonymous/59d23de2d9fee11601f9
11:09 drawsmcgraw You want to run this one, right? https://github.com/saltstack-formulas/zabbix-formula/tree/master/zabbix/agent
11:09 NotAvailable here you go
11:09 ksj NotAvailable: that's kind of a weird setup. I think you might not want that
11:10 NotAvailable ksj: I am confused from head to toes here, I'm trying to figure out how to run this for the first time
11:10 ksj because as far as I understand salt will be dumping all the files from /srv/formulas/zabbix-formula into the same folder as /srv/salt
11:10 drawsmcgraw ksj: Not necessarily
11:10 ksj take that line out about zabbix. put the formulas into a subdir of /srv/salt
11:10 ksj or better yet, don't use formulas. they over complicate everything
11:10 drawsmcgraw WAIT
11:10 NotAvailable ksj: so this is not right: http://docs.saltstack.com/en/latest/topics/development/conventions/formulas.html ?
11:11 NotAvailable 2. Add the new directory to file_roots:
11:11 * NotAvailable waits
11:11 ksj installing a piece of software and setting it up can be done much better with a single sls file
11:11 robothands joined #salt
11:11 ndrei joined #salt
11:11 ksj I'm probably not giving good advice thouigh. I'm pretty new here too
11:12 drawsmcgraw Yeah at first glance, it seems it may not be the best way but that's exactly how the docs have it
11:12 drawsmcgraw We'll run with what the docs have for now, just so NotAvailable can at least run the formula
11:12 ksj I just know that I wasted a lot of time messing about with formulas. I learned a lot more by writing simple sls files
11:12 drawsmcgraw so...
11:13 NotAvailable yeah
11:13 drawsmcgraw NotAvailable: with your current setup, what's in /srv/formulas/zabbix-formula ?
11:13 AndreasLutro NotAvailable: it's not "state.sls zabbix-formula", it's "state.sls zabbix"
11:13 NotAvailable drawsmcgraw: https://gist.github.com/anonymous/59d23de2d9fee11601f9
11:13 NotAvailable ls -la output is there
11:13 NotAvailable AndreasLutro: let me try
11:13 NotAvailable No matching sls found for 'zabbix' in env 'base'
11:13 NotAvailable same issue
11:14 NotAvailable maybe I should paste the contents of the files and folders in one paste?
11:14 drawsmcgraw you want
11:14 drawsmcgraw state.sls zabbix.agent
11:14 AndreasLutro oh yeah, it doesn't have an init.sls
11:14 AndreasLutro NotAvailable: what drawsmcgraw said
11:15 NotAvailable https://gist.github.com/anonymous/c0a19c6b3db7dc90cc0e
11:15 NotAvailable alright, this is a repo issue
11:15 NotAvailable which is alright
11:16 NotAvailable I can fix by requiring zabbix.repo
11:16 NotAvailable question: how do I automate this? I just want to add servers to salt and execute a command and the installation runs
11:16 AndreasLutro https://github.com/saltstack-formulas/zabbix-formula/blob/master/zabbix/repo.sls
11:16 AndreasLutro add the zabbix.repo state
11:17 AndreasLutro or zabbix.agent.repo
11:17 AndreasLutro not sure what the difference is
11:17 AndreasLutro but the latter is probably better
11:17 drawsmcgraw That's where you can either 1) Make a topfile (/srv/salt/top.sls) and target your zabbix boxes or 2) Write a simple state that just includes the relevant states (repo, zabbix-agent, etc...)
11:18 drawsmcgraw If you want it totally hands free, I'd go the Highstate route and setting 'startup_state: highstate' in the Master config.
11:18 drawsmcgraw That will cause all new minion connections to run a highstate automatically
11:18 NotAvailable that would be great once I figure out the config
11:19 NotAvailable okay, so let me make the top.sls in salt dir
11:20 AndreasLutro it seems to me you're diving into formulas before knowing the fundamentals of how states and pillars work
11:20 NotAvailable AndreasLutro: I am because formulas have everything that I need. The reason why I came for help is that I want to understand how the logic works, the documentation seems a bit... vague about it
11:21 NotAvailable but once I have a working config, I can understand that links between the different "names" and directories
11:21 NotAvailable so if my salt/top.sls looks like this https://gist.github.com/anonymous/702b9090f5e3e6ab462d am I okay?
11:22 NotAvailable or I need individual files, like zabbix.agent.repo.sls (but that should be linked from the formula, right? )
11:22 drawsmcgraw no need for the 'match: pcre'
11:22 drawsmcgraw It defaults to glob matching, so if 'voip' works for you on the command line, it'll work in the topfile
11:22 drawsmcgraw and yes. That's how I imagine the topfile would look
11:23 drawsmcgraw You can do
11:23 drawsmcgraw state.show_highstate
11:23 drawsmcgraw to test it out before actually running it
11:24 NotAvailable 'kay
11:24 drawsmcgraw AndreasLutro has a good point - This is a bit of an "into the deep end" way of learning. But if you can come out understanding how this formula works, you're well on your way to understanding more about Salt's ecosystem.
11:24 NotAvailable after a master restart, right?
11:24 drawsmcgraw no need
11:24 drawsmcgraw Highstate runs re-read the topfile each time.
11:24 NotAvailable alright
11:24 NotAvailable so salt '*' state.show_highstate should onlytarget 'voip'
11:25 drawsmcgraw yes
11:25 drawsmcgraw Everyone else will return something like "I don't have any instructions for a highstate"
11:26 NotAvailable https://gist.github.com/anonymous/dffcf80613797e9d1429
11:26 NotAvailable well this is something for sure
11:26 drawsmcgraw That's the yaml-formatted version of the functions it'll run, along with their parameters
11:27 drawsmcgraw Well, it compiles :) Run it! (this is a disposable dev box, right?)
11:27 NotAvailable and this is why I need formulas, maintaining repo lists and package names for different distros
11:27 NotAvailable the voip server is backed up
11:27 NotAvailable the salt server is the dev server
11:28 drawsmcgraw backups work. Fire away
11:28 NotAvailable I'm nervous
11:28 NotAvailable :D
11:29 drawsmcgraw We all are
11:29 jahmed joined #salt
11:30 NotAvailable https://gist.github.com/anonymous/3db507338f7e6d81ae36
11:30 NotAvailable this is beautiful
11:31 drawsmcgraw Nice. That's my favorite line right there -> Failed:    0
11:31 NotAvailable one issue, the configuration didn't go through
11:31 drawsmcgraw yeah was about to say, always confirm
11:31 NotAvailable so I'm guessing I need to include that somewhere
11:31 drawsmcgraw yeah: https://github.com/saltstack-formulas/zabbix-formula/blob/master/zabbix/agent/conf.sls
11:32 drawsmcgraw So add zabbix.agent.conf
11:32 NotAvailable and it will take the conf from pillar/zabbix-agent.sls ?
11:33 NotAvailable this is how /srv/pillar/zabbix-agent.sls looks for me https://gist.github.com/anonymous/5cde1944af739355d417
11:33 drawsmcgraw negative. You'll need to move those files over into /srv/pillar
11:33 drawsmcgraw oh
11:33 drawsmcgraw Well that should be fine then, yes
11:34 NotAvailable alright, then I'll try again
11:35 NotAvailable and now it worked
11:35 NotAvailable oh it didn't
11:35 NotAvailable hmm
11:35 NotAvailable I mean I did smth wrong
11:35 NotAvailable 'cause the header of the file sais: # Managed by saltstack
11:36 NotAvailable so obviously worked
11:38 NotAvailable so last thing to do is to restart the service
11:38 NotAvailable after the push has been doen
11:38 AndreasLutro salt does that for you
11:39 AndreasLutro you'll see it in the highstate output if you've set things up correctly
11:39 AndreasLutro NotAvailable: the config files are generated by the formula, using variables from the pillar
11:39 AndreasLutro https://github.com/saltstack-formulas/zabbix-formula/tree/master/zabbix/files/default/etc/zabbix
11:39 NotAvailable AndreasLutro: yeah, I get that, I understand what the formula is for
11:41 NotAvailable I'm so hooked on this that my pizza has been here for 15 minutes and I didn't even notice
11:41 NotAvailable mhm
11:41 NotAvailable brb
11:41 NotAvailable oh and, guys, thank you so much for helping me with this
11:41 aqua^c joined #salt
11:42 leszq joined #salt
11:45 denys joined #salt
11:46 jahmed joined #salt
11:46 toddnni joined #salt
11:47 julez joined #salt
11:48 drawsmcgraw Thanks AndreasLutro. I have to step out for a bit. Good luck NotAvailable. Sounds like you're practically there.
11:50 johtso_ I'm using the module.run state, how can I make it execute as a specific user?
11:50 johtso_ user: foo doesn't seem to do anything
11:51 eliasp joined #salt
11:51 julez joined #salt
11:54 CeBe1 joined #salt
12:00 amcorreia joined #salt
12:02 dynamicudpate joined #salt
12:10 SubOracle joined #salt
12:14 losh joined #salt
12:15 chiui joined #salt
12:18 napsterX joined #salt
12:19 inad922 joined #salt
12:25 leszq joined #salt
12:26 dendazen joined #salt
12:40 murrdoc joined #salt
12:42 aqua^c joined #salt
12:43 ndrei joined #salt
12:43 Norbell joined #salt
12:43 furrowedbrow joined #salt
12:47 DammitJim joined #salt
12:53 edrocks joined #salt
12:55 subsignal joined #salt
12:56 icflournoy joined #salt
12:56 subsignal joined #salt
12:57 JDiPierro joined #salt
12:57 julez joined #salt
12:59 __gotcha joined #salt
13:00 __gotcha Is the orchestrate runner a tool that is widely used ? (http://docs.saltstack.com/en/latest/topics/tutorials/states_pt5.html#orchestrate-runner)
13:01 __gotcha I have asked a question about it on salt-users google group and wonder why I did not get any answer.
13:03 jaybocc2 joined #salt
13:03 madpenguin joined #salt
13:03 otter768 joined #salt
13:04 __gotcha Do you use orchestrate runner ?
13:04 __gotcha Or is that a confidential feature ?
13:05 oravirt joined #salt
13:10 pdw joined #salt
13:12 subsigna_ joined #salt
13:18 jaybocc2 joined #salt
13:19 pic0frame joined #salt
13:20 oravirt joined #salt
13:21 pic0frame all those salty guys here...
13:22 cpowell joined #salt
13:22 mapu joined #salt
13:22 pdw Is salt-minion meant to misbehave when salt-master isn't reachable?  Restarting salt-minion (0.17.5, Ubuntu Trusty) with "initctl restart salt-minion" when the master is off-line quickly leads to the minion occupying 100% CPU (1 core) and staying there.
13:22 cpowell joined #salt
13:23 pdw Tried disabling the mine module in /etc/salt/minion, but made no difference.
13:25 pdw Wondering what the "correct" way of running salt-minion is in situations when the master isn't always accessible (e.g. laptops that are not always on the network).
13:25 pdayton joined #salt
13:25 pdw Any recommendations?
13:26 AndreasLutro pdw: top recommendation would be not to run an ancient version of salt
13:27 yomilk joined #salt
13:27 pdw :)  Yeah, that would be my preference.  I take it the 100% CPU issue isn't a problem with later versions, then?
13:27 AndreasLutro I have no idea honestly, but if it is a bug (which seems likely) there is 0 chance it'll be fixed for your version
13:28 dyasny joined #salt
13:29 pdw Yes, quite true.
13:29 ingslovak joined #salt
13:29 pdw Can you think of any workarounds that might be useful in the meantime?
13:29 viq joined #salt
13:30 peters-tx joined #salt
13:30 AndreasLutro modify the init script to ping the master first maybe
13:30 AndreasLutro not really
13:31 pdw Okay, thanks.  If nothing else, I know that I'm not reinventing a wheel that exists elsewhere in Salt.
13:31 pdw That's actually quite helpful to know in and of itself. :)
13:31 fivmo joined #salt
13:34 tkharju joined #salt
13:36 supersheep joined #salt
13:36 pdayton joined #salt
13:37 mens joined #salt
13:39 timoguin joined #salt
13:39 JDiPierro joined #salt
13:40 JDiPierro joined #salt
13:42 timoguin joined #salt
13:42 __gotcha is the orchestrate word "taboo" ?
13:43 TyrfingMjolnir joined #salt
13:45 elfixit joined #salt
13:47 favadi joined #salt
13:49 mpanetta joined #salt
13:49 drawsmcgraw __gotcha: I think a lot of people have the same answer as I do, which is "I know a guy that uses Orchestrate but I haven't used it myself"
13:50 DFreeman joined #salt
13:50 __gotcha drawsmcgraw: thanks for your answer
13:50 drawsmcgraw For what it's worth, said guy-I-know was saying he was having issues with it earlier this week. I plan to work on some stuff with him tonight so I may have better intel on the topic.
13:50 __gotcha drawsmcgraw: would you have an idea where I shoudl ask my questions about it ?
13:51 drawsmcgraw You've done the mailing list and here in the chat room. I'm out of ideas. Are you having issues with it?
13:51 drawsmcgraw (afk for a few, will return)
13:52 __gotcha well, as explained on the mailing list, I was not able how to do error handling
13:52 murrdoc sup chatty cathies
13:52 __gotcha how can I ensure that the sequence described in the yml file gets interrupted if one of the function fails ?
13:52 DFreeman left #salt
13:53 drawsmcgraw __gotcha: have any experience with the 'fail hard' option?
13:53 __gotcha how can a function report an error to ensure that following functions will not be executed
13:53 __gotcha drawsmcgraw: nope
13:53 __gotcha I'll google it
13:54 jaybocc2 joined #salt
13:54 drawsmcgraw Again, no personal experience. But it's something like "If this function call fails, stop the run"
13:55 hasues joined #salt
13:55 __gotcha when checking the doc: "Using the global failhard is generally not recommended"
13:55 hasues left #salt
13:56 __gotcha in my understanding, orchestration implies sequence of actions on various machines that depend on each other
13:56 napsterX joined #salt
13:57 __gotcha in other words, not stateless situations
13:57 zerthimon joined #salt
13:57 __gotcha but this is maybe "philosphically" wrong
13:58 __gotcha and that salt really works well with stateless setups
14:00 nobrak joined #salt
14:00 nobrak joined #salt
14:01 andrew_v joined #salt
14:02 debian112 joined #salt
14:03 ekristen joined #salt
14:04 madpenguin joined #salt
14:05 mgar joined #salt
14:05 mgar joined #salt
14:05 Rohit joined #salt
14:05 Rohit Hi
14:06 Guest4358 I am facing a issue with elasticSearch returner
14:06 Guest4358 all the test.ping command give me
14:06 Guest4358 [DEBUG   ] "POST /salt/returner HTTP/1.1" 201 93 [INFO    ] POST http://localhost:9200/salt/returner [status:201 request:0.044s]
14:06 giantlock joined #salt
14:07 Guest4358 while all the state.sls comamnd gives me [DEBUG   ] "POST /salt/returner HTTP/1.1" 400 201 [WARNING ] POST /salt/returner [status:400 request:0.044s] [
14:09 jaybocc2 joined #salt
14:10 Furao joined #salt
14:13 VSpike With a formula, should the pillar example be a complete document of the options available, or not? If not, I guess the only answer is to read the code, right?
14:14 evle joined #salt
14:15 pdayton joined #salt
14:16 pdayton1 joined #salt
14:17 spark_ joined #salt
14:17 napsterX joined #salt
14:19 icflournoy joined #salt
14:25 quasiben joined #salt
14:28 yomilk joined #salt
14:29 pdayton joined #salt
14:31 aqua^c joined #salt
14:32 al joined #salt
14:44 favadi joined #salt
14:44 JDiPierro joined #salt
14:45 leszq joined #salt
14:45 boldnetwarrior joined #salt
14:55 zerthimon joined #salt
14:57 ksj I'm thinking of putting jinja similar to the following in my template files: {{ salt['cmd.run']("ls -la") }}. Anyone want to elaborate on why this is a terrible idea?
14:58 ksj worse than that, I'm thinking of running shell scripts with cmd.run and dumping the output in the templates. It feels really wrong, but I can't figure out how else to do what I want to do. Jinja/Mako etc are just too inflexible.
14:58 dopesong_ joined #salt
15:00 Gareth ksj: what is your end goal?
15:00 boldnetwarrior ksj - what is your use case? Whenever I have needed to run cmd.run I've always created a salt state module so that I can lock down what modules they can run from the command line. cmd.run outside of a state module is like giving them root/admin access.
15:04 al joined #salt
15:04 otter768 joined #salt
15:05 ksj basically I'm trying to create a function to generate directories. I want the directory hierarchy to be flexible. I want a single function that takes some parameters and outputs a directory as a string. I've got a basic working version using jinja macros in an import file, but jinja is just so verbose and ugly that it's very confusing to read
15:06 ksj if I do cmd.run, I can write it in shell/awk and keep it clean and understandable for other people
15:06 ksj the problem is that it's going to be opening a shell every time I have a directory in any of my template files, which might add overhead
15:06 zmalone joined #salt
15:06 ksj but I'll take a dip in speed for the sake of keeping the config straightforward
15:07 ksj I'm also, obviously, nervous about running shell scripts as root...
15:08 ksj boldnetwarrior: I was looking at creating a module. that seems fairly straightforward, even for someone like me who doesn't know python that well
15:08 kphannan joined #salt
15:08 LotR joined #salt
15:08 ksj that might be the way to go
15:08 boldnetwarrior any reason you aren't using file.directory to create the directories?
15:08 ksj boldnetwarrior: oh, I am. I'm talking about defining the location
15:09 ksj {{ logdir }}:\n  file.directory
15:09 boldnetwarrior and the directory is defined where? at run time or in a sls file?
15:09 ksj that's what I'm trying to figure out. I want to centralise the "directory generating" logic
15:09 ksj because it's subject to change
15:09 kphannan Question about file.archive / file.managed where the source is https:/// - the file is recognized as not present, salt says download it, but no download happens....  The URL is correct, and the MD5 checksum is present.  Any ideas?
15:10 boldnetwarrior kphannan - is it enabled on the master?
15:10 ksj and I don't want to have to edit hundreds of template files just because a manager decided we should have a slightly different structure
15:11 ksj I also don't want a massive, verbose pillar file that contains every possible directory. The logic behind generating a directory is fairly simple. The problem is just that it's really messy in jinja
15:11 kphannan boldnetwarrior - not sure what you mean by enabled in master?  BTW this is a masterless minion.  I have lots of other states that work fine....
15:11 rm_jorge joined #salt
15:11 ksj lots of nested conditionals
15:11 kphannan I'm just trying to change from a local file to a remote file as the source....
15:12 kphannan As a local file in /srv/salt/base....... it works fine, just changing to https for the source fails...
15:12 boldnetwarrior so it sounds like if that is your use case then state files doesn't make sense and I would create an execution module to do what you want securely. If things are changing that often, the overhead doesn't make sene to keep editing files
15:12 clintberry joined #salt
15:13 kphannan Ultimately I'm trying to specify a search path for the source file:  first salt:, then https://
15:13 boldnetwarrior kphannan - I've only used file.managed with salt:// and download files from the salt master as that way I can control the release. If something is on an https server outside of the org, I would still move it to salt.
15:13 boldnetwarrior kphannan - that way I can control the dependencies.
15:14 spark_ joined #salt
15:15 kphannan I'm attempting to create a state tree to publish to a group so members can provision their machines for development of some embedded systems.  I want to avoid the extra step of having people download a bunch of archives before having to run salt-call....
15:16 kphannan Kind of defeats the purpose of salt in this case.
15:17 kphannan I'm also building an appliance for this group...  I don't want to have the source archives in /srv/salt/....  in order to save space in the image.
15:18 kphannan With the http:// or salt: source specification the option is there to download if desired....
15:18 kphannan Or just let salt handle it.
15:18 kphannan And keep the VM appliance smaller.
15:19 boldnetwarrior if you run the salt with the debug flag set, do you see anything obvious?
15:20 kphannan no.... [DEBUG   ] Input seem valid so far [DEBUG   ] Archive file ['http://launchpad.net/gcc-arm-embedded/4.9/4.9-2014-q4-major/+download/gcc-arm-none-eabi-4_9-2014q4-20141203-linux.tar.bz2'] is not in cache, download it [DEBUG   ] Reading configuration from /etc/salt/minion [DEBUG   ] The `dmidecode` binary is not available on the system. GPU grains will not be available. [DEBUG   ] LazyLoaded jinja.render
15:21 boldnetwarrior kphannan - is the hash in a file that you are referencing using source_hash or as a string?
15:22 favadi joined #salt
15:22 kphannan source_hashget-gcc-arm:   archive.extracted:     - name: {{ source }}     - source:       - http://launchpad.net/gcc-arm-embedded/4.9/4.9-2014-q4-major/+download/gcc-arm-none-eabi-4_9-2014q4-20141203-linux.tar.bz2        - source_hash: {{ checksum }}
15:22 kphannan {% set checksum = gccx.get('checksum', 'md5=74cc4f012699c171089e72832d95bf4c') -%}
15:23 murrdoc i hate initctl
15:23 murrdoc root@yomama:~# status salt-minion
15:23 murrdoc salt-minion stop/waiting
15:23 murrdoc root@yomama:~# restart !$
15:23 murrdoc restart salt-minion
15:23 murrdoc restart: Unknown instance:
15:23 murrdoc root@yomama:~# start !$
15:23 murrdoc start salt-minion
15:23 murrdoc salt-minion start/running, process 4042
15:24 kphannan If I change the source line to this:      - salt:{{ '//compilers/gcc/arm/gcc-arm-none-eabi-' + version + '-' + build  + '-linux.tar.bz2' }}
15:25 kphannan everything works great.  The only difference is salt: vs https:
15:25 * twork_ does a little dance. last night, i got my salt to do a thing! two things sort of. on purpose!
15:26 whytewolf kphannan: i know it isn't idle. but have you conisdered gitfs? or the s3 filesystem backend. which auto takes care of the source_hash piece for you so you can still use salt:// and not have to store files in /srv/salt
15:26 boldnetwarrior kphannan - and http:// works fine?
15:26 kphannan I manually used the https: line to get the file and put in in /srv/salt/base/compilers/gcc/arm/
15:27 kphannan GitFS was going to be the next phase.  I've never used it, and am not sure which of the various libs/flavors to use.
15:28 IanV0rn2341 joined #salt
15:28 kphannan I'm also trying to use the public repositories for GCC flavors and RTOS flavors.... I don't want to have to include them in my own repository
15:28 napsterX joined #salt
15:29 kphannan If I paste the URL from the debug output into a browser ... the file downloads fine
15:29 sectionme joined #salt
15:29 boldnetwarrior kphannan - if you create a quick sls and just add the source and checksum without using any templating, does that work?
15:30 kphannan Its almost as if salt just never executes the download ...  What does it use internally, just plain http:, curl, wget?
15:30 kphannan I'll hack one right now.
15:31 fivmo left #salt
15:31 che-arne joined #salt
15:33 raygunsix joined #salt
15:35 supershe_ joined #salt
15:35 vaspiros joined #salt
15:42 sectionm1 joined #salt
15:42 VSpike Does anyone here use the client ACL stuff?
15:43 supersheep joined #salt
15:43 VSpike Hm, that was pretty much the impression I got when I was trying to set it up the first time around :)
15:43 kphannan boldnetwarrior...  I tried what you suggested... Here is the init.sls
15:44 kphannan get-gcc-arm:   archive.extracted:     - name: /opt/armgcc/     - source:       - https://launchpad.net/gcc-arm-embedded/4.9/4.9-2014-q4-major/+download/gcc-arm-none-eabi-4_9-2014q4-20141203-linux.tar.bz2       #- salt://compilers/gcc/arm/gcc-arm-none-eabi-4_9-2014q4-20141203-linux.tar.bz2     - source_hash: md5=74cc4f012699c171089e72832d95bf4c     - archive_format: tar     - if_missing: /opt/armgcc/gcc-arm-none-eabi-4_9-2014q4  /opt/a
15:44 VSpike I have some settings like this in my master config https://bpaste.net/show/132c12697226
15:44 kphannan use of salt: worked as expected,  https: no download
15:44 boldnetwarrior What about:
15:44 napsterX joined #salt
15:44 boldnetwarrior https://gist.github.com/anonymous/5fccdea89f274820ef48
15:44 kphannan The only difference between 2 runs of salt-call was to change which source line was commented.
15:45 VSpike Seems to work, i.e. you can have client_acl:user:commands or client_acl:user:minions:commands, or a mix of the two
15:45 __gotcha joined #salt
15:45 VSpike I was trying to use the salt formula to set up a new master, and it appears it doesn't allow for this at all
15:47 kphannan that downloaded the file
15:48 kphannan It would appear file.managed and file.archive don't quite behave as advertised regarding the source specification
15:48 repl1cant joined #salt
15:48 Eccentricson joined #salt
15:49 jalbretsen joined #salt
15:53 Eccentricson Is it possible through a salt module to patch Ubuntu security patches only, or do I just have to do a cmd.run?
15:56 ksj is there a less verbose way of doing this: http://dpaste.com/3PYM83Y.txt
15:56 boldnetwarrior joined #salt
15:56 boldnetwarrior kphannan- yep , that sounds like salt, i definitely have a love/hate relationship with it.
15:57 kphannan @boldnetwarrior - I chained what you sent me ... modified to place the file in /srv/salt/base/compilers/gcc/arm  which is now a dependency of get-gcc-arm and everything works as expected.
15:57 kphannan Its a little bit of a hack, but it gets things done the way I intend.
15:57 boldnetwarrior kphannan - thats great news.
15:58 kphannan The docs say file.managed and archive.extracted are supposed to behave the same regarding the source: declaration .....  Me thinks it is time to report a bug....
15:58 kphannan Thanks for the help
15:58 boldnetwarrior Eccentricson - what are you trying to patch?
15:58 boldnetwarrior kphannan - happy to.
15:59 Eccentricson boldnetwarrior: So basically, every month we go through and patch our customer servers with security advisories only.  I achieve this with Spacewalk for CentOS and Ubuntu does it with unattended-upgrade.  Wondering if Salt has a module for doing it for Ubuntu.
16:00 boldnetwarrior Eccentricson - do you want to just upgrade all packages that have security patches or do you have a specific list?
16:00 Eccentricson All security packages
16:01 conan_the_destro joined #salt
16:03 Eccentricson boldnetwarrior: all security packages
16:03 zircote joined #salt
16:04 murrdoc all security pacakges
16:04 Katyucha joined #salt
16:04 murrdoc :)
16:06 boldnetwarrior Could you use pkgrepo.managed and define the security repo and disable the others, then just do an pkg.uptodate?
16:07 Eccentricson Possibly, but then the customer wouldn't be able to apt-get install most packages.
16:08 murrdoc are you trying to just dist-upgrade to account for security packages /
16:08 boldnetwarrior you could always enable the other repos once you have finished the security patches
16:08 Eccentricson True
16:08 pdayton joined #salt
16:09 zircote joined #salt
16:09 Eccentricson murrdoc: I'm just trying to apply all security packages that apply to the server
16:09 boldnetwarrior if you want to do it adhoc, then you could just wrap 'apt-get -s dist-upgrade |grep "^Inst" |grep -i securi'  with cmd.run
16:09 murrdoc http://docs.saltstack.com/en/latest/ref/states/all/salt.states.pkg.html#salt.states.pkg.latest
16:09 Eccentricson boldnetwarrior: that's kind of what I was thinking.  Which isn't a bad idea, at all.
16:09 conan_the_destro joined #salt
16:10 quasiben joined #salt
16:10 murrdoc Eccentricson:  so what u want to do is  pkg.latest: - pkgs: - packages -u -want  and fromrepo: - repo names u want
16:10 murrdoc you ll need to know a few pkgs
16:11 zerthimon joined #salt
16:12 Eccentricson murrdoc: true, but the end goal was for our tier 2 department to just be able to execute a command (likely through a web ui I'll build for them) to patch all of the servers automatically with necessary security updates.
16:12 boldnetwarrior It really is about whether this is considered a state or something you would need to do with a moments notice. Without the file list I don't see you being able to use the other way of doing it.
16:12 boldnetwarrior It could also be argued, that you shouldn't be patching without testing first and creating a baseline that you could then use with pkg.latest.
16:12 murrdoc Eccentricson:  the command can be … salt 'hosts' state.sls <state-u-write-to-do-this>
16:13 Bryson joined #salt
16:13 ajw0100 joined #salt
16:13 Eccentricson murrdoc: absolutely, but I would have to decipher the different CVE and required packages.  Whereas, I THINK, unattended-upgrades would achieve something like this for me.
16:14 murrdoc Eccentricson:  yes unattended upgrades will work just fine
16:14 murrdoc and its dangerous
16:14 Eccentricson boldnetwarrior: With our kind of environment, testing packages is kind of useless for us.  :(   Because our clients may run tomcat on one server, then apache2 on the next, and have an app in ruby but one in Java
16:14 Eccentricson a
16:14 sectionme joined #salt
16:14 boldnetwarrior Undrestood
16:15 Eccentricson Our end goal is to get there though, where we're testing all of the packages, but right now, our main concern is security.  If it breaks an app, we can restore from backups.
16:15 Eccentricson Fun times, right? :D
16:16 boldnetwarrior been there! I would create your ops team a script, put the cmd.run in the script and let them have their way. the reality is , its unlikely they would do anything different if they logged on to the box int eh first place. You can start, then interate to get to where you want to be,
16:17 radd joined #salt
16:17 Eccentricson boldnetwarrior: good idea :)
16:18 jaybocc2 joined #salt
16:19 favadi joined #salt
16:19 aqua^c joined #salt
16:23 andygabby joined #salt
16:26 theologian joined #salt
16:26 VSpike I've found that unattended upgrades has a tendancy to break machines if you have a small-ish /boot partition (as is often the case, e.g. if you use lvm)
16:26 geekatcmu So, here's a perhaps bizarre question: has anyone besides myself wanted hysterisis for managed files?
16:27 VSpike It keeps happily installing new kernels and initramfs files into /boot until it's completely full
16:27 VSpike DAMHIKT
16:28 geekatcmu As an example, let's say I'm managing zoo.cfg.  If something stupid happens with my expansion of the file I don't want it to change (i.e. mine data gets temporarily reset).  Instead, I'd like to keep, say, 3 past versions of it on hand and only update zoo.cfg when all three versions agree.
16:29 geekatcmu VSpike: yes, unattended upgrades suck if you accept the most common defaults and never clean up.
16:29 JordanRinke joined #salt
16:29 Eccentricson VSpike: Interesting!  I'm a RHEL guy.  Yum FTW   lol
16:30 jhauser joined #salt
16:30 LtLefse geekatcmu: http://docs.saltstack.com/en/latest/ref/states/backup_mode.html
16:31 yomilk joined #salt
16:31 geekatcmu That's kind of the opposite of what I'm looking for, though I could probably base such a state on that.
16:32 boredatwork joined #salt
16:32 MatthewsFace joined #salt
16:32 geekatcmu Have the managed file be zoo.cfg.proposed and then have zoo.cfg updated from that if zoo.cfg.proposed, zoo.cfg.proposed.1, and zoo.cfg.proposed.2 are all the same.
16:32 Nazzy_ joined #salt
16:32 LtLefse oh, interesting
16:33 aparsons joined #salt
16:33 LtLefse no idea how to do that
16:34 jahmed joined #salt
16:34 VSpike Here's a silly question. Here's an example salt state. { 'cheese' : {'group.present': [{'gid': 7648}, {'system': True}, {'addusers': ['user1', 'users2']}, {'delusers': ['foo']}]}}}
16:35 geekatcmu thanks, I can see how this can be made to work.
16:35 wabkia joined #salt
16:35 VSpike Why are the items under group.present a list of dicts, rather than a single dict?
16:35 VSpike I can't think of any good reason to have it that way
16:36 elfixit joined #salt
16:38 KyleG joined #salt
16:38 KyleG joined #salt
16:40 chiui joined #salt
16:41 sectionme joined #salt
16:51 UtahDave joined #salt
16:52 jaybocc2 VSpike: i was just wondering the same thing.  I suspect its because a valid highstate is expected to be a list of key value pairs.  the yaml renderer is the same.  If i could figure out how to call salt.states.file.directory() itself you might be able to change the data representation but i expect that if i did that it would cause additional breakage
16:52 jaybocc2 but i'm a salt n00b still.
16:53 VSpike Now I've done this and it works, is this actually the easiest way to do it? https://bpaste.net/show/29a7d586def4
16:55 jaybocc2 VSpike: i'm using the py renderer as i find complicated jinja | yaml to be unreadable
16:56 geekatcmu ^^
16:56 VSpike True, py renderer might be more readable in this case
16:56 iggy VSpike: historical reasons (and consistency)
16:56 geekatcmu Though I use pyobjects
16:57 jaybocc2 geekatcmu: any exampled where pyobject is better or more powerful that py renderer?
16:57 geekatcmu well, jinja|pyobjects since there's still a bunch of Jinja-based maps in our configs, and the pyobjects import statement doesn't seem to have a way to specify "render this import with Jinja"
16:57 Gareth morning morning
16:57 Gareth UtahDave: ping
16:58 geekatcmu jaybocc2: http://docs.saltstack.com/en/latest/ref/renderers/all/salt.renderers.pyobjects.html has some examples.  I like the way it lets me phrase stuff, personally.
16:58 UtahDave hey, Gareth!
16:58 geekatcmu But I really can't say it's specifically *better* than straight py
16:59 Gareth UtahDave: hey :) About to resend that email to Tom, if we time it right and you run into his office right when it arrives, he might just see it :)
16:59 JDiPierro joined #salt
16:59 jaybocc2 geekatcmu: i considered those examples, and i come from Chef, so that reads a bit more that way to me, but it just doesn't feel very pythonic,
16:59 UtahDave hehe.  sounds good.  send it!
16:59 geekatcmu hey, different strokes.
17:00 geekatcmu I've been writing python for <mumble> years, so I'm comfortable with a number of different styles.
17:00 Gareth UtahDave: on it's way.
17:00 jaybocc2 yeah np just curious i'm sure it has a benefit over another renderer in some situations, i can already feel like py is too strong for simple states.
17:00 geekatcmu And other team members (sorta) are using pyobjects.
17:00 drawsmcgraw salt-cloud... I'm writing a custom salt-bootstrap script, using this as a reference: https://github.com/saltstack/salt/blob/561d7b72bb8bb0d5fa5c4395db12425f27c26c1a/salt/cloud/deploy/RHEL6.sh
17:00 drawsmcgraw And while I can successfully render {{minion}}, I seem to be having trouble keying into it.
17:01 drawsmcgraw I've tried {{minion['id'] }} and {{ minion.id }} to no avail. I'm obviously missing something
17:04 DammitJim where is the proper place to define what version or configuration goes to what server?
17:04 DammitJim should I be using formulas for this?
17:04 CeBe joined #salt
17:04 chiui joined #salt
17:05 otter768 joined #salt
17:05 forrest joined #salt
17:08 jaybocc2 DammitJim: my understanding is you probably want to use pillar to define that type of information and you should use a formula to process it into a state
17:08 jaybocc2 would someone be able to explain to me the difference between a .key generated from salt-key w/ transport=RAET vs the .pub and .pem when transport=zmq and how it is used with regard to preseeding salt master?
17:09 jaybocc2 i want to use salt with RAET but this is confusing me (still prototyping out with zmq in the meantime)
17:09 spark_ joined #salt
17:09 DammitJim thanks jaybocc2 ... pillar to grab like the id of the server I want something installed on and then a map file to define what you get?
17:09 quasiben joined #salt
17:10 DammitJim I think I'm getting grains confused with pillars
17:10 jaybocc2 DammitJim: grains would give you minion information, pillar is to provide configuration/data
17:11 forrest joined #salt
17:11 jaybocc2 so far, i've been writing formulas to set a state, with some default config, but if pillar data is provided, to use that to configure the state in the formula
17:12 jaybocc2 i think in pillar you can use grains to provide different data based on some characteristic of the minion
17:13 jaybocc2 http://docs.saltstack.com/en/develop/topics/pillar/index.html
17:14 drawsmcgraw Wait... do salt-cloud bootstrap scripts actually go through the Jinja renderer?
17:17 DammitJim ok, so I define a global value using pillars
17:17 DammitJim then I can get the value in my state?
17:17 DammitJim in my state or in my map.jinja?
17:18 DammitJim I don't know why I have this in my head that when using formulas, one has to have a map
17:19 zircote joined #salt
17:19 jaybocc2 So... i am probably not using formulas right, but i'm not using a map.jinja
17:19 jaybocc2 but its in the documentation and the template-formula to use a map
17:20 DammitJim hhmmmm... maybe what I want to do is not what salt was made for
17:21 jaybocc2 what are you trying to achieve? salt seems very flexible and you may just be approaching the problem from the wrong angle
17:21 DammitJim for example, I have 2 minions
17:21 DammitJim server1 needs java7, tomcat7, and certain conf files
17:21 DammitJim then I have server2 which needs java8 with tomcat7 and other conf files
17:22 DammitJim do I create separate states for java, then tomcat, then the conf files?
17:22 drawsmcgraw DammitJim: Define what versions you need in Pillar
17:22 drawsmcgraw And have conditionals in Pillar
17:23 supersheep joined #salt
17:23 jaybocc2 ^
17:23 DammitJim ok, conditionals
17:23 DammitJim why conditionals?
17:23 drawsmcgraw Like {% if 'server1' in grains['id'] %} -> java 7
17:23 drawsmcgraw Think of it this way
17:23 kitplummer joined #salt
17:23 drawsmcgraw You write a state that installs Java
17:23 drawsmcgraw It doesn't care what version. It calls Pillar to find out what version to install
17:24 drawsmcgraw Pillar returns a different value based on which minion it's running on
17:24 drawsmcgraw This way, you get to keep a single state that's applicable in many situations
17:24 wabkia ^^ goooo modularity  :D
17:24 drawsmcgraw And it'll install the appropriate version on the appropriate box
17:24 drawsmcgraw what wabkia said, yes.
17:24 DammitJim in pillar I already set up something like this: http://pastebin.com/wfg74azC
17:24 drawsmcgraw Writing states, pillars, and the like is *very much* like writing software.
17:25 DammitJim yeah, I get it
17:25 sectionme joined #salt
17:25 DammitJim I don't know why I don't like the if this or this or this or this in my pillar definition :D
17:25 drawsmcgraw Okay. Yes, you very much get it. That's a good start.
17:25 jaybocc2 do you guys share fomula across environments, aka use the same formula in each env or global formula, or do you keep formula separate from env to env?
17:26 drawsmcgraw It's a bit chatty and hardcoded. Otherwise that works fine
17:26 DammitJim so, that's easy for the pkg I need to install
17:26 jaybocc2 DammitJim: if you're using jinja | yaml, its because its ugly and hard to read
17:26 DammitJim how about for conf files? same process?
17:26 drawsmcgraw The reason you want it that way, is in order to make updates in the future (Say, java 9), you just update your Pillar file and you're done.
17:26 jaybocc2 try py renderer if you need/want more readability
17:26 drawsmcgraw Yes. Same logic for config files. Jinja templating and such.
17:26 DammitJim no, it's fine... I just didn't know if there was a different way to define those conditions :)
17:27 DammitJim so, in my case, I don't need to use any formulas?
17:27 drawsmcgraw Though, to let you in on a dirty secret of mine. I've used Jinja to just file.manage a static file before. I just let Jinja decide *which* static file
17:27 wabkia DammitJim, pretty sure a formula is the java: part of your pillar there
17:27 drawsmcgraw I would stay away from formulas until you have a solid grasp of Salt (which you may already have). They're a nice crutch to get up and running but debugging them is nontrivial.
17:28 DammitJim LOL
17:28 drawsmcgraw DammitJim: The conditionals could be cleaned up a little bit but your overall logic is sound (IMHO)
17:28 DammitJim I was watching forrest 's youtube video from saltstack 2014 and that's why I thought I should ask about formulas
17:28 DammitJim but I still don't get them :D
17:28 DammitJim thanks
17:28 jaybocc2 drawsmcgraw: examples of how it can be non-trivial?  So far formulas seem just like states and i haven't had issues debugging
17:28 murrdoc formula are a bunch of states and pillars
17:29 DammitJim - name: {{ salt['pillar.get']('pkgs:java', 'oracle-java7-installer') }}
17:29 DammitJim that's what my java state uses
17:29 forrest DammitJim: I can try to explain them to you if the docs and the talk didn't provide enough. What portion of the formula are you confused about?
17:29 drawsmcgraw Agreed. But digging through the mapfiles and making connections with the 'include' statements, and keeping the Pillar values in mind is not something I'd expect a beginner to be able to do.
17:29 forrest or formulas in general that is.
17:30 DammitJim formulas in general :D... for some reason they just seemed to be another way to define a global variable... that's all
17:30 DammitJim and I thought I had already done that in the pillar
17:30 drawsmcgraw I don't mean to knock formulas. I love the idea. I've just seen more-than-one beginner get a little confused when starting out on using them, which can be discouraging.
17:30 mgar joined #salt
17:31 DammitJim that was the whole point of forrest 's talk... to keep even formulas simple... modular... versatile
17:31 forrest DammitJim: No they aren't just for defining global variables. Think of it like this, your pillar is for YOUR data right, YOUR settings correct? Things like the map.jinja file are for OS based options, like different package names.
17:31 forrest Yes, many of the formulas on the formula repo have gotten a little complicated, but they don't keep you from writing formulas, which is where the real power is at.
17:32 zircote joined #salt
17:32 forrest drawsmcgraw: I agree to a beginner they can be confusing.
17:32 DammitJim oh ok, so I might not need to dive into formulas just yet since I'm only working on a single OS
17:32 murrdoc forrest:  someone wanted a new formula
17:32 murrdoc i dont hvae perms in the org to do that
17:32 murrdoc so i asked them email the mailing list
17:32 DammitJim maybe formulas don't apply in my case... I guess I was looking for a place in salt where one says: this server gets this, this, this, and this
17:32 murrdoc /fyi
17:32 drawsmcgraw yeah, formulas become *very* handy when you're working with more than one OS. Assuming, of course, they take that into account.
17:33 DammitJim but this other one, gets that, that, that, and that
17:33 drawsmcgraw DammitJim: Yep. That's Pillar
17:33 DammitJim ok, great
17:33 forrest DammitJim: So you have to remember when I did that talk, at that time formulas were brand new. At that time they were all about simplifying and modularity, and I still stand by that. You have a service state, a pkg install state, etc.
17:33 DammitJim forrest, point well taken
17:33 DammitJim it's an excellent talk, btw
17:33 quasiben joined #salt
17:33 forrest DammitJim: Think of it like this, formulas are about making things modular and simple to use, if I want JUST python 2.7, I get it, I don't have to go 'shiiiiit this crappy state installs python 2.7 and virtualenv, and all these other things!'
17:34 forrest DammitJim: Thanks, glad it was useful, wish I hadn't had that audio issue caused by my own stupidity ;)
17:34 forrest murrdoc: What is the repo? I can make it right now. I don't really check the mailing lst
17:34 forrest *list
17:34 forrest too much salt is bad for your system *badumtis*
17:34 murrdoc the salt formula mailing list
17:34 murrdoc ?
17:34 forrest yes
17:34 murrdoc i dont rememerb the repo they wanted in, it was for the flex formula
17:35 DammitJim forget about the audio problem forrest
17:35 CeBe joined #salt
17:35 murrdoc DammitJim:  do u have packages ?
17:35 utahcon tips for debugging? specifically seeing what values variables in jinja have at the time something fails
17:35 murrdoc like a single package for a single app
17:35 murrdoc for eg collectd ?
17:35 dhscholb question: is there a single built-in grain that will tell you whether or not the minion is a physical server, regardless of whether it's a host machine for xen, kvm, etc. ?
17:35 forrest murrdoc: Hmm, I don't see any posts on the formula mailing list unless I'm looking at the wrong thing, it's from a while back..
17:35 murrdoc forrest:  maybe they didnt post
17:36 murrdoc just saying, when someone askss i am sending them the mailing list way
17:36 forrest probably didn't, do you have it in your scrollback?
17:36 fllr joined #salt
17:36 utahcon dhscholb, there is a grain called "virtual"
17:36 forrest murrdoc: Just ask whiteinge to move you into the other org group.
17:36 inad922 joined #salt
17:36 drawsmcgraw utahcon: can you run a state.show_sls ? That should help a bit
17:36 forrest murrdoc: Sometimes you're a little rogue, but I think we can trust you to make repos ;)
17:37 dhscholb utahcon: i'm aware of the "virtual" grain, but it says "xen" for xen dom0s
17:37 forrest murrdoc: Also, I don't think that we got into the beta for the advanced user perms :\
17:37 forrest or if we did they are taking their sweet ass time
17:37 denys joined #salt
17:37 dhscholb it would be nice to have a single grain that says either "physical" or "virtual"
17:38 utahcon dhscholb: I might be wrong, but it virtual will say physical on a physical machine, and something else if not physical
17:38 utahcon that has been my experience
17:38 forrest dhscholb: I thought the virtual grain printed that info out...
17:39 forrest This comes back to https://github.com/saltstack/salt/issues/24149
17:39 forrest Which I really need to make some time to get done
17:39 dhscholb if the machine is a xen dom0, then virtual reports "xen", not physical
17:40 forrest dhscholb: What does a physical machine say? You can use jinja pretty easily to check against that grain
17:40 quasiben joined #salt
17:40 whytewolf so i tinked around and made a stupid thing. if anyone finds this useful would be nice to hear. https://github.com/whytewolf/salt-debug
17:41 murrdoc forrest:  i tried
17:41 dhscholb my point is that a xen dom0 *is* a physical machine, so some grain somewhere should report it as "physical"
17:42 forrest murrdoc: To contact whiteinge?
17:42 murrdoc asked github
17:42 * utahcon was under the impression that xen dom0 is a VM inside the physical host, not the actual physical host (I am not xen savvy obviously)
17:42 murrdoc signed up for beta
17:43 murrdoc forrest:  saltstack has hiddent whiteinge
17:43 murrdoc he is a ghost now
17:43 whytewolf utahcon: dom0 is the operating system that holds the hypervisor
17:43 murrdoc we only have utahdave and basepi
17:43 forrest whytewolf: I feel like someone wrote something like that in the past...
17:43 whytewolf forrest: where? I looked everywhere
17:44 forrest whytewolf: I'm trying to find it, I used it at my last job, I don't think it's official. My old coworker isn't in here today it seems...
17:45 dhscholb yes, the dom0 is the host OS, domUs are the guest OSes, according to xen lingo
17:46 UtahDave dhscholb: Please open a github issue on that grain if it's not reporting correctly
17:46 whytewolf forrest: ahh. well damn :( now i feel my time is wasted. all five min of it
17:46 Gareth murrdoc: beta of what?
17:46 forrest whytewolf: Does your tool do something past http://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.state.html#salt.modules.state.show_highstate and show_lowstate?
17:47 dhscholb UtahDave: i'll look into that, thank you
17:47 murrdoc Gareth:  DEEZ <redacted>
17:47 murrdoc Gareth:  there is a github beta for better org managment
17:47 forrest whytewolf: Looks like show_low_sls was added as well to check one state.
17:47 Gareth murrdoc: Ahhh.
17:47 whytewolf forrest: no just takes in a source file and a template and renders the file according to the template
17:47 forrest Gareth: The only contacts I had at github that could possibly get us in no longer work there.
17:47 murrdoc Gareth:  we were hoping to sign up for it so that we can control the saltstack formulas org better
17:47 forrest Whissi: Gotcha.
17:47 forrest murrdoc: Whiteinge signed us up for potential access
17:47 murrdoc i did too
17:48 DammitJim murrdoc, when I say pkg, I just mean tomcat7 from the ubuntu repo
17:48 drawsmcgraw TIL - the {{minion}} variable in salt cloud bootstrap scripts is just a long string. The {{vm}} variable, however, *is* a dictionary: https://github.com/saltstack/salt/blob/develop/salt/utils/cloud.py#L112
17:48 forrest murrdoc: He did that within a few hours of their announcement, they just either haven't enabled it yet, or didn't enable it for us.
17:48 UtahDave murrdoc: we've applied for that beta
17:48 murrdoc SAWEEET
17:48 drawsmcgraw so {{ vm['name'] }} is what I was looking for :D
17:48 murrdoc thank u UtahDave
17:48 DammitJim but I do have conf files that I have defined in my tomcat state to set up say the Xmx value
17:51 stoogenmeyer_ joined #salt
17:54 spark_ joined #salt
17:54 CheKoLyN joined #salt
17:55 whytewolf forrest: basicly my line of thinking was i didn't want to login to a minion to find out what the end result of a jinja [or other template driven] conf file would end up looking like.
17:57 forrest whytewolf: Totally fair
17:57 forrest whytewolf: And I'm pretty sure someone wrote something like this at one point, I just can't find it :(
17:57 forrest sorry
17:58 whytewolf forrest: np. if you find it i would love to see it. I looked everywhere and couldn't find anything
17:58 forrest whytewolf: Will do
17:58 desposo joined #salt
17:59 cpowell joined #salt
18:00 cpowell joined #salt
18:00 scoates_ joined #salt
18:04 julez joined #salt
18:04 j_t joined #salt
18:05 jahmed joined #salt
18:08 ninkotech_ joined #salt
18:08 SheetiS joined #salt
18:08 aqua^c joined #salt
18:20 timoguin joined #salt
18:20 baweaver joined #salt
18:24 Cidan forrest do you know if you can change the start/stop block/variable strings for jinja, in salt?
18:24 forrest Cidan: Nope, those are baked into jinja itself as far as I know.
18:24 chiui joined #salt
18:24 Cidan no, they aren't
18:24 Cidan you can change them on jinja init
18:24 forrest the {% and %}?
18:24 Cidan yes
18:25 Cidan just wondering if salt exposes it, guess not
18:25 forrest Oh I didn't know that.
18:25 Cidan would be handy to have
18:25 forrest basepi: You around?
18:25 Cidan trying to template logstash config with grok is... unfun
18:27 forrest I can imagine, I've never seen anyone do it, and I'm not really sure how salt handles the jinja import
18:28 basepi forrest: sure
18:29 sectionme joined #salt
18:29 forrest basepi: Any idea on Cidan's question regarding the stop/start block characters for jinja and modifying them?
18:30 basepi Cidan: I'm not super familiar with them, but I'm 95% sure we don't have a built-in way to modify them in salt. Sounds like something we could definitely add via a config option or something. Open a feature request, please?
18:31 Cidan I shall indeed
18:31 Cidan thanks
18:32 zer0def joined #salt
18:33 leszq joined #salt
18:36 napsterX joined #salt
18:38 CatMartyn joined #salt
18:39 CatMartyn left #salt
18:42 ajw0100 joined #salt
18:44 mindlace joined #salt
18:47 rdavis joined #salt
18:48 rdavis Hello folks.  Anyone that contributes to pepper around that would have a chance to talk, or anyone know who I can contact for it?
18:49 supersheep joined #salt
18:59 tomh- joined #salt
19:00 pcn rdavis: Do you use it?  I avoided it because of the warnings about the API instability.
19:00 rdavis I do use it.
19:00 rdavis And I want to use it a lot more, so I was hoping to find someone to chat with.
19:02 pcn cool
19:02 rdavis Yeah.  Do you work on it?
19:03 spark_ joined #salt
19:04 quasiben joined #salt
19:06 otter768 joined #salt
19:07 cachedout joined #salt
19:07 radd joined #salt
19:09 forrest rdavis: The main contributor is whiteinge but he isn't around today. Creating a discussion thread on the forum might be the best plan.
19:09 rdavis Ah, alright, I'll do that.  Thanks.
19:10 rdavis Er, what's the forum link?
19:10 rdavis I'm on saltstack.com/community and don't see it.
19:10 nledez joined #salt
19:11 nledez Hello, I create schedule in pillar. It work fine, but I didn't found how to reload this configuration in minions
19:13 whytewolf nledez: you mean like salt 'minionid' saltutil.pillar_refresh http://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.saltutil.html#salt.modules.saltutil.pillar_refresh
19:13 rdavis forrest: ^
19:14 forrest rdavis: https://groups.google.com/forum/#!forum/salt-users
19:14 aparsons joined #salt
19:16 nledez "'saltutil.pillar_refresh' is not available" interesting ^^
19:18 whytewolf sorry. forgot about that. the doc has it backwords it is refresh_pillar
19:19 babilen isn't it both?
19:20 whytewolf babilen: it is on the newer versions.
19:20 whytewolf babilen: and at least in dev
19:20 babilen https://github.com/saltstack/salt/blob/develop/salt/modules/saltutil.py#L527
19:20 babilen yeah
19:21 mindlace left #salt
19:21 whytewolf nledez: what version of salt are you using [please don't say 0.17.5]
19:22 murrdoc 0.17.6!
19:22 nledez Yes whytewolf, I launch an audit on my "park" don't known how to translate it in english
19:22 spookah joined #salt
19:22 nledez LOL whytewolf, I try to upgrade it regulary
19:22 nledez But each time I upgrade the master, I have regretion in my code
19:23 nledez I intensively use python-api
19:23 nledez For information, I work for cozycloud I we use salt to deploy cozy instance
19:25 whytewolf very nice. i wish i used salt in my current job. used it at my last work.
19:25 nledez I have 10 nodes in 2014.7.0, 120 in 2014.7.1 and 317 in 2014.7.2
19:26 nledez Others are in 2014.7.4
19:26 aparsons joined #salt
19:26 whytewolf okay, so a large mix. but mostly 2014.7*
19:26 hrumph joined #salt
19:26 hrumph hi
19:27 murrdoc nledez:  salt '*' manage.up && 'go get coffee'
19:27 whytewolf murrdoc: lol
19:27 murrdoc my bad
19:27 murrdoc nledez:  salt-run manage.up
19:27 murrdoc and go get coffee
19:27 hrumph when i run local.cmd and print it out i get tracebacks, but i don't know how to handle the output with try and except
19:27 quasiben joined #salt
19:28 nledez Yes I understand than :)
19:29 hrumph sometimes there are modules that don't complete for whatever reason
19:30 hrumph and it's like its too late to handle the exceptions when you get the results
19:31 nledez "salt-run managed up" take 12s here. My coffee isn't ready :)
19:32 p0rkbelly joined #salt
19:32 nledez Another question about scheduling, I didn't found how to get current one for a minion
19:33 baweaver joined #salt
19:34 nledez About minion status if anyone can say me how to have a good "managed status" I have ~ 50%/50% up/down :/
19:36 apofis joined #salt
19:37 baweaver joined #salt
19:38 sectionme joined #salt
19:40 nethershaw joined #salt
19:42 apofis joined #salt
19:44 CeBe1 joined #salt
19:49 chiui joined #salt
19:55 hasues joined #salt
19:56 N-Mi joined #salt
19:56 hasues left #salt
19:57 aqua^c joined #salt
19:59 dergrunepunkt joined #salt
20:02 dergrunepunkt hi guys!, I'm getting "Authentication failure of type "user" occurred." using cherrypi with apache2 + jenkins,  this are my configs http://paste.debian.net/278089/
20:03 drawsmcgraw dergrunepunkt: stupid question - does the user lvinay exist, have the right password set , etc?
20:03 drawsmcgraw It's getting through Apache2 just fine, so that's not the issue (I don't think)
20:04 ajw0100 joined #salt
20:05 dergrunepunkt drawsmcgraw: yes, jenkins salt plugin has a test connection button and it succeeds
20:05 drawsmcgraw Interesting... I wonder what qualifies for "success" in the Jenkins plugin
20:06 dergrunepunkt this is jenkisn job log http://paste.debian.net/278090/
20:06 dergrunepunkt drawsmcgraw: means that it can login
20:06 timoguin joined #salt
20:06 kevinquinnyo joined #salt
20:07 Guest91569 hello everyone, I'm creating a state and trying to run a .sh script as one command and then a proprietary command for the other
20:07 drawsmcgraw Except that your actions against salt-api aren't logging in correctly. I just wonder what, under the hood, makes the plugin think the test passed.
20:07 kevinquinnyo i'm sure this is hidden in plain view, but how do i sync a custom module i made to only a specific minion (i only ever want it to exist there)
20:07 Guest91569 however, it's not picking up the second command
20:07 dergrunepunkt drawsmcgraw: I seen at some point that it cannot access server:8000/job/[job_id]
20:08 Guest91569 need myWebServerInstall
20:08 dergrunepunkt but now I dont see that error
20:08 Guest91569 it's showing that the command "need" which was defined by the first command, isn't recognized
20:08 Guest91569 any thoughts?
20:10 drawsmcgraw dergrunepunkt: sorry, don't have much more. Slightly distracted right now...
20:10 dergrunepunkt drawsmcgraw: thanks anyway
20:10 drawsmcgraw Sure thing. Sorry :/
20:10 paha I am trying to use search runner, can someone provide an example of a search query?
20:11 pdw left #salt
20:11 paha I am trying to get a list of minons fron another minon with specific grain values
20:11 paha without using mines
20:12 N-Mi joined #salt
20:14 madpenguin joined #salt
20:16 whytewolf paha: what exactly is your plan. since runners are only on the master.
20:17 paha to set peer communicatio to allow to run search runner
20:17 paha and then use the search query, can get it working, the query
20:18 paha s/can/can't
20:20 leszq joined #salt
20:20 baweaver joined #salt
20:21 SubOracle joined #salt
20:21 dimeshake_ joined #salt
20:22 Antiarc joined #salt
20:23 dergrunepunkt drawsmcgraw: found my problem, I had master.d/api.conf and master.d/eauth.conf both for eauth conf, the former had a old and wrong configuration
20:26 whytewolf paha: the only reference to the search system i have found is the bones of it being added to 0.11.0 and nothing about how to get it to build an index.
20:27 drawsmcgraw ah! Good to know. THanks dergrunepunkt
20:27 paha whytewolf: yes, the search system is not documented well, I was wondering how to use it
20:28 paha and what was the intent there
20:28 whytewolf paha: I don't think it actually ever got finished. it was meant to allow a search system backend for storing run information.
20:29 kevinquinnyo i wrote a python module that i would like to convert to a custom execution module.  I can sync it to a minion, but how should i handle the code's imports?  The code I wrote is libraries, and then a main script
20:29 paha ic. What are the ways to get a list of minions based on a grain value?
20:29 N-Mi joined #salt
20:29 N-Mi joined #salt
20:29 kevinquinnyo the main script would be the module, but where would i put the libraries it requires?
20:31 whytewolf paha: the best way. is the way you just said you don't want. mine
20:39 JoshuaX joined #salt
20:40 mindlace joined #salt
20:43 JoshuaX Hey guise.  I am referencing a grain, in a jinja substitution, and i'm getting this: ['p1p1'], instead of this: p1p1 -- how do I reference the first element of an array in a jinja varible.
20:45 N-Mi joined #salt
20:49 cpowell_ joined #salt
20:52 nathanc joined #salt
20:54 kiorky joined #salt
20:56 viq joined #salt
21:01 pcn var[0]
21:01 pcn e.g. grain['foo'][0]
21:02 pcn Or better yet, grains['foo'][0]
21:02 mindlace left #salt
21:03 N-Mi joined #salt
21:04 ajw0100 joined #salt
21:06 bluenemo joined #salt
21:06 bluenemo joined #salt
21:07 otter768 joined #salt
21:09 murrdoc grains:foo:0
21:10 mschiff joined #salt
21:10 mschiff joined #salt
21:11 aparsons joined #salt
21:12 KyleG1 joined #salt
21:13 IanV0rn2341 joined #salt
21:13 mschiff joined #salt
21:14 Guest89 joined #salt
21:15 cberndt joined #salt
21:16 pdayton joined #salt
21:16 spookah joined #salt
21:17 aparsons joined #salt
21:19 linjan joined #salt
21:21 pdayton joined #salt
21:22 vaspiros_ joined #salt
21:22 murrdoc why would grain.get return with salt-call but not with salt from master
21:36 pdayton joined #salt
21:39 baweaver joined #salt
21:39 sgargan joined #salt
21:41 julez joined #salt
21:42 pdayton joined #salt
21:45 aparsons joined #salt
21:45 aqua^c joined #salt
21:48 supersheep joined #salt
21:49 Guest10622 Hi all. Im working on running a deployment using git as the source (and using git.latest). Is there a way for me to specify a port for the system to connect over when using ssh? I have a non-standard port.
21:50 jaybocc2 Guest10622: https://docs.saltstack.com/en/develop/topics/ssh/roster.html
21:51 giantlock joined #salt
21:51 Guest10622 Ah, thank you =) Looks like it might be just what I was looking for.
21:53 pdayton joined #salt
21:54 sgargan joined #salt
21:56 radd joined #salt
21:59 pdayton joined #salt
21:59 quasiben joined #salt
22:00 yomilk joined #salt
22:07 aw110f joined #salt
22:09 murrdoc basepi:  https://github.com/saltstack/salt/issues/12556
22:09 murrdoc would be awesome
22:10 pdayton joined #salt
22:11 pdayton1 joined #salt
22:12 malinoff joined #salt
22:13 malinoff joined #salt
22:18 viq joined #salt
22:18 viq joined #salt
22:29 desposo joined #salt
22:33 drawsmcgraw left #salt
22:34 pdayton joined #salt
22:34 leszq joined #salt
22:37 g3cko joined #salt
22:38 CaptTofu_ joined #salt
22:39 pdayton joined #salt
22:42 lowfive joined #salt
22:43 demonkeeper joined #salt
22:44 Sypher joined #salt
22:45 Kelsar joined #salt
22:45 keimlink joined #salt
22:45 mfournier joined #salt
22:45 trevorj joined #salt
22:45 sixninetynine hey all - ansible has a cli arg "--list-hosts" that enumerates the hosts you are targeting. Does salt have some notion of accomplishing this?
22:45 Hazelesque joined #salt
22:45 codekobe joined #salt
22:45 sixninetynine or a std module that does this?
22:45 mschiff joined #salt
22:45 mschiff joined #salt
22:47 irated joined #salt
22:48 irated this possible
22:48 irated or is there a better way
22:48 irated printf "{{ salt['pillar.get']('{{ salt['grains.get']('env', []) }}user') }}:$(openssl passwd -crypt '{{ salt['pillar.get']('{{ salt['grains.get']('env', []) }}pass') }}'" > /etc/nginx/passwords
22:48 irated thats cmd.run i'm doing
22:50 mosen joined #salt
22:50 beauby joined #salt
22:52 Jarus joined #salt
22:57 sunkist joined #salt
22:58 spookah joined #salt
23:07 otter768 joined #salt
23:09 UtahDave sixninetynine: I usually just run      salt '<target>' test.ping    to see what minions result from that target
23:13 sixninetynine UtahDave: hey, that's exactly what I was trying to avoid ! Ha :)
23:13 sixninetynine UtahDave: thanks though :)
23:15 glyf joined #salt
23:17 gcfhvjbkn joined #salt
23:18 madpenguin joined #salt
23:28 ajw0100 joined #salt
23:30 supersheep joined #salt
23:30 julez joined #salt
23:33 pcdummy joined #salt
23:33 pcdummy joined #salt
23:34 aqua^c joined #salt
23:40 napsterX joined #salt
23:41 phix so, what's this chan all about
23:42 geekatcmu "nothing"
23:43 gcfhvjbkn joined #salt
23:43 phix nice
23:44 phix but being about nothing means it is about something
23:44 whytewolf it is about sodium content
23:44 quasiben joined #salt
23:44 phix nice
23:45 phix Eat a can of soup everyday to get your daily salt needs
23:45 phix If this channel has a bot  that is what it should say when asked about salt
23:46 spookah Eat a can soup everyday to get two days worth of salt needs
23:48 keimlink_ joined #salt
23:50 phix spookah: I supose it depends on the size of the can and the contents
23:50 phix spookah: You must have large cans :)
23:51 glyf joined #salt
23:52 glyf joined #salt
23:52 irated is there a way to do something like
23:53 irated {{ salt['pillar.get']('{{ salt['grains.get']('env', []) }}user') }}
23:59 irated trying to combine the env and user

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary