Perl 6 - the future is here, just unevenly distributed

IRC log for #salt, 2015-07-17

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:01 aqua^c joined #salt
00:03 fsteinel_ joined #salt
00:07 bfoxwell joined #salt
00:21 baweaver joined #salt
00:21 bhosmer joined #salt
00:22 quasiben joined #salt
00:30 theo__ joined #salt
00:30 druonysuse joined #salt
00:30 druonysuse joined #salt
00:35 jasonrm joined #salt
00:45 kevinquinnyo joined #salt
00:46 kevinquinnyo I'm trying to think of a good way to generate a random password as a pillar variable.  I know there is mod.random -- is there a way to store the output of this module as a variable for the duration of a state run?
00:46 kevinquinnyo i'm going to be putting my /srv/pillar into github and use gitfs / pillar_ext to manage it, and even though it's a private repo, i dont want passwords in plain text in pillar files
00:49 quasiben joined #salt
00:55 otter768 joined #salt
00:58 donmichelangelo joined #salt
01:05 ITChap joined #salt
01:05 kevinquinnyo cool I didn't realize I could run salt modules in a pillar file, i thought it was designed for static key/value data only.  Using this for now in a pillar file:  random_test: {{ salt['random.get_str'](13) }}
01:05 kevinquinnyo which works
01:05 kevinquinnyo so that answers my question above
01:06 rhodgin joined #salt
01:07 cberndt joined #salt
01:24 teryx510 joined #salt
01:25 otter768 joined #salt
01:27 breakingmatter joined #salt
01:38 beauby joined #salt
01:45 coval3nce joined #salt
01:45 coval3nce http://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.grains.html#salt.modules.grains.filter_by   <- anyone know if the grain keyword can be a nested one, like ‘foo:bar’ ?
01:47 ilbot3 joined #salt
01:47 Topic for #salt is now Welcome to #salt | 2015.5.2 is the latest | Please use https://gist.github.com for code, don't paste directly into the channel | Please be patient when asking questions as we are volunteers and may not have immediate answers | Channel logs are available at http://irclog.perlgeek.de/salt/
01:54 jmreicha joined #salt
01:55 sunkist joined #salt
01:57 beauby joined #salt
02:00 TyrfingMjolnir joined #salt
02:01 cliluw joined #salt
02:01 mbrgm_ joined #salt
02:01 subsignal joined #salt
02:02 cliluw What's the easiest way to use Salt to manage a JSON config file?
02:10 beauby joined #salt
02:11 bfrog joined #salt
02:11 Ryan_Lane cliluw: http://docs.saltstack.com/en/latest/ref/renderers/all/salt.renderers.jinja.html#salt.utils.jinja.SerializerExtension
02:11 Ryan_Lane you can manage a template file and in that template file, output a variable to json
02:13 Ryan_Lane via: {{ data|json }}
02:13 Ryan_Lane where data is a variable
02:14 Ryan_Lane cliluw: you can also use file.serialize: http://docs.saltstack.com/en/latest/ref/states/all/salt.states.file.html#salt.states.file.serialize
02:14 Ryan_Lane with a json formatter
02:14 cliluw Ryan_Lane: That last link looks like what I want. Thanks.
02:15 Ryan_Lane yw
02:19 baweaver joined #salt
02:20 yota joined #salt
02:21 Bryson joined #salt
02:22 quasiben joined #salt
02:29 evle joined #salt
02:31 beauby joined #salt
02:44 neocid_ joined #salt
02:44 quasiben joined #salt
02:45 beauby joined #salt
02:51 theologian joined #salt
03:05 beauby joined #salt
03:09 jaybocc2 joined #salt
03:12 yota joined #salt
03:16 favadi joined #salt
03:25 hasues joined #salt
03:25 hasues left #salt
03:28 juanito_ joined #salt
03:28 yota joined #salt
03:28 RandyT Ryan_Lane: I've noticed you have written on using salt in AWS.
03:29 RandyT Any idea if it is possible to pull ssh keypairs from s3 in ext_pillar for instance launch?
03:29 RandyT have been trying for past day to convince salt to do this with no luck.
03:41 yota joined #salt
03:53 surge__ joined #salt
03:54 otter768 joined #salt
03:55 aurynn RandyT, what do you mean? What exactly are you tryng to do?
04:00 favadi joined #salt
04:01 hal58th_ joined #salt
04:03 Diaoul joined #salt
04:05 yota joined #salt
04:08 guest55555 joined #salt
04:17 breakingmatter joined #salt
04:19 Lyfe left #salt
04:25 yota joined #salt
04:40 surge__ joined #salt
04:55 jamesog joined #salt
04:59 murrdoc joined #salt
05:01 ageorgop joined #salt
05:02 zer0def joined #salt
05:02 shantanoo joined #salt
05:05 Nazca joined #salt
05:06 spookah joined #salt
05:07 piotr_ joined #salt
05:14 druonysuse joined #salt
05:28 ilbot3 joined #salt
05:28 Topic for #salt is now Welcome to #salt | 2015.5.2 is the latest | Please use https://gist.github.com for code, don't paste directly into the channel | Please be patient when asking questions as we are volunteers and may not have immediate answers | Channel logs are available at http://irclog.perlgeek.de/salt/
05:29 mikepea joined #salt
05:31 dopesong joined #salt
05:34 napsterX joined #salt
05:36 mbrgm_ joined #salt
05:38 murrdoc this needs more docs basepi :) http://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.sdb.html#module-salt.modules.sdb
05:38 dopesong_ joined #salt
05:42 baweaver_ joined #salt
05:47 snaggleb joined #salt
05:49 catpigger joined #salt
05:54 viq joined #salt
05:55 otter768 joined #salt
06:00 mbrgm_ joined #salt
06:00 colttt joined #salt
06:07 breakingmatter joined #salt
06:07 sirex joined #salt
06:09 AndreasLutro joined #salt
06:12 dopesong joined #salt
06:13 dimduj joined #salt
06:16 saltstackbot [reddit-saltstack] Salt & EC2 Autoscaling https://www.reddit.com/r/saltstack/comments/3dlhvq/salt_ec2_autoscaling/ - 2015-07-17 - 07:11:42
06:20 mosen joined #salt
06:21 AndreasLutro joined #salt
06:26 favadi joined #salt
06:29 Jimlad_ joined #salt
06:30 bmac2 joined #salt
06:30 gnord joined #salt
06:30 IOMonster joined #salt
06:30 IOMonster joined #salt
06:31 stephanbuys joined #salt
06:31 ageorgop joined #salt
06:31 stephanbuys left #salt
06:34 julienlavergne joined #salt
06:37 kawa2014 joined #salt
06:43 cyteen joined #salt
06:43 markm joined #salt
06:46 mbrgm__ joined #salt
06:54 eightyeight joined #salt
06:55 Smoked_Duck joined #salt
06:59 thalleralexander joined #salt
06:59 dimduj joined #salt
07:03 subsignal joined #salt
07:03 KermitTheFragger joined #salt
07:04 theologian joined #salt
07:05 Ztyx joined #salt
07:11 lictor36 joined #salt
07:11 shantano1 joined #salt
07:19 Ztyx joined #salt
07:21 eseyman joined #salt
07:36 Sniper^^ joined #salt
07:43 Ztyx joined #salt
07:46 epcim joined #salt
07:55 otter768 joined #salt
07:56 breakingmatter joined #salt
08:03 egil joined #salt
08:09 thayne joined #salt
08:13 s_kunk joined #salt
08:22 honestly joined #salt
08:22 Xevian joined #salt
08:28 jmreicha joined #salt
08:31 linjan joined #salt
08:32 fredvd joined #salt
08:33 shantanoo joined #salt
08:37 N-Mi joined #salt
08:37 impi joined #salt
08:38 linjan joined #salt
08:38 CeBe joined #salt
08:41 thayne joined #salt
08:47 shantano1 joined #salt
08:48 shantano3 joined #salt
08:52 keimlink joined #salt
08:52 bougie joined #salt
08:53 bougie hi o/
08:53 bougie is there an existing renderer which allow using XML syntax in pillar file ?
08:56 al joined #salt
08:57 kaiyou joined #salt
08:58 wnkz joined #salt
09:00 aqua^c joined #salt
09:04 sgargan joined #salt
09:07 ndrei joined #salt
09:07 ndrei_ joined #salt
09:09 dyasny joined #salt
09:12 malinoff joined #salt
09:19 aqua^c joined #salt
09:24 lloesche joined #salt
09:24 ITChap joined #salt
09:37 jaybocc2 joined #salt
09:37 aqua^c joined #salt
09:45 breakingmatter joined #salt
09:46 s_kunk joined #salt
09:47 aqua^c joined #salt
09:50 peters-tx joined #salt
09:56 aqua^c joined #salt
09:56 otter768 joined #salt
09:57 jhauser joined #salt
10:12 kaiyou joined #salt
10:13 jaybocc2 joined #salt
10:13 ksj is there a good explanation of the differences between the various OS grains? What's the best one to use for identifying an OS plus its major release? osfinger?
10:14 aqua^c joined #salt
10:21 ndrei joined #salt
10:26 ndrei_ joined #salt
10:32 aqua^c joined #salt
10:34 dopesong joined #salt
10:35 is_null hi all, why is it that i get a __salt__ is not defined error when calling jinja.render() on an sls file ? (purpose: linting, i'm tired of being the police of "hey your indentation is 3 spaces here and 4 spaces there while the convention is 2 spaces")
10:36 is_null tb: http://dpaste.com/0T274SN
10:36 dopesong_ joined #salt
10:38 AndreasLutro is_null: there's a lot of eval magic that happens in salt's runtime, you can't just import the functions most of the time
10:40 is_null AndreasLutro: i did __opts__ = salt.config.minion_config('/etc/salt/minion') and __salt__ = salt.loader.minion_mods(__opts__) but that doesn't do the trick
10:40 is_null i know i can't, but still, i want to, badly :D
10:41 aqua^c joined #salt
10:42 AndreasLutro you can try to do import salt.renderers.jinja
10:42 is_null or maybe there's an execution module that's able to just do the jinja rendering and then spit out the yaml ?
10:43 AndreasLutro jinja.__salt__ = {}
10:43 AndreasLutro then call render
10:43 AndreasLutro but you'll face other issues, guaranteed
10:43 is_null ah, thanks
10:48 jaybocc2 joined #salt
10:49 is_null i made it :D
10:50 aqua^c joined #salt
10:51 is_null http://dpaste.com/0NAW2AC i'm full of hope to add that to https://github.com/johanek/salt-lint
11:08 aqua^c joined #salt
11:13 evle joined #salt
11:15 bhosmer joined #salt
11:17 losh joined #salt
11:17 DammitJim joined #salt
11:18 zer0def joined #salt
11:19 mbrgm__ joined #salt
11:27 mks1945 joined #salt
11:28 OnTheRock joined #salt
11:30 scottpgallagher joined #salt
11:30 wnkz joined #salt
11:31 jim_ joined #salt
11:31 giantlock joined #salt
11:34 morsik i'm getting this when trying to install mysql-devel:
11:34 morsik Package 'mysql-devel' not found (possible matches: mariadb-devel, mariadb-devel.i686)
11:34 morsik it's possible to configure salt in that way, so i'll install mariadb-devel anyway?
11:35 breakingmatter joined #salt
11:35 morsik or do I really have to distinguish between CentOS 6 and 7 and do pkg.installed different between CentOS versions?
11:40 AndreasLutro morsik: you do - a common thing to do is to use a jinja dict that keeps names of packages etc, for example: https://github.com/saltstack-formulas/git-formula/blob/master/git/map.jinja
11:41 morsik AndreasLutro: yeah, that I know, but you gives funcionality with "Provides: mysql-devel" which is in "mariadb-devel", so i can do "yum install mysql-devel" and it installs for me "mariadb-devel"
11:41 morsik identical problem is here: http://stackoverflow.com/questions/27938174/why-doesnt-saltstack-pkg-installed-command-recognize-installed-packages-on-cent
11:42 morsik but maybe it's safer to explicity set 'mariadb-devel' anyway…
11:44 AndreasLutro I'm not familiar with yum unfortunately
11:45 AndreasLutro the code that handles yum pkg functionality is here https://github.com/saltstack/salt/blob/develop/salt/modules/yumpkg.py if you want to look for why it behaves this way
11:46 malinoff joined #salt
11:48 SpX joined #salt
11:54 jaybocc2 joined #salt
11:57 otter768 joined #salt
12:04 mks1945 left #salt
12:06 _JZ_ joined #salt
12:09 rideh joined #salt
12:10 _JZ_ joined #salt
12:12 aqua^c joined #salt
12:14 stoogenmeyer joined #salt
12:18 shantanoo joined #salt
12:20 amcorreia joined #salt
12:21 neocid_ joined #salt
12:21 aqua^c joined #salt
12:30 aqua^c joined #salt
12:32 furrowedbrow joined #salt
12:34 rburkholder joined #salt
12:38 ndrei joined #salt
12:38 ndrei_ joined #salt
12:43 denys joined #salt
12:45 breakingmatter joined #salt
12:46 madssj joined #salt
12:51 madssj when dealing with multiple servers, what’s the “best” way of dealing with a development server/configuration using the same states?
12:52 madssj I assume it's frowned upon using if statements and the minion id
12:53 stoogenmeyer joined #salt
12:54 AndreasLutro madssj: I usually configure my dev servers via pillar data, in one occasion I do {% if salt.environment.startswith('dev') %}
12:54 ndrei joined #salt
12:54 dendazen joined #salt
12:57 subsignal joined #salt
12:57 aqua^c joined #salt
12:58 madssj AndreasLutro:
12:58 madssj damn enter key
12:58 madssj AndreasLutro: I though that would be the answer, but just wanted to make sure, thanks!
12:59 ndrei_ joined #salt
13:04 quasiben joined #salt
13:07 ndrei joined #salt
13:07 ndrei_ joined #salt
13:09 babilen madssj: I typically use exactly the same states, but provide different data in a prod and dev pillar.
13:10 madssj babilen: the issue at hand was that a state cannot be applied on the dev environment because of some filesystem oddities, parralels cant handle chmod 2771 for some reason
13:10 bhosmer joined #salt
13:11 madssj so I kind of need to work around that in the state itself, or move the chmod value into a pillar
13:12 babilen stupid parallels
13:12 amcorreia joined #salt
13:14 DammitJim macUSER (like in Tron)
13:15 lala joined #salt
13:15 aqua^c joined #salt
13:19 * babilen chuckles
13:20 racooper joined #salt
13:21 perfectsine joined #salt
13:25 jerematic joined #salt
13:25 primechuck joined #salt
13:27 timoguin joined #salt
13:27 aidin_ joined #salt
13:31 bfrog joined #salt
13:31 bfrog i see salt mine.get lets me pull in ip addresses for all my minions, and I supposedly can use it as pillar data for config templates...
13:31 bfrog but I can't seem to get it to work, I get no data back in the templates
13:32 bfrog is there some trick to getting all the minion grain data into config templates? want to setup my postgres pg_hba to be very specific
13:33 aqua^c joined #salt
13:37 Kelsar joined #salt
13:40 Kelsar joined #salt
13:43 cpowell joined #salt
13:45 darknight87 joined #salt
13:45 darknight87 Hi guys, I want to run the chage command if a user is just created and not if already present on the minion. How can I put a condition in my pillar/sls file? Note that the pillar file contains all users created/to be created on the minion(s)
13:47 rideh joined #salt
13:52 aqua^c joined #salt
13:54 AndreasLutro darknight87: "onchanges" may do what you need, but that might also trigger if you change something else about the user like the shell
13:55 jaybocc2 joined #salt
13:56 mbrgm__ joined #salt
13:58 otter768 joined #salt
13:59 yomilk joined #salt
14:03 ekristen joined #salt
14:05 iggy bfrog: you have to enable mine_functions and probably set mine_interval to something useful
14:05 hasues joined #salt
14:05 teryx510 joined #salt
14:06 hasues left #salt
14:09 bfrog iggy: how do I enable mine_functions? I put a mine_functions: network.ip_addrs: [eth0] in pillar
14:09 bfrog I set mine_interval on master to 5
14:09 rideh joined #salt
14:09 bfrog do I need to set that interval on the minions? that part wasn't really clear to me in the docs
14:10 aqua^c joined #salt
14:10 madssj are pillars overwritten if they exist from base, and are set again in the current environment?
14:12 madssj that is, say i have a pillar in base which is called foo, running in the dev environment, can i then overwrite foo with another value
14:14 cyteen joined #salt
14:14 markm joined #salt
14:14 coval3nce joined #salt
14:16 jaybocc2 joined #salt
14:16 stoogenmeyer joined #salt
14:18 Bart_ Is there a way to run a "state" or "module" only on first minion boot. Like a "pkg.upgrade" but only when the computer reboots and the minion launches
14:18 andrew_v joined #salt
14:19 kaptk2 joined #salt
14:19 aqua^c joined #salt
14:20 tvinson is there a method to upgrade windows minions from the master? using http://docs.saltstack.com/en/latest/faq.html#what-is-the-best-way-to-restart-a-salt-daemon-using-salt and winrepo the minion disconnects during the install and never comes back.
14:22 cpowell_ joined #salt
14:23 cpowell_ joined #salt
14:26 bhosmer joined #salt
14:27 bastion1704 joined #salt
14:28 teryx510 Bart: Is startup states what you're looking for? http://docs.saltstack.com/en/latest/ref/states/startup.html
14:28 aqua^c joined #salt
14:29 giantlock joined #salt
14:29 bastion1704 is it possible to specify the security group as a command line argument when using salt-cloud with EC2  ? I do not want to hardcode it in the profile
14:30 manfred bastion1704:  it is not
14:30 Bart_ joined #salt
14:30 manfred bastion1704:  https://github.com/saltstack/salt/issues/10149
14:30 saltstackbot [#10149]title: [salt-cloud][Feature Request] Override settings on the command line | It would be really nice to set everything for a profile for a one off command, or to be able to select a profile and then override something....
14:30 bastion1704 manfred so sad . yx
14:30 bastion1704 tx
14:30 manfred np
14:31 bluenemo joined #salt
14:31 bluenemo joined #salt
14:31 manfred i really want that to
14:31 manfred you can kind of approximate it using the salt-run cloud.create, but you have to construct the profile each time on the commandline
14:31 Bart_ I don't know if someone replied to my question, I had to close Chrome, lost Chat history
14:31 manfred salt-run cloud.profile doesn't let you override stuff either :/
14:33 bluenemo Hi guys. I'm trying to write a salt module and in that module use file.managed with context. I'm not sure I get my spelling right there: http://paste.debian.net/283298/
14:35 teryx510 Bart_: Is startup states what you're looking for? http://docs.saltstack.com/en/latest/ref/states/startup.html
14:38 bastion1704 manfred I am curious to try using the -f option  we can add availibity_zone using provider
14:38 aqua^c joined #salt
14:39 manfred bastion1704: i think create is an action, so you might need -a
14:40 manfred request_instance is a function
14:40 manfred but yeah, looks like create is an action
14:40 perfectsine joined #salt
14:41 Bart_ Teryx510:  I'll have a look thanks
14:41 bastion1704 no idea how to use action in this context but I will with it
14:41 manfred salt-cloud -a
14:42 manfred it is basically the same as -f
14:42 manfred just for different things
14:43 Bart_ joined #salt
14:44 Brew joined #salt
14:44 bhosmer joined #salt
14:44 zmalone joined #salt
14:46 jaybocc2 joined #salt
14:47 ninkotech_ joined #salt
14:49 ndrei joined #salt
14:49 ndrei_ joined #salt
14:49 bastion1704 manfred any idea where to find all the action possible ?
14:49 bastion1704 manfred tx again sir :)
14:50 ekristen if I bring up a server without salt cloud is there a way I can bootstrap it via ssh after the fact?
14:52 malinoff_ joined #salt
14:54 manfred bastion1704: i look through the code
14:54 bastion1704 manfred k, i will do too tx
14:56 aqua^c joined #salt
14:56 yomilk joined #salt
14:57 tvinson based on the fact that the windows installer stops the service and deletes the minion before performing the install i'm thinking this is not possible
14:57 Lord_British joined #salt
15:03 mpanetta joined #salt
15:09 snarfy joined #salt
15:10 speriyasamy joined #salt
15:13 mbrgm__ joined #salt
15:19 XenophonF joined #salt
15:22 iggy ekristen: yes, saltify, salt-ssh, etc.
15:23 aqua^c joined #salt
15:28 SheetiS joined #salt
15:30 Slimmons joined #salt
15:31 snarfy anyone use gitfs? is there as way to keep it from loading top.sls from all branches? i'm not using environments and I don't want anything that isn't in master
15:33 snarfy or should we just remove top.sls from other branches?
15:33 Slimmons if i'm wanting to create a mysql db...  and I create a database databaseName: mysql_database.present.   How do I set the character set to utf8 like this (CREATE DATABASE databaseName CHARACTER SET utf8;) ?
15:35 Slimmons or does that get set under the state.user?
15:35 niqdanger joined #salt
15:41 snarfy i think gitfs_env_whitelist might work
15:41 aqua^c joined #salt
15:43 jondonas joined #salt
15:44 zmalone joined #salt
15:47 breakingmatter joined #salt
15:47 niqdanger My google-fu is failing me. Is there  a way to use the pkg.installed on a group like "Development Tools" and not a single rpm?
15:48 iggy did you try it?
15:48 iggy !salt modules.yumpkg
15:48 saltstackbot http://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.yumpkg.html
15:49 edrocks joined #salt
15:49 niqdanger Ahh, yumpkg. Thanks! Thats what I was missing.
15:50 iggy that's the underlying pkg module
15:51 iggy I _believe_ the state has support for groups
15:51 iggy maybe prefixed with an @
15:52 CheKoLyN joined #salt
15:52 iggy oh, no, but the pkg state module has group_installed
15:52 iggy !salt states.pkg.group_installed
15:52 saltstackbot http://docs.saltstack.com/en/latest/ref/states/all/salt.states.pkg.group_installed.html
15:52 Ahlee cmd.run 'yum groupinstall'
15:52 iggy that's not right... stupid bot
15:53 niqdanger Im trying to put it in a state, so I dont want to just cmd.run
15:54 Ahlee You can use cmd.run in states.
15:54 iggy group_installed is in develop only :/
15:55 iggy versionadded:: 2015.8.0
15:55 niqdanger Bummer on the develop part
15:55 niqdanger but I can use cmd.run in states?
15:55 iggy make sure you use reload_modules: True if you need to
15:56 niqdanger The other option I thought was to just use pkg.installed on all the bits that make up the group.
15:57 Ahlee niqdanger: I have both in my states, they both work find. I find it easier to read a cmd.run than a list of 40 packages
15:57 rideh joined #salt
15:57 napsterX joined #salt
15:58 Ahlee and, honestly, if cmd.run yum install fails, yumpkg isn't going to succeed either.
15:58 Ahlee and hte exception you get back from cmd.run is going to look a lot nicer than the yumpkg exception (though of course, that bit's subjective)
15:59 aqua^c joined #salt
15:59 bfrog joined #salt
15:59 otter768 joined #salt
16:02 yomilk joined #salt
16:02 giantlock joined #salt
16:03 niqdanger Nice. Thanks Ahlee and Iggy.
16:03 TooLmaN joined #salt
16:04 * iggy agrees with Ahlee's subjective thoughts
16:04 iggy at least in the absence of group_installed
16:04 iggy when that comes out, I'd switch to it as it'll do the right thing for reloads/etc
16:05 jalbretsen joined #salt
16:06 niqdanger Iggy - will do when then next version rolls.
16:09 jeremati_ joined #salt
16:10 zsoftich1 joined #salt
16:10 b18 joined #salt
16:11 breakingmatter joined #salt
16:11 edrocks joined #salt
16:12 Eureka703 joined #salt
16:16 rideh joined #salt
16:17 aqua^c joined #salt
16:20 ksj if you're writing pure python states, is there a way to order the resulting dictionary to execute in order?
16:21 zzzirk joined #salt
16:21 iggy output it in the order you want it to execute
16:22 iggy (i.e. use OrderedDict)
16:23 darknight87 joined #salt
16:25 bhosmer joined #salt
16:27 aqua^c joined #salt
16:28 edrocks_ joined #salt
16:30 jaybocc2 joined #salt
16:33 ksj iggy: thanks
16:33 ksj ....though it feels dirty....
16:33 baweaver joined #salt
16:35 iggy you can set explicit ordering if you want, I just usually don't because it drives salt's dependency resolver bonkers
16:36 rideh joined #salt
16:36 dopesong joined #salt
16:42 aparsons joined #salt
16:43 ekristen anyone talked about using hashicorp vault for secrets with respect to pillar data?
16:43 pcn We're interested in doing that internally.
16:43 pcn I think we're thinking we'll write our own pillar for that unless someone else does it first.
16:43 breakingmatter joined #salt
16:44 ekristen pcn: pillar or just a salt module?
16:45 aqua^c joined #salt
16:45 snarfy neat idea
16:45 pcn Probably an external pillar.  What's your thought?
16:46 snarfy i just found out that if i use gitfs_env_whitelist: I need to specify both base and master. neither by itself is sufficient to whitelist the master branch in the states repo
16:46 snarfy fun times
16:46 ekristen pcn: I’ve never used ext pillars outside of git — so I’d have to understand how to integrate a little more, but I’m highly interested in this
16:47 iggy ekristen: a couple of us have talked about it, but nobody has done the work
16:47 iggy so if you end up doing it, be sure to let us know
16:48 * iggy like a baws
16:53 shantanoo joined #salt
16:57 spookah joined #salt
16:59 aparsons_ joined #salt
17:00 sgargan iggy, pick your brain?
17:01 sgargan i was asking last night about adding ec2 tags as part of a state
17:01 sgargan you mentioned cloud.action
17:02 sgargan i’m having trouble getting cloud action to run as part of a state, it complains about not finding the required provider or instance
17:02 Gareth morning morning
17:02 iggy sort of, yeah
17:02 iggy sgargan: there's a bug open about that iirc
17:02 sgargan ah ok
17:03 aqua^c joined #salt
17:03 lala joined #salt
17:03 theologian joined #salt
17:04 darknight87_ joined #salt
17:06 Lord_British left #salt
17:08 ekristen is there anyway to make salt-cloud generate unique ssh keys per server
17:08 tomh- joined #salt
17:12 nyx_ joined #salt
17:13 spookah joined #salt
17:14 Thiggy joined #salt
17:17 andrew_v joined #salt
17:18 davisj Greetings. Would any kind soul be able to eyeball this state snippet and error msg and enlighten me as to how I've cocked it up? State.apply seems to think my nested dict is a list, or something.
17:18 davisj https://gist.github.com/davisj/b94e817af20f99fc47cf
17:19 iggy bonus points for using gist and putting everything in one gist
17:20 davisj I learned it by waching you ;)
17:20 davisj s/watching/
17:21 aqua^c joined #salt
17:22 iggy can you paste the whole state file?
17:22 davisj one sec
17:22 iggy I'm not sure that's the error you'd see if that line was wrong
17:23 davisj iggy: updated
17:23 iggy are you sure it's not L1 failing?
17:24 iggy salt-call pillar.get groups
17:24 davisj iggy: I think that may be it... tests....
17:24 otter768 joined #salt
17:25 iggy that's an oddly formed pillar structure
17:25 iggy but I guess it makes some sense
17:26 theologian joined #salt
17:26 iggy enable/disable independent of specifying the full user data
17:26 UtahDave joined #salt
17:26 davisj iggy: that's the idea
17:27 davisj hrm... lemme try removing that whole group section.. salt-call pillar.get groups works fine
17:28 ageorgop joined #salt
17:28 davisj yeah, something borked up with that first bit.
17:31 iggy you can paste the groups pillar
17:31 davisj ah, 'groups' pillar data has no 'enabled'
17:31 * davisj facepalms
17:32 davisj thanks iggy!
17:32 iggy ^5
17:33 murrdoc joined #salt
17:35 julienlavergne joined #salt
17:37 Tritlo joined #salt
17:37 abele joined #salt
17:39 aqua^c joined #salt
17:39 baweaver joined #salt
17:40 murrdoc UtahDave:  SUP!
17:40 murrdoc totally fun to see you on google hangout o/
17:44 CeBe1 joined #salt
17:45 hal58th joined #salt
17:46 Bryson joined #salt
17:47 iggy lol
17:49 Micromus joined #salt
17:50 yomilk joined #salt
17:56 iggy anybody got any idea how to get salt/python to support servers that are running SNI?
17:57 aqua^c joined #salt
18:03 Gareth SNI?
18:03 murrdoc Gareth:  do you know about the redis returner
18:03 murrdoc https://github.com/saltstack/salt/blob/develop/salt/returners/redis_return.py
18:03 Gareth murrdoc: I know it exists :)
18:04 murrdoc k
18:04 murrdoc do you know if we can access the master config in the returners ?
18:04 murrdoc specifically when we use redis as a master job cache
18:04 murrdoc its not expiring jobs
18:05 Gareth There was a bug filed about minions not getting the config from masters, which used to work.  i started looking at it, but got distracted.
18:06 wendall911 joined #salt
18:08 murrdoc but is __opts__ available
18:08 murrdoc actually u know what
18:10 cliluw joined #salt
18:10 iggy there's a config setting (that now defaults to False) to pass master config via pillar
18:11 Gareth Right.  via pillar, but back with the 0.17 release it used to pass the non-pillar items configured in the master configuration into the minion config.
18:12 murrdoc it would be easier to add a redis.cache_age param
18:12 murrdoc and use setex instead of set
18:12 murrdoc cos it just fills up my redis server
18:12 murrdoc and its effing annoying
18:13 aw110f joined #salt
18:13 Ahlee Gareth: sorry about that.
18:14 Ahlee murrdoc: so you'd like to see a TTL on the objects?
18:14 murrdoc is the returner a minion code ?
18:14 Gareth Ahlee: for sending me down the rabbit holes that are minion.py and master.py? :)
18:14 murrdoc like states and modules
18:14 murrdoc Ahlee:  yea
18:14 Ahlee Gareth: Indeed.
18:14 murrdoc https://github.com/saltstack/salt/blob/develop/salt/returners/redis_return.py#L114
18:15 Ahlee Gareth: I took a stab at it. I couldn't find it.
18:15 murrdoc change
18:15 murrdoc serv.set(jid, json.dumps(load))
18:15 murrdoc to
18:15 murrdoc serv.setex(jid, json.dumps(load),CONFIG_ITEM)
18:15 iggy sounds like a bug
18:15 aqua^c joined #salt
18:15 iggy (unless there is some process that's cleaning that at the cache life value)
18:16 iggy which would be stupid since redis already does that, just set the timeout
18:16 sunkist joined #salt
18:16 Ahlee wouldn't it just be looking up keep_jobs, defaulting to 24 hours?
18:16 iggy yeah, whatever that setting is
18:16 murrdoc Ahlee:  it cant cos thats a master config
18:16 Ahlee but what about job caches that have no TTLs
18:17 Ahlee murrdoc: returners can access master config?
18:17 murrdoc one can use a returner as a job cache
18:17 murrdoc i am not using the redis returner for returning
18:17 murrdoc i am using it as a master job cache
18:17 murrdoc and i want it to expire
18:18 murrdoc i have keep_jobs: 1 cos i dont care abuot 1 hour old things
18:18 ajw0100 joined #salt
18:18 iggy ouch, that sounds harsh
18:18 iggy do they ever get cleaned?
18:19 murrdoc nope
18:19 murrdoc not unless u setup redis to have a small cache
18:19 joeto joined #salt
18:20 iggy well, I was wondering if it was a matter of the master not respecting keep_jobs (and falling back to 24 hours) or if it wasn't cleaning at all
18:20 murrdoc thats whats happening
18:21 murrdoc and htas because of using redis as a returner
18:24 Ahlee where's documentation on master job cache vs default_job_cache/returner?
18:24 murrdoc documentation ?
18:24 murrdoc #CODEISDOCUMENTATION
18:24 Ahlee The only thing I see is ability to set default_job_cache, which just tells salt what returner(s) to append
18:25 Ahlee yes but i read code like old people screw
18:28 bougie in a state, is there a way to do a test.ping (or whatever like) on the master to the minion ?
18:29 murrdoc i dont know ahlee
18:29 murrdoc lotsa old people be screwing a lot
18:29 linjan joined #salt
18:30 murrdoc Ahlee:  http://docs.saltstack.com/en/latest/topics/jobs/external_cache.html#external-master-cache
18:30 baweaver joined #salt
18:33 baweaver joined #salt
18:33 speriyasamy joined #salt
18:33 aqua^c joined #salt
18:34 wryfi_ do most people store pillar data in the filesystem on the master (e.g. not in git)?
18:34 wryfi i guess it makes sense, if you are going to put sensitive data in there, you might not want it replicated off to e.g. github
18:35 wryfi but it still might be nice to have it versioned
18:35 Mate bougie: module.run?
18:36 ageorgop joined #salt
18:37 babilen wryfi: I see no problem in keeping the data in git. You really don't have to put it on Github you know ;)
18:37 wryfi of course, i'm just reacting to the ... apparently not quite first-class support? ... for storing pillar in git
18:37 wryfi compared to the rest of the state tree
18:37 Ahlee wryfi: I have two git repos, for pillar and for states
18:37 babilen I mean you can still do that (look into the gpg renderer), but you can easily use git locally on the master or, if you don't mind checkouts on workstations, allow people to clone it.
18:37 linkedinyou joined #salt
18:37 Ahlee well, technically i have four, pillar, ext_pillar, states, reactors
18:38 wryfi Ahlee: thanks, that's helpful
18:40 rideh joined #salt
18:42 geekatcmu So, salt makes it easy to *target* minions based on the value of a grain, and that's fine.
18:43 X67r joined #salt
18:43 geekatcmu However, I'd like to just get that list of hosts back, rather than execute a command on all of them.
18:43 Ahlee geekatcmu: test.ping
18:43 geekatcmu ... from inside a state
18:43 geekatcmu 8)
18:44 wryfi perfect, so i created /srv/git/pillar, initialized it, and started using that for my pillar store. works like a champ.
18:44 iggy geekatcmu: that'd be what the mine is built for
18:44 Ahlee geekatcmu: I don't understand the use case, sorry
18:44 geekatcmu yep
18:44 geekatcmu that's *exactly* what the mine is built for
18:44 Ahlee or yeah, iggy++
18:44 geekatcmu If only mines worked correctly in multi-master
18:45 iggy publish.publish, but in my experience it was pretty... "heavy"
18:45 geekatcmu I'd *love* to use the mine for this
18:45 geekatcmu In fact, my current solution uses the mine
18:46 geekatcmu And works jsut fine as long as all of the relevant minions have the same master first in their list.
18:46 iggy you have enough hosts to require multi-master?
18:46 geekatcmu 25k
18:46 iggy fair enough
18:47 geekatcmu Spread across 6 continents
18:47 iggy sdb
18:47 perfectsine joined #salt
18:47 iggy you're going to have to end up cooking something up yourself probably
18:47 iggy 25k minions running publish.publish will be worse for you than going to a single master
18:49 geekatcmu https://github.com/saltstack/salt/issues/7697
18:49 saltstackbot [#7697]title: mine doesn't work with multiple masters | When I have...
18:49 geekatcmu It's only been open for 1.5 years
18:50 iggy I'm sure it's a tough problem that nobody wants to deal with
18:50 geekatcmu yep
18:51 geekatcmu I looked through the code long enough to determine that it's beyond me.
18:51 jayl0w joined #salt
18:51 iggy but seeing as there's probably <10 people with enough minions to actually _need_ multi-master, I doubt it's high priority
18:52 * geekatcmu is kind of surprised that people are comfortable running with just one master.
18:52 geekatcmu It would really suck to have your entire CM infrastructure go down just becaomse one host caught fire
18:52 denys joined #salt
18:52 geekatcmu "Oh, I'll just build a new master ... wait"
18:53 iggy that's our documented recovery strategy
18:53 iggy but I automated the master spin up as one of the first things I did here, so...
18:53 geekatcmu salt isn't the first CM I've used, but it's the first one where having multiple masters running isn't "this is how you set up your infrastructure"
18:54 geekatcmu It's almost like we've forgotten the past 20 years of history
18:54 iggy WORKSFORME
18:54 * iggy runs
18:55 geekatcmu TBH, this issue alone is enough to make me wish we'd chosen Chef.  Or Puppet.  Or cfengin3.
18:55 iggy or that you hired someone that could fix the problems with multi-master?
18:56 jayl0w good afternoon - anyone have any experience with using states.hipchat?  For some reason this is not working and I'm not sure where to look (newb):  sudo salt 'mybox' hipchat.send_message room_id:'myroom' from_name:saltbot api_key:zomgapikey message:'test test test' api_version=v1
18:56 iggy I mean that is kind of one of the selling points of not having to shell out 350k for some HP garbage config mgmt system right?
18:56 jayl0w I get a mybox: False
18:57 iggy try running it locally on the box with salt-call -l debug
18:57 geekatcmu iggy: you'd think that, and it's one of the things the execs all liked.  But when it came time to, you know, "pay for training" and "buy new hardware" there was suddenly a lot of head shaking.
18:57 iggy you'll get more output
18:57 jayl0w thanks iggy
18:57 baweaver joined #salt
18:58 Ahlee geekatcmu: I hear you there.
18:58 Ahlee I love salt. I wish it wasn't so rough around hte edges.
18:58 geekatcmu I wish the execs would pay for a simple "fix 5 bugs" support package.
18:58 geekatcmu "here's $20k.  Make these things work."
19:00 iggy I have this sneaking suspicion that at my next job I'm going to be tasked with fixing some of that
19:01 iggy so... chin up
19:03 Ahlee next job?
19:03 Ahlee looking, or lined up
19:06 ndrei joined #salt
19:06 ndrei_ joined #salt
19:07 iggy not jinxing it
19:07 u_9rl4rsUD joined #salt
19:07 Ahlee god speed
19:08 mapu joined #salt
19:10 u_9rl4rsUD Hi, I hope someone can answer my question. I'm just reading Salt Virt docs and this looks really great but is there an option to use LVMs with disk profiles?
19:13 baweaver joined #salt
19:18 erjohnso joined #salt
19:18 edrocks joined #salt
19:20 jmreicha joined #salt
19:20 otter768 joined #salt
19:25 sgargan joined #salt
19:30 edrocks joined #salt
19:35 edrocks_ joined #salt
19:37 aqua^c joined #salt
19:39 yomilk joined #salt
19:39 sgargan joined #salt
19:39 mnguyen joined #salt
19:39 UtahDave murrdoc: hey!
19:40 murrdoc SUP!
19:40 murrdoc :)
19:40 UtahDave murrdoc: returners do no pruning of data or anything at the moment
19:40 murrdoc yeah
19:40 murrdoc but using a returner as a mater job cache
19:41 murrdoc means we need to be able to prune it
19:42 UtahDave murrdoc: I agree 100%
19:44 iggy _returners ?
19:44 iggy just make that setex change and file a bug
19:45 otter768 joined #salt
19:45 murrdoc yeah
19:46 Ztyx joined #salt
19:47 Ahlee yeah, i'd stab somebody if _returners purged data
19:47 Ahlee looking at you, murrdo
19:47 tabamo joined #salt
19:47 tabamo hello :)
19:47 hal58th joined #salt
19:47 iggy I was specifically talking about _returners in file_roots
19:48 [vaelen] joined #salt
19:48 packeteer joined #salt
19:48 esharpmajor joined #salt
19:49 iggy murrdoc: one thing to watch out for... some things that run in master scope don't have access to custom modules/grains/etc, so you need to set extension_modules and manually put your custom modules there
19:49 murrdoc yeah
19:49 murrdoc thats what its going to be
19:49 murrdoc _returners didnt work
19:51 Ztyx2 joined #salt
19:54 keimlink joined #salt
19:55 aqua^c joined #salt
19:56 sgargan joined #salt
19:58 tabamo how come the output on the local box for "ulimit -a" and the output when using cmd.run is different?
19:58 tabamo does anyone else have this problem?
19:59 iggy ulimit is inherited from the parent process
19:59 iggy so if you have (f.ex.) an init script that sets ulimit before spawning a daemon then the daemon (and thus any subprocesses it starts) will have that ulimit
20:00 tabamo Ahh, I see. ok
20:02 huddy joined #salt
20:07 sgargan joined #salt
20:08 tabamo Is there a way in salt to check system openfile values instead if of the inherent application values?
20:08 u_9rl4rsUD Quick question: is it possible to use LVMs with Salt Virt for disk profiles?
20:10 iggy u_9rl4rsUD: you might try asking the mailing list/stackoverflow/reddit, you'll get more eyes on the question that way
20:11 u_9rl4rsUD iggy: OK, thanks
20:11 sgargan joined #salt
20:12 edrocks joined #salt
20:13 aqua^c joined #salt
20:16 Ryan_Lane RandyT: I have written on salt + aws :)
20:16 Ryan_Lane RandyT: so, when you say ssh keys...?
20:17 cliluw How do I use Salt to create logins in Microsoft SQL Server for me? I'm saw the mssql module but it doesn't look like it can manage logins.
20:17 ageorgop joined #salt
20:18 baweaver joined #salt
20:22 Bryson joined #salt
20:28 Edgan basepi: Who is doing triage these days?
20:29 Ryan_Lane RandyT: I've never actually used the S3 ext_pillar
20:30 Ryan_Lane shelling out to aws s3 sync is easier
20:30 Ryan_Lane via cmd.run
20:32 aqua^c joined #salt
20:33 cpowell joined #salt
20:39 sporkd21 joined #salt
20:40 yomilk joined #salt
20:42 baweaver joined #salt
20:44 sporkd2 joined #salt
20:50 aqua^c joined #salt
20:58 GrueMaster joined #salt
21:05 baweaver joined #salt
21:08 UtahDave cliluw: I don't know that we have a SQL server login module or state
21:08 aqua^c joined #salt
21:08 UtahDave Edgan: I think justin findlay is doing a lot of the triage these days
21:08 mattl joined #salt
21:09 Edgan UtahDave: thanks
21:12 cliluw UtahDave: Does that mean I have to write my own Salt module?
21:13 UtahDave cliluw: actually I was wrong. It turns out that in develop there's an execution module that manage ms sql users
21:13 UtahDave http://docs.saltstack.com/en/develop/ref/modules/all/salt.modules.mssql.html#module-salt.modules.mssql
21:14 UtahDave but no state, apparently
21:14 sgargan joined #salt
21:14 ageorgop joined #salt
21:14 cliluw UtahDave: Yeah, that's the one I was talking about. However, it can only check if a login exists but it can't create or maintain logins. (In MSSQL, logins are different from users.)
21:15 UtahDave really? Huh, what's the difference between the two?
21:17 cliluw UtahDave: Basically, server:login::database:user. A login allows a person to connect to the SQL Server. To connect to a database, that login needs a user in that database.
21:17 UtahDave interesting.
21:18 UtahDave It probably shouldn't be too hard to add a login_create and login_remove functions to the module
21:19 giantlock joined #salt
21:20 bfrog can I have salt push state to minions if they were offline and come back online?
21:21 subsignal joined #salt
21:21 UtahDave cliluw: Yeah, looking at the code it actually looks like it would be quite simple to add.
21:21 nyx_ joined #salt
21:21 UtahDave bfrog: it doesn't do that by default, but you can add an option to the minion's config to run a highstate at startup, or you could create a reactor to listen for a minion starting up and have it run a highstate
21:21 cliluw UtahDave: Yeah. I see that the user_create code does create a login for the user automatically so that's nice although it's not what I need.
21:22 bfrog UtahDave: good to know, I'll do that
21:22 UtahDave cliluw: ah, that makes it even easier.  We should refactor the login creation code to another function, and BAM!  all finished
21:23 UtahDave bfrog: the option you're looking for is  'startup_states', I believe
21:23 bfrog thanks UtahDave
21:24 UtahDave cliluw: I don't have an sql server to test with or I'd hack that together this weekend
21:26 aqua^c joined #salt
21:27 dendazen joined #salt
21:30 sgargan joined #salt
21:32 sporkd21 joined #salt
21:35 baweaver joined #salt
21:35 sgargan joined #salt
21:38 rdavis joined #salt
21:38 rdavis Hey folks.
21:38 rdavis I'm trying to write an external auth module for saltstack, all I need is an 'auth' function that returns True/False right?
21:39 rdavis Maybe not, I'm reading this wrong, nevermind I'llr ead more.
21:40 geekatcmu Is it possible to directly call funtions from, e.g., _modules/zookeeper.py in a pyobject-rendered SLS file?
21:41 yomilk joined #salt
21:41 mnguyen Hi.  Does anyone have experience with pulling pillar data when writing a custom grain in python?
21:41 rdavis left #salt
21:41 geekatcmu I've tried salt.modules.zookeeper.servers()  (attribute error in the renderer) and Module.run('zookeeper.servers') (get an error about Jinja iterating over a State object)
21:42 geekatcmu FTR, this SLS is rendered with #!jinja|pyobjects
21:42 UtahDave geekatcmu: yeah, you should be able to execute any execution module
21:43 geekatcmu That's what I *thought*
21:43 UtahDave I haven't used pyobjects myself, though
21:43 UtahDave mnguyen: pillar data is not available in grains. kind of a chicken and egg problem.  Grains get evaluated first
21:44 mnguyen Grrr.. I figured so.  Thanks
21:44 aqua^c joined #salt
21:45 linkedinyou|2 joined #salt
21:46 ekristen is there anyway to get the salt environment in a salt file jinja template? IE the one defined in the /etc/salt/minion file?
21:50 iggy {{ env }} iirc
21:53 UtahDave it might be {{ saltenv }}
21:53 iggy yeah, I was trying to find that for sure
21:54 Edgan I am trying to user the mysql_user.present state, but getting this weird error. http://fpaste.org/245560/71700001/
21:55 sporkd2 joined #salt
21:56 iggy Edgan: that usually means you are missing some module dependency
21:57 iggy depends:
21:57 iggy MySQLdb Python module
21:57 iggy ekristen: http://docs.saltstack.com/en/latest/ref/states/vars.html
21:58 ekristen iggy: thanks
22:00 Edgan iggy: That is probably it. Thanks. Giving it a try.
22:01 iggy Edgan: note: that module has to be installed on the minion (Vs the master)
22:02 Edgan iggy: yeah, started there, new error
22:02 aqua^c joined #salt
22:04 Edgan iggy: now have to set connection_host
22:08 murrdoc joined #salt
22:11 jalbretsen joined #salt
22:14 jalbretsen1 joined #salt
22:15 jmreicha joined #salt
22:21 aqua^c joined #salt
22:21 programmerq joined #salt
22:23 amcorreia joined #salt
22:29 piotr_ joined #salt
22:32 linkedinyou joined #salt
22:36 andrew_v joined #salt
22:39 aqua^c joined #salt
22:41 sgargan joined #salt
22:42 cberndt joined #salt
22:42 baweaver joined #salt
22:45 UtahDave left #salt
22:48 sgargan joined #salt
22:49 stoogenmeyer joined #salt
22:50 hasues joined #salt
22:51 sgargan joined #salt
22:51 hasues left #salt
22:55 sgargan joined #salt
22:57 aqua^c joined #salt
23:01 murrdoc joined #salt
23:08 nzero joined #salt
23:10 keimlink_ joined #salt
23:14 ecdhe joined #salt
23:14 cliluw Are Salt execution modules idempotent? If not, how do I make them idempotent?
23:15 geekatcmu If they aren't, then the states are written incorrectly
23:15 aqua^c joined #salt
23:15 cliluw geekatcmu: State modules are separate from execution modules though or at least that's what the docs say.
23:16 geekatcmu true
23:16 cberndt joined #salt
23:16 murrdoc state modules call functions in salt.utils and salt.modules
23:16 murrdoc what do u expect when u say idempotent
23:17 cliluw murrdoc: Does Salt have some magic where it makes sure that an execution module is only run once?
23:18 murrdoc during a salt run it will run once
23:18 murrdoc and each execution module will try to ensure state of the intended system first
23:18 iggy salt.modules.* are not idempotent
23:19 murrdoc and then change it only if needed
23:19 murrdoc so you can run salt.state.* against your minion a bunch of time
23:19 murrdoc and it should be idempotent
23:19 murrdoc should*
23:19 iggy and no there's nothing built into Salt that says "I already ran this state on this host, I'll skip)
23:20 iggy the state modules are responsible for only changing things when necessary (some do, some... not so much)
23:20 cliluw So state modules are built by calling execution modules?
23:22 mapu joined #salt
23:23 murrdoc yes
23:30 hal58th_ joined #salt
23:31 sgargan joined #salt
23:33 aqua^c joined #salt
23:40 ecdhe joined #salt
23:47 bfoxwell joined #salt
23:49 alwaysatthenoc joined #salt
23:49 baweaver joined #salt
23:51 aqua^c joined #salt
23:52 alwaysatthenoc I'm having an issue where an rpm will install fine using the  pkg.install command line using salt-call --local but fails when using pkg.installed and high stating. Can anyone point take a look at my state and point me in the right direction?
23:55 markm joined #salt

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary