Perl 6 - the future is here, just unevenly distributed

IRC log for #salt, 2015-08-27

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:00 zmalone joined #salt
00:01 dthom91 joined #salt
00:20 baweaver joined #salt
00:23 dthom91 joined #salt
00:25 colonD joined #salt
00:35 bhosmer_ joined #salt
00:49 pravka joined #salt
00:53 orion203 joined #salt
00:55 anotherbofh joined #salt
00:56 Bryson joined #salt
01:07 perfectsine joined #salt
01:10 zmalone joined #salt
01:13 aristedes joined #salt
01:13 aristedes left #salt
01:15 forrest joined #salt
01:27 pm90_ joined #salt
01:37 catpigger joined #salt
01:41 pm90__ joined #salt
01:49 vvoody joined #salt
01:52 mark_____ joined #salt
01:57 sunkist joined #salt
02:01 scorpio_ joined #salt
02:01 scorpio_ hell
02:02 scorpio_ left #salt
02:03 bryguy That's where I was wondering why modules wouldn't execute in my orchestration.  Helps if you don't spell 'function' without the 'n'.
02:07 pfallenop joined #salt
02:13 mark_____ joined #salt
02:14 auzty joined #salt
02:17 quasiben joined #salt
02:18 anotherbofh joined #salt
02:20 sunkist joined #salt
02:23 ITChap joined #salt
02:29 shaggy_surfer joined #salt
02:36 peno joined #salt
02:36 evle joined #salt
02:40 mark_____ joined #salt
02:47 mamercad joined #salt
02:51 whiteinge iggy: try the gce-formula now. i added it to the Contributors team
02:54 peno joined #salt
03:00 pm90_ joined #salt
03:19 favadi joined #salt
03:25 jaybocc2 joined #salt
03:48 Edgan joined #salt
03:53 writtenoff joined #salt
03:56 ajmath_ joined #salt
03:59 mapu joined #salt
04:05 subsignal joined #salt
04:09 adelcast joined #salt
04:14 iggy whiteinge: thanks
04:14 iggy SneakyPhil: we fork the formulas into our own org, then use that as a gitfs_remote
04:20 zer0def joined #salt
04:36 CryptoMer joined #salt
04:36 CryptoMer Evening everyone. Is there anyone with experience trying to store certain pillar data in the salt mine? --- Odd request, I know.
04:37 bhosmer joined #salt
04:39 iggy we have grains.item: [tags, roles]... should be able to do pillar too
04:39 iggy the real question is... why?
04:40 iggy pillar is generally non-public data... and the mine is very much public
04:40 CryptoMer I'm defining server roles in pillar data, thereby preventing the minion from changing its own role.
04:40 CryptoMer However, it'd be useful to be able to broadcast the role via the mine. :)
04:40 iggy fair enough
04:41 iggy give it a shot
04:41 iggy the way those functions work, I would expect it to work
04:41 CryptoMer I've tested it a few different ways, with no success as of yet.
04:41 CryptoMer Tried defining it via pillar data (haha, I think that looped on me)
04:42 iggy we have mine_functions set in the pillar and the minion config
04:42 CryptoMer I then tried it via the minion.d/mine.conf, using mine_functions with roles
04:42 iggy I'm not entirely sure why, but I'm assuming it's because one of them didn't work
04:42 iggy can you gist the config?
04:42 CryptoMer and tried to populate roles: {{ salt['pillar.get']('dict:goes:here') }}
04:43 CryptoMer Oddly enough, I get a syntax error on that 'string' :(
04:46 ramteid joined #salt
04:51 CryptoMer http://pasted.co/59f0cf68 if the interest is piqued
04:54 ajw0100 joined #salt
04:54 iggy you can't use jinja in minion config files
04:55 jeadre joined #salt
04:55 CryptoMer well, that'd explain that one then.
04:55 CryptoMer ;)
04:55 mikeywaites joined #salt
04:55 iggy mine_functions:
04:55 iggy grains.item:
04:55 iggy - tags
04:55 iggy sorry, lay
04:55 iggy lazy
04:55 CryptoMer np - I*ll give that a shot
04:55 * iggy gone
05:01 pmcg joined #salt
05:01 Grokzen joined #salt
05:03 cro joined #salt
05:10 jalbretsen joined #salt
05:11 ajw0100_ joined #salt
05:12 pm90_ joined #salt
05:15 Lionel_Debroux joined #salt
05:16 cyris212 joined #salt
05:16 cyris212 is there somewhere a good tutorial on how to get started with Salt's RESTful API?
05:19 llaehn joined #salt
05:20 rdas joined #salt
05:21 aristedes joined #salt
05:21 aristedes left #salt
05:34 linjan joined #salt
05:35 keimlink joined #salt
05:36 favadi joined #salt
05:38 anmol joined #salt
05:50 Ztyx joined #salt
06:05 colttt joined #salt
06:05 ThomasJ joined #salt
06:08 katyucha joined #salt
06:13 vvoody joined #salt
06:18 AndreasLutro joined #salt
06:22 tkharju joined #salt
06:25 dopesong joined #salt
06:25 stephanbuys joined #salt
06:27 stephanbuys left #salt
06:35 elsmo joined #salt
06:38 stanchan joined #salt
06:39 duendecat joined #salt
06:43 rdas joined #salt
06:54 viq joined #salt
06:58 Ssquidly joined #salt
07:02 linjan joined #salt
07:09 ajw0100 joined #salt
07:10 subsignal joined #salt
07:14 Ztyx joined #salt
07:21 eseyman joined #salt
07:23 dthom91 joined #salt
07:28 lb1a joined #salt
07:35 zooz joined #salt
07:36 Grokzen joined #salt
07:37 slav0nic joined #salt
07:46 jaybocc2 joined #salt
07:50 mamercad joined #salt
07:59 mikeywaites joined #salt
08:01 impi joined #salt
08:03 mikeywaites joined #salt
08:05 vincent_vdk anyone knows why this might happen when using salt-ssh
08:05 vincent_vdk do you want to deploy the salt-ssh key
08:05 vincent_vdk manually ssh'ing into the machine with the users specified in the saltfile works
08:06 vincent_vdk i'm running salt-ssh 2015.5.3
08:07 AndreasLutro vincent_vdk: you need to specify the user/key in the roster file, not the saltfile
08:08 zerthimon joined #salt
08:09 vincent_vdk AndreasLutro: i meant roster file, sorry
08:09 vincent_vdk do you need to specify the key to?
08:10 AndreasLutro if you don't specify the key, it will use or generate one located in the `pki` dir in your config dir (/etc/salt by default)
08:10 vincent_vdk aha
08:12 vincent_vdk the docs state that if password is omitted, keys are used
08:12 vincent_vdk but that's about all I could find
08:12 vincent_vdk (complete salt noob here)
08:14 AndreasLutro you're right, the docs don't explain it well at all
08:15 s_kunk joined #salt
08:15 s_kunk joined #salt
08:15 Xevian joined #salt
08:15 vincent_vdk i might send a PR
08:15 vincent_vdk if possible
08:16 AndreasLutro go for it
08:17 AndreasLutro https://github.com/saltstack/salt/blob/develop/doc/topics/ssh/index.rst
08:23 rodio_ua joined #salt
08:23 thefish joined #salt
08:26 duendecat joined #salt
08:27 Ztyx joined #salt
08:29 GreatSnoopy joined #salt
08:34 David_B55 left #salt
08:35 David_B55 joined #salt
08:36 David_B55 left #salt
08:36 David_B55 joined #salt
08:37 rodio_ua left #salt
08:41 thefish left #salt
08:44 markm joined #salt
08:46 jaybocc2 joined #salt
08:47 arount joined #salt
08:51 arount I guys, I was trying to play with salt on several VMs, I restarted salt-master (service salt-master restart), service said that master is restared (but it was not visibly), so I start a salt command: "salt <minion> test.ping", and got "Salt request timed out. The master is not responding. If this error persists after verifying the master is up, worker_threads may need to be increased."
08:52 arount So it seems service is not synchrone, who is strange in my mind, but more over, now in my Master VM I got: Killed process XX (salt-master) score XX or sacrified child
08:52 arount I reboot it, but nothing to do, the system is totaly flooded by salt-master service
08:53 arount I work on this VM since 4 hours, I've reboot it lot of time, do lot of updates before getting that, so I'm pretty sure it is not a config error, but simply something who gone wrong with salt
08:55 arount so then my vm is unusable because of salt-master process who are flooding memory and debian who try to kill it but visibly processes restart automaticaly
09:09 mark_____ joined #salt
09:12 impi joined #salt
09:21 permalac joined #salt
09:24 arount left #salt
09:25 mikeywaites joined #salt
09:36 N-Mi joined #salt
09:40 aristedes1 joined #salt
09:47 stephanbuys joined #salt
09:58 mamercad joined #salt
09:58 genus joined #salt
09:59 genus Hi guys! Is there any possibility to make custom execution modules availiable while rendering pillar?
09:59 genus Or is there some sort of equivalent funtionality for pillar?
10:02 markm joined #salt
10:03 David_B55 Hey I'm working on a python state and need to read data from a few different pillars, I've tried to use the __pillar__['name'] and the salt['pillar.get']('name') options but neither seem to be giving me anything unless the name of the sls state file is the same as the sls file within the appropriate pillar dir. Any hints?
10:05 keimlink joined #salt
10:07 elsmo joined #salt
10:10 babilen David_B55: Could you paste your state to one of http://refheap.com, http://paste.debian.net, https://gist.github.com, http://sprunge.us, http://dpaste.de, … ?
10:11 jeadre joined #salt
10:19 wnkz joined #salt
10:19 David_B55 https://gist.github.com/David-B55/78324f0b5aa297207af5 the name of each file is the path, with '-' rather than '/' because github
10:20 David_B55 atm I'm purely trying to load a named pillar file so the state doesn't really do anything other than dump to the log what I'm trying to read
10:21 dean joined #salt
10:22 genus joined #salt
10:25 aristedes joined #salt
10:26 aristedes left #salt
10:27 babilen David_B55: You might want to get a proper logger with "logger = logging.getLogger(__name__)"
10:27 babilen (or just print stuff and watch the master log)
10:29 babilen And I wouldn't expect salt['pillar.get']('userhosts') or salt['pillar.get']('userhosts.userhosts') to return anything. In fact you'd almost never encounter a dot in a pillar name.
10:29 David_B55 I've just been running the salt-master/salt-minion processes in a terminal and watching the output there, which is part of the reason I'm using the ERROR level so its more obvious
10:30 babilen So, what is the output you see?
10:30 TyrfingMjolnir joined #salt
10:44 David_B55 updated that gist babilen, sorry about the bit of a delay got called over by someone else in the office
10:45 amcorreia joined #salt
10:46 mdupont joined #salt
10:46 AndreasLutro David_B55: pillar.get doesn't operate on filenames, only root-level keys in the combined pillar data
10:47 David_B55 is there a way of loading a filename/path that I'm not seeing then AndreasLutro?
10:47 AndreasLutro David_B55: no - add the pillar you want to load to the pillar top.sls
10:47 jaybocc2 joined #salt
10:50 DanGarthwaite joined #salt
10:53 babilen David_B55: Could you paste the output of "tree" (or a similar tool) in your pillar_roots (/srv/pillar by default). What does "salt 'foobar' pillar.get users" give you on the master?
10:53 babilen Please also include your pillar's top.sls
10:55 evle1 joined #salt
10:59 intel joined #salt
11:02 CeBe joined #salt
11:03 zer0def ok, quick question
11:03 zer0def any workaround to this ticket, other than waiting for a new version?: https://github.com/saltstack/salt/issues/24409
11:03 saltstackbot [#24409]title: 'git' state fails to checkout from a tag | Salt is running on Ubuntu 14.04 with the latest version from the PPA:...
11:07 LeosMisfortune joined #salt
11:07 David_B55 Right updated that gist AndreasLutro/babilen https://gist.github.com/David-B55/78324f0b5aa297207af5 I can add the contents of the other files if needed
11:09 babilen David_B55: If you run "salt 'triton' pillar.get usergroups" you'll see that that pillar doesn't exist. From what I can tell this is working fine, so what is the actual problem?
11:10 AndreasLutro David_B55: if that was your actual pillar top.sls I think you'd be getting a render error on hostgroups.sls because you have duplicate yaml keys
11:10 duendecat joined #salt
11:11 babilen yeah, HG1 and HG1
11:11 babilen Still not sure what that is all supposed to accomplish
11:12 babilen (nor why David_B55 thinks that there is a top-level key 'usergroups' if it is always nested (in HG1))
11:13 babilen Assuming you get hostgroups.sls to render the call to get usergroups would be "salt 'triton' pillar.get 'HG1:usergroups'"
11:14 giantlock joined #salt
11:15 aristedes joined #salt
11:15 aristedes left #salt
11:18 David_B55 probably better to step back and describe what I'm actually trying to acomplish here to see if I'm taking the wrong approach entirely
11:18 babilen Yeah, XY problem :)
11:19 stephanbuys joined #salt
11:22 intel joined #salt
11:26 intel joined #salt
11:26 UForgotten joined #salt
11:31 xxmitsu joined #salt
11:32 arount joined #salt
11:32 David_B55 we have several groups of servers that need to have users assigned to them selectively, (in a similar way to the reverse-users-formula on the salt-formulas repo) in order to reduce the amount of config required we are grouping hosts and users into groups. Once we have loaded all the info then I can follow the logic to actually build the tree and then apply it to the appropriate hosts, the problem I'm havin
11:32 David_B55 g is loading ...
11:32 David_B55 ... that config to begin with.
11:34 lobosky joined #salt
11:35 David_B55 https://gist.github.com/David-B55/de2d8e499febc0fb638b is an example of the config files we were hoping to use. potentially splitting the users.sls file out into username.sls if needed in the future if the file becomes overly large
11:36 mark_____ joined #salt
11:40 Ztyx1 joined #salt
11:41 lobosky Hi. I have strange problem with an sls. On some nodes works perfect, on some other salt give me the message:
11:41 lobosky Data failed to compile: ----------     No matching sls found for 'test' in env 'base'
11:42 TyrfingMjolnir joined #salt
11:44 jeadre joined #salt
11:52 birdzhang left #salt
11:52 dthom91 joined #salt
11:54 SunPowered joined #salt
11:54 SunPowered hola salters
11:57 lobosky joined #salt
12:01 SunPowered https://gist.github.com/SunPowered/b2521bfbf389271f3e81
12:01 mapu joined #salt
12:01 SunPowered I'm getting tripped up at something seemingly simple
12:01 SunPowered https://gist.github.com/SunPowered/b2521bfbf389271f3e81#file-init-sls-L16
12:01 SunPowered this state
12:02 AndreasLutro SunPowered: you need a file state for the requirements.txt
12:02 SunPowered the file is there
12:02 AndreasLutro a file **state**
12:02 AndreasLutro you have a pip state
12:02 AndreasLutro watching a file state that doesn't exist
12:02 SunPowered even though the file is present in the code repo
12:02 SunPowered i see, it is watching a file STATE, not a file
12:03 SunPowered good to know
12:03 AndreasLutro yes, you can't watch/require/whatever things that aren't defined as states
12:03 SunPowered so how would I define a so called NULL state
12:04 SunPowered A file state defined to point to a file that I know will be there, but may not be in the salt sate repo
12:04 AndreasLutro you can't, or it won't work as you want it to
12:04 SunPowered oh
12:04 SunPowered interesting
12:05 SunPowered so I need to have the requirements.txt file in my salt repo?
12:05 AndreasLutro that's one alternative... you could also add a git.latest state, and use onchanges to do pip install when the git repo is updated
12:05 AndreasLutro or move the pip install out of salt into a git hook or something
12:06 SunPowered these would all work fine in production.  what about on my vagrant box?
12:07 AndreasLutro shrug
12:07 SunPowered :)
12:07 AndreasLutro do pip install manually locally maybe?
12:07 SunPowered right
12:07 SunPowered I'll just keep my project requirements versioned in my salt master
12:08 SunPowered That was a helpful tip about the file **state**, thx
12:08 mythus joined #salt
12:11 aristedes joined #salt
12:11 dthom91 joined #salt
12:11 aristedes left #salt
12:14 rideh joined #salt
12:17 AndreasLutro SunPowered: is requirements.txt part of an application?
12:17 pravka joined #salt
12:18 pravka joined #salt
12:19 pravka joined #salt
12:24 quasiben joined #salt
12:28 dthom91 joined #salt
12:37 impi joined #salt
12:40 SunPowered AndreasLutro: requirements.txt is part of an application, yes
12:41 keimlink joined #salt
12:42 dyasny joined #salt
12:43 AndreasLutro SunPowered: maybe look into virtualenv.managed, it'll handle all of that for you
12:44 AndreasLutro and will work fine without a requirements.txt state
12:44 SunPowered oh yeah?  that's a viable solution, I will look into it now.  I was debating whether to go down a virtualenv route
12:45 AndreasLutro for what it's worth, I do quite a bit of python app deployments myself and would never do one without a virtualenv
12:45 subsignal joined #salt
12:46 racooper joined #salt
12:46 SunPowered that's sound advice, thx
12:48 jaybocc2 joined #salt
12:53 lobosky_ joined #salt
12:58 cpowell joined #salt
13:07 stephanbuys joined #salt
13:09 pm90__ joined #salt
13:09 jdesilet joined #salt
13:11 toastedpenguin joined #salt
13:13 JDiPierro joined #salt
13:18 numkem joined #salt
13:21 numkem joined #salt
13:28 hasues joined #salt
13:28 hasues left #salt
13:28 bhosmer joined #salt
13:30 joehh ze-: aiming for tomorrow night - so before friday US time
13:35 ze- joehh: thanks. Will try to get some time early next week to check it out.
13:36 ze- joehh: from my attempt at building it form git, i got trouble with sphynx version (required testing version! :( )
13:36 ze- and i'll need to have it backported to oldstable. Might be a pain for me to do, as i'm not used to deal with such :)
13:37 ze- thanks for your work.
13:40 perfectsine joined #salt
13:41 pdayton joined #salt
13:42 joehh I can imagine - sphinx can be a little painful to work with, the errors are pretty cryptic
13:44 JDiPierro joined #salt
13:46 pravka joined #salt
13:59 timoguin joined #salt
14:01 zmalone joined #salt
14:02 favadi joined #salt
14:02 andrew_v joined #salt
14:03 mpanetta joined #salt
14:10 quasiben joined #salt
14:12 DammitJim joined #salt
14:13 pancakes9 joined #salt
14:13 zwi joined #salt
14:15 pancakes9 Hi, I have provisioned some instances with salt-cloud but when I try to do a simple "salt '*' test.ping" all the instances return "Minion did not return. [No response]" even though I see them under "Accepted Keys" when I run "salt-key -L" -- anyone know why?
14:15 rdutch joined #salt
14:17 sunkist joined #salt
14:18 jeadre joined #salt
14:22 lootic joined #salt
14:24 lootic Hello, I think I got a pretty simple problem, I try to setup a salt windows minion on AWS. It seems like the machine gets up and that it has the 445 port open and stuff. But when I do a "salt '*' test.ping" it say that it doesn't respond.
14:24 imanc trying to change the output of highstate, but this command doesn't work --state-output: salt-call state.highstate  --state-output=terse   ... is that the correct syntax?
14:26 duendecat joined #salt
14:26 rdutch lootic, is your salt master on aws too?
14:26 lootic yes its a RHEL
14:26 XenophonF lootic: minion key accepted on the master? minion shows as up when running `salt-run manage.up` on the master?
14:27 lootic minion key? is that what shows up when I run "salt-key" if so yes. The 'salt-run manage.up' does not output anything.
14:27 XenophonF lootic: note that the aws security groups affect comms within a vpc subnet as well, so do the security groups associated with your master allow communication from this minion to your master?
14:28 lootic Ah that could be the problem
14:28 XenophonF lootic: can you verify that the salt-minion service is running on the minion?
14:28 rdutch did you have your vpc setup correct with a custom tcp rule to open tcp ports 4504 -4506?
14:28 lootic yes the service is up
14:28 rdutch sorry i ment 4505
14:28 lootic I need to check the vpc
14:28 XenophonF lootic: give me a sec and i'll share how i have my master's security group is set up
14:29 XenophonF yeah, it's pretty simple - i allow 0.0.0.0/0 to connect to TCP ports 4505 and 4506 on the master
14:30 XenophonF (i have minions outside of aws)
14:30 rdutch yep, that is what i have too
14:30 Akhter joined #salt
14:30 lootic okay so the master needs to accept those even from within a private network?
14:30 lootic 10.* addresses
14:30 XenophonF yes
14:30 lootic that could be it
14:31 XenophonF although the default vpc security group should allow comms ton any protocol/port to anything in the default vpc security group
14:32 lootic hmm, 10.* addresses are allowed on all ports in my security group
14:32 XenophonF lootic, it doesn't work like that
14:32 lootic okay
14:32 XenophonF here - start simple
14:33 XenophonF add both the master and the minion to the default VPC security group
14:33 XenophonF that will allow them to talk to each other over any port/protocol
14:33 zer0def joined #salt
14:33 pancakes9 lootic: are you sure salt minions are running?
14:33 lootic I can see it on AWS
14:33 pancakes9 check ps aux
14:33 pancakes9 on the minions
14:33 gdsa joined #salt
14:33 XenophonF it's windows so he needs to check the service control manager
14:34 jaybocc2 joined #salt
14:34 gdsa Good morning, salt newb with question regarding using formulas.
14:34 lootic it goes up when I run "salt-cloud -m /etc/salt/cloud.maps.d/cloud.map" and goes down when I add the destroy flag
14:35 gdsa I've been reading the docs, have cloned epel-formula, but don't know how to use it in .sls
14:35 XenophonF gdsa: you need to add wherever you checked that formula out to file_roots in the salt master config
14:36 gdsa XenophonF: is that one entry per salt, or a global location for formulas?
14:36 gdsa per formula
14:37 XenophonF gdsa: let's say you clone epel-formula and salt-formula to /usr/local/etc/salt/formulas/epel-formula and /usr/local/etc/salt/formulas/salt-formula
14:37 XenophonF gdsa: then you need to edit /usr/local/etc/salt/master
14:37 favadi joined #salt
14:37 XenophonF gdsa: go down to the file_roots settings
14:37 XenophonF gdsa: and add the two directories to the list of roots
14:39 favadi joined #salt
14:39 gdsa XenophonF: in my master.d/file-roots.conf I've added "- /opt/salt/formulas/epel-formula" beneath file_roots:  base:
14:39 XenophonF that ought to work
14:40 XenophonF restart the salt master
14:40 gdsa XenophonF: nice! Thank you
14:40 gdsa XenophonF: I need to rtfm more closely :)
14:40 XenophonF gdsa: you said it not me ;)
14:41 XenophonF lootic: any progress?
14:41 XenophonF lootic: throw tcpdump onto your master and see if the windows minion's communicating with it
14:41 XenophonF lootic: or look at the master/minion log files
14:41 lootic Im starting up a public windows instance so I can RDP to my minion
14:42 lootic and it takes a while ;)
14:42 XenophonF lootic: might need to check the event log on the windows side - can't remember where the salt-minion logs
14:42 TyrfingMjolnir joined #salt
14:46 lootic oki, will try that too
14:46 zblum joined #salt
14:47 tkharju joined #salt
14:48 zwi joined #salt
14:52 jhauser_ joined #salt
14:54 lootic okej so the salt-minion service is running on the windows machine
14:54 lootic as for tcpdump Im not used to taht tool
14:55 rdutch is the minion pointing to the correct master?
14:55 lootic the logs seems to say it successfully created the minion
14:55 Brew joined #salt
14:55 lootic can I check that somehow?
14:55 lootic I think I did it correct
14:55 lootic its the same IP as the master
14:55 lootic but can I from the minion check what the IP is set to?
14:56 rdutch look in the minion config file
14:56 XenophonF what happens if you run "salt-call test.ping" from c:\salt?
14:58 lootic returns True
14:58 lootic local:
14:58 lootic True
14:58 lootic that means it does not contact the master?
14:59 lootic think I do this tomorrow, thanks a lot for the help, :)
14:59 XenophonF ok now try it from the master: salt <minion-id> test.ping
14:59 lootic okay
14:59 XenophonF after running salt-key -a <minion-id>
14:59 XenophonF if the key showed up on the master, you should be good to go
15:00 lootic same answer as before with '*'
15:00 lootic or oh wait
15:01 airgee joined #salt
15:01 debian112 joined #salt
15:02 lootic salt-key -a <minion-id> returns "does not match any unaccepted keys."
15:02 XenophonF what does salt-key -A show?
15:03 lootic "The key glob '*' does not match any unaccepted keys."
15:03 An_T_oine joined #salt
15:03 lootic im pretty sure it must be something basic
15:03 trebor joined #salt
15:03 lootic as Im pretty new to salt
15:03 XenophonF hm, if this is a new minion, and if comms are working properly, you should be seeing a minion key
15:04 XenophonF your RHEL salt master isn't running a firewall of its own, is it?
15:04 asyncsrc joined #salt
15:04 lootic well if I run salt-key it says that the minion has an Accepted Key
15:04 trebor This might be a silly question, but is the _grains directory supposed to sync from the master to the minion?
15:04 markm joined #salt
15:04 lootic afaik it doesnt
15:04 trebor If so, how exactly does this work?
15:04 lootic but it might
15:04 XenophonF trebor: yes
15:04 airgee Hi guys. I have a question. I use salt states to deploy files from one machine to another But the files can be delete in the master accros the time. So the new state won't have thins file but its still in the minion. Do you have any idea to force the minion to delete the file who are not in the state.
15:04 lootic I wish I got more time
15:05 trebor I have /srv/salt/_grains and it doesn't seem to push from the master to the minion
15:05 lootic but I think that might be it
15:05 lootic thanks again
15:05 trebor ./_grains/grains
15:05 XenophonF lootic: throw wireshark onto the windows box and see if the minion is actualy connecting to the master on tcp ports 4505/4506
15:06 trebor https://gist.github.com/rgardam/b649f9b148f4b7fcdc33
15:07 trebor even after  a sync_all on the master it doesn't seem to want to sync to the minion
15:07 XenophonF trebor: http://docs.saltstack.com/en/latest/topics/targeting/grains.html#writing-grains
15:08 XenophonF trebor: use cp.list_master to see if the files are accessible from the minion
15:08 gdsa Is there anything similar to librarian for salt, or has anyone been using composer to keep track of formulas?
15:08 gdsa or just leaving them as submodules?
15:09 trebor mmm, it does see it, but it's not returning a custom grain. I will fix this.
15:09 trebor - _grains
15:09 iggy trebor: your custom grains go directly in _grains (not _grains/grain/)
15:10 trebor ah, so not a file?
15:10 trebor sorry, a file instead of a directory?
15:10 XenophonF airgee: depends on how you do the deployment
15:10 iggy trebor: correct... see the salt-contrib repo
15:10 XenophonF airgee: if using file.recurse, add '- clean: true' to the state's argument list
15:11 XenophonF airgee: if using file.managed, you'll need to add a separate file.absent state to clean up stuff that no longer exists
15:11 airgee Well for now I user file.manged for each file.
15:11 trebor testing now
15:12 sdm24 joined #salt
15:15 trebor mmm, this does not seem to work
15:16 trebor I have updated the gist
15:16 jaybocc2 joined #salt
15:17 airgee XenophonF I can't use file for resource in my directories I have many file and they don't go all to all the minions I need to respect some deployement rules.
15:19 Akhter joined #salt
15:21 amcorreia joined #salt
15:22 jalbretsen joined #salt
15:22 shiriru joined #salt
15:24 ssc joined #salt
15:24 trebor right, sorry I misunderstood what you said before. I have tried putting a file into _grains/grain <- this grain file is the grain file.
15:25 trebor still doesn't work.
15:26 duendecat joined #salt
15:26 favadi joined #salt
15:27 RedundancyD joined #salt
15:28 kermit joined #salt
15:30 shiriru joined #salt
15:32 clintberry joined #salt
15:32 trebor https://gist.github.com/rgardam/b649f9b148f4b7fcdc33
15:32 trebor Does this give you enough information?
15:34 clintberry joined #salt
15:36 Bryson joined #salt
15:40 zblum joined #salt
15:41 zsoftich3 joined #salt
15:43 whytewolf trebor: I think i see the problem. _grains is for custom grains. but what they mean by custom grains is python scripts that dynamicly update. aka python scripts. you are looking at pushing static grains. which can be done by putting them in /etc/salt/grains on the minion. or by using grains.setval
15:44 trebor ok, so there isn't any option to set grains from the master
15:45 trebor We are deploying via salt-cloud, is there a possibility to insert grains at deployment?
15:45 whytewolf trebor: I didn't say that. http://docs.saltstack.com/en/latest/ref/states/all/salt.states.grains.html#salt.states.grains.present
15:45 whytewolf you CAN set grains from the master
15:46 staticat joined #salt
15:49 ssc left #salt
15:49 whytewolf if you are using salt-cloud you can set grains by setting them in minion: setting in the profile or map.
15:53 theologian joined #salt
15:55 trebor I think I would want to set it via salt-cloud
15:57 trebor The other way seems to set it via states which would mean I would have to update it via a pillar to pull out the right information
15:58 _JZ_ joined #salt
15:58 manfred whytewolf: if you set them in the minion setting, they get put in /etc/salt/minion, you want to set them in grains: so that they go in /etc/salt/grains, and can be updated without restarting the minion
15:59 jeadre joined #salt
15:59 whytewolf does profile and map have a grains setting? didn't see that one
16:02 trebor It looks like the profile can map out grains
16:03 trebor but still seems specific to the minion in the profile
16:03 trebor not really what I want.
16:03 manfred whytewolf: where ever you put the minion:, you can put the grains:
16:04 trebor essentially I am setting information about environment and aws region information.
16:04 manfred let me find it
16:04 trebor I would like to set this once on the master and then have it passed on to any minion built from the master via the grains
16:04 trebor and not have to push a file from the master etc
16:05 whytewolf trebor: is aws region information available from the metadata service?
16:05 trebor mmm, possibly, but environment is not.
16:07 whytewolf trebor: okay. you could split it up a bit. create a python script to grab the metadata info for everything you can from metadata put that in _grains [will still need to force a sync_all before running highstate. enviroment might have to come from pillar instead of grains. to keep it synamic.
16:08 whytewolf s/synamic/dynamic
16:08 trebor One solution would be to have the master create a pillar that is then picked up by the minions
16:08 trebor yeah
16:08 trebor I'm just thinking this now.
16:08 trebor we use the env/aws stuff to create the hostname
16:08 trebor would really like to have it all there before the first salt
16:09 whytewolf trebor: thats why you need sync_all before the first highstate.
16:09 trebor might have to be in a pillar created when the master salts itself
16:10 jeadre joined #salt
16:10 whytewolf you could also switch to using the salt.cloud.state which takes pillar data for creation.
16:10 trebor we essentially bootstrap masters and put a grain on them with all this information and then bootstrap minions from those masters
16:10 whytewolf and set the grains value there
16:10 edrocks joined #salt
16:11 trebor we would have to change a bit of our stuff
16:11 trebor is there any plan to allow syncing of grains from master?
16:12 whytewolf trebor: again master can push grains using states.grains.present
16:12 trebor can you give me a cli example of this?
16:13 manfred bah, i can't find the doc
16:14 whytewolf trebor: http://docs.saltstack.com/en/latest/ref/states/all/salt.states.grains.html#salt.states.grains.present
16:14 manfred whytewolf: i don't know where it is documented, but if you just put grains: on the same level as minion: it works.  And puts it in /etc/salt/grains.
16:14 whytewolf there is one in that doc
16:14 manfred if grains: is in minion:, it goes in the /etc/salt/minion file
16:14 whytewolf manfred: kewl. will keep that in mind cause, that was always a big annouence
16:14 whytewolf annoyance
16:15 whytewolf I really wish my brain would turn on this morning
16:16 TyrfingMjolnir joined #salt
16:16 rdutch left #salt
16:18 scoates .oO( maybe I should just work *on* Salt full-time… (-; )
16:19 ericof joined #salt
16:19 whytewolf trebor: also you might want to check out salt-contrib for custom grains that do already pull aws data
16:19 whytewolf trebor: https://github.com/saltstack/salt-contrib
16:20 trebor that looks nice
16:20 trebor thanks for the headsup! :)
16:22 favadi joined #salt
16:22 trebor actually, this has given me enough to do exactly what I will need to do. :)
16:22 saltstackbot [reddit-saltstack] Dynamic Inventory for salt-ssh? https://www.reddit.com/r/saltstack/comments/3im4l8/dynamic_inventory_for_saltssh/ - 2015-08-27 - 17:20:08
16:23 mikeywaites joined #salt
16:23 trebor I can now lookup the values from the masters grains file and get the grains i've set there.
16:23 DaveQB joined #salt
16:25 favadi joined #salt
16:27 aparsons joined #salt
16:30 shaggy_surfer joined #salt
16:31 shaggy_surfer joined #salt
16:33 TheBigBear joined #salt
16:33 ajw0100 joined #salt
16:34 eseyman joined #salt
16:39 favadi joined #salt
16:40 Fiber^ joined #salt
16:41 Akhter joined #salt
16:44 RandyT joined #salt
16:48 andrew_v joined #salt
16:50 scoates is there a way to tell salt to not lazy-load? it's super annoying that it's hiding errors.
16:50 scoates (I mean just turn it off for debugging)
16:52 dingo yeah i'm not a big fan of the lazy loader either
16:52 dingo let me know if you find a solution
16:52 dingo its somewhat new, worst case, you can revert that section of the codebase to a previous release
16:53 dingo i think its just an OrderedDict wrapper is all, make LazyLoader = OrderedDict and it probably works fine
16:53 dingo but something non-invasive would be nice
16:54 dingo idk why they work so hard on optimizing and making complex of something that provides so little performance benefit when so many of the state module functions are full of excessive i/o and repeated and unnecessary commands
16:54 mark_____ joined #salt
16:54 dingo theres so many places to save time by deleting or refining code
16:54 dingo not writing complex lazy loaders
16:56 |_[O_O]_| lazy loaders are lazy and hate complexity!
16:56 |_[O_O]_| D:<
16:56 dingo first time i saw a traceback in a lazy loader, i said, "No wonder, this is the problem, we got lazy code here!"
16:59 rdutch joined #salt
17:00 scoates I think its more than just performance benefits. code reloading for example.
17:00 GreatSnoopy joined #salt
17:00 scoates it's just nearly impossible to debug when it fails for no otherwise-apparent reason
17:01 scoates there's no indication of what *actually* went wrong here: http://paste.roguecoders.com/p/e012af7837ec50ec2892ec5601e4b648.txt
17:02 wendall911 joined #salt
17:02 dingo yeah i hear you
17:03 dingo typically i open line 324 of templates.py and work backwards
17:03 dingo decorating with filenames and so on
17:03 dingo theres usually a global 'log' instance to log to
17:04 Grokzen joined #salt
17:04 scoates well, the template is a single line that calls that function. the module isn't loading for some reason. that can range from outright syntax error, through to import problems, to… key errors in a different environment, etc. problem for me is that it's all hidden. I'd rather have it fail hard when it tries to load it, and actually display an error, instead of saying that it doesn't exist when the lazyloader fails to load (hiding the
17:04 scoates errors).
17:04 scoates I'm exhausted. )-:
17:05 dingo mm, if i had hands on keyboard i could probably help
17:05 scoates problems further complicated by `salt` being unpopulated in reactor .sls + #!py
17:05 dingo not really feeling the energy to debug over irc though
17:05 nitay joined #salt
17:06 nitay how do I (inside a state.sls file) log something?
17:06 timoguin joined #salt
17:06 scoates oh, I understand. (-: I'm mostly just ranting, and hoping someone has a trick for not-lazy-loading.
17:06 nitay i want to see the value of some variable, trying to debug a salt state
17:06 dingo nitay: https://github.com/joejulian/saltstack-logging
17:06 dingo (previous to that, we would file.managed and dump variables as its contents)
17:07 nitay dingo: excellent thanks
17:10 zero_shane joined #salt
17:10 forrest joined #salt
17:11 forrest_ joined #salt
17:12 scoates alternate question: is there a salt runner (or similar) that will give me a REPL populated with the dunder dicts?
17:13 nitay dingo: works like a charm, thx
17:14 Lionel_Debroux joined #salt
17:14 nitay another question, how do I do a simple not on an int, I’m trying to do sth like this: https://gist.github.com/nitay/fcca38a52a9271def7ca
17:15 nitay but obv the ! is not the right operator, googling around couldnt find how to do this
17:16 scoates have you tried `not` ?
17:16 duendecat joined #salt
17:17 nitay scoates: hah well there u got
17:17 nitay nice :)
17:17 scoates it's really hard to search for stuff like that; especially for jinja
17:17 dingo happy to help
17:18 knite joined #salt
17:21 Gareth ahoy hoy
17:21 stephanbuys joined #salt
17:22 impi joined #salt
17:22 shaggy_surfer joined #salt
17:23 scbunn joined #salt
17:24 scbunn does anybody know what version of jinja started to support {% raw %}. It looks like EL6 has 2.2 and it does not understand that tag... this makes pushing config files with json pretty impossible.
17:25 genus Guys! Is there a way to fetch some info about minions during rendering of pillar?
17:26 scoates … are modules not available to runners? /-:
17:26 iggy scoates: custom modules?
17:26 scoates yeah
17:26 iggy look for bugs I opened
17:28 scoates iggy: I just found this https://github.com/saltstack/salt/issues/23480 … so I guess that's it.
17:28 saltstackbot [#23480]title: Custom runner modules do not pick up custom execution modules | Custom runner modules do not pick up custom execution modules. Although both modules are available in the corresponding `extension_modules` directories the custom execution module is not available in the `__salt__` dictionary that is injected into the custom runner module....
17:28 awpti joined #salt
17:28 guanophobic joined #salt
17:29 scoates so there goes that idea. /-:
17:31 pravka joined #salt
17:31 iggy https://github.com/saltstack/salt/issues/19658
17:31 saltstackbot [#19658]title: Custom grains (/srv/salt/_grains/foo.py) not available during salt-run state.orchestrate run | We have a custom grain module that grabs tags from GCE's metadata service and stuffs that into a grain (https://github.com/saltstack/salt-contrib/blob/master/grains/gce.py). When trying to use that grain in an orchestrate runner that we use, we aren't getting that grain set. This works fine everywhere else we use it....
17:32 iggy there are a couple other linked bugs that might be worth reading
17:32 iggy scoates: do you have extension_modules set?
17:32 scoates yes.
17:33 iggy okay, different bug then
17:33 * iggy wanders off
17:33 scoates __salt__ is not correctly available to #!py reactor .sls either
17:33 scoates I suspect these might be related.
17:33 scoates (and there are bugs)
17:33 scoates (issues, I mean)
17:34 guanophobic joined #salt
17:35 zmalone joined #salt
17:36 jaybocc2 joined #salt
17:38 jeadre joined #salt
17:44 XenophonF will minions running zeromq3 be able to communicate with master(s) running zeromq4?
17:44 duendecat joined #salt
17:46 Akhter joined #salt
17:49 XenophonF looks like the answer is "yes"
17:58 baweaver joined #salt
18:03 pm90_ joined #salt
18:04 Akhter joined #salt
18:06 RedundancyD joined #salt
18:07 inad922 joined #salt
18:08 sdm24 So an update to a problem I was having yesterday: I just set up gitfs, with a master branch and testing branch. I have 2 salt masters, one for testing and using gitfs_branch: testing, one for production and using the default master branch as its base
18:09 sdm24 when I do salt '*' state.show_top, it lists a combination of bot the testing top.sls and master top.sls files, including duplicates
18:10 sdm24 but when I do salt-run fileserver.envs, the testing salt master says "- base, - master", and the production master says " - base, - testing"
18:10 scoates FWIW my problem was me being an idiot and not applying the proper extension_modules configuration to this other saltmaster
18:10 sdm24 and state.show_top shows all the states under base: , even though it is really pulling from 2 environments (when it should be only pulling from one)
18:13 pppingme joined #salt
18:14 baweaver joined #salt
18:14 alainv joined #salt
18:15 forrest joined #salt
18:15 sdm24 I guess I have to set 'gitfs_env_blacklist' on the salt masters, to ignore the other branch
18:16 XenophonF salt's support for openindiana really sucks
18:16 XenophonF time to start writing patches
18:17 scoates is GitHub's @terminalmage here?
18:19 X67r joined #salt
18:22 voileux joined #salt
18:23 hax404 joined #salt
18:25 scoates erjohnso_: is that you?
18:26 bhosmer joined #salt
18:26 duendecat joined #salt
18:26 forrest scoates: His name would be the same and he isn't here.
18:26 scoates ok. thanks.
18:26 scoates https://github.com/saltstack/salt/issues/26713 FWIW. )-:
18:26 saltstackbot [#26713]title: 2015.8rc3 regression in git identity | This block causes a regression in 2015.8 rc3 for my states:...
18:29 theologian joined #salt
18:29 pm90__ joined #salt
18:31 bhosmer joined #salt
18:32 DammitJim joined #salt
18:34 perfectsine joined #salt
18:35 quasiben joined #salt
18:40 Seany joined #salt
18:40 Akhter joined #salt
18:41 Seany Hello all you lovely people:) This is a question rather than a problem. Does anyone now any nice graphing software for infrastructure maps that can possibly be used with pillar info
18:41 debian112 joined #salt
18:44 jeadre joined #salt
18:45 timoguin joined #salt
18:45 DammitJim how does the salt master determine the name of the minion?
18:45 DammitJim I ask because I have a minion that seems to have the wrong domain name
18:46 DammitJim is that part of the minion_id?
18:47 SheetiS the minion_id is how it determines the minion name, if you don't have one defined in the config, it will try and determine the fqdn hostname on the first launch of hte minion and store it in /etc/salt/minion_id or equivalent for your install
18:47 quasiben left #salt
18:47 quasiben joined #salt
18:47 SheetiS that won't change even if the FQDN does later.
18:47 SheetiS you can change the minion id and then reauth it to the master though.
18:50 sirex joined #salt
18:51 DammitJim ok, cool
18:51 sdm24 I think the 'id:' line in /etc/salt/minion (or equivalent) will override /etc/salt/minion_id if it is not commented out
18:52 Seany joined #salt
18:52 DammitJim shoot!
18:52 DammitJim I did salt-key -d 'servername'
18:52 Seany Did you get your answer?
18:52 DammitJim I thought that would delete it. Not put it in denied!
18:52 Seany cd /etc/grains/minion.d and minion_id
18:52 Seany Check them locations
18:52 sdm24 I think denied is when there are multiple minions with the same id
18:53 DammitJim oh ok, then I just need to delete them again?
18:53 DammitJim the problem is that I'm working with VMs
18:53 DammitJim and I am fine tuning a template
18:53 DammitJim the salt master is probably getting confused
18:54 DammitJim what do I do first? accept the minion or delete it?
18:54 DammitJim I"m afraid if I accept it, it's going to accept both
18:54 sdm24 Yeah I don't use salt-cloud for our  VMs. On each template (ex: Ubuntu), I have salt-minion installed with a generic id of 'ubuntu', which gets changed in a setup state that should be ran
18:54 sdm24 I think delete first
18:54 sdm24 if that doesn't work, it will be dumped back into denied anyways
18:55 DammitJim ok, now that I deleted it
18:55 DammitJim it doesn't show up under denied nor unaccepted
18:55 DammitJim so, I guess I need to re-generate the keys in the minion?
18:59 kevinquinnyo joined #salt
19:00 kevinquinnyo hello, I'm having trouble understanding what ca.cert_base_path refers to in this: http://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.tls.html
19:00 kevinquinnyo where is that property set?
19:01 kevinquinnyo i want to be able to generate a self-signed certificate at a specific path basically
19:03 mikeywaites joined #salt
19:04 whytewolf kevinquinnyo: looking in the configuration section at the very top of the module you show. shows that ca.cert_base_path is a minion setting
19:05 zmalone joined #salt
19:07 nitay joined #salt
19:09 stephanbuys joined #salt
19:13 kevinquinnyo whytewolf: oops - that was right in front of me on that page huh?
19:13 kevinquinnyo thanks
19:15 DammitJim by default one can't see what the minion is doing, right?
19:15 DammitJim like I have this state where it installs a package called heartbeat
19:16 clintberry joined #salt
19:20 Akhter joined #salt
19:22 DammitJim man, how do I kill a state that seems hung?
19:23 sdm24 DammitJim: after you delete a minion's key on the master, restarting the minion service will usually reconnect the master and minion
19:23 DammitJim sdm24, separate question
19:24 dewdrop joined #salt
19:25 sdm24 to kill a state that seems hung, salt-run jobs.active on the master, and then salt 'hungminion' saltutil.kill_job <jid>
19:25 sdm24 jid should be the header when you do jobs.active
19:25 DammitJim wow... it was hung because of a network issue
19:25 DammitJim thanks sdm24
19:26 sdm24 np
19:27 baweaver joined #salt
19:34 shaggy_surfer joined #salt
19:36 rdutch left #salt
19:37 scbunn is there a heredoc equiv in yaml? I'm trying to escape a string of text that has both single and double quotes.
19:37 XenophonF scbunn: well worst case you could base64 encode the string and use !!binary
19:37 jgarr joined #salt
19:38 manfred scbunn: | lets you put multiple line yaml strings?
19:38 jgarr can I target minions based on a version of software installed or facter facts?
19:39 scbunn manfred: tried |.. the problem is I have both single and double quotes and {}'s as part of the string so it barfs.. I would just put it in the template.. but EL6 doesn't have a version of jinja that supports {% raw %} thus the jinja barfs at that point.
19:40 sdm24 scbunn: One workaround I use is to set multiple variables using jinja. I'll pull up an example
19:41 XenophonF scbunn: seriously - base64 encode the string and use !!binary
19:42 scbunn XenophonF: I've done that in the past with kickstart files.  Its a PITA for people maintain and change
19:42 XenophonF yes absolutely
19:44 sdm24 scbunn: https://gist.github.com/sdm24/fae996c1e94ca3fff285 does something like that work?
19:45 scbunn @sdm24 yea.. I could do that, but its almost like base64 encoding it :)
19:45 sdm24 but its salty
19:45 sdm24 and makes its kinda easier to change one part if you need to
19:46 scbunn https://gist.github.com/scbunn/618ac5fd392ec7cd7c5a
19:46 scbunn thats what I'm trying to escape
19:46 sdm24 oh with a lot of stuff like that, yeah it could get messy
19:46 perfectsine joined #salt
19:47 sdm24 or wait, since theres no single quotes in that string, couldn't you just wrap everything in single quotes?
19:48 scbunn I could just have salt write an external file thats included but that seems less than ideal as well... I'm surprised that it looks pretty impossible to escape jinja with versions prior to 2.8 (or at least 2.6 and lower)
19:49 scbunn sdm24: I tried that.. the problem is jinja gets smart and unescapes the double quotes so it the double quotes show up in the file without \ in front of them
19:49 scooby2 joined #salt
19:49 kevinquinnyo I'm getting KeyError: 'tls.create_self_signed_cert' -- All I should need is python-openssl > .10 right?  This is on ubuntu 14.04 minions if it helps
19:49 sdm24 {% set part = '$template .....'
19:49 sdm24 %}
19:50 scbunn sdm24: hmm.. good idea.  Let me give that a try
19:50 bhosmer joined #salt
19:51 zmalone joined #salt
19:53 kevinquinnyo ahh nm on my question.  I see the issue:  'tls' __virtual__ returned False: ['PyOpenSSL version 0.14 or later must be installed before  this module can be used.']
19:54 scbunn sdm24: that still strips out '\' but if I escape them with \\ it seems to be working.  :)
19:56 pm90_ joined #salt
19:58 jonlangemak joined #salt
20:00 sdm24 scbunn: good to know
20:00 scbunn sdm24: Thanks
20:00 sdm24 no problem
20:02 sjorge joined #salt
20:02 sjorge joined #salt
20:02 opensource_ninja joined #salt
20:02 RedundancyD joined #salt
20:03 perfectsine joined #salt
20:06 pcn Is there a way to disable pillar caching?
20:06 iggy you really wouldn't want to
20:07 pcn For testing?  Yes.  Yes I would.  Eliminating the uncertainty involved in git commit -> git server -> git pull on master -> salt-call on  minion, followed by ??? then salt-call pillar.items ??? and restarting
20:07 pcn Restarting everything.
20:07 pcn All the time
20:08 pcn because I don't know if I screwed up targeting or if I have pillar caching...
20:08 pcn It makes the experience very frustrating.
20:08 iggy then _every_ pillar.get call (including every config.get, etc) would cause a round trip to the master
20:08 pcn That's fine if I'm testing
20:09 pcn Is there a flag I can inspect somewhere that says "this pillar is totally cached dude"?
20:09 iggy you're talking about possibly thousands of calls per run
20:09 pcn Yes.  That is fine.  If it can eliminate uncertainty.  If there is a better way, then that's better.
20:09 iggy there isn't a way
20:10 pcn What is your process to get uncached pillar data when you're fixing states, pillars, etc?
20:11 SheetiS saltutil.refresh_pillar
20:11 pcn I seem to recal that this is not as reliable as it sounds
20:11 iggy if not, you should file a bug
20:12 jeadre joined #salt
20:14 thehaven joined #salt
20:15 Arendtse1 joined #salt
20:15 Ryan_Lane sigh: https://github.com/saltstack/salt/pull/24865/files
20:15 saltstackbot [#24865]title: Allow cross calling of state modules | Issue: #21214
20:16 nebuchadnezzar joined #salt
20:16 Ryan_Lane force pushed, so now I can't look at what this change did, or which commit it was
20:16 Ryan_Lane want to pull this change into my fork, but nope.
20:17 Ryan_Lane maybe it was never actually included?
20:17 jeadre joined #salt
20:17 mikeywaites joined #salt
20:18 giantlock joined #salt
20:22 quasiben joined #salt
20:25 pm90__ joined #salt
20:27 Ryan_Lane basepi: any change we can get any priority on https://github.com/saltstack/salt/issues/21214 ? It's very negatively affecting the boto_* state modules
20:27 saltstackbot [#21214]title: How to call other state in custom state code? | Hi, I'm writing a custom state in /srv/salt/_states/git_refresh.py, and I just want to call file.managed state in this py....
20:27 Ryan_Lane depending on how you call the state it can take 1-2 minutes to complete some of them
20:27 sdm24 is it recommended to save pillar data in a git repo, and just set it up as an ext pillar? or should I try to keep the pillar roots local but lose version control?
20:27 Ryan_Lane because salt is constantly reloading modules on state.single calls
20:28 manfred sdm24: you don't have to lose version control, you could do a git repo on /srv/pillar, do what works best for you
20:28 Ryan_Lane we have some orchestration runs that are taking 10-15 minutes now, when they were previously taking 1-2 minutes :(
20:28 Akhter joined #salt
20:29 sdm24 manfred: but then if someone changes the git repo, you would have to manually pull in /srv/pillar to see the updates
20:29 Ryan_Lane our only alternative if this doesn't get solved is to move move the idempotent actions of the state modules into execution module functions and have the state modules do basically nothing
20:30 Ryan_Lane but that's a lot of work and makes the execution modules dirty
20:31 manfred sdm24: sure, so use ext_pillar.
20:31 sdm24 manfred: I just wanted to make sure that other people do this, and I'm not doing anything stupid :)
20:31 manfred yes
20:32 dthom91 joined #salt
20:37 basepi Ryan_Lane: I'll get some eyes on it and we'll discuss for Boron.
20:41 Ryan_Lane basepi: thanks. I was also going to shoot an email to thatch
20:41 basepi Probably still should.
20:41 Ryan_Lane cool
20:41 basepi Get his brain thinking on it.
20:42 alynpost joined #salt
20:45 pdayton1 joined #salt
20:47 knite joined #salt
20:49 knite how can I update a package that was deployed using sources?
20:49 knite package installs the first time, but future package bumps are ignored.
20:50 perfectsine joined #salt
20:50 Ryan_Lane knite: it's an open issue
20:50 Ryan_Lane it doesn't work
20:50 Ryan_Lane knite: are you using ubuntu/debian?
20:50 Ryan_Lane if so, check out http://www.aptly.info
20:51 knite Ryan_Lane: I'm on Ubuntu, trying to install a deb.
20:51 Ryan_Lane are you in AWS?
20:51 Ryan_Lane aptly can store in S3 and you can add an s3 provider to apt :)
20:51 knite Ryan_Lane: split, some EC2 instances, some VMs elsewhere.
20:52 knite you work for them, I take it? :-)
20:52 Ryan_Lane I work for Lyft
20:52 Ryan_Lane we use aws (and wrote the boto_* modules in salt)
20:52 twork in search of clue: given a pillar of items each with a binary setting, say, "foo=YES", "foo=NO", how would i assemble a file listing all the members with their element set to 'YES'?
20:52 Ryan_Lane and the issue you're having pushed me to use aptly
20:53 twork (if i get that far i think i can go a step further, with templates populated after the same manner)
20:53 Ryan_Lane knite: if your apt packages are public you can make the S3 bucket a website and use it like a normal apt repo
20:53 Ryan_Lane then you don't even need the s3 apt provider
20:53 dezertol joined #salt
20:54 Ryan_Lane knite: you should also checkout the boto_* modules. they're pretty amazing :)
20:54 alynpost I've got ~2 dozen machines running under salt, 2015.5.3 (Lithium).  Ubuntu 14, Salt Stable ppa.  Last night I stopped being able to [high]state machines.  In debugging, I've narrowed down my problem:
20:54 alynpost starting my salt-master works for a very short while, test.ping and such.  But CPU usage quickly rises to 100% and things start timing out.
20:55 knite Ryan_Lane: nothing public, but that's an interesting thought, might be doable with SGs.
20:55 alynpost My test environment is now the salt-minion and salt-master on a single machine, so no network issues.
20:55 Ryan_Lane alynpost: have you looked at http://docs.saltstack.com/en/latest/topics/tutorials/intro_scale.html ?
20:55 Ryan_Lane 2 dozen machines seems like not a log
20:55 Ryan_Lane *lot
20:55 alynpost Thank you, I came looking for exactly those guidelines; I suspect I may have hit some limit and just need to tune.
20:55 Ryan_Lane alynpost: do you have a /lot/ of files in your file_roots?
20:55 Ryan_Lane like a git repo, or anything with a shitload of files?
20:55 alynpost yes, including dangling symlinks, the debug logs tells me.
20:55 Ryan_Lane the saltmaster will handle that very poorly
20:56 alynpost --(>:)-- du -hs salt pillar
20:56 alynpost 48M     salt
20:56 alynpost 6.2M    pillar
20:56 Ryan_Lane since it needs to stat every file pretty often
20:56 Ryan_Lane well, it's not the size of the files. it's more the number of files
20:56 alynpost I also have fully half of my machines offline at any moment.
20:56 baweaver joined #salt
20:56 alynpost --(>:)-- find salt -type f | wc -l
20:56 alynpost 5936
20:57 keimlink joined #salt
20:57 Ryan_Lane alynpost: have you tried stracing any of the salt processes eating a ton of cpu?
20:57 alynpost I haven't gotten that far; I do have it running in a test harness to facilitate my doing so.
20:57 Ryan_Lane I've always found that a bit enlightening for tracking down issues
20:57 alynpost great.
20:58 alynpost Ryan_Lane: unless you think there is something more productive, why don't I take your two pieces of advice, work through the scale doc along with strace and narrow in on why I get my problems.
20:59 twork ...i begin to realize that the last question i answered was that flavor of dumb which is, "too simple to realizee i'd seen the same situation a dozen times in more complex cases"
20:59 Ryan_Lane yeah. that's where I'd start
20:59 twork *asked
21:00 alynpost Thank you for your help.  I have to fill this work in around the edges, but I appreciate having a lead.
21:00 perfectsine_ joined #salt
21:00 Ryan_Lane yw
21:01 alynpost Wow, immediately I see these recon_ variables are way too tight for my use case.
21:01 alynpost I don't need anything like that kind of responsiveness.
21:02 _JZ_ joined #salt
21:03 debian112 left #salt
21:03 alynpost as well, my job history doesn't need to be very deep.
21:09 sdm24 If I use git as an ext_pillar, will salt '*' saltutil.refresh_pillar automatically pull the latest git commit?
21:10 jonlangemak joined #salt
21:10 sdm24 http://docs.saltstack.com/en/latest/ref/pillar/all/salt.pillar.git_pillar.html has an update command, but I'm not sure how it works. Looking at the git_python.py code doesn't seem to help either (but I am python iliterate)
21:13 alynpost When I was using that feature I never had to call update, it just worked transparently.
21:13 sdm24 ok cool thanks
21:17 mapu joined #salt
21:18 jeadre joined #salt
21:24 mapu joined #salt
21:27 jonlangemak joined #salt
21:30 jonlangemak joined #salt
21:31 subsignal joined #salt
21:33 ajw0100 joined #salt
21:33 voxxit joined #salt
21:34 mordonez joined #salt
21:35 mordonez joined #salt
21:42 jness joined #salt
21:47 RedundancyD joined #salt
21:51 pdayton joined #salt
21:51 baweaver joined #salt
21:52 jonlangemak joined #salt
22:00 alynpost hahahahaha I'm pretty sure I found my problem.
22:00 |_[O_O]_| whew!
22:00 alynpost I have a subdirectory with:
22:01 alynpost lrwxrwxrwx 1 salt salt    1 Aug 26 20:15 bin -> .
22:01 Guest65609 joined #salt
22:01 alynpost and the salt-master is going to fucking town recursively listing that directory.
22:02 Guest65609 left #salt
22:02 Guest65609 joined #salt
22:04 alynpost yup, state.sls just worked.
22:04 alynpost Ryan_Lane: all of your advice was extremely helpful, I did afair bit of tuning.  The real winner was the strace, which for completeness must be specified as:
22:04 alynpost strace -ff -otrace.log salt-master
22:05 sgargan joined #salt
22:05 alynpost since you need to follow children/threads.  After that I could pick out the large/active logs and it was extremely clear what was happening.
22:05 alynpost s/afair/ a fair/
22:07 alynpost I do consider this a bug, a typical directory walk would not be fooled so easily, but I'll follow up to the appropriate channels.
22:10 Ryan_Lane heh
22:10 Ryan_Lane cool
22:10 Ryan_Lane yeah, I usually use -Ff
22:10 * alynpost nods
22:13 drawsmcgraw left #salt
22:14 salty joined #salt
22:14 forrest joined #salt
22:16 jonlangemak joined #salt
22:16 pdayton joined #salt
22:23 aristedes joined #salt
22:23 aristedes left #salt
22:24 technocrat joined #salt
22:28 Guest99592 left #salt
22:32 scoates potentially dumb question: if I use salt-bootstrap with `-P 2015.8`, will I get this now? https://github.com/saltstack/salt/pull/26716
22:32 saltstackbot [#26716]title: Allow git identity to be a list | Also make some fixes with regards to checking remote refs and hard-resets....
22:32 pm90_ joined #salt
22:34 jkjk left #salt
22:34 alynpost I had to fetch changes from yesterday to get that to show up in the 2015.8 branch, it's very new; I don't know enough about salt-bootstrap to say for sure.
22:34 jgarr someone know if there's a way to target machines that have a specific version of software installed? eg httpd > 2.2
22:34 alynpost But it would appear that you're good to go scoates.
22:34 alynpost sorry, fetch changes--the last time I did was yesterday.
22:35 * scoates nods
22:35 scoates thanks
22:35 sdm24 I'm getting a strange error with git ext_pillar. Git reads the top.sls, but I get errors that the actual.sls files cannot be found, even though I see them in git, and the relative paths from the top.sls are correct. Should the pillar files be on my local machine, and not on git?
22:35 alynpost pillar uses a separate mechanism for git back.
22:36 alynpost ext_pillar, specifically.
22:36 alynpost sorry sdm24, catching up with you.
22:36 alynpost hrm, from what you've said I would expect it to work.
22:36 scoates perhaps 2015.8 is currently broken? `AttributeError: 'module' object has no attribute 'SPM_FORMULA_PATH'`
22:37 alynpost Though I'll say I had to stop using this mechanism (git root) because it would randomly break on me.
22:38 alynpost jgarr: You could also have one rule depend on the result of running a command,
22:38 alynpost and manually check for pkg+version you need.
22:39 alynpost but I'm not away of a specific mechanism for what you're after; other than stuffing the variable you're interested in in a grain/pillar.
22:39 jkjk joined #salt
22:39 markm joined #salt
22:40 jkjk left #salt
22:40 jkjk joined #salt
22:41 sdm24 https://gist.github.com/sdm24/9043e1c87f3e48091574 heres my gist of my issue
22:42 scoates :sweatdrop: not just me. https://github.com/saltstack/salt/pull/26712#issuecomment-135563493
22:42 saltstackbot [#26712]title: Move SPM paths around | Files in `/srv/salt/` are often regularly edited by users or placed under version control (or both). Files provided by SPM are not frequently edited, and should be separated. This will alleviate confusion, and reduce redundancy by keeping package-provided files out of version control.
22:42 jeddi joined #salt
22:43 sdm24 if I copy that data.sls to my local /srv/pillar/ directory, and do salt '*' pillar.items, it shows up correctly. The other .sls files will error
22:43 dthom91 joined #salt
22:43 andygabby joined #salt
22:44 jgarr alynpost: thanks, it looks like a custom grain for it wouldn't be hard so I may just do that
22:45 Lionel_Debroux joined #salt
22:46 ajw0100 joined #salt
22:52 technocrat left #salt
22:54 lexter joined #salt
22:59 sdm24 I think I figured out my issue. You have to call a different environment then "base" when using a branch different than "master"
23:00 iggy gitfs+environments = pure shit usability
23:00 forrest iggy: You should file that as a bug, lol
23:01 overyander joined #salt
23:04 eflow joined #salt
23:05 jgarr I wonder if there's some way to do it with pkg.version module?
23:07 alynpost left #salt
23:16 ajw0100 joined #salt
23:16 PredatorVI joined #salt
23:22 aristedes joined #salt
23:25 sgargan joined #salt
23:26 eflow joined #salt
23:28 Akhter joined #salt
23:30 zwi joined #salt
23:32 aristedes joined #salt
23:32 aristedes left #salt
23:32 keimlink_ joined #salt
23:34 mdupont joined #salt
23:37 eflow left #salt
23:37 eflow joined #salt
23:37 eflow left #salt
23:39 eflow joined #salt
23:43 zsoftich3 joined #salt
23:46 eflow left #salt
23:48 MindDrive joined #salt

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary