Perl 6 - the future is here, just unevenly distributed

IRC log for #salt, 2015-09-03

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:04 jdubinsky joined #salt
00:09 Configio joined #salt
00:12 drawsmcgraw joined #salt
00:13 drawsmcgraw joined #salt
00:16 zwi joined #salt
00:17 fhh joined #salt
00:18 dankrs joined #salt
00:18 Gilou joined #salt
00:20 theologian joined #salt
00:23 shaggy_surfer joined #salt
00:24 nikogonzo joined #salt
00:33 druonysus joined #salt
00:33 druonysus joined #salt
00:33 hasues joined #salt
00:34 hasues left #salt
00:39 baweaver joined #salt
00:43 pravka joined #salt
00:45 djpain joined #salt
00:46 jodv joined #salt
01:03 homeshlice joined #salt
01:12 forrest joined #salt
01:14 davetoo joined #salt
01:18 orion203 joined #salt
01:25 djpain joined #salt
01:29 mamercad joined #salt
01:30 writtenoff joined #salt
01:34 opensource_ninja joined #salt
01:37 zmalone joined #salt
01:41 zmalone1 joined #salt
01:42 jonlangemak joined #salt
01:45 jdubinsky joined #salt
01:57 catpiggest joined #salt
01:58 Bryson joined #salt
02:07 cberndt joined #salt
02:14 djpain joined #salt
02:21 aristedes joined #salt
02:24 aristedes left #salt
02:28 arthoo joined #salt
02:31 arthoo Hi, I'm trying to figure out what's wrong with my init.sls syntax for a snort sensor.  I'm trying to look for the presence of the 'barnyard2' package and process which should be run as the 'snort' user.  Here's my config: http://pastebin.com/fjZUZr9p
02:33 djpain joined #salt
02:49 tkharju joined #salt
02:55 zmalone joined #salt
02:55 subu joined #salt
02:55 subu Trying to SSL enable Salt-Tornado.
02:57 subu I see ssl_crt and ssl_key attributes. Where do I specify cacerts ? and how do I specify password when private key is encrypted with passwd
02:57 subu rest_tornado:
02:57 subu address:
02:57 subu port:
02:57 subu ssl_crt
02:57 subu ssl_key
02:57 zmalone joined #salt
02:59 subu Also want to see how to enable clientauth
03:02 favadi joined #salt
03:10 shaggy_surfer joined #salt
03:32 \ask joined #salt
03:35 \ask joined #salt
03:59 sunkist joined #salt
04:00 joe_n joined #salt
04:16 TyrfingMjolnir joined #salt
04:16 qybl_ joined #salt
04:18 cberndt joined #salt
04:36 PeterO joined #salt
04:39 GrueMaster joined #salt
04:54 pm90_ joined #salt
04:56 rdas joined #salt
05:01 Eureka70_ joined #salt
05:10 mikeywaites joined #salt
05:13 dingo joined #salt
05:21 bones050 joined #salt
05:33 sunkist joined #salt
05:36 scooby2 joined #salt
05:36 jhauser joined #salt
05:38 n8n joined #salt
05:40 cyborg-one joined #salt
05:40 mosen joined #salt
05:48 cb_ joined #salt
05:49 sirnightlord joined #salt
05:52 homeshlice joined #salt
06:07 dopesong joined #salt
06:07 dopesong_ joined #salt
06:13 lb1a joined #salt
06:14 homeshlice joined #salt
06:14 colttt joined #salt
06:18 TyrfingMjolnir joined #salt
06:25 AndreasLutro joined #salt
06:27 laax joined #salt
06:30 homeshlice joined #salt
06:39 pppingme joined #salt
06:39 rdorgueil joined #salt
06:40 dRiN joined #salt
06:40 CeBe joined #salt
06:45 Diaoul joined #salt
06:45 onorua joined #salt
06:45 aristedes joined #salt
06:45 aristedes left #salt
06:46 joe_n joined #salt
06:46 linjan joined #salt
06:52 jhauser joined #salt
06:53 joe_n joined #salt
06:53 phw joined #salt
06:54 zacdev joined #salt
06:54 phw is "win_path" broken right now? I am trying "salt COMPUTERNAME win_path.get_path" but only get an attribute error (dict object has no attribute 'split')
06:55 phw (win_path.get_path should return the PATH variable under microsoft windows)
06:57 Diaoul joined #salt
07:02 kawa2014 joined #salt
07:02 evle joined #salt
07:05 eseyman joined #salt
07:05 Jeff__ joined #salt
07:07 joe_n joined #salt
07:08 auzty joined #salt
07:11 husanu joined #salt
07:13 ingwaem joined #salt
07:13 ingwaem left #salt
07:19 husanu joined #salt
07:21 sandra_ joined #salt
07:25 sandra_ hello, we are trying to deploy an aws windows instance using saltcloud. we are deploying an ami with a set password. our problem is that winexe returns the following error: NT_STATUS_INVALID_PARAMETER. Wrong password gives a different error
07:29 mikeywaites joined #salt
07:30 shiin joined #salt
07:31 jdubinsky joined #salt
07:32 GreatSnoopy joined #salt
07:33 shiin left #salt
07:33 Ztyx joined #salt
07:35 Grokzen joined #salt
07:36 markm_ joined #salt
07:36 Ztyx joined #salt
07:46 Ixan joined #salt
07:48 Ixan left #salt
07:49 djpain joined #salt
07:58 chiui joined #salt
07:59 s_kunk joined #salt
08:04 keimlink joined #salt
08:11 fredvd joined #salt
08:12 Xevian joined #salt
08:20 jbrnds2 joined #salt
08:26 zerthimon joined #salt
08:29 jbrnds3 joined #salt
08:30 jbrnds4 joined #salt
08:32 jbrnds5 joined #salt
08:33 TyrfingMjolnir joined #salt
08:45 jbrnds6 joined #salt
08:46 jbrnds7 joined #salt
08:47 jbrnds8 joined #salt
08:54 X67r joined #salt
08:56 CeBe joined #salt
08:59 bluenemo joined #salt
09:00 chiui joined #salt
09:07 CeBe joined #salt
09:08 keimlink joined #salt
09:08 KermitTheFragger joined #salt
09:09 zipkid left #salt
09:09 piter joined #salt
09:10 piter hello
09:10 piter can somebody help me wwith environments, please?
09:12 piter I have 3 environments, isolated in top.sls AND NOT in minion configuration.
09:12 piter when I run salt '*' state.highstate, which states will be applied?
09:13 slav0nic joined #salt
09:14 piter I forgot.. state trees are almost identical, at least names of state files, not the content
09:15 linjan joined #salt
09:23 jbrnds9 joined #salt
09:25 babilen piter: Whatever state(s) you targeted in top.sls
09:27 kbaikov joined #salt
09:27 bhosmer joined #salt
09:29 X67r joined #salt
09:29 piter babilen: what happens when the state has the same name in two different environments
09:29 N-Mi joined #salt
09:30 jbrnds10 joined #salt
09:31 jbrnds11 joined #salt
09:32 jbrnds12 joined #salt
09:37 ingwaem joined #salt
09:38 ingwaem left #salt
09:40 TyrfingMjolnir joined #salt
09:41 nbari joined #salt
09:41 nbari hi all, when using mines, for example: salt "*" mine.get 'node_type:rabbitmq' network.ip_addrs grain how can I get only results from "live" minions
09:42 husanu joined #salt
09:43 djpain joined #salt
09:46 kukacz joined #salt
09:46 aqua^c joined #salt
09:48 babilen piter: You would obviously get an ID conflict in that case (don't you?)
09:48 CeBe joined #salt
09:49 babilen (if both are targeted to the minion)
09:49 nbari ?
09:50 nbari I am currently creating some nodes and automatically adding taging them with "node_type:rabbitmq" , but when I shutthem down, I still can see their existing ip
09:50 nbari basically I would like to know hos to get ips only from minions responsing a ping first
09:57 piter babilen: I didn't try yet. https://docs.saltstack.com/en/latest/ref/states/top.html#multiple-environments Iunderstand, that in this dokumentatin is used a state with the same name in different environment directories
09:59 piter and I ask which of them will be applied on salt '*' state.highstate when I ommit the environment variable in minion config
10:02 Andre-B joined #salt
10:05 sgargan joined #salt
10:07 bhosmer joined #salt
10:07 pm90_ joined #salt
10:10 nbari where to properly define the v
10:10 nbari mine_interval: 60 ?
10:12 joe_n joined #salt
10:15 kbyrne joined #salt
10:16 mr_const joined #salt
10:16 mr_const hi all
10:16 mr_const is it possible for salt to run sql script?
10:16 mr_const (postgres)
10:17 slav0nic mr_const, https://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.postgres.html#salt.modules.postgres.psql_query
10:18 nbari how to mix salt-run manage.up with mines
10:19 nbari basically I just want to get info from up and running minions
10:19 roock joined #salt
10:21 voxxit joined #salt
10:22 SheetiS joined #salt
10:23 mr_const slav0nic, thanks. Now I have to learn, how to use modules from states :)
10:27 ggoZ joined #salt
10:28 nbari how can I test.ping from jinja ?
10:31 zer0def joined #salt
10:34 slav0nic mr_const, check salt.states.module
10:40 mr_const hmm... psql_query has parameter query, which accepts string. Is it possible to feed file there somehow?
10:41 mr_const it seems, I need to read a file into something like a named string and push it to psql_query
10:42 jbrnds13 joined #salt
10:42 sgargan joined #salt
10:44 londo joined #salt
10:44 slav0nic mr_const, why not use simple cmd.run for psql? if u need run from file
10:45 mr_const will cmd.run "eat" file from master?
10:46 jbrnds13 joined #salt
10:47 sgargan joined #salt
10:48 amcorreia joined #salt
10:49 voxxit joined #salt
10:50 kawa2014 joined #salt
10:52 bhosmer joined #salt
10:54 CeBe joined #salt
10:59 stephanbuys joined #salt
11:01 MadsRC Does anyone know how long it is before a bugfix commited to the 2015.5 branch is added to CentOS EPEL?
11:09 giantlock joined #salt
11:11 jbrnds14 joined #salt
11:15 impi joined #salt
11:17 dyasny joined #salt
11:22 bhosmer joined #salt
11:24 MadsRC or does anyone know if there exists a upgrade strategy guide for Salt? Rightn ow I got 50 machines (CentOS and Ubuntu) that has it installed via apt/yum. But I'm starting to realise that updates from that is slow (Currently on 5.3 whereas the source is on 5.5) - Thinking about using bootstrap-salt.sh to install and update versions. Any experience?
11:33 larsfronius joined #salt
11:34 hoonetorg madsrc: 2015.5.5.-1 in epel-testing
11:35 hoonetorg yum  --enablerepo epel-testing update
11:35 sandra_ hello, we are trying to deploy an aws windows instance using saltcloud. we are deploying an ami with a set password. our problem is that winexe returns the following error: NT_STATUS_INVALID_PARAMETER. Wrong password gives a different error
11:36 hoonetorg i've seen that docs mention 2015.8.0 as  stable
11:36 hoonetorg is it out ???
11:36 MadsRC Wasn't as of the 1st...
11:37 rofl____ so EPEL gets packages but Debian dont?
11:37 rofl____ =(
11:37 AndreasLutro hoonetorg: if docs mentioned that, it should probably be fixed
11:37 hoonetorg https://docs.saltstack.com/en/latest/
11:37 hoonetorg you see :)
11:37 MadsRC rofl____: Yeah, I'll have to wait for 5.5 both for Debian and CentOS... That's why i'd like to do it from source :D
11:38 hoonetorg madsrc: on centos you can get it out of epel-testing repo
11:39 MadsRC hoonetorg: I noticed, but if I install that now, my CentOS machines will run newer versions than my Ubuntu/Debian machines...
11:39 hoonetorg personally i'm not using anything else as packages from builtin package manager on prod servers (deb on debian/ubuntu and rpm on rhel-alike)
11:40 hoonetorg i'm not sure if there isn't a 3rd party repo/ppa which holds up2date packages for you
11:40 hoonetorg because i mainly use centos 7
11:42 MadsRC AndreasLutro: How do you handle updating your minions? I know you compile from source?
11:43 AndreasLutro MadsRC: I only use salt-ssh at the moment
11:45 MadsRC AndreasLutro: Okay, do you compile it manually or use something like bootstrap-salt.sh?
11:45 AndreasLutro MadsRC: git clone and pip install, preferably with a virtualenv
11:45 MadsRC AndreasLutro: How about stuff like SELinux, service files etc?
11:45 JDiPierro joined #salt
11:46 nbari joined #salt
11:46 nbari joined #salt
11:46 AndreasLutro I don't work with selinux and salt-ssh doesn't need a service file - but service files are very very easy to write
11:46 MadsRC oh, sorry, I thought you only used salt-ssh for updates, but you ONLY use salt-ssh for everything?
11:47 AndreasLutro correct
11:47 MadsRC Ah, okay :D
11:48 hoonetorg AndreasLutro: who should i inform about 2015.8.0 mentioned stable in docs
11:48 hoonetorg ?
11:48 AndreasLutro hoonetorg: it's be fastest to just make a pull request
11:53 hoonetorg AndreasLutro: is the source of the webpage docs.saltstack.com at github?
11:54 hoonetorg i mean https://docs.saltstack.com/en/latest/ at the very end you can read You are viewing docs for the latest stable release, 2015.8.0. Switch to docs for the previous stable release, 2015.5.5, or to a recent doc build from the develop branch.
11:54 AndreasLutro hoonetorg: yes, it's in the doc directory fo the main salt repo
11:54 AndreasLutro ah
11:55 AndreasLutro no idea why that's the case
11:56 JDiPierro joined #salt
11:56 AndreasLutro probably not something you can pull request
11:57 mamercad joined #salt
11:59 hoonetorg last commit in doc/ is Merge remote-tracking branch 'upstream/2015.8' into merge-forward-develop, done by basepi
12:00 hoonetorg yeah, but in the develop branch
12:01 hoonetorg i will write again here in the evening (for me) when they are all up in their timezone in saltlake city :)
12:05 homeshlice joined #salt
12:06 arapaho joined #salt
12:09 dopesong joined #salt
12:11 mapu joined #salt
12:12 pm90__ joined #salt
12:13 sgargan joined #salt
12:16 zwi joined #salt
12:17 ws2k3 joined #salt
12:18 homeshlice joined #salt
12:20 sgargan joined #salt
12:24 supersheep joined #salt
12:28 ttrumm joined #salt
12:28 aqua^c joined #salt
12:30 jdubinsky joined #salt
12:31 Configio joined #salt
12:32 kossy joined #salt
12:32 homeshlice joined #salt
12:35 chiui joined #salt
12:38 DammitJim joined #salt
12:45 linjan joined #salt
12:48 racooper joined #salt
12:48 racooper joined #salt
12:51 andrew_v joined #salt
12:53 sgargan joined #salt
12:53 racooper joined #salt
12:57 kaiyou left #salt
12:57 Grokzen joined #salt
12:58 sgargan joined #salt
12:59 subsignal joined #salt
13:04 arthoo joined #salt
13:05 digivandal hello, everyone! A quick question about salt.cloud.clouds.vmware module (https://docs.saltstack.com/en/2015.5/ref/clouds/all/salt.cloud.clouds.vmware.html). If I understand correctly it was released in version 2015.5.5? So the question is - can it be used to manage a standalone ESXi host? The confusing part here is that module requires a "the vCenter URL" - but ESXi hosts don't have that, just vSphere client. Can someone please clear
13:06 JDiPierro joined #salt
13:07 ferbla joined #salt
13:09 sgargan joined #salt
13:11 stephanbuys joined #salt
13:12 Configio joined #salt
13:14 pravka joined #salt
13:16 ponpanderer joined #salt
13:16 ponpanderer hello
13:16 cpowell joined #salt
13:18 MadsRC Can't seem to find any specific answer to it, but does salt-ssh require the minion on the target? or can it be used, from a master, to install and configure the minion?
13:19 ponpanderer state question...i have a state/formula using environ.setenv for setting http proxy values to be used by salt. I've included the 'update_minion' param, ensured it runs first...but I don't see dockerio module using it. guessing that's because the underlying docker-py doesn't use env vars I imagine?
13:20 AndreasLutro MadsRC: it only requires python installed on the target host
13:20 MadsRC AndreasLutro: Awesome, thank you
13:21 MadsRC AndreasLutro: I finally figured out how to switch from yum/apt versions to self-compiled ones, using bootstrap-salt. Had to jump through some hoops
13:21 MadsRC Using salt-ssh
13:22 phw adding directories to PATH on windows seems broken; But even after fixing, the adding of PATHS seems to be temporary/non-functioning at all
13:26 supersheep joined #salt
13:27 kenw joined #salt
13:29 numkem joined #salt
13:30 sgargan joined #salt
13:33 jdesilet joined #salt
13:35 cyborg-one joined #salt
13:37 protoz joined #salt
13:39 aristedes joined #salt
13:39 aristedes joined #salt
13:40 Configio joined #salt
13:40 djpain joined #salt
13:46 pravka joined #salt
13:48 rdutch joined #salt
13:50 giantlock joined #salt
13:50 bhosmer joined #salt
13:53 DanyC joined #salt
13:55 timoguin joined #salt
13:59 GUEST_ joined #salt
13:59 sjwoodr joined #salt
14:00 GUEST_ left #salt
14:01 SgtMalicious joined #salt
14:02 sjwoodr Hey guys - can anyone say whether its possible to invoke salt-call state.sls salt.renderers.jinja.render and have salt render a jinja template and just dump it out to stdout or to a file ?
14:02 sjwoodr basically i want to inject salt grains and pillar data into a config file that is not maintained in salt file repo
14:03 djpain joined #salt
14:03 arthoo joined #salt
14:04 tmclaugh[work] joined #salt
14:05 murrdoc joined #salt
14:05 zmalone joined #salt
14:09 Akhter joined #salt
14:12 Akhter joined #salt
14:13 ipmb joined #salt
14:13 SgtMalicious I just added some client_acls to my salt config and set all the permissions based on the documentation but I keep getting the following errors which appears to be related to the cache directory… any way to correct so these go away?
14:13 SgtMalicious $> salt '*' test.ping
14:13 SgtMalicious [WARNING ] jid does not exist
14:13 SgtMalicious [WARNING ] Returner unavailable:
14:13 SgtMalicious blah.blah:
14:13 SgtMalicious True
14:13 sgargan joined #salt
14:14 zwi joined #salt
14:15 Configio joined #salt
14:15 babilen sjwoodr: You are looking for https://docs.saltstack.com/en/stage/ref/modules/all/salt.modules.cp.html#salt.modules.cp.get_file (or get_file_str) I guess (but then you could use use file.managed with that as state)
14:18 dimeshake joined #salt
14:18 dimeshake joined #salt
14:18 keimlink joined #salt
14:20 kaptk2 joined #salt
14:21 sjwoodr babilen: thanks, i'll take a look
14:25 murrdoc SgtMalicious: event_return: None
14:25 murrdoc in your config flle
14:25 murrdoc totes the worst way to do it
14:25 murrdoc but it will work
14:26 salt_noob joined #salt
14:26 sjwoodr babilen: "salt-call cp.get_template $(pwd)/foo.sls $(pwd)/foo-rendered.sls"  ... works perfectly for my use case.  Thank you!!
14:26 SgtMalicious k, combing through an strace atm to see if I can find where the permissions are failing, I'll go the ugly route if I can't find anything
14:27 babilen sjwoodr: Wonderful, wasn't sure which function you need exactly, but that sounded like a job for the cp module :)
14:29 kevinquinnyo joined #salt
14:29 salt_noob Something I'm wondering, for security reasons. If you use Jinja templating in a pillar file, as demonstrated here: https://docs.saltstack.com/en/latest/topics/tutorials/pillar.html, under the 'parameterizing states with pillar section', are the jinja conditions (an if clause, for instance) evaluated first, and then the matching condition and its values provided to the minion, or are all values provided to the minion first, and only
14:29 sjwoodr I was going down the path of using the python api to do this... but cp.get_template does the trick just fine
14:30 babilen salt_noob: The entire template is available to *all* minions (which is why you keep sensitive data in pillars)
14:31 SWA joined #salt
14:34 sjwoodr babilen: for completeness, i decided to see if my python approach worked as well, and it does, using:  caller.sminion.functions['cp.get_template']('/tmp/foo.sls', '/tmp/foo-rendered.sls')
14:35 babilen \o/
14:36 nhe joined #salt
14:38 nhe hello, is that possible (and a good practice) to put 1 minion ip-address/host mapping into another minion /etc/hosts using only state?
14:38 nhe I know i can do it with managing /etc/hosts and injecting data from the mine
14:38 sjwoodr nhe: yes, just use hostsfile-formula
14:38 nhe but i'd like to know if I can do it purely with states
14:39 nhe sjwoodr: thanks i look it up!
14:39 sjwoodr nhe: https://github.com/saltstack-formulas/hostsfile-formula
14:39 sjwoodr I use this so that each minion has an /etc/hosts entry for each other minion managed by the same salt-master
14:39 nhe sjwoodr: fantastic
14:42 viq joined #salt
14:43 dopesong_ joined #salt
14:43 salt_noob babile: Ok, thanks! Just wanted to confirm.
14:43 salt_noob babilen*
14:44 supersheep joined #salt
14:46 ksalman has anybody been able to pip install salt on solaris? well.. I can install salt but not RAET. pip install raet works fine but libsodium is missing and I am not able to get libsodium on solaris
14:50 giantlock joined #salt
14:51 babilen ksalman: I really wouldn't recommend to use RAET
14:52 ksalman babilen: how come?
14:52 ksalman I am not using it but I figured if i am trying to get solaris version working I might as well get RAET working too
14:53 babilen ksalman: Because, AFAIK, it is neither ready for production nor will it ever be as saltstack is working on another transport
14:53 ksalman huh, that is news that they are working on another transport
14:53 Brew joined #salt
14:54 Oxc0de joined #salt
14:59 mpanetta joined #salt
15:00 Oxc0de salt-cloud is failing with "Profile base_ec2_private is not defined"  - see configs https://gist.github.com/anonymous/7824c2cc5273c0502fe6
15:00 husanu joined #salt
15:00 mpanetta joined #salt
15:03 mpanetta joined #salt
15:03 clintberry joined #salt
15:04 dendazen joined #salt
15:05 Configio joined #salt
15:06 phw left #salt
15:06 rdutch Oxc0de: is that all in 1 profile file? what I see is like a profile file, not a provider file, plus it has multiple id’s defined, with incorrent indents
15:08 RedundancyD joined #salt
15:09 pfallenop joined #salt
15:11 aqua^c joined #salt
15:11 husanu joined #salt
15:13 zer0def joined #salt
15:15 supersheep joined #salt
15:18 PeterO joined #salt
15:20 SgtMalicious looks like I found the problem
15:20 Configio joined #salt
15:20 SgtMalicious stupid enough… can't believe I missed it looking at the strace output
15:21 _mel_ joined #salt
15:21 numkem joined #salt
15:28 pfallenop joined #salt
15:28 pfallenop joined #salt
15:31 dopesong joined #salt
15:32 shiriru joined #salt
15:34 sunkist joined #salt
15:37 nhe sjwoodr: thanks again for advising salt-formulas, it works like a charm. Somehow I missed that states could be templatized too
15:37 debian112 joined #salt
15:42 btorch h cool
15:42 iggy nhe: also, https://github.com/SS-archive/salt-states
15:45 nhe iggy> thanks for the link!
15:47 dewdrop joined #salt
15:49 Oxc0de joined #salt
15:52 XenophonF joined #salt
15:52 Oxc0de rdutch:  the configs in my pastbin  are in two files cloud.providers and cloud.profiles. The keys have be substituted for security.
15:53 XenophonF has salt-formula broken for anyone else recently?
15:53 XenophonF let post the error i'm getting to gist
15:54 iggy XenophonF: probably me trying to fix the mapping thing
15:54 XenophonF yeah
15:54 iggy there's an open issue for it
15:54 Bryson joined #salt
15:54 iggy I haven't had time to look at it
15:54 XenophonF my formula paths are all rendering as "/usr/local/etc/salt/formulas\n..."
15:55 murrdoc whats wrong with {{ slspath }}
15:58 zblum joined #salt
15:59 iggy there's a couple bugs that talk about it
16:00 iggy I think it's a case of... if it works for you, then great
16:01 murrdoc https://github.com/saltstack/salt/issues/4348 ?
16:02 murrdoc https://github.com/saltstack/salt/blob/develop/salt/utils/templates.py#L131-L151
16:02 murrdoc can u read that
16:02 murrdoc i can read it too
16:02 murrdoc but whut
16:02 XenophonF iggy, whatever changes you made in pull request 171 broke the salt.formulas and salt.master states
16:02 XenophonF if i checkout master~2 to back out of those changes, salt.formulas works for me again
16:02 murrdoc HAAAA
16:02 murrdoc SHAME
16:03 XenophonF change set 9779609 for your reference
16:03 XenophonF i'm looking at a diff next
16:04 iggy XenophonF: I already told you I know it's broken
16:04 iggy but thanks for reminding me
16:04 linjan joined #salt
16:04 jodv joined #salt
16:04 iggy it was broken before that for a ton of people too
16:05 murrdoc people with old jinja
16:05 shaggy_surfer joined #salt
16:05 XenophonF i wouldn't complain except i can't figure out how to revert your changes my fork of that repo
16:05 iggy git revert?
16:06 XenophonF it's giving me an error about being unable to revert merges
16:06 iggy or figure out how to fix it properly and send a PR
16:06 XenophonF LOL i know how to fix it...revert 9779609 :-p
16:06 murrdoc HAAA
16:07 iggy revert back to before the stupid mapping test was added in the first place
16:08 XenophonF so the formulas_git_opt is what broke?
16:08 iggy or revert adding the formulas.jinja include to a bunch of shit it doesn't need to be in
16:10 supersheep joined #salt
16:10 Configio joined #salt
16:10 iggy that formula is a mess of "change this to work for me"... "change this back to work for me"
16:12 sdm24 joined #salt
16:12 larsfronius joined #salt
16:13 Deevolution left #salt
16:13 Deevolution joined #salt
16:14 protoz joined #salt
16:15 stageravenger joined #salt
16:16 protoz joined #salt
16:16 dopesong joined #salt
16:16 XenophonF i wonder why it's value|yaml instead of value|yaml_encode or even just value
16:16 stageravenger What is the salt python API call i could use to 'ping' a master from a minion?
16:19 homeshlice joined #salt
16:21 XenophonF iggy: changing formulas_git_opt to return just {{ value }} makes salt.formulas work again
16:21 jalbretsen joined #salt
16:21 mr_const joined #salt
16:21 XenophonF i don't understand how a newline and "..." gets appended to the string when sent to the |yaml filter
16:21 shiriru joined #salt
16:22 mr_const is there some way to execute state based on condition without jinja/grains magic?
16:22 mr_const I need to create database and populate it with initial data only when there is no db
16:24 supersheep joined #salt
16:24 murrdoc joined #salt
16:25 Configio joined #salt
16:26 djpain joined #salt
16:27 XenophonF mr_const: requisites are your friend
16:28 XenophonF you can have one state watch another for changes
16:29 XenophonF iirc mysql-formula does something like that
16:30 iggy XenophonF: it was originally just value, then someone added the yaml on there (don't remember why)
16:30 protoz joined #salt
16:30 sgargan joined #salt
16:30 XenophonF without that |yaml filter, salt.formulas works perfectly
16:30 babilen mr_const: ... or only do something if another state has changes (and so on)
16:31 DammitJim joined #salt
16:31 XenophonF iggy: want me to submit a pull request?
16:31 XenophonF forrest, you around? it's a one liner fix
16:31 whytewolf mr_const: another tool you could use for your example is unless and onlyif. which use cli to determine if something is in a state and either do or do not run the state
16:31 iggy that's not the correct fix though
16:31 iggy the | yaml thing was added for some reason
16:32 XenophonF iggy: then what is? i believe i exercised all of the code paths in testing on my end
16:32 iggy you'd have to look through the history to see why
16:32 XenophonF updated some repos, deleted others
16:32 timoguin joined #salt
16:33 XenophonF iggy: let's see what blame has to say
16:34 babilen It's part of the initial PR by Raphael
16:34 XenophonF right
16:35 zmalone joined #salt
16:35 iggy I wish I'd been a contributor when that was merged...
16:35 XenophonF look, i don't know why "\n..." gets tacked onto the end of basedir
16:36 XenophonF all i know is that if i remove the yaml filter from the macro that gets the value of basedir here (https://github.com/saltstack-formulas/salt-formula/blob/master/salt/formulas.sls#L10), the salt.formulas state starts working for me again
16:36 XenophonF i really, really wish salt had better debugging tools because a simple single-step through the rendering process would probably clue us all in
16:36 iggy send a PR then, it'll get merged, then in a week or two, someone else will have it fail and we'll figure out why that was there
16:37 mr_const hmm... thanks guys, will look
16:37 babilen iggy: heh
16:38 anotherZero joined #salt
16:38 XenophonF i think the key problem here is that formulas_get_opt gets used in two different ways---both in Jinja {% set %} expressions and in template {{ }} expressions
16:38 saline_ joined #salt
16:39 sunkist joined #salt
16:39 iggy wish I could just remove the whole thing
16:40 XenophonF if i understand correctly, the |yaml filter's there because in some of the set expressions, it wants to use that value rather than printing it, so the call to formulas_git_opt gets filtered through |load_yaml, which looks like a horrible awful no good very bad hack
16:40 XenophonF like, why convert to yaml only to convert back to data
16:40 XenophonF those are for the update and options keys, which i don't use
16:40 XenophonF let me see what those are supposed to do
16:41 babilen iggy: As salt provides a perfectly usable GitFS implementation already?
16:41 iggy WORKSFORME
16:41 babilen Same here
16:43 Lionel_Debroux joined #salt
16:44 aparsons joined #salt
16:45 bluenemo joined #salt
16:45 XenophonF how do i configure gitfs to put the master branch of saltstack-formulas/salt-formula into all of my environments?
16:46 sunkist joined #salt
16:46 XenophonF b/c that's the only reason i'm using salt.formulas instead of just putting everything in gitfs
16:46 iggy I think you know that's not possible
16:46 writtenoff joined #salt
16:47 babilen I really quite dislike the branch = environment setup of GitFS
16:48 mr_const how to use file from master as cmd.run's script parameter?
16:48 sirnightlord joined #salt
16:48 zmalone joined #salt
16:48 mr_const want to execute 'psql < db.sql
16:49 mr_const 'psql < salt://db.sql'
16:49 iggy you can't... file.manage/cp.* the file first and then use it
16:50 mr_const m.. okay, thanks
16:50 XenophonF mr_const: alternatively, if psql will take the .sql file name as a command line argument, you could use the source and interpreter arguments to cmd.script/cmd.wait_script
16:50 Configio joined #salt
16:50 XenophonF then salt will push the sql script as a temp file, run psql /tmp/blahblah.sql, and delete the temp file in one state
16:51 XenophonF sorry, the arg name is shell, not interpreter
16:52 mr_const XenophonF, it can work, I'll try
16:52 stageravenger joined #salt
16:53 zerth joined #salt
16:54 KyleG joined #salt
16:54 KyleG joined #salt
16:54 salt_noob babilen: I just read your answer again, when you mentioned " The entire template is available to *all* minions, which is why you keep all sensitve data in pillar." However, my original question was about using jinja templating in a pillar file. Meaning that, if apply that pillar file to a minion in /srv/pillar/top.sls, will the entire 'pillar' file be made available to all minions that have that formula applied in /srv/pillar/top.s
16:54 salt_noob will it evaluate the jinja condition first, and then only provide those values based on the conditional statement in jinja?
16:55 babilen salt_noob: The minion will only see those parts of the pillar that are available to it
16:55 babilen (i.e. you can have logic in your pillar SLS files that decides which data is being shown to a particular minion)
16:56 wendall911 joined #salt
16:56 salt_noob babilen: Ok, thanks! We'ree deciding if we should use templating in pillar, to reduce the number of configs we need (right now, they're separated by environment directories). just wanted to make sure we didn't accidently expose sensitive data to the wrong servers. Very helpful. Thanks!
16:56 iggy test that
16:56 mfournier joined #salt
16:57 salt_noob for sure
16:57 davisj I would've assumed the minion gets the entire pilla sls and renders it locally.
16:57 * davisj wouldn't know though
16:57 babilen salt_noob: Pillar are rendered on the master and essentially result in a Python dictionary that is then made available to the minion
16:58 salt_noob That's what I figured. Why even send the whole file and render on the minion, its just more work.
16:58 davisj sweet
16:58 iggy either salt does all the processing on the master (in which case, you can't use relevant grains as the grains will all be the master's) or it transfers the file that is processed on the minion
16:58 babilen Wait
16:58 babilen You can use grains
16:58 babilen Good point
16:58 pm90_ joined #salt
16:58 iggy i.e... "test that"
16:59 salt_noob PARAMETERIZING STATES WITH PILLAR: https://docs.saltstack.com/en/latest/topics/tutorials/pillar.html. Grains are definitely supported in pillar. Was just curious on "when" things would be evaluated.
16:59 iggy I know that the common understanding is that it all happens on the master, but I'm not sure it's that easy
17:00 homeshlice joined #salt
17:00 salt_noob or where, to be more precise.
17:00 Configio joined #salt
17:07 toastedpenguin joined #salt
17:07 druonysus joined #salt
17:07 mpanetta Hi all, quick salt question... Since the host state kinda sucks, do people just mange the entire /etc/hosts file?
17:08 hoonetorg me doing that
17:08 hoonetorg mpanetta: i do not enable mining
17:08 toastedpenguin joined #salt
17:08 Diaoul joined #salt
17:09 mpanetta hoonetorg: How do you fill out the hosts file then?
17:10 hoonetorg mpanetta: hv a look at https://github.com/hoonetorg/salt-hosts-formula/blob/develop/hosts/init.sls
17:10 hoonetorg mpanetta: i'm struggeling around with my data management currently and have no good solution
17:11 mpanetta I would use mongo (or some other db) ext pillar...
17:11 hoonetorg but https://github.com/hoonetorg/salt-hosts-formula/blob/develop/hosts/init.sls#L17-L23 should give you a solution
17:11 mpanetta hoonetorg: Yep that is awesome.  Thanks!
17:13 hoonetorg mpanetta: i thought about ext_pillar's too, but you can not use them in system pillars and salt-run state.orchestrate also does not work with ext_pillar
17:13 lexter joined #salt
17:13 protoz joined #salt
17:13 mpanetta Well crap that sucks
17:14 hoonetorg because salt-run state.orchestrate doesn't set a minion id when requesting the ext_pillar (result: none)
17:14 iggy it's a runner
17:14 iggy there is not a pillar
17:15 hoonetorg iggy: yes i know, but i can use the pillar data of the salt-master with (not only "master:" every pillar defined for the master)
17:15 hoonetorg is this some kind of salt-run magic?
17:16 protoz joined #salt
17:16 hoonetorg iggy: it evaluates it 2x (had a look what salt-run does  with "-l debug" )
17:18 hoonetorg mpanetta: i use file.replace instead of host.present, because if you have multiple names with host.present they can be in a different order than defined in the state)
17:19 Ryan_Lane basepi: https://github.com/blog/2051-protected-branches-and-required-status-checks
17:19 Ryan_Lane can we start using the master branch again? :)
17:21 mpanetta hoonetorg: Among other issues (you can't update an IP easily for example)
17:21 basepi The reason we dropped master branch was because we weren't keeping it up to date, IIRC. Not because of security issues.
17:21 basepi That said, I'm super excited about these features.
17:21 Ryan_Lane using develop rather than master is annoying
17:21 Ryan_Lane develop branch is being used as master
17:21 basepi True.
17:21 forrest joined #salt
17:22 Ryan_Lane every time I checkout master accidentally I get annoyed :)
17:22 basepi Hahaha
17:22 basepi I'd be down with changing it, though everyone who's developed salt for awhile will have the same annoyance you do now. xD
17:22 hoonetorg mpanetta: oh yeah, the ip is somehow  my primary key, mhhh
17:22 Shirkdog joined #salt
17:23 mpanetta hoonetorg: That is an issue with the host state as well though
17:23 Gareth So going forward everytime someone checks out develop, they'll be annoyed at Ryan_Lane. :)
17:23 Ryan_Lane hahaha
17:23 Ryan_Lane true
17:23 hoonetorg mpanetta: but there you can do a host.absent
17:24 basepi Dangit, we don't have access to protected branches yet
17:24 chiui joined #salt
17:24 Ryan_Lane people (and git) are wired to use the master branch by default
17:24 mpanetta hoonetorg: Only if you know the old address that needs to be removed.
17:24 Ryan_Lane basepi: I'm sure if you ask them they'll make it available
17:24 Ryan_Lane salt is one of the larger projects
17:24 mpanetta That is the biggest issue.  If I could just force it to remove the entire line matching by name not IP that would work.
17:25 mpanetta Would probably have to add a flag or something
17:25 basepi Meh, I'm in no hurry. Just glad to have it coming.
17:25 ageorgop joined #salt
17:26 hoonetorg mpanetta: yeah, making a filter for the name you want to remove
17:26 mpanetta Hmm
17:27 djpain joined #salt
17:27 hoonetorg mpanetta: but i hv no remove option to remove something out of /etc/hosts at all currently :)
17:28 mpanetta Yeah
17:28 jodv joined #salt
17:28 GreatSnoopy joined #salt
17:37 duczen joined #salt
17:39 Akhter joined #salt
17:42 nofxrok joined #salt
17:42 rdutch left #salt
17:43 duczen Where does salt get the value for the the host grain? I have to minons with the same config and on master I see one host correctly but the other has an ip.
17:44 hoonetorg mpanetta: but host.absent works fine for removing hosts (you must provide name and ip)
17:44 mpanetta yeah
17:44 hoonetorg made a small test (L
17:44 hoonetorg made a small test (:
17:44 hoonetorg typo
17:44 mpanetta Problem is, if you don't know the old IP (the minion died) then you can't remove it.
17:45 mpanetta say for auto scaling, you would want to remove the old ip's after the scaling event was over
17:46 mpanetta Not quite sure how you would do that
17:46 hoonetorg ok, that would be a file.replace, where you delete the line (empty line???) and search for the hostname (as word) minimum at position 2
17:46 mpanetta yeah
17:47 mpanetta generally I believe all I would get to feed in to the reactor would be the minion id, so that is why search and remove/replace by name is important.
17:48 homeshlice joined #salt
17:49 shaggy_surfer joined #salt
17:51 linjan joined #salt
17:52 hoonetorg something like: "pattern: ^\s*[0-9]{1,3}\.){3}[0-9]{1,3}.*\b{{minion_id}}\b"
17:52 erjohnso joined #salt
17:52 hoonetorg mpanetta: not a good ip matcher :)
17:53 mpanetta hoonetorg: Is that for the file.replace?
17:54 hoonetorg yes
17:55 hoonetorg mpanetta: but repl "" gives you an empty line in your hosts file
17:55 mpanetta Hmm
17:56 baweaver joined #salt
18:02 protoz joined #salt
18:04 kevinquinnyo what do i need to import to get access to __opts__ when writing a salt runner?
18:08 murrdoc import salt.utils
18:08 XenophonF do those kinds of imports work for reactor scripts, too?
18:10 kevinquinnyo murrdoc: NameError: name '__opts__' is not defined
18:10 hoonetorg mpanetta: cat /etc/hosts |sed -r "/\btest.os.example.org\b/d"
18:10 kevinquinnyo i imported salt.utils
18:10 hoonetorg this is removing a line with a specific hostname in the /etc/hosts file
18:11 SheetiS joined #salt
18:11 hoonetorg mpanetta: every line which contains the hostname as a word (in boundaries - '\b'
18:11 hoonetorg )
18:12 iggy kevinquinnyo: it's a dunder dict which should be automatically stuffed in by the loader (but I'm not entirely sure runners get it)
18:12 mpanetta I wondered what the \b was.
18:13 cyborg-one joined #salt
18:13 kevinquinnyo iggy: I noticed a few runners using it for example:  https://github.com/saltstack/salt/blob/develop/salt/runners/fileserver.py
18:13 pravka joined #salt
18:14 iggy kevinquinnyo: how are you testing this? (i.e. what command says NameError?)
18:14 hoonetorg mpanetta: to be accurate the dots in the hostname should be escaped ( {{minion_id|replace(".", "\.")}} )
18:14 kevinquinnyo restarting salt-master service and tailing the error log /var/log/salt/master iggy
18:14 baweaver joined #salt
18:14 hoonetorg mpanetta: i did not try the last thing
18:14 mpanetta hoonetorg: Thanks for the help :)
18:15 larsfronius joined #salt
18:16 hoonetorg mpanetta: glad, if it's useful for you
18:17 dopesong joined #salt
18:21 kevinquinnyo iggy: i must be high or something -- it's working fine now
18:22 protoz joined #salt
18:24 iggy kevinquinnyo: odd... I Was going to say if you just ran the runner via python it wouldn't work (as the dunder dicts are only loaded by the Salt loader)
18:25 Configio joined #salt
18:25 kevinquinnyo iggy: yeah i figured that would be the case
18:26 kevinquinnyo i think they are only available within defined functions as well
18:26 rm_jorge joined #salt
18:26 kevinquinnyo in the salt context
18:28 iggy oh right, yes
18:29 iggy and they aren't available in __virtual__ functions (for modules/grains/states/etc)
18:29 bhosmer joined #salt
18:30 bhosmer joined #salt
18:31 TyrfingMjolnir_ joined #salt
18:32 linjan joined #salt
18:32 XenophonF oh i get it now
18:33 XenophonF any invocation of formulas_git_opt used in a {% set %} expression needs to be filtered through |load_yaml
18:35 ajw0100 joined #salt
18:36 XenophonF hm, jinja macros are kind of yucky when people try to use them as functions
18:36 oeuftete When I use file.grep and the grep doesn't match, it generates two error-level logs for the minion.  :(((
18:37 protoz joined #salt
18:37 hoonetorg anybody else workarounding issue "Ability for pillar to read other pillar values #6955" with "Allow master config defining *static custom* data values. #12916"
18:37 XenophonF ok iggy, i got this figured out
18:37 XenophonF and now i, too, want to smack the original author around ;)
18:37 hoonetorg a.k.a salt['config.get']('any_parent_key:any_child_key')
18:38 kevinquinnyo iggy: (or anyone) is building a salt-runner even the best place for me to put a zabbix api client class and an add_host() function to automatically add a host to zabbix after a highstate run?
18:38 hoonetorg or how do you guys parametrize pillar data???
18:38 kevinquinnyo or would there be a better place for that
18:40 kevinquinnyo wondering if i should just shove all of this into reactor
18:40 Configio joined #salt
18:40 XenophonF jinja macros aren't actually functions. the only way to get a return value out of them is to print something. so to return structured data you have to serialize it in the macro (e.g., `{{ return_value|yaml }}`) and then deserialize it in the caller (e.g., `{% set retval = foobar_macro(args)|load_yaml %}`
18:41 XenophonF ergo, `{{ value|yaml }}` at https://github.com/saltstack-formulas/salt-formula/blob/master/salt/formulas.jinja#L14 and https://github.com/saltstack-formulas/salt-formula/blob/master/salt/formulas.jinja#L14
18:41 XenophonF i mean https://github.com/saltstack-formulas/salt-formula/blob/master/salt/formulas.jinja#L22
18:42 XenophonF and the corresponding `{% set update = formulas_git_opt(env, 'update')|load_yaml %}` at https://github.com/saltstack-formulas/salt-formula/blob/master/salt/formulas.sls#L12, or `{% set options = formulas_git_opt(env, 'options')|load_yaml %}` at https://github.com/saltstack-formulas/salt-formula/blob/master/salt/formulas.sls#L28
18:44 rdorgueil joined #salt
18:45 XenophonF so the actual bug is at https://github.com/saltstack-formulas/salt-formula/blob/master/salt/formulas.sls#L10, where there's a call to the macro in a set expression without the corresponding |load_yaml
18:46 impi joined #salt
18:46 fyb3r joined #salt
18:47 aqua^c joined #salt
18:48 iggy as I commented on the original issue, this should be done in python more than likely
18:49 sirex joined #salt
18:51 sgargan joined #salt
18:52 icflournoy joined #salt
18:54 XenophonF same bug here, https://github.com/saltstack-formulas/salt-formula/blob/master/salt/formulas.jinja#L20, which results in the master config getting rendered incorrectly, too
18:54 XenophonF oh i wholeheartedly agree, iggy, but i don't really have time to rewrite this formula
18:55 XenophonF this serializing/deserializing thing is a huge hack
18:56 XenophonF OK, I think I have this fixed.  I'm preparing a pull request now.
18:56 Fiber^ joined #salt
19:01 gerhardq1x hoonetorg: https://github.com/bbinet/pillarstack got merged a couple of months ago
19:01 cornfeedhobo is there a popular source for commonly desired grain data? e.g. the gateway of interfaces
19:01 dopesong_ joined #salt
19:01 cornfeedhobo maybe similar to github.com/saltstack-formulas
19:01 iggy salt-contrib
19:02 cornfeedhobo k
19:05 clintberry joined #salt
19:05 cornfeedhobo iggy: thanks
19:10 Configio joined #salt
19:12 Akhter joined #salt
19:14 joe_n joined #salt
19:14 murrdoc joined #salt
19:15 sgargan joined #salt
19:16 larsfronius joined #salt
19:19 hoonetorg gerhardqlx: nice
19:21 hoonetorg gerhardq1x: a few posts above i mentioned, that ext_pillar is not available for salt-run state.orchestrate
19:22 hoonetorg gerhardqlx: but systempillar (pillar_roots) evaluated for the salt-master minion are available
19:24 hoonetorg gerhardq1x: that's the only showstopper for me currently with any ext_pillar.
19:24 XenophonF iggy: there, i fixed it - https://github.com/saltstack-formulas/salt-formula/pull/176
19:25 hoonetorg gerhardq1x: also because ext_pillar's are not available in system pillars with ext_pillar_first.
19:26 ssc joined #salt
19:27 baweaver joined #salt
19:27 iggy XenophonF: tested a bit?
19:28 XenophonF WORKSFORME
19:28 murrdoc doubt it
19:28 djpain joined #salt
19:28 murrdoc xeno has bad credit
19:28 iggy says the guy that merged all that bad
19:28 murrdoc its why i know
19:28 murrdoc he has bad credit
19:28 murrdoc i trusted him
19:32 giantlock joined #salt
19:33 aarontc joined #salt
19:37 protoz joined #salt
19:38 simon_simon joined #salt
19:42 laax joined #salt
19:43 baweaver joined #salt
19:44 mapu joined #salt
19:44 simon_simon hey, is there a way to access, in sls, files from pillars? I want to store a certificate in pillars (cos it's used to store sensitive data right?) and later I want to upload it to a minion. how can I access it?
19:45 simon_simon I know i can use salt://<path>, but how can I get a file from pillars?
19:47 XenophonF vielen Danke, Herr iggy
19:47 simon_simon I assume that if I put a cert under salt://<path>/cert.key it will be access to all minions that are using this state right? I want to provision X minions using the same SLS but I want to inject different certs and I don't want to expose those certs among minions
19:47 iggy simon_simon: not available (yet)
19:48 XenophonF simon_simon: all minions connected to that master can see that certificate
19:48 XenophonF or private key, in your case
19:48 shaggy_surfer joined #salt
19:48 simon_simon not when it's in pillar and when I restricted in pillar/top.sls visibility... right?
19:48 XenophonF you can store files in pillar
19:48 XenophonF then in a file.managed state, use contents_pillar
19:49 iggy (sucks for binary data unfortunately)
19:49 XenophonF and set contents_newline=False
19:50 XenophonF and if you need binary data, e.g., a PKCS#12 file, encode it as base64 and use the YAML !!binary type
19:50 SheetiS simon_simon:  you could do an {% import <file> as <variable> %} and then assign then put it in a text block by going key: <variable>|json
19:50 SheetiS as long as it wasn't binary data I guess anyhow
19:50 Configio joined #salt
19:50 mohae_ joined #salt
19:51 SheetiS well key: {{ variable|json }} rather
19:51 clintberry joined #salt
19:51 jbrnds joined #salt
19:51 simon_simon damn I thought there will be something simple like pillar://<minon-01>/client.key but it looks like there is a bunch ways/hacks to do that ;-) I'll give a shot to all ideas and back to you if any problems, thx
19:52 jbrnds how can I in jinja concatenate ‘variables’ such as: {% set a = b/c %} b=foo, c=bar. a is set to ‘foo/bar’
19:53 XenophonF simon_simon: you could use one of the ext_pillar modules, too
19:53 XenophonF i think there's one that exposes a file directly as a pillar value
19:53 XenophonF where the key name comes from the path to the file
19:53 SheetiS {% set a = '{0}/{1}'.format(b,c) %}
19:53 XenophonF so like foo/bar/baz/qux.txt puts the contents of qux into foo:bar:baz:qux
19:53 SheetiS something like that?
19:54 XenophonF no hold on let me google that for you
19:54 simon_simon XenophonF: sounds exactly what i need, thx man
19:55 protoz joined #salt
19:55 jbrnds SheetiS: will try
19:55 SheetiS jbrnds: if you are wanting a final string that says 'foo/bar', I think it should do the trick.
19:56 ajw0100 joined #salt
19:56 mrwboilers joined #salt
19:56 Mate file_tree is that one
19:56 homeshlice joined #salt
19:56 mrwboilers Hi all. I'm back with another stupid question!
19:56 XenophonF simon_simon: https://docs.saltstack.com/en/latest/ref/pillar/all/index.html
19:57 tjones_ joined #salt
19:57 mrwboilers What is a good method for troubleshooting/debugging jinja in a state?
19:57 XenophonF looks like SaltStack's getting ready to release 2015.8.0 because the documentation is all screwed up :)
19:57 XenophonF simon_simon: make sure you click the 2015.5.5 button to get to the right version of the docs
19:57 XenophonF simon_simon: https://docs.saltstack.com/en/2015.5/ref/pillar/all/salt.pillar.file_tree.html#module-salt.pillar.file_tree
19:58 mrwboilers I have a statement like {% set stuff = [salt.cmd.run('shell command...')] %}
19:58 mrwboilers Is there some way to just print 'stuff'?
19:58 XenophonF mrwboilers: {{ salt.cmd.run... }} doesn't DTRT?
19:59 mrwboilers I just want to see if it's getting the correct value, or if it's getting anything at all
19:59 Diaoul joined #salt
19:59 mrwboilers Also, what format it is in
19:59 XenophonF ttyl peoples have a good night
19:59 XenophonF left #salt
20:00 murrdoc joined #salt
20:01 pm90_ joined #salt
20:04 mrwboilers so should I be able to set a value in a state like this?: - MY_VALUE: {{ salt.cmd.run('shell command') }} ?
20:04 ajw0100_ joined #salt
20:05 Ryan_Lane mrwboilers: yes
20:05 Ryan_Lane you may need shell=True, depending on the command you're running
20:06 mrwboilers Ryan_Lane: that's probably it. It is erroring out because it can't find grep (even when I used the full path of '/bin/grep')
20:06 pm90__ joined #salt
20:07 Ryan_Lane hm. well, that doesn't make a lot of sense
20:08 husanu joined #salt
20:08 mrwboilers Pardon my ignorance, but with shell=True, would it be: - MY_VALUE: {{ salt.cmd.run('shell command',shell=True) }} ?
20:08 Ryan_Lane yep
20:10 mrwboilers With shell=True it doesn't render
20:12 Ztyx joined #salt
20:13 Ryan_Lane check the module documentation. maybe i have the arg incorrect
20:21 baweaver joined #salt
20:23 BretFisher joined #salt
20:24 chiui joined #salt
20:25 mrwboilers Ok, the actual error is "Rendering SLS 'base:bp' failed: expected chomping or indentation indicators, but found ':'; line 8
20:26 mrwboilers But the sls file is only 7 lines long. There is no blank line or anything at the end
20:28 mrwboilers There isn't even a single blank space at the end. Each line seem to be properly indented.
20:29 djpain joined #salt
20:34 s_kunk joined #salt
20:37 Diaoul joined #salt
20:39 jbrnds how can I in jinja create a dict: {% set dict.k1 = v1 %} {% set dict.k2=v2 }
20:39 jbrnds … i get the error ”Jinja syntax error: expected token 'assign', got ‘.’;”
20:43 protoz joined #salt
20:44 protoz joined #salt
20:46 SheetiS jbrnds you can do {% set whatever = {'k1': 'v1', 'k2': 'v2'} %} as a way to do that and {% do whatever.update(<more stuff>) %} later
20:48 jbrnds SheetiS: .. as in python - will try
20:48 Diaoul joined #salt
20:48 SeeDickCode joined #salt
20:48 SheetiS yeah most things in jinja understandably end up pythonic in nature.  (not all, but quite a bit)
20:49 timoguin joined #salt
20:50 Configio joined #salt
20:51 jbrnds SheetiS: check; thanks works like a charm. Still batteling with some list of dict stuff and yaml loads, but that is for tomorrow.
20:51 jbrnds Running into another issue: I have a passwordless pvt key to my git repo, however it asks for the Enter passphrase for key …
20:51 jbrnds … checked the permissions already
20:52 baweaver joined #salt
20:53 WildPikachu is it possible to negate a match on a grain in top.sls?
20:53 SheetiS hmm I've not run into that with a couple of git checkouts that I statefully manage.
20:54 jbrnds SheetiS: weird thing is, that in another saltstacky it works (same keys)… will pick apart the differences.
20:57 WildPikachu '* and not G@mygrain:notthis':    <= is that the right way to negate a grain match?
20:58 iggy looks right
21:00 PeterO joined #salt
21:01 CeBe1 joined #salt
21:02 jbrnds WildPikachu: indeed, looks good: https://docs.saltstack.com/en/latest/topics/targeting/compound.html
21:02 jbrnds WildPikachu: possibly add - match: compound if you use it in the top.sls file
21:02 PeterO Quick question. If I use something like `archive.extracted` to download an archive and extract it, how can I then move one of the files in the extracted archive to something like /usr/bin ?
21:02 druonysuse joined #salt
21:03 druonysus joined #salt
21:03 druonysus joined #salt
21:03 jbrnds PeterO: with a file.managed: - name: /usr/bin/<name>  - source:/path/to/unarchived/dir/<name>
21:04 PeterO oh that easy?
21:04 PeterO lol thanks.
21:04 mrwboilers Any idea why this isn't rendering in a state? It's under cmd.run/env INST_VERSION: {{ salt.cmd.run("grep 'searchtext' /etc/bashrc | tail -c 9") }}
21:04 mrwboilers It fails with INST_VERSION: /etc/bashrc:1
21:04 nicksloan joined #salt
21:06 Ztyx joined #salt
21:07 sgargan joined #salt
21:08 cornfeedhobo boy, some of these formulas are tightly coupled to ubuntu
21:10 PeterO jbrnds: doing that throws an error: Unable to manage file: string indices must be integers, not str
21:10 mrwboilers When I run the exact same command at the commandline (salt '*' cmd.run "grep 'searchtext' /etc/bashrc | tail -c 9" It works just fine.
21:10 Configio joined #salt
21:10 iggy cornfeedhobo: the ones that aren't are because someone else came along and fixed them
21:11 jbrnds cornfeedhobo: are you talking about the mongodb formula - that is a mess. tried to add RedHat support (Centos6/7) and lost myself in a rabbithole
21:11 mrwboilers But in a state it doesn't render. Very frustrating
21:11 iggy mrwboilers: tried salt.cmd.shell?
21:11 cornfeedhobo iggy: yea, i am going try and update the docker one first and see how that goes. do you have a suggestion on one that is a good model of multi-os support?
21:11 mrwboilers iggy: I have not. I'll try that now
21:11 jbrnds PeterO: hmm file.managed and string indices.. don’t understad
21:11 cornfeedhobo jbrnds: docker. i'll probably need mongo eventually too :(
21:11 cornfeedhobo and yeah, centos7
21:12 iggy cornfeedhobo: not really... they tend to start going off the rails pretty quick (salt-formula, postfix-formula, mongo-formula maybe)
21:12 cornfeedhobo ok
21:12 jbrnds cornfeedhobo: I like the mysql one - it has very specific settings/default yaml setup for various osses
21:12 PeterO jbrnds: https://gist.github.com/polds/a87480485841c32cc97a
21:13 protoz joined #salt
21:13 cornfeedhobo jbrnds: thanks, i'll check it out
21:13 jbrnds cornfeedhobo: did my own mongodb formula for deb and centos (only vanilla server install) in 15 mins after 1,5 day converting mongodb formula
21:14 jbrnds PeterO:  require: - archive: consul (maybe)
21:14 jbrnds … to file.managed
21:15 sgargan joined #salt
21:16 protoz joined #salt
21:16 PeterO Same error :(
21:16 mrwboilers Does salt.cmd.shell return a dict?
21:17 murrdoc joined #salt
21:17 cornfeedhobo jbrnds: thats inspiring at least. i am going to see what i can do with this one
21:17 mrwboilers If the command that is run just returns a string, then salt.cmd.shell should just return a string, right?
21:17 larsfronius joined #salt
21:18 jbrnds PeterO:  O … hmmm seperate in different states?
21:18 nitay joined #salt
21:19 jbrnds PeterO: https://gist.github.com/polds/a87480485841c32cc97a
21:20 PeterO let me try
21:20 subu joined #salt
21:21 pmcg joined #salt
21:21 PeterO wtf.. still the same error
21:22 mrwboilers Can anyone recommend a good walkthrough/tutorial for salt related jinja?
21:23 sgargan joined #salt
21:25 protoz joined #salt
21:26 protoz joined #salt
21:29 aqua^c joined #salt
21:33 PeterO jbrnds: so passed that exact config on to a coworker who got the same error, but I managed to get it working using file.copy instead of file.managed.
21:34 jbrnds ah ok, that is great to hear PeterO
21:34 jbrnds PeterO: thanks for the feedback.
21:34 cberndt joined #salt
21:35 PeterO thanks for the help, I've only been using a salt for a day now :)
21:35 pepechancho joined #salt
21:36 SaltyCharles joined #salt
21:36 jbrnds PeterO: it feels like every configuration step of your minion is like unwrapping candies without damaging the wrapping
21:36 zmalone joined #salt
21:36 pepechancho hi can someone tell me what RPM(s) i need for salt '*' status.cpuinfo to run successfully on all my rhel 6 minions? I have my rhel 6 nodes with only @core RPMS so I am trying to list out all others I need.
21:37 PeterO lol
21:37 protoz joined #salt
21:41 kevinquinnyo pepechancho: are you getting an error running that?  I think it just reads /proc/cpuinfo
21:43 pepechancho no i was not really .... im just trying to figure out if there are any RPMs that I need to add for SALT.MODULES to work correctly
21:44 zacdev joined #salt
21:44 iggy depends on the module, for that one, it doesn't look like anything special is needed (other than Linux or FreeBSD)
21:45 sgargan joined #salt
21:46 zacdev joined #salt
21:46 pepechancho thanks iggy. how about other modules? or better yet is there a comprehensive list that could tell me what RPMs are used based on any/all modules salt uses? just trying to avoid on creating a new patch with new RPMs on my offline systems where we use salt.
21:47 iggy there's not a list that I know of
21:47 zacdev joined #salt
21:49 dingo for those of you having difficulties with salt, remember, there are known knowns, known unknowns, but there are also unknown unknowns. https://www.youtube.com/watch?v=X2G8BNgSA3M
21:50 otter768 joined #salt
21:51 jbrnds dingo: and there is no no
21:51 pepechancho ok thats fair - just wanted to check with the community before making any decisions :-)
21:51 pepechancho thanks everyone have a great rest of the day
21:52 jbrnds pepechancho: on behalf of the community thank you
21:54 fyb3r left #salt
21:56 ajw0100 joined #salt
21:58 kevinquinnyo hey i just realized something, can someone correct me if i'm wrong -- if i want to speak to a remote rest api service at various times -- either from a reactor event, or within a state, i should build the api connector as an execution module right?
21:58 kevinquinnyo as opposed to a "runner"?  An execution module is not required to "do something on a minion" right?
22:00 Configio joined #salt
22:00 jmreicha_ joined #salt
22:01 deus_ex joined #salt
22:01 sunkist joined #salt
22:03 homeshlice joined #salt
22:03 sgargan joined #salt
22:04 cyborg-one joined #salt
22:04 deus_ex how do I debug why salt-master(2015.8.0) --versions-report does not list gitpython and python-gnupg, altough they are installed?
22:05 jmreicha_ joined #salt
22:05 sgargan joined #salt
22:06 druonysus joined #salt
22:06 jmreicha_ joined #salt
22:08 silvio joined #salt
22:09 baweaver joined #salt
22:10 jbrnds left #salt
22:11 forrest pedja: I'm pretty sure those aren't salt dependencies right? So it wouldn't list them?
22:11 forrest I know git isn't required for salt technically
22:11 forrest gnupg I'm not sure about for the key gen
22:12 forrest yeah I don't see those here: https://docs.saltstack.com/en/latest/topics/installation/#dependencies
22:13 pedja forrest: they are optional deps.weirdly, it lists gitdb, which is gitpython dep.Hm..
22:13 forrest is gitdb a dependency for one of the others perhaps?
22:13 sgargan joined #salt
22:14 djpain joined #salt
22:15 pedja forrest: not that I know.
22:16 jeddi joined #salt
22:16 bfoxwell joined #salt
22:18 ALLmightySPIFF joined #salt
22:18 sgargan joined #salt
22:24 murrdoc joined #salt
22:26 pedja since I don't need gitpython, I removed it for now.python-gnupg, here I come.
22:34 druonysuse joined #salt
22:35 Configio joined #salt
22:38 aparsons joined #salt
22:39 jdubinsky joined #salt
22:40 sgargan joined #salt
22:42 supersheep joined #salt
22:45 tmclaugh[work] joined #salt
22:46 timoguin joined #salt
22:49 Lionel_Debroux_ joined #salt
22:53 pm90_ joined #salt
22:53 sgargan joined #salt
22:55 geekatcmu Here's a silly question: is there a way for me to ensure specific states only execute during a highstate?
22:56 murrdoc put it in top.sls
22:56 murrdoc duh geekatcmu
22:56 murrdoc duh
22:56 murrdoc (i know what u mean)
22:56 geekatcmu not what I mean
22:56 murrdoc no u dont know that u are in a highstate run
22:56 murrdoc when u are in it
22:56 geekatcmu I have a bunch of states that modify firewall rules.
22:56 geekatcmu During a highstate, all the rules get run as they should.
22:56 geekatcmu If you just run a specific state ... lots of rules (potentially) go away.
22:57 murrdoc there isnt a 'pre' state
22:57 murrdoc but you can put a state at the top of your top.sls
22:57 murrdoc and set a grain or something
22:57 murrdoc and check for that in the states
22:57 geekatcmu Well, I'm looking more for a piece of information that a state can check to verify it's a highstate
22:57 murrdoc u need to clean it up on error or success
22:57 geekatcmu Yeah, I see what you mean.
22:57 murrdoc there arent any 'pre' hooks
22:57 geekatcmu That's going to be ... sub-optimal.
22:57 murrdoc which would be nice
22:58 murrdoc yeah i agree
22:58 bhosmer joined #salt
22:59 murrdoc your other option is to write some python that checks whether or not other states are included or required
22:59 jdubinsky joined #salt
22:59 geekatcmu right
23:00 Configio joined #salt
23:00 sgargan joined #salt
23:00 jeblair joined #salt
23:01 iggy you could probably write a module that checks the python stack for highstate
23:02 jeblair joined #salt
23:02 murrdoc das what i said
23:02 iggy the difference being that I'm trying to find an example of a module that inspects the stack
23:03 sgargan joined #salt
23:03 iggy modules.defaults.get
23:04 iggy https://github.com/saltstack/salt/blob/develop/salt/modules/defaults.py#L92
23:05 BretFisher joined #salt
23:07 kal0pr joined #salt
23:08 tmclaugh[work] joined #salt
23:08 sgargan joined #salt
23:10 pcdummy joined #salt
23:11 pedja left #salt
23:12 Bryson joined #salt
23:14 aristedes joined #salt
23:14 aristedes left #salt
23:18 capricorn_1 joined #salt
23:18 kevinquinnyo joined #salt
23:19 _JZ_ joined #salt
23:19 baweaver joined #salt
23:20 druonysuse joined #salt
23:20 druonysuse joined #salt
23:23 sgargan joined #salt
23:27 shaggy_surfer joined #salt
23:29 jodv joined #salt
23:31 andygabby left #salt
23:31 jonlangemak joined #salt
23:31 Akhter joined #salt
23:33 jodv_ joined #salt
23:37 baweaver joined #salt
23:38 jodv joined #salt
23:38 homeshlice joined #salt
23:49 teepark joined #salt
23:49 sunkist joined #salt
23:50 sgargan joined #salt
23:50 teepark I just upgraded to 2015.5.3 from 2014.7, and now a minion isn't connecting to a master on another machine
23:50 teepark just trying to test it with test.ping from the master
23:50 teepark I've restarted from both ends in different orders, and the keys are all fine
23:51 teepark any known issues around this? or what should I look at next to debug?
23:53 druonysuse joined #salt
23:53 iggy teepark: salt-run manage.down ?
23:54 orion203 joined #salt
23:54 iggy normal network stuff (can you connect from minion to master on the master ports, etc.)
23:54 aqua^c joined #salt
23:57 teepark netstat shows the master bound to 0.0.0.0 port 4506 (glad I looked, I want to make that just the private interface), and the minion is configured to hit that port
23:57 teepark I can get a tcp connection on that port from the minion's box just fine
23:58 teepark salt-run manage.down from the master lists the minion
23:58 iggy it should be 4505+4506
23:58 iggy can any minions connect?
23:59 teepark the only other minion is on the same box as the master and it's fine
23:59 teepark port 4505 is the same

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary