Perl 6 - the future is here, just unevenly distributed

IRC log for #salt, 2015-09-09

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:01 joe_n joined #salt
00:01 jmickle joined #salt
00:02 jmickle hi is anyone around?
00:02 jmickle running salt from command line on latest install is producing an error of no such option: --show-timeout
00:04 bbbryson joined #salt
00:07 sunkist joined #salt
00:08 UtahDave jmickle: can you pastebin the output of the error you're getting as well as the output of    salt-master --versions-report   ?
00:08 darvon joined #salt
00:08 jmickle UtahDave: http://pastebin.com/xMxraHES
00:09 jmickle looks like the PPA repo isnt offering up the latest download of 2015.5.5
00:09 jmickle either
00:09 UtahDave what do you expect salt to do when you just call "salt"?
00:09 jmickle any command i run after salt errors with that error
00:10 jmickle salt ‘*’ state.highstate
00:10 jmickle to even a salt —help
00:10 UtahDave Hm.  on my 2015.8.0rc3 it outputs the  help info
00:10 UtahDave how did you install 2015.5.5?  the ppa?
00:10 jmickle its not 2015.5.5
00:10 jmickle its 2015.5.3
00:10 jmickle from the PPA
00:10 UtahDave oh, right.  OK.
00:11 jmickle UtahDave: http://pastebin.com/hiqEn6aW
00:11 UtahDave has it always done this?
00:11 jmickle i can run a salt-call state.highstate
00:11 jmickle this is a brand new install
00:11 jmickle so
00:12 joe_n joined #salt
00:12 jmickle trying to migrate a salt server
00:13 UtahDave Hm. I just checked out the 2015.5.3 tag and it's giving me the help output correctly.
00:13 UtahDave I wonder what's going on here.  maybe a packaging issue
00:13 jmickle yeah its not a very good error msg :(
00:13 UtahDave what's the output of      whereis salt   ?
00:13 jmickle salt: /usr/bin/salt /etc/salt /usr/share/man/man7/salt.7.gz /usr/share/man/man1/salt.1.gz
00:14 UtahDave what version of Ubuntu are you running?
00:14 jmickle 12.04.5
00:16 dthom91 joined #salt
00:17 UtahDave is this a new vm?
00:18 jmickle yeah
00:18 UtahDave how did you install salt?  just add the ppa manually?  or using Salt Cloud?
00:20 jmickle https://docs.saltstack.com/en/latest/topics/installation/ubuntu.html
00:20 jmickle followed that
00:20 UtahDave k, let me spin up a vm real quick
00:20 jmickle just did an apt-get remove salt-master
00:21 jmickle and an apt-get install salt-master
00:21 jmickle same problem
00:21 dthom91 joined #salt
00:21 larsfronius joined #salt
00:23 dthom91 joined #salt
00:24 mosen joined #salt
00:25 jmickle any luck UtahDave ?
00:26 UtahDave having problems with digitalocean.  new vm apparently can't reach their apt mirrors,lol   Ugh.
00:27 jmickle lol
00:28 UtahDave ok, now it can reach them.  I don't know what happened.
00:28 jmickle digital ocean happened
00:29 UtahDave huh,    executing   "salt"   gave me the help output
00:29 UtahDave root@davetest1:~# salt-master --version
00:29 UtahDave salt-master 2015.5.3 (Lithium)
00:30 jmickle :(
00:30 jmickle so how do  itrace this down
00:32 UtahDave added a minion and it seems to be working, too
00:33 UtahDave can you spin up a fresh VM?  and see if you get that again?
00:33 UtahDave What image are you using for the VM?
00:36 jmickle i suppose
00:37 UtahDave did you build the image yourself?
00:37 jmickle no
00:37 jmickle just lots of stuff
00:38 jmickle we have put on it
00:38 jmickle lol
00:38 iggy a bash alias that throws --show-timeout into the options
00:38 jmickle iggy: ?
00:38 jmickle where would that come from?
00:39 jmickle ahhh
00:39 jmickle so stupidly simple
00:39 jmickle that was it
00:39 whytewolf lol, iggy i thought that, but thought that HAD to be checked for already
00:40 jmickle sigh
00:40 jmickle #fail
00:40 jmickle on my part
00:40 jmickle ive spent so much time in trying to fix some fabric files today i completely forgot about that
00:40 jmickle lol
00:40 mapu joined #salt
00:41 kevinquinnyo joined #salt
00:41 * UtahDave chuckles
00:42 jmickle yep totally forgot we added an alias into the base
00:42 jmickle some time ago
00:42 jmickle sigh
00:42 jmickle thanks
00:43 UtahDave OK, glad that got figured out!  Thanks, iggy
00:43 jmickle yeah thanks for all your help
00:43 jmickle haha
00:43 jmickle i think with that its about time to step away from the keyboard
00:43 UtahDave I was really bewildered.  scratching my head
00:43 jmickle yeah thats how i felt too
00:44 jmickle but again ive spent like 8 hours fixing fabric scripts
00:44 jmickle today
00:44 iggy leave it to me to think of the stupid answers
00:44 jmickle haha
00:44 UtahDave lol
00:44 jmickle sigh
00:44 jmickle ok time for beer
00:45 jmickle im like shaking my head in shame
00:45 jmickle il be certain to make fun of myself on that
00:45 jmickle for the next public talk i give
00:45 jmickle haha
00:48 dthom91 joined #salt
00:48 kuromagi joined #salt
00:49 bytemask joined #salt
00:50 Laogeodritt joined #salt
00:50 munhitsu joined #salt
00:51 esharpmajor joined #salt
00:53 evilrob joined #salt
00:53 tr_h joined #salt
00:53 GrueMaster joined #salt
00:53 berto- joined #salt
00:53 briner joined #salt
00:54 al joined #salt
00:54 geekatcmu joined #salt
00:54 dandelo joined #salt
00:54 Edgan_ joined #salt
00:55 techdragon joined #salt
00:56 skarn joined #salt
00:56 joe_n joined #salt
01:00 pm90__ joined #salt
01:01 virusuy joined #salt
01:07 DammitJim joined #salt
01:09 DammitJim man, I think I have confused myself with using pillars
01:12 forrest joined #salt
01:15 zwi joined #salt
01:17 UtahDave left #salt
01:17 fgimian joined #salt
01:18 retr0h joined #salt
01:20 pravka joined #salt
01:21 monkeybox joined #salt
01:23 opensource_ninja joined #salt
01:28 Hipikat joined #salt
01:28 dthom91 joined #salt
01:39 k00l joined #salt
01:39 k00l ok gang, i really tryed to learn this on my own. but theres no real examples of it anywhere that i can see..
01:39 k00l how can i load pillar data from an SQL db ?
01:39 ageorgop joined #salt
01:41 aurynn k00l, you'll need to write a custom pillar
01:41 aurynn which is gets implemented as a python module that returns a dict
01:41 k00l yes i have been writing those ,, just no idea with no examples out there of what they woudl look ke
01:41 k00l would look like*
01:45 k00l aurynn: so you have any ideas on where to begin ?
01:45 k00l do*
01:45 aurynn k00l, I'd read up on using SQLAlchemy in a script
01:45 k00l in a py script ?
01:45 aurynn sure - custom pillars are just python, right?
01:45 k00l isntthere a way for salt to read a table?
01:45 k00l ummm..
01:45 DammitJim joined #salt
01:45 k00l ya im kind of a n00b when it comes to this salt thing.. id really like some documentation or an example if at all possable ..
01:45 aurynn though I guess it'd be more sensible to ues one of the existing ones ;)
01:45 aurynn so to do this you will be using an ext_pillar
01:45 aurynn https://docs.saltstack.com/en/latest/ref/pillar/all/index.html
01:45 aurynn are the ones you have access to by default
01:45 k00l ive loaded up the sql creds into a pillar and such but thats just renderring them out as pillar key/val pairs : /
01:45 aurynn yeah, the ext_pillar stuff goes in your /etc/salt/master file
01:46 k00l ya theres no menchen of that anywhere in teh docs
01:46 k00l do u knwo how ?
01:46 aurynn https://docs.saltstack.com/en/latest/topics/development/external_pillars.html
01:48 aurynn and
01:48 aurynn https://docs.saltstack.com/en/latest/ref/configuration/master.html#ext-pillar
01:48 aurynn are going to be relevant and useful
01:49 k00l aurynn: im sorry mate i cant seem to find teh parameters and constraints in that doc that demonstrates how to config the "master" file
01:49 aurynn /etc/salt/master is the global configuration for your salt master
01:49 timoguin joined #salt
01:50 aurynn In a bare salt install, if you open that file, it should be full of commented out configuration stuff
01:50 k00l yes it is.
01:50 catpiggest joined #salt
01:51 k00l id omnt see a section for sql connection prams
01:51 aurynn yes
01:51 aurynn Because there won't be
01:51 aurynn because salt can
01:51 aurynn can't talk to your DB by default
01:51 aurynn you need to use an external pillar
01:51 k00l ok so i putt he connection string in my pillar file ?
01:51 aurynn so you will need to /add/ an ext_pillar section
01:51 aurynn no
01:52 aurynn what's your database?
01:52 k00l justa  simple mysql
01:52 aurynn so you want https://docs.saltstack.com/en/latest/ref/pillar/all/salt.pillar.mysql.html#module-salt.pillar.mysql
01:53 aurynn which if you look at https://docs.saltstack.com/en/latest/ref/pillar/all/salt.pillar.mysql.html#more-complete-example
01:53 aurynn tells you how to configure it
01:53 k00l right, so thats righ in the pollar file ?
01:53 aurynn that goes into your /etc/salt/master file
01:53 k00l pillar*
01:54 k00l ohh i see... and then i just access it as if it was local data ?
01:56 k00l so it all happens in the master file.  for the sql ext pillers at least
01:56 k00l is that correct ?
01:56 aurynn yeah
01:56 aurynn I've not used the mysql one, but that's how ext_pillars interface
01:56 otter768 joined #salt
01:56 k00l aurynn: kool, ill look in that direction . thanks for teh help mate ;)
02:00 aurynn np
02:11 quasiben joined #salt
02:12 dthom91 joined #salt
02:16 dthom91 joined #salt
02:20 jmickle joined #salt
02:23 khaije|io joined #salt
02:25 monkeybox Before I spend another $0.08 tonight.. :), when I deploy via salt-cloud, does it automatically dpeloy to high-state, or do I need to specify something?
02:32 DammitJim how do I match a server id with a wildcard?
02:33 DammitJim so, if I have servers with similar names: myserver1, myserver2
02:33 DammitJim how do I do a grains id match for myserver*?
02:33 DammitJim for some reason * is not working for multiple characters
02:39 otter768 joined #salt
02:43 TyrfingMjolnir joined #salt
02:45 pm90_ joined #salt
02:46 pm90___ joined #salt
02:51 evle joined #salt
03:01 DammitJim ugh why is my pillar not picking up my grain id wildcard?!
03:18 favadi joined #salt
03:22 creppe joined #salt
03:29 jalbretsen joined #salt
03:31 overyander joined #salt
03:31 dthom91 joined #salt
03:36 favadi joined #salt
03:37 xenoxaos joined #salt
03:37 gchao joined #salt
03:39 Edgan_ joined #salt
03:55 opensource_ninja joined #salt
04:18 mosu_ joined #salt
04:19 anmol joined #salt
04:22 larsfronius joined #salt
04:25 jalbretsen left #salt
04:26 whytewolf monkeybox: https://docs.saltstack.com/en/latest/topics/cloud/reactor.html#example-reactor-based-highstate
04:56 TyrfingMjolnir joined #salt
04:59 qybl joined #salt
05:09 rdas joined #salt
05:12 orion203 joined #salt
05:20 cliluw joined #salt
05:27 jmickle joined #salt
05:30 TyrfingMjolnir joined #salt
05:32 nocturn joined #salt
05:32 keimlink joined #salt
05:33 nlb joined #salt
05:46 cztanu joined #salt
05:50 cztanu Hey guys
05:51 cztanu If I encrypt my pillar data with GPG, does the client see the plaintext version when they try a salt-call pillar.get ?
05:54 otter768 joined #salt
05:58 Rebus joined #salt
06:01 ajw0100 joined #salt
06:01 katyucha joined #salt
06:04 dopesong joined #salt
06:16 dopesong_ joined #salt
06:17 lb1a joined #salt
06:24 sirex joined #salt
06:25 fxhp joined #salt
06:30 harkx joined #salt
06:30 laax joined #salt
06:33 KermitTheFragger joined #salt
06:38 zer0def joined #salt
06:41 ntropy yes, thats the idea cztanu
06:44 GreatSnoopy joined #salt
06:45 jhauser joined #salt
06:50 jhauser_ joined #salt
06:51 colttt joined #salt
06:54 CeBe joined #salt
06:59 cztanu I was hoping that the rendering would only take place on the server, and that a client couldn't see it unless the master passed it along during a state run... That'd be nice... Maybe I might look at implementing it.
07:00 colttt_ joined #salt
07:00 cztanu Reason being, I'd like to be able to give information to a server automatically, but not when somebody manually calls for it.
07:01 slav0nic joined #salt
07:02 numkem_ joined #salt
07:04 Ztyx joined #salt
07:05 jev joined #salt
07:07 AndreasLutro joined #salt
07:09 N-Mi joined #salt
07:10 eseyman joined #salt
07:14 illern joined #salt
07:23 kawa2014 joined #salt
07:23 Ztyx left #salt
07:23 alemeno22 joined #salt
07:23 alexlist_ joined #salt
07:29 Hemant joined #salt
07:30 Guest55388 hi
07:30 rdas joined #salt
07:31 Guest55388 left #salt
07:36 evle joined #salt
07:49 AndreasLutro hello
07:54 linjan_ joined #salt
07:55 otter768 joined #salt
08:04 zerthimon joined #salt
08:13 markm joined #salt
08:14 Grokzen joined #salt
08:19 arount joined #salt
08:19 foxmask joined #salt
08:19 foxmask yo
08:20 arount hi folks, there is a way to import a file in a jinja template and catching eventual import errors ?
08:20 arount I use something like: from "%s.sls" % server_id import nagios with context, but if "nagios" key isn't defined on the file salt crash
08:20 arount I whould like to catch this error
08:27 chiui joined #salt
08:27 losh joined #salt
08:30 dthom91 joined #salt
08:31 N-Mi joined #salt
08:33 dthom911 joined #salt
08:41 babilen arount: That sounds like a jinja issue, what is the exact error you get? Would it be possible to define nagios in every file?
08:49 CeBe joined #salt
08:51 lupulcelbun joined #salt
08:52 alexlist_ joined #salt
08:52 AndreasLutro joined #salt
08:53 alexlist_ joined #salt
08:55 lupulcelbun I am trying to learn salt and I hit something that looks like https://github.com/mitchellh/vagrant/issues/5973 just after I ran vagrant up as described in https://docs.saltstack.com/en/getstarted/fundamentals/index.html. The guests provision, master is accessible, keys are accepted, minions are accessible via the console, but salt '*' test.ping fails.
08:56 lupulcelbun I don't really understand the workarounds.
08:56 arount babilen: after reading stackoverflow threads, yes it is a jinja issue
08:56 bluenemo joined #salt
08:57 arount there is a way to at least, test if file exists (a file like: salt://file.whatever) in a jinja template (called by a salt state) ?
08:57 eliasp joined #salt
09:02 lupulcelbun I am trying to learn salt and I hit something that looks like https://github.com/mitchellh/vagrant/issues/5973 just after I ran vagrant up as described in https://docs.saltstack.com/en/getstarted/fundamentals/index.html. The guests provision, master is accessible, keys are accepted, minions are accessible via the console, but salt '*' test.ping fails. I don't really understand the workarounds. For example nmadhok's comment from Jul 16: where in the vagr
09:02 lupulcelbun ant file do I put config.ssh.username = "root" and config.ssh.password = "vagrant"?
09:06 somename joined #salt
09:06 somename Hey there
09:06 somename I wanted to call a utils method in a custom state
09:07 somename I used __salt__["util_py_file.util_method"]() similar to what can be used for execution modules
09:07 somename But this does not seem to work, can anyone out here help me?
09:08 somename Anyone here?
09:09 somename Using IRC for the first time, so, I am not sure if I am doing this right
09:09 larsfronius joined #salt
09:10 babilen Ah, wonderful ... vagrant should really fix that error (also given that a PR that fixes it has been waiting in the pipeline for quite some time now)
09:12 babilen lupulcelbun: You would put that in the "config" section of your Vagrantfile. If you could paste it to one of http://refheap.com, http://paste.debian.net, https://gist.github.com, http://sprunge.us, http://dpaste.de, … we will be able to help, but then "root" doesn't work if you are using newer releases as Debian rolls out a sshd config with "PermitRootLogin without-password" since jessie and you therefore
09:12 babilen cannot SSH into those boxes as root if ...
09:12 babilen ... you plan to use a password.
09:13 lupulcelbun ssh work from CLI
09:14 babilen lupulcelbun: Your best bet right now is to add "salt.bootstrap_options = '-F -c /tmp/ -P'" to your Vagrantfile
09:15 lupulcelbun https://gist.github.com/lupul-cel-bun/917540dafd7cb83b7f88#file-gistfile1-txt
09:17 babilen lupulcelbun: Change your bootstrap options
09:21 foxmask left #salt
09:22 X67r joined #salt
09:24 lupulcelbun Bootstrapping  now, waiting for ssh to become available on the first minion...
09:31 pravka joined #salt
09:41 lupulcelbun babilen: can you point me to the relevant documentation, I would like to understand what happens with these bootstrapping  options
09:43 babilen lupulcelbun: https://github.com/saltstack/salt-bootstrap
09:43 babilen https://docs.saltstack.com/en/stage/topics/tutorials/salt_bootstrap.html
09:54 arount joined #salt
09:55 cztanu I often have problems with salt on virtualbox/vagrant, so it's not a surprise. Usually related to network somehow.
09:56 otter768 joined #salt
09:59 mr_const joined #salt
10:01 mr_const Hi, does anyone knows, how to make gitfs work with unicode filenames?
10:01 phx why on earth would you use unicode filenames?
10:01 mr_const okay, not unicode, but with >128
10:01 phx yeah, still :)
10:02 mr_const cyrillic
10:02 AndreasLutro I avoid non-ascii filenames like the plague
10:02 phx me too
10:02 mr_const I try to avoid too
10:02 mr_const but not all developers do
10:02 mr_const and I need to deploy their sources
10:03 phx "developers" doing non-ascii filenames? is this some thedailywtf.com show?
10:04 phx mr_const, but answering your question, i'm not sure. in your stead, i would ask on the mailing list, or if all else fails, try to file an issue on github for it
10:05 phx but honestly, you will have tons of issues with non-ascii filenames, shittons of them
10:05 aqua^c joined #salt
10:05 mr_const I already have, yeah
10:07 phx personally i would add an interview question like "would you commit non-ascii filenames into a source repository?", and if the guy answers yes, avoid him like a plague
10:16 ThomasJ joined #salt
10:20 Enrico_ joined #salt
10:20 Estahn joined #salt
10:22 Estahn is there a way to override variables in an include?
10:23 SunPowered joined #salt
10:28 sesh_ joined #salt
10:28 SunPowered morning all
10:29 sesh_ I am see this message after using archive.extracted
10:29 Guest35391 Function: archive.extracted         Name: /opt/       Result: False      Comment: Unable to manage file: Error reading
10:29 Guest35391 [Errno 110] Connection timed out
10:29 Guest35391 any idea how to exactly use archive.extracted?
10:33 Estahn is it possible to inject a variable into an include? do i have to do this through setting a grain? e.g. set ... then include ...?
10:36 homeshlice joined #salt
10:38 babilen mr_const: What happens if you try?
10:40 rubendv joined #salt
10:43 gfa joined #salt
10:43 gfa left #salt
10:44 supersheep joined #salt
10:44 rubenb Hi. In .sls files, can you reference the _current_ state_id?
10:47 rubenb IE: Do a "salt['pillar.get'](__state_id__)
10:47 rubendv Is it possible to update pillar data from a minion? We need to update database connection strings stored in the pillar after a database backup restore that was done in a minion.
10:50 rubenb rubendv: No, pillar data resides on the master, and can not be written from the minion.
10:51 anmol hi, I want to monitor a set of nodes that I collectively call a cluster.I need to execute the metric fetching command on a random(not all) node in the cluster at scheduled intervals. Is there some way I can achieve this in saltstack? I went through saltstack schedules but I didn't find a way I can achieve this objective.Any pointers in this regard would be of great help
10:54 SunPowered joined #salt
11:00 mr_const babilen, UnicodeDecodeError: 'ascii' codec can't decode byte 0xe2 in position 14: ordinal not in range(128)
11:07 SunPowered joined #salt
11:10 ksj hi, on the command line salt \*02 pillar.items hosts returns a list of the hosts I have in the dictionary. I'm trying to access the data for a single host called 'test' (i.e. a key in that dictionary on the pillar). according to the docs, 'salt \*02 pillar.get hosts:test' should work, but it returns nothing
11:11 ksj pillar.get never seems to return anything for me. any ideas?
11:13 AndreasLutro ksj: if "hosts" is a list you can't do key lookups in that
11:14 eseyman joined #salt
11:14 babilen mr_const: Which is ridiculous in this time and age, but fair enough ...
11:15 babilen .oO( This would not have happened with Python 3 )
11:16 oravirt joined #salt
11:20 ksj AndreasLutro: good to know, but no. they're dictionaries
11:22 AndreasLutro works fine here
11:23 ksj http://dpaste.com/34RXZCJ
11:23 ksj pillar is that. pillar.get hosts:test:ip should work, right?
11:23 AndreasLutro yep. are you sure `pillar.get hosts` actually shows the test entry?
11:23 ksj it works from within a template file
11:24 ksj nope, it doesn't
11:24 ksj pillar.get never returns anything
11:24 ksj or, it does, but an empty string
11:24 ksj i.e. it doesn't fail
11:24 ksj pillar.items returns correctly
11:24 AndreasLutro well that's expected behaviour for missing items
11:25 AndreasLutro https://bpaste.net/show/1cd4990070a9
11:28 scoates joined #salt
11:28 ksj sure, but the item's there. that's the weird thing. an example: http://dpaste.com/16KVY48
11:37 AndreasLutro are you on an old version of salt maybe?
11:39 ksj nope. 2015.05.03
11:40 ksj I thought it was something to do with having an external pillar, but I've removed all that and it still doesn't work
11:41 kawa2014 joined #salt
11:42 AndreasLutro dunno, might be a bug that's fixed in 2015.8
11:42 ksj I've tried running latest git dev version as well. I just can't get pillar.get to work on the comand line.
11:42 ksj as I said, it works fine in templates
11:43 ksj sod it. I'll just have to use pillar.items and some careful grepping
11:43 Norrland ksj: pillar.item ?
11:43 Norrland ksj: instead of pillar.items
11:45 aqua^c joined #salt
11:49 bluenemo joined #salt
11:53 babilen ksj: "pillar.items" returns the *entire* pillar, whereas .get and .item return single entries (as identified by the key). Could you paste your pillar configuration and the output of "pillar.items", "pillar.get 'base_directories'" and "pillar.item 'base_directories'" ? (all with "salt 'miminhos-02' ...)
11:57 otter768 joined #salt
12:02 kawa2014 joined #salt
12:03 fredvd joined #salt
12:04 aqua^c joined #salt
12:05 SunPowered if I have several salt-master repositories for various sublevels of an organization, what is the best way to manage common states amongst all of them?  submodules?
12:05 AndreasLutro SunPowered: formulas
12:06 SunPowered ah, formulas.  There's an idea.  I have not yet played with them, though they look like the way to go for commonly used states.
12:07 DammitJim joined #salt
12:07 DammitJim ok, so how do I do a wildcard in jinja?
12:08 DammitJim I need to compare server names like application*test where the server name could be application839test
12:08 DammitJim but using * doesn't work
12:08 SunPowered nice, I just add my formulas as gitfs_remotes, should be easy enough.  I just need to maintain the deployment keys on the common repo
12:12 babilen SunPowered: Nothing prevents you from referencing the same repo on multiple masters as well
12:12 babilen (one for common states)
12:13 babilen DammitJim: You can use startswith and endswith .. Use Python if you need anything more fancy
12:13 SunPowered babilen:  I think I was getting hung up expecting all my states to be in the same subfolder, but I can clearly define many
12:14 babilen (and yes, that might mean that you have to write an execution module just for parsing minion ids)
12:14 DammitJim oh wow. thanks babilen ! I spent almost 2 hours trying to figure it out!
12:14 babilen SunPowered: You can reference many repositories and this is, in fact, something we do frequently
12:14 amitash joined #salt
12:15 babilen jinja is meh
12:18 DammitJim I'd say it's rather bah
12:20 AndreasLutro I like jinja, but salt forces you to add a lot of logic in the template file which jinja isn't suitable for
12:25 rogst joined #salt
12:26 Hydrosine how can i restart a service whenever the state is called?
12:27 babilen Hydrosine: What do you mean by "is called" exactly?
12:28 Hydrosine i run the state through salt '' state.sls state
12:29 Hydrosine can i for example watch on when something inside a folder changes?
12:31 anmolb joined #salt
12:35 babilen Hydrosine: So you want a state to run when another state has changes?
12:36 babilen I'd recommend to read https://docs.saltstack.com/en/latest/ref/states/requisites.html before we continue
12:36 robot9 joined #salt
12:38 robot9 Is there a way to set a variable in your top.sls for a specific host group, that can then be passed down to the salt states/jinja for it
12:41 vim-zz joined #salt
12:43 SunPowered babilen: I was just realizing how many repositories I am going to have at the end of the day.  Had to create a new repo team to keep my project devs from raging
12:44 babilen SunPowered: Why is that a problem? How many do you have?
12:44 jbrnds can I ssh into a minion from the master and get an interactive shell?
12:45 AndreasLutro jbrnds: with ssh, sure :p
12:47 SunPowered I am going to have about 6 master repos, a couple template repos, all custom/forked salt-formulas
12:47 SunPowered babilen: I'm already at 10 and counting
12:48 jbrnds AndreasLutro yeah indeed. thought that while the master talks to the minion anyway have those keys stored somewhere, why not use that to go interactive in the minion (primarily to see logs, do state.highstate debugging)
12:48 jbrnds in vagrant, I can do vagrant ssh <boxname>
12:50 AndreasLutro jbrnds: "those keys" are not ssh keys in any case
12:53 zwi joined #salt
12:54 babilen SunPowered: That's nothing .. :)
12:56 SunPowered babilen: lol, I believe it.  I like having all my salt repos together anyway, its something I should do sooner rather than later
12:56 jbrnds AndreasLutro - understood naturally. But it knows everything that I need to find out (again) when connecting to ssh, starting with its ip address. (think cloud instances)
12:58 babilen SunPowered: I really don't care about many repositories and love to organise them semantically (the "formula approach"). Managing them is no problem with https://myrepos.branchable.com/ (which also makes it easy to share a common configuration for all repositories)
12:58 babilen SunPowered: In our team we have a shared mrconfig and people simply keep that up-to-date and run "mr update" (and so on) to clone/update *all* repositories they need.
12:59 babilen It's a wonderful tool for dealing with many repositories and for collaboration.
12:59 SunPowered nice tip, I will certainly investigate
13:00 babilen The scheme I am using is $HOME/src/$URL/$REPONAME so https://github.com/saltstack-formulas/salt-formula is, for example, being cloned to "~babilen/src/github.com/saltstack-formulas/salt-formula" which also makes it easy to uniquely identify repositories in scripts
13:00 ferbla joined #salt
13:01 anmolb joined #salt
13:02 keimlink joined #salt
13:02 dthom91 joined #salt
13:03 dthom911 joined #salt
13:04 SunPowered babilen:  that's a clean workflow.  I like the ability to chain repositories together.
13:05 babilen Yeah, though I share it :)
13:05 babilen It makes (that aspect of) my life a lot easier
13:05 babilen mr is amazing
13:06 debian112 joined #salt
13:10 amcorreia joined #salt
13:10 Grokzen joined #salt
13:10 pm90_ joined #salt
13:11 favadi joined #salt
13:14 quantumriff joined #salt
13:14 quasiben joined #salt
13:14 bhosmer joined #salt
13:19 quantumriff quick question on shadow module.. I have a mix of centos 5 and centos 6 systems.. it looks like they switched from sha256 to sha512.. I'm wanting to reset root on all my systems.. (former admin left).. Do I do Create two hashes, then do something like "salt -C 'G@osmajorrelease:6'  shadow.set_password root 'hash....'"?
13:19 jdesilet joined #salt
13:19 quantumriff to target all the centos 6 minions, then one with majorosrelease:5 with the sha256 hash?
13:20 AndreasLutro quantumriff: can't you specify the hash?
13:20 AndreasLutro hash type I mean
13:20 quantumriff AndreasLutro: I don't know.. I'm seeing where I can get the default hash, but not seeing on https://docs.saltstack.com/en/develop/ref/modules/all/salt.modules.shadow.html where to set it
13:21 anmolb hi, I want to monitor a set of nodes that I collectively call a cluster.I need to execute the metric fetching command on a random(not all at given interval) node in the cluster at scheduled intervals. Is there some way I can achieve this in saltstack?Any pointers in this regard would be of great help
13:21 lothiraldan joined #salt
13:24 quasiben joined #salt
13:32 sroegner joined #salt
13:32 jespada joined #salt
13:33 Grokzen joined #salt
13:35 mortis_ how on earth can salt produce this result? im so confused .... im targetting only one minion http://pastebin.com/eLfnV344
13:36 AndreasLutro quantumriff: looks like you have to use gen_password to generate the hash, then set it with set_password... not sure if there's a way to pipe those two together
13:36 AndreasLutro quantumriff: if you're doing this in the context of a state .sls it's a bit easier
13:37 mortis_ local is local = salt.client.LocalClient()
13:37 timoguin joined #salt
13:38 bhosmer joined #salt
13:40 harkx joined #salt
13:40 timoguin joined #salt
13:42 mpanetta joined #salt
13:42 murrdoc joined #salt
13:42 murrdoc babilen:  self merges are bad :)
13:42 murrdoc thanks for fixing typo though
13:43 quantumriff Yes... I'm thinking that too.. but because I have two different default hashes, and its the root PW, i'm being very cautious
13:44 babilen murrdoc: Wut?
13:45 babilen babilen != beastea
13:49 murrdoc wow /me is an idiot
13:49 murrdoc i blame diaper duties
13:50 tanta joined #salt
13:50 bhosmer joined #salt
13:50 murrdoc sorry babilen
13:50 babilen np
13:51 theologian joined #salt
13:52 husanu joined #salt
13:54 dopesong joined #salt
13:55 mapu joined #salt
13:56 _JZ_ joined #salt
13:56 jfroche hello is it possible to restraint access in external_auth for a user/group to a specific environment ?
13:57 dthom911 joined #salt
13:58 otter768 joined #salt
13:58 elfixit joined #salt
14:00 penguin_dan joined #salt
14:00 cpowell joined #salt
14:01 lothiraldan joined #salt
14:01 murrdoc babilen:  i blame fabian
14:01 timoguin joined #salt
14:01 sirex joined #salt
14:02 lothiraldan joined #salt
14:02 zmalone joined #salt
14:02 Rebus joined #salt
14:05 scurry_ joined #salt
14:06 pm90__ joined #salt
14:09 Brew joined #salt
14:10 kevinquinnyo joined #salt
14:11 cberndt joined #salt
14:14 coval3nce joined #salt
14:15 pdayton joined #salt
14:15 johnkeates joined #salt
14:16 tkharju joined #salt
14:21 perfectsine joined #salt
14:22 quasiben joined #salt
14:25 mr_const I got strange question
14:26 mr_const how to manage php app config files?
14:26 mr_const I tried to use jinja for setting data inside them, but got problems
14:26 mr_const Unable to manage file: Jinja syntax error: expected token ',', got 'index_page'; line 8
14:26 mr_const $config['index_page'] = 'index.php';    <======================
14:27 honestly well it's trying to parse something as jinja syntax that it shouldn't
14:28 honestly could you show the whole file?
14:28 mr_const yep
14:28 honestly the problem is likely in the line above
14:28 honestly or in the way you reference that file
14:28 kaptk2 joined #salt
14:29 johnkeates left #salt
14:29 mr_const http://pastebin.com/cNJSw6ew
14:30 mr_const honestly, here is reference: http://pastebin.com/NwR6n330
14:30 AndreasLutro mr_const: you're missing a ' on the line before
14:31 mr_const oh shi...
14:31 honestly well, two lines
14:31 mr_const my bad
14:31 honestly funny that
14:32 mortis_ if i wanted to pass args to local.cmd (where local is LocalClient), would this work? local.cmd(minion_id,'grains.setval',['cmdb',{'status': status,'product': product},'local skip-grains'])
14:32 mortis_ im not sure how it wants the local and skip-grains args passed
14:33 lothiraldan joined #salt
14:36 zwi joined #salt
14:36 pravka joined #salt
14:37 ujjain- joined #salt
14:38 viq joined #salt
14:39 supersheep joined #salt
14:41 murrdoc grains.setval needs to be a list
14:41 mortis_ it is
14:41 lionel joined #salt
14:42 mortis_ but i guess i put the local and skip-grains one step early in :D
14:42 mortis_ but dropping that, it works fine
14:42 mortis_ just really wondering how i can get it to run "local" and "skip-grains" at the same time
14:43 bhosmer joined #salt
14:46 techdragon joined #salt
14:46 polishdub joined #salt
14:50 kukacz joined #salt
14:51 techdragon joined #salt
14:52 Hydrosine babilen, that link was the info i missed. thenks
14:53 kukacz hi, starting with salt, I wish to assign each of 2 servers a static ip address. what's the proper approach?
14:53 kukacz ... a different address for each host
14:54 arount left #salt
14:56 kukacz I've tried to define a pillar with structure like this:
14:56 kukacz ipaddress:
14:56 kukacz svc01.bf-us01.local:
14:56 kukacz br0=172.30.1.10
14:56 kukacz svc02.bf-us01.local:
14:56 kukacz br0=172.30.1.11
14:57 phx what language is that?
14:57 kukacz that's not enough to pair each address to proper host perhaps
14:57 phx and please use a pastebin
14:58 kukacz phx: ok, will use it next time
14:58 kukacz phx: language?
14:58 phx kukacz, http://lmgtfy.com/?q=what+is+a+computer+language
14:58 phx and yes, language
15:00 kukacz phx: missing your point. pillar is yaml, I suppose
15:01 phx kukacz, that's definitely not yaml
15:01 phx kukacz, yaml doesn't do = in the syntax
15:02 kukacz phx: ok, now it makes sense, thanks
15:02 dthom91 joined #salt
15:02 ageorgop joined #salt
15:03 kukacz phx: I'll correct that = but still, that's perhaps not enough
15:05 kukacz can I ensure at pillar level that some values pair to some hosts?
15:05 kukacz or is that elsewhere?
15:05 Norbell joined #salt
15:07 phx kukacz, what do you mean by some values pair to some host?
15:07 sdm24 joined #salt
15:08 phx kukacz, you can also write pillars using he python renderrer, that way you can return whatever data you would like to, from whatever source, and you can scope it based on which minion is requesting it
15:08 kukacz phx: single ip address to single host identified by the minions hostname
15:09 phx kukacz, you can store that data somewhere, and have the pillar dynamically render it per minion, specific to each
15:09 kukacz phx: python renderer? that sounds difficult for such task
15:10 phx kukacz, actually it's a piece of cake. but there are others as well. point being, to make a pillar minion-aware (return data based on who's requesting it), you have to make it dynamic
15:13 kukacz phx: thanks. I'll look at it
15:15 DammitJim joined #salt
15:16 DammitJim what do you guys normally do when configuring different servers with different configuration files (i.e. context.xml for tomcat)
15:16 DammitJim I have done templates before with a context
15:16 DammitJim should I use separate sls files for each server?
15:17 jeddi DammitJim: you mean you can't use a jinja template?
15:17 DammitJim I am using a jinja template
15:17 jeddi why would you need separate sls files for each server?
15:17 DammitJim but I'm looking more for a management organizational approach
15:17 DammitJim does one have multiple sls files or 1 file with all the configs with switches for each server
15:17 DammitJim or pillars, etc
15:17 kawa2014 joined #salt
15:17 DammitJim each server has a different configuration of the context.xml
15:18 jeddi DammitJim: ah - okay - bigger scale than i've done in anger.   if the files are all the same *format*, but with different variables plugged in, then a pillar approach sounds like your best bet.
15:19 jeddi or perhaps write your own salt returner in python, if it's appropriately complex / worth it.
15:20 DammitJim pillars meaning, I define the values on a pillar?
15:20 DammitJim and pull them in my jinja template?
15:21 jeddi correct.
15:21 DammitJim I think I have an example from a samba share
15:21 DammitJim a pillar that defines the values according to the server id (grains['id']
15:22 jeddi DammitJim: there were some good examples on saltstack-formulas (not sure i agree with that pluralisation) on github.   no idea how well maintained they are now.
15:22 druonysus joined #salt
15:22 druonysus joined #salt
15:23 jeddi DammitJim:  consider this (found by searching on 'saltstack tomcat config.xml pillar example' )   https://github.com/bechtoldt/saltstack-tomcat-formula/blob/master/pillar.example.sls
15:24 jeddi DammitJim: and i'm guessing you've read:  https://docs.saltstack.com/en/develop/ref/states/all/salt.states.tomcat.html
15:24 SunPowered DammitJim: the salt-formulas are a great resource for structuring your state / pillar files
15:24 RedundancyD joined #salt
15:24 DammitJim I think I've seen that before, jeddi
15:24 DammitJim SunPowered, yes, I remember doing this... just making sure
15:25 DammitJim there is an excellent video of one of the members of this channel who spoke at saltconf about formulas
15:26 DammitJim man, one goes down the rabbit hole pretty quick
15:28 pm90_ joined #salt
15:28 jeddi {much nodding}
15:29 Heartsbane_ tiejaH3r
15:29 Phil-Work joined #salt
15:29 Heartsbane_ Guess I will change that now
15:32 jalbretsen joined #salt
15:33 alemeno22 joined #salt
15:33 jeddi In 25 years on IRC I've never pasted my password ... but I've worked with a sysadmin who used to do it at least once a week.
15:34 Heartsbane_ thanks
15:35 jeddi here to help.
15:39 UtahDave joined #salt
15:39 murrdoc joined #salt
15:44 sdm24 So I have a older minion, running debian 6 and Salt v2014.7.1. I keep seeing this in its logfile, with loglevel ERROR: "Exception '_seconds' occurred in scheduled job"
15:45 sdm24 There aren't any states running on this minion (I did have some a while back, but haven't done anything recently), and it spits that message a bunch of times ~every 30 minutes (when the highstate runs)
15:45 sdm24 none of my other Debian 6 minions give me that error
15:46 zmalone https://github.com/saltstack/salt/issues/18504 ?
15:47 sdm24 Thanks zmalone. For some reason my first round of Google Fu didn't give me that
15:47 sdm24 That makes sense because for the schedule pillar (defined in minutes, with a splay in seconds) is set for all minions. Strange that the other older minions don't print that error though. Oh well
15:49 Bryson joined #salt
15:49 Norbell joined #salt
15:51 Norbell joined #salt
15:52 dopesong joined #salt
15:54 troyready joined #salt
15:54 dopesong_ joined #salt
15:54 dthom91 joined #salt
15:55 dthom911 joined #salt
15:56 murrdoc joined #salt
15:59 otter768 joined #salt
15:59 murrdoc joined #salt
16:03 mapu_ joined #salt
16:06 SunPowered why does salt favour pygit2 versus GitPython?
16:07 mapu_ joined #salt
16:08 Cyis Looking for anyone who has successfully used artifactory.downloaded to deploy SNAPSHOT versions of artifacts
16:11 mosu left #salt
16:11 PeterO_ joined #salt
16:11 PeterO_ left #salt
16:18 UtahDave SunPowered: terminalmage has been doing all the work on the Salt's git support.  He likes pygit2 because you can access password protected repos with it
16:18 UtahDave GitPython doesn't require libgit2, though
16:20 vexati0n hey UtahDave is anyone planning to add functionality to the network module that would allow for setting static IPs on minions, not just retrieving existing information?
16:20 vexati0n cause that would be super awesome
16:20 SunPowered UtahDave: is the libgit2 dependency a reason for the slow rollout of pygit2 to the various distributions?
16:21 writtenoff joined #salt
16:21 gtmanfred doesn't it also depend on libssh2?
16:21 UtahDave SunPowered: I really have no idea.
16:22 SunPowered np, thx
16:23 UtahDave vexati0n: have you looked at the network state?  https://docs.saltstack.com/en/latest/ref/states/all/salt.states.network.html#module-salt.states.network
16:23 vexati0n oh i was just looking at the execution module. the state looks like it does exactly what i need
16:23 vexati0n thanks!
16:23 UtahDave you're welcome!
16:23 pm90__ joined #salt
16:24 vexati0n will i need to have the state restart salt-minion if it changes the IP, since the minion process tends to keel over on address changes
16:25 larsfronius joined #salt
16:25 UtahDave vexati0n: I haven't tried.
16:26 Rumbles joined #salt
16:27 UtahDave vexati0n: here's the execution module: https://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.debian_ip.html#module-salt.modules.debian_ip
16:27 UtahDave https://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.rh_ip.html#module-salt.modules.rh_ip
16:27 shiriru joined #salt
16:27 UtahDave vexati0n: They both provide the `ip` execution module on the command line.
16:27 UtahDave which will allow you to set the nic info you want
16:28 mrwboilers1 joined #salt
16:28 aqua^c joined #salt
16:28 Norbell joined #salt
16:28 aqua^c joined #salt
16:29 RedundancyD joined #salt
16:31 Cyis Here is an example of what I've been trying https://gist.github.com/jbouse/bd5260e2a7635867f973
16:32 bhosmer joined #salt
16:33 UtahDave Cyis: I haven't used the artifactory state or module at all.   Does this seem like a bug to you?  or are you thinking it's a documentation/configuration error?
16:34 Cyis UtahDave: I'm not sure if it's a bug yet as I'm not that familar with Artifactory either... I just have the developer telling me "Artifactory works fine with Maven to build so the issue is with SaltStack"
16:35 dunz0r joined #salt
16:35 UtahDave It's possible.  Could you open an issue on github?  I'll see if I can find the dev who wrote that and see what he or she thinks.
16:35 dunz0r So I've come across a silly matching issue.
16:35 dunz0r (for me)
16:35 CheKoLyN joined #salt
16:35 dunz0r I've got machines on a 192.x network that gets some stuff from pillar, but some of these machines also have docker installed, so they've got a 172.x as well
16:36 Cyis I also tried calling artifactory.get_latest_snapshot and it fails as well with "assert version == metadata.find('version').text" same as if I call artifactory.get_snapshot() without passing snapshot_version
16:36 dunz0r Salt matches this 172.x interface and gives them the wrong resolv.conf... how would I go about fixing this? I'm using match: ipcidr in my pillar file to match
16:37 Cyis UtahDave, yeah I can open an issue... Was just trying to make sure I'd exhausted all avenues to confirm the issue wasn't me before doing so. I hate to fill a bug and just find it's a PEBCAK issue :)
16:39 jeffspeff joined #salt
16:39 Cyis UtahDave: Looks like there might be one similar open already... 19879 ... I'm reading through it to see if it's the same issue
16:40 UtahDave cool. thanks, Cyis
16:40 UtahDave dunz0r: Hm. what's the output of       salt-minion --version
16:41 Cyis that issue just doesn't mention using '*-SNAPSHOT' versions but otherwise same
16:41 dunz0r UtahDave: salt-minion 2015.5.3 (Lithium)
16:45 ekristen joined #salt
16:48 bhosmer joined #salt
16:50 dudeofx joined #salt
16:51 jor_ joined #salt
16:52 dudeofx left #salt
16:52 KyleG joined #salt
16:52 KyleG joined #salt
16:54 UtahDave dunz0r: reviewing the code
16:56 bhosmer joined #salt
16:56 chiui joined #salt
16:57 UtahDave dunz0r: could you try running this on your minion?    sudo salt-call match.ipcidr '172.17.43.0/24'
16:57 UtahDave use a proper ip range for your environment
16:57 UtahDave and try that on the 172.x and 192.x ip
16:58 rcurrah joined #salt
16:58 UtahDave dunz0r: that's matching for me correctly on the cli
17:01 PeterO__ joined #salt
17:02 PeterO__ Ok I know there is probably a much better way to do this but I have no idea. Can someone direct me to the best way to set some variables based on commands that are run. I have this (which doesn't work) but it has basically what I'm trying to accomplish: https://gist.github.com/polds/ee32d46fd7e8d8469ac6 any ideas?
17:05 forrest joined #salt
17:05 k00l joined #salt
17:06 code42 joined #salt
17:06 k00l good morning all,, still having some trouble with ext_pillar, does anyone have some time to help ?
17:07 impi joined #salt
17:08 k00l here is the addition of the master file : https://gist.github.com/anonymous/6d214a943205c3df9f37
17:09 dunz0r UtahDave: That's really weird. Matches correctly here as well.
17:10 tanta joined #salt
17:10 dunz0r Huh. And now it's in the correct node_class again...
17:11 AndreasLutro joined #salt
17:12 chiui joined #salt
17:12 dunz0r UtahDave: If I move the match for 172.x in the pillars top.sls to be above the 192.x-match it matches the 172.x one
17:12 dunz0r sorry. s/above/below
17:12 dunz0r But it doesn't return true on the minion
17:13 supersheep joined #salt
17:19 cattarhine joined #salt
17:19 szhem joined #salt
17:20 dthom911 joined #salt
17:22 k00l any intressted in my SQL error ? :)
17:22 k00l ailed to load ext_pillar mysql: not all arguments converted during string formatting
17:24 whytewolf k00l: that error means that the query is trying to add an arguement. but you are not supplying where the argument would go.
17:25 k00l whytewolf: ok, can you see where im making my mistake ?
17:25 whytewolf you have no %s in your query string
17:25 k00l why would i need that ?
17:25 whytewolf https://docs.saltstack.com/en/latest/ref/pillar/all/salt.pillar.mysql.html#configuring-the-mysql-ext-pillar
17:26 whytewolf minion_id is passed the the query
17:26 k00l i declair all my connection string already and im just doinga simple quer so im not sure where that is comming from
17:26 quasiben joined #salt
17:26 k00l ohh so its just passed automatically ?
17:27 whytewolf yes.
17:34 larsfron_ joined #salt
17:35 jor joined #salt
17:39 aparsons joined #salt
17:39 Fiber^ joined #salt
17:43 baweaver joined #salt
17:44 dthom911 joined #salt
17:45 ericof joined #salt
17:47 dthom91 joined #salt
17:47 bhosmer joined #salt
17:49 baweaver joined #salt
17:49 timoguin joined #salt
17:52 zmalone joined #salt
17:53 cattarhine I added show_full_context in a managed file and I can't see where the result of my mine functions exist, I've been looking around at bugs but they seem to be earlier than 2015.5.3
17:53 cattarhine If I try salt[mine.get] .... I get an error that the salt tag does not exist
17:55 cattarhine the node that I am mining from, there is data in the pillar about the function I am mining network.ip_addrs, but mine.get does not show the data
17:59 dopesong joined #salt
17:59 otter768 joined #salt
18:01 mattiasr joined #salt
18:03 Ztyx joined #salt
18:04 dthom91 joined #salt
18:05 bhosmer joined #salt
18:10 DammitJim joined #salt
18:11 baweaver joined #salt
18:13 ajw0100 joined #salt
18:14 baweaver joined #salt
18:15 pillarmethis joined #salt
18:19 PI-Lloyd joined #salt
18:22 zer0def joined #salt
18:22 __number5__ joined #salt
18:23 murrdoc joined #salt
18:28 cattarhine ok I figured it out, mine.get in my template was still targetted at a pillar and I meant at it in a glob
18:28 baweaver joined #salt
18:30 eosinx joined #salt
18:31 baweaver joined #salt
18:32 murrdoc iggy:  aka tex rex
18:32 murrdoc u on skype ?
18:32 forrest murrdoc: Iggy has been MIA recently
18:33 murrdoc hes at my office
18:33 murrdoc "he was being lazy yesterday and not doing shit"
18:33 murrdoc from his manager
18:33 murrdoc :D
18:33 forrest /shrug
18:33 PeterO__ Can anyone see anything inherently wrong with this inline conditional? `{% set region_name = 'us-east-1' if region_name is '' %}` getting a expected token 'name', got 'string' error
18:34 sgargan joined #salt
18:34 murrdoc change it to regioname
18:35 PeterO__ oh huh let me try
18:36 PeterO__ no same error
18:36 murrdoc then idk
18:40 AndreasLutro PeterO__: "is" doesn't work like in python
18:41 AndreasLutro you can try replacing it with ==
18:42 PeterO__ AndreasLutro: ah yeah that got me closer. Thank you.
18:42 jgelens joined #salt
18:42 wendall911 joined #salt
18:43 Guest96193 joined #salt
18:43 bhosmer joined #salt
18:45 Horgix joined #salt
18:48 Myra joined #salt
18:48 pm90_ joined #salt
18:48 Myra hi there, do any of you using per remote and mount point to set up different salt environment?
18:49 pm90_ joined #salt
18:49 Myra or is it even possible?
18:49 dthom91 joined #salt
18:49 chiui joined #salt
18:52 PI-Lloyd joined #salt
18:52 InventureITguy joined #salt
18:52 InventureITguy left #salt
18:53 Rebus Hi, I would like to know if there is  way to prevent a minion from seeing the full top.sls file or a different solution to prevent one minion from seeing the match configuration for all the others
18:54 UtahDave Myra: I'm not sure what you mean. Can you explain what you're trying to do?
18:54 UtahDave Rebus: No, right now any connected minion can see the entirety of the top.sls and the file_roots.  Anything sensitive should be kept in pillar data
18:55 UtahDave Rebus: there has been some talk about creating file_roots ACLs or some other type of authorization, but nothing has been decided on.
18:57 Guest96193 left #salt
18:57 Myra @UtahDave. I am trying to using set up different environment in salt
18:57 Myra prod. qa. dev
18:57 Myra salt doc says using branching in git and promote it
18:57 iggy murrdoc: just for that, I threw something heavy at omar
18:58 Myra is that the only way to do it?
18:59 Myra using git to set up diffrent env in salt
18:59 totte joined #salt
18:59 murrdoc :D
18:59 UtahDave Myra: well, you can use the regular filesystem environments as well.
19:01 Myra that's why I was wondering if I can use gitfs per-remote mountpoint
19:01 Myra say I have a prod.git, qa.git and dev.git
19:02 Myra I will mount them to salt/prod salt/dev salt/qa
19:02 Myra is it possible or I am understanding it wrong?
19:02 Myra https://docs.saltstack.com/en/latest/topics/tutorials/gitfs.html#gitfs-per-remote-config
19:02 UtahDave ah, I see.
19:02 iggy Myra: I'd do static checkouts and map those to env's (and maybe throw in a git hook -> salt-api to do the update on commit)
19:03 dthom91 joined #salt
19:03 UtahDave I think that the branch names still become the salt environment names.
19:03 UtahDave So if you did that you should just make sure the    salt/qa  repo has a qa branch
19:04 Myra ic. not the master branch?
19:04 UtahDave correct.  Master branch becomes the "base" salt environment
19:04 Ryan_Lane Myra: if you don't need very tight separation between the environments, you can avoid using salt environments at all
19:05 Ryan_Lane you could separate them using pillars
19:05 Ryan_Lane and using if conditionals in your salt code where needed
19:06 Myra @Ryan, you meant ext_pillar or just pillar
19:07 Myra @UtahDave, so for salt/dev I need to have a dev branch for salt to use gitfs to get it?
19:07 Myra @iggy, do you use gitfs if you do static checkout?
19:07 tanta joined #salt
19:07 iggy Myra: no
19:08 Myra @iggy, no gitfs
19:08 iggy remember with gitfs, you have to have branches for every env in every git repo
19:08 iggy it becomes a pita real quick
19:08 Myra I agree
19:09 Ryan_Lane Myra: I mean just pillar
19:09 Myra @iggy like qa.git need to have a qa branch to write to salt/qa on file system
19:09 Myra ?
19:09 Ryan_Lane then do things like: {% if pillar.environment == 'production' %}
19:10 tanta I think better to store all state/pillars in Git and simply branch it within Git for different environments
19:10 Myra @Ryan, can you give some example in gist or somewhere
19:10 bmac2 joined #salt
19:10 Ryan_Lane we use grains for this, but we use masterless, which makes that safe
19:10 iggy tanta: have you actually used that before? or just speaking theoretically?
19:10 dthom91 joined #salt
19:11 tanta I do it for testing/production iggy, so I can stage new Salt code before deploying it, but all the targeting for environments is driven by custom pillars so test boxes won't ever run the same states with the same parameters as production
19:12 tanta I guess in my scenario there is 'Salt testing/Salt production', and also different application environments
19:12 supersheep joined #salt
19:12 scoates joined #salt
19:13 tanta or rather the targeting for minions is driven by top files in pillar/salt via a hostname/ID convention so it stays consistent regardless of Git branch
19:16 mapu joined #salt
19:16 Myra @tanta, branch in git but not depending on the branch?
19:17 Ryan_Lane Myra: https://gist.github.com/ryan-lane/2c4bed05542b1d088bc4
19:17 tanta I think I found the gitfs conventions a little rigid for my setup
19:18 Ryan_Lane Myra: then you set the environment pillar based on something like minion name
19:18 Ryan_Lane or however else you're going to differentiate your minions
19:18 katyucha joined #salt
19:19 tanta Salt with the default local fileserver lets you define your environments and conventions however you prefer
19:19 rsimpkins joined #salt
19:19 rsimpkins left #salt
19:20 Ryan_Lane we use a naming convention like: myservice-production-region-1.example.com
19:20 rsimpkins joined #salt
19:20 Ryan_Lane with a convention like that, you could have a glob match on *-production-*.example.com, which would set the environment pillar to 'production'
19:21 GreatSnoopy joined #salt
19:21 arnoldB In case someone is interested in setting salt sandbox up and playing arround with salt: https://github.com/bechtoldt/saltbox-vagrant
19:27 loki_ joined #salt
19:27 loki_ HI all,  i have a issue
19:28 loki_ i have 4 hosts (dev-api-api1.trimblepaas.com , dev-api-api2.trimblepaas.com , dev-id-is1.trimblepaas.com , dev-id-is2.trimblepaas.com)
19:29 loki_ i need to test.ping all four host at same time
19:29 whytewolf salt '*' test.ping?
19:30 loki_ salt -E 'dev-api*,dev-id*' test.ping
19:30 loki_ i cant use salt '*' test.ping
19:30 loki_ because i also have many other servers
19:30 whytewolf salt -C 'dev-api* or dev-id*' test.ping
19:30 rsimpkins I have a scheduled job set up via pillar that doesn't seem to be splaying. It runs every 10 minutes. Can someone please look at this and tell me if I've set up the splay correctly? http://pastebin.com/VzSmBUxW
19:31 rsimpkins The docs aren't totally clear what start/end really mean. I've tried just a strait 'splay: 120' and that seems to have no effect as well.
19:31 loki_ @whytewolf>= thmananks a lot
19:31 loki_ @whytewolf thanks a lot man
19:31 loki_ it works fine
19:32 perfectsine joined #salt
19:32 jodv joined #salt
19:32 pviktori_ joined #salt
19:33 vexati0n so.. is there a reason Salt doesn't use standard YAML in sls files?
19:33 vexati0n or at least, yaml that's compatible with php-yaml ?
19:33 UtahDave it's pretty standard yaml.  can you pastebin something that's not working?
19:33 mrwboilers1 left #salt
19:34 whytewolf php-yaml. shudder
19:34 nsindli_ joined #salt
19:35 vexati0n UtahDave: http://pastebin.com/stJ8LMP6
19:36 AndreasLutro vexati0n: you're feeding the wrong data into your php yaml formatter
19:37 vexati0n it's just an array in the same format as the sls method
19:37 AndreasLutro you'll need something like ['network.managed' => [['enabled' => true], ['type' => 'eth0'], ...]
19:37 AndreasLutro vexati0n: yes but state function arguments are a list of dicts, not a plain dict
19:37 AndreasLutro vexati0n: that's an array of associative arrays in php terms
19:37 UtahDave yeah, the top one is a list of one item dictionaries
19:37 cyborg-one joined #salt
19:37 UtahDave the bottom is a dictionary
19:39 whytewolf in short, both are valid yaml, that mean VERY different things.
19:39 pviktori joined #salt
19:39 pravka joined #salt
19:40 vexati0n ok, i see that. thanks
19:40 vexati0n now just trying to get the proper indentation
19:40 cberndt joined #salt
19:41 UtahDave whytewolf: exactly
19:42 fredvd joined #salt
19:44 nsindli_ Hello, has anyone ever tried to remotely install salt minion on an existing windows VM? I found examples doing it using saltcloud to spin up the VM... However I need to do it on an existing VM's
19:44 pviktori joined #salt
19:44 whytewolf i must admit, that when i first started into salt i didn't know anything about python, so working with lists and dicts made no sense to me. esp coming from other langs that combined both into just arrays. now that i am starting to get it. I get the appeal of splitting them up
19:45 vexati0n yeah i'm at the 'throw code at stuff until something works' stage...
19:46 vexati0n at least with salt, there's an active community. some things i have to work with, i might as well 100 miles into the desert and asking a dead cactus.
19:46 UtahDave nsindli_: Hm. We've had a few functions for doing that on Linux, but I don't think we've done that on Windows yet.    Would you mind opening an issue on github requesting that?
19:46 whytewolf you have to drive 100 miles to find a dead cactus? I just have to walk out my front door
19:46 UtahDave nsindli_: I think most of the code is there, we just need to make a nice clean function to make it available
19:47 vexati0n there are plenty of dead cactus around, but humans might overhear the question and accidentally help. it would spoil the metaphor.
19:47 whytewolf lol
19:48 nsindli_ UtahDave: I can certainly do that. Would you be able to point me to the existing code for this?
19:48 PeterO_ joined #salt
19:50 dendazen joined #salt
19:51 UtahDave nsindli_: I think if you look through the salt-cloud code there should be some examples of how to make the correct calls.  Basically, we just need to expose the salt-cloud functions for deploying the windows minions in a runner.
19:52 nsindli_ UtahDave: Ok, I will have a gander as well as open an issue on Github. Thank you!
19:53 UtahDave thank you, nsindli_!
19:53 pviktori joined #salt
19:53 dthom91 joined #salt
19:55 jhauser joined #salt
19:59 vexati0n ok... so using the array of associative arrays, the dicts are displayed properly but don't have the correct number of spaces indenting them. if i double-bracket the top level, it indents the lower ones correctly but puts two dashes before the first one.
19:59 rsimpkins left #salt
20:00 otter768 joined #salt
20:01 jodv joined #salt
20:08 cattarhine Is there a runner or some way to list the hosts where a state would have changed something with test=True?
20:09 colttt joined #salt
20:09 cattarhine I guess state.sls is also a runner too, I think?
20:09 quique joined #salt
20:09 iggy set state_verbose: false and run highstate test=True
20:11 supersheep joined #salt
20:13 DammitJim how should I manage files for different servers?
20:13 DammitJim like I have 10 jar files for 3 servers, but then only 2 for another 3 servers?
20:13 DammitJim (I expect the amount of servers to increase moving forward)
20:14 DammitJim I've been doing file.manage but that's a lot of entries
20:14 vexati0n i just set custom grains based on a server's role and then run the sls based on those.
20:15 DammitJim thanks vexati0n ... that's a way I was thinking of doing
20:15 DammitJim 1 sls with file.recurse (all files in the source folder) and 1 sls with just the couple of files using file.managed
20:15 DammitJim ok, but I should create an sls of its own
20:16 DammitJim now, when you say custom grains, where do you define that?
20:16 vexati0n yeah i have my state tree organized so everyone gets "common" sls with the baseline config, and then others get "role.common" with role-specific config.
20:17 vexati0n you can define custom grains in /etc/salt/grains on the minion, or you can use grains.setval from the master to set those.
20:18 cattarhine @iggy: sudo salt '*' state.sls my_state state_verbose=False test=True
20:18 vexati0n for example i run an NGINX farm with backend app servers, internal frontend servers, and public frontend servers, so they all have a custom grain called "nginx_role" .. then the state tree is set up with folders named to match the value of that grain, so there's "/srv/salt/nginx/frontend", "/srv/salt/nginx/backend", "/srv/salt/nginx/public" and in each of those folders there's a file called common.sls that defines the stuff for that role
20:19 vexati0n then top.sls just has a single directive that says ... {{ grains['nginx_role'] }}.common
20:19 supersheep joined #salt
20:20 vexati0n (after some stuff to make sure that grain exists, etc)
20:21 tkharju joined #salt
20:22 DammitJim oh gosh
20:22 DammitJim that's the stuff I missed when reading the documentation
20:22 vexati0n but there's probably a smarter/more efficient way to do it
20:23 vexati0n i just like messing with text files
20:23 DammitJim https://docs.saltstack.com/en/latest/ref/states/top.html
20:23 DammitJim is this where I would do 'id:<servername>': -match: grain ?
20:23 vexati0n yeah
20:24 DammitJim man, I need to look at an example
20:24 vexati0n the top file is a bit of a special case i think. you don't define actual states there, you tell various minions where to get their state files.
20:24 DammitJim where do you set the state files, then?
20:26 vexati0n here is my top.sls file (it's seriously convoluted, please don't think this is a best-practice example) -- http://pastebin.com/FBWxRUMv
20:26 DammitJim thanks vexati0n !
20:27 perfectsine joined #salt
20:27 DammitJim so, on that example, what is a state file?
20:27 DammitJim that you are defining for a minion to use?
20:27 vexati0n the actual state files are defined by subfolders of /etc/salt ... and they are referred to in top.sls with dots. so if you have a state file at /srv/salt/awesomeserver/dothis.sls , then in top.sls you'd tell a minion to use it by declaring "awesomeserver.dothis"
20:28 DammitJim in your top.sls, would that be ubuntu.common?
20:28 DammitJim it's nice to see that you are using salt on windows ;)
20:28 vexati0n yeah. that is a file at /srv/salt/ubuntu/common.sls
20:29 DammitJim ok, great!
20:29 DammitJim does your common.sls call other state files?
20:29 DammitJim I wonder if I need to list all my state files on the top.sls or in the state file :D
20:29 vexati0n it depends. some do, some don't.
20:29 DammitJim I know, I'm probably starting to sound a little odd
20:29 vexati0n from an actual state file you call further state files withe the 'include' function
20:29 protoz joined #salt
20:29 DammitJim ok, maybe I'll keep it clean by doing it that way
20:30 DammitJim man, I've got a lot to learn
20:30 DammitJim and I have to change a lot of things!
20:30 DammitJim one does 1 server just to get it done for testing for the developers
20:30 DammitJim but then one adds a 2nd server and the work curve is very steep
20:31 vexati0n yeah that's the kind of problem that salt solves. for us, at least.
20:31 DammitJim but then the 3rd server is a piece of cake
20:31 Myra joined #salt
20:31 vexati0n for most of the stuff salt is used for (which will be more later), all we have to do is follow our hostname convention and drop the machine on the network. salt-minion gets installed, it phones home, and configures itself.
20:31 Myra @Ryan_lan
20:31 Myra e
20:31 Myra thank you
20:33 vexati0n we have a few packages that even get host-specific configurations generated by salt (for example, a member of a cluster with a conf file that has to know its own hostname and the names of others in the cluster). salt just grabs all of that stuff with a combination of states and pillar data, and generates the conf file on the fly
20:33 coval3nce Anyone use Salt to install an etcd cluster?
20:34 murrdoc peperide farms did
20:34 vexati0n that g tho
20:34 coval3nce Not sure what the best way is to deal with initial cluster bootstrap vs adding future members.
20:34 murrdoc but there is a formula for it in saltstack-formulas
20:34 coval3nce oh yeah? /me running to github to find it
20:34 zmalone joined #salt
20:35 murrdoc you guys hear about the computer that crashed ?
20:35 murrdoc had a bad driver
20:35 coval3nce Ah damn, doesn’t allow me to dynamically add members tho
20:35 coval3nce murrdoc: wow…haha
20:36 murrdoc sucks about the formula
20:36 vexati0n *goes to write a salt formula that eradicates puns*
20:36 mpanetta vexati0n: Just move to China
20:36 coval3nce I was hoping to somehow enumerate the boxes designated for a cluster (by grain) and be able to add new members dynamically as i add boxes
20:36 mpanetta They are illegal there
20:37 coval3nce I guess i can start a cluster manually, then any future boxes can just add to it
20:38 geekatcmu coval3nce: welcome to my own, personal Hell
20:38 murrdoc coval3nce:  what does bootstrapping it involve
20:38 geekatcmu (cluster management)
20:38 coval3nce geekatcmu: good to know i’m not alone ;)
20:38 whytewolf coval3nce: orchestration?
20:38 murrdoc and why is not something u can do in a runner or in orchestrate
20:38 iggy coval3nce: that's kind of what the mine is for
20:38 murrdoc sdb
20:38 murrdoc its all about sdb
20:38 murrdoc yall just dont know it yet
20:38 murrdoc right tex rex
20:38 whytewolf murrdoc: sdb is just never happening.
20:38 iggy start writing those docs
20:38 whytewolf :P
20:39 coval3nce I’m not an etcd expert, but seems like there is bootstrap cluster phase, then you add members in a runtime phase
20:39 dthom91 joined #salt
20:40 coval3nce So, was rattling around the idea of how i’d accommodate both aspects on state runs for boxes in a cluster (e.g. how to bootstrap if its never been bootstrapped, and add if it already has)
20:40 geekatcmu Isn't sdb part of that glorious future where management understands the importance of maintaining *everything* that's in production, and always provisions more staff as responsbilities outstrip automation?
20:40 coval3nce Prolly use a combo of mine info and a quick etcdctl check unless requisite
20:40 geekatcmu mines are not a good choice if you have multi-master.
20:41 coval3nce geekatcmu: good to know, as i do have that
20:41 iggy they are far from foolproof under the best of circumstances
20:41 geekatcmu Basically, mine data for each minion is *only* found on the single master to which that minion is currently attached.
20:41 geekatcmu And if it attachs to another master, the old master will retain the mine data, which is now (potentially) stale
20:42 jeffspeff joined #salt
20:42 coval3nce geekatcmu: even using the multimaster pki setup?
20:42 geekatcmu According to the outstanding bug on it, yes.
20:42 geekatcmu bugs
20:42 murrdoc thats why sdb rules
20:42 coval3nce Well bollocks.
20:42 geekatcmu or it will
20:42 murrdoc its an arbitrary data store
20:42 geekatcmu some day
20:43 murrdoc its in the .5 release
20:43 geekatcmu or any of the external-pillar things
20:43 murrdoc https://docs.saltstack.com/en/stage/topics/sdb/index.html
20:43 coval3nce murrdoc: I was trying to use if with python keyring for some stuff.
20:43 cro joined #salt
20:44 geekatcmu straight copy-paste from the docs: SDB was added to Salt in version 2014.7.0. SDB is currently experimental, and should probably not be used in production.
20:44 coval3nce geekatcmu: who heeds those warnings ;)
20:44 geekatcmu OK, so you have a point there
20:44 vexati0n unnggh... that moment when you've been trying for 2 hrs to get a yaml generator to generate compatible syntax and find out it's impossible because what you want it to do is actually incorrect.
20:45 cyborg-one joined #salt
20:45 coval3nce geekatcmu: how have you gone about cluster bootstrap and adding nodes for etcd?
20:45 geekatcmu no
20:46 geekatcmu Instead of going the etcd route I'm doing cluster management via our asset database (e.g. external pillar, but not really)
20:46 coval3nce i’m in the beginnings of looking at kubernetes
20:47 s_kunk joined #salt
20:48 Ztyx joined #salt
20:48 coval3nce brb
20:55 rcurrah joined #salt
20:56 rcurrah is there a way to reload the grain data during a highstate run? I tried saltutil_reload_modules but the grain still the old value, as the grain is changed during highstate.
20:56 rcurrah *saltutil.reload_modules
20:57 rcurrah grr * refresh_modules
20:57 jhauser joined #salt
20:57 jodv joined #salt
21:00 s_kunk joined #salt
21:03 dthom91 joined #salt
21:07 Rebus UtahDave: thanks, was afk for a while.  I suppose using an ENC-DB Provider would not help either? I had hoped that maybe it would be possible to limit the top.sls content via the ENC
21:08 Rebus also what do you by file root - that the entirety of the file service content of salt ist visible to all minion? In that case how do you deploy e.g. proprietary binaries etc. without every minion being able to steal them?
21:09 buMPnet joined #salt
21:12 pdayton joined #salt
21:15 cro joined #salt
21:16 Phtes joined #salt
21:17 Phtes Hey all, talking my first stpes into saltstack, in the docs I see you can do a multi master setup, does this also include the ability to do say Master to master to minion? i.e a master has 3 submasters under it, and each of those 3 nodes has their own minions?
21:17 Phtes Idea is a top level master, manages 3 seperate VPC's that each have their own master
21:18 PeterO_ *sigh* I'm having an issue. I have a command that I'm trying to run and do a `set` on the output. The command uses `awk` to strip out some json value ( "key": "value", ), when I try to run the command in Salt using awk it throws an error. Any ideas?
21:18 quique i'm kicking off an event on the saltmaster but as a minion with /usr/bin/salt-call event.send "common_setup" with_grains=True, I see the sending event like this: http://fpaste.org/265441/ but the event never seems to actually happen.  That is I never see 'Gathering reactors for tag common_setup'
21:18 PeterO_ Soon as I remove the awk it works just doesn't get the data I need obviously.
21:19 coval3nce Phtes: this sounds like the syndic setup https://docs.saltstack.com/en/latest/topics/topology/syndic.html
21:20 Phtes coval3nce: Exactly what I was looking for thank you!
21:21 PeterO_ oh odd. just got it to work using sed instead of awk.
21:21 PeterO_ awk just throws errors
21:23 Phtes what errors does awk throw
21:26 PeterO_ unexpected char u'"'
21:26 slav0nic joined #salt
21:27 PeterO_ Phtes: command being run: https://gist.github.com/polds/b75c1f8232fae1aaa053
21:27 sdm24 PeterO: theres a quote mismatch I think
21:28 sdm24 after the -F\\
21:29 Phtes looks like it
21:29 mattiasr joined #salt
21:29 Phtes you have an unclosed "
21:29 Phtes "curl.... "  ' ... ' "
21:29 PeterO_ the -F\\" is the delimiter though.
21:31 PeterO_ This is the command that is trying to be run: curl http://169.254.169.254/latest/dynamic/instance-identity/document|grep region|awk -F\" '{print $4}'
21:33 dthom91 joined #salt
21:34 faisal joined #salt
21:37 sdm24 PeterO_ One workaround might be to call each seperate block of quotes to its own variable. i.e {% set string = "'{print $4}'" %}, {% set awk = 'awk -F\" ' + {{string}} %}, etc
21:37 PeterO_ I had not thought of that.
21:38 sdm24 I have that for some of my more convoluted states, to get around mixing quote blocks
21:42 dunz0r left #salt
21:44 cro joined #salt
21:46 PeterO_ Yeah that worked
21:47 sdm24 woohoo!
21:47 PeterO_ thanks :)
21:48 sdm24 no problem. Glad I could help
21:51 khaije1 are gpg blocks supported in the salt-ssh roster file? I'm loathe to check in unencrypted credentials
21:56 kermit joined #salt
21:57 Rebus Hmm ok UtahDave so I found a method to use pseudonymes by matching on pillar data in the top.sls. This makes the top.sls almost impossible to debug du tu the level of abstraction, but at least I do not have to write "G@customername1":"state1" "G@customername2:state2"
22:01 otter768 joined #salt
22:04 murrdoc nodegroups ?
22:08 iggy name the pillars after the customer name then '*':\n  {{ grains.customername }}
22:09 supersheep joined #salt
22:09 cliluw joined #salt
22:10 cberndt joined #salt
22:14 oz_ joined #salt
22:14 oz_ What version of python is used with the latest version of salt?
22:15 murrdoc 2.something
22:16 UtahDave 2.6 and 2.7
22:16 UtahDave we're working on 3.4+ support, but we're not quite there yet.
22:17 Ymage joined #salt
22:17 murrdoc any recommendation on how to check if a directory is an svn checkout ?
22:18 murrdoc if salt['svn.info'](path).get('Revision') > 0
22:19 sxar joined #salt
22:19 protoz joined #salt
22:22 bluenemo joined #salt
22:23 oz_ thx
22:24 Rebus iggy: that sounds like a good idea thugh i wonder whether iw ant to trust in something coming from a minion, like grains. I guess something like the ssl cert fingerprint or CN or encoding the customername in the sll cert would be better
22:25 Rebus also i wonder if i can do the same in the top.sls in the salt state root
22:25 Rebus in that case i could create a dynamic top.sls in the state root that looks different for every customer effectively hiding that there _are_ other customers
22:27 UtahDave left #salt
22:28 dthom91 joined #salt
22:30 dthom91 joined #salt
22:35 johnkeates joined #salt
22:36 cyborglone joined #salt
22:37 iggy Rebus: yes, jinja (to a certain extent) works in top files
22:37 johnkeates left #salt
22:38 pravka joined #salt
22:38 iggy someone in here actually had a heavily jinja'ed one at one point that checked for files, did some sanity checking, etc...
22:39 zmalone joined #salt
22:41 pdayton joined #salt
22:42 Rebus hmm cool I have to try that. that might actually solve my privacy problem with the top file :-)
22:42 |_[O_O]_| does salt.states.network support binding multiple IP's to a single interface - or are you required to alias? If you can set multiple ip's, can you do so through a single directive or do you require multiple definitions to accomplish the end-goal
22:44 dergrunepunkt joined #salt
22:44 |_[O_O]_| side note, i've got multiple addresses which have uuid's attached to them in a database -- I'm ripping them out of said database and providing them in pillar, is there a sane approach to electing a "primary" ip and including a gateway?
22:44 Ymage joined #salt
22:45 dthom91 joined #salt
22:45 |_[O_O]_| they're all /24's so i can rip off the last octet of the IP and shove in a 1 if required, the idea was to sort on the UUID constant and use that for primary "election"
22:45 dergrunepunkt hi, guys I'm working with about 500 minions and I get very often timeout, is it possible those timeouts are related to the amount of minions?
22:49 iggy dergrunepunkt: depends what specs your master has
22:50 RandyT joined #salt
22:51 dergrunepunkt iggy: 8Gigs of ram a 2 Xeon processors, how can I see that my master is not keeping up with the demand
22:53 iggy well, it's probably going to come down to networking if anything, but normal stuff to check to see a server is overloaded (cpu/mem/network bw/open files & sockets/etc)
22:54 jodv dergrunepunkt: The telltale sign in my experience is TCP  listen overflows
22:56 dergrunepunkt I'll check for those, thanks guys!
22:58 Rebus iggy that seems to work very fine I can store the individual minions top.sls in a pillar now and just reference it via *:\n {% for state in pillar['mystates'] %}\n- {{ state }}\n{% endfor %}
22:58 |_[O_O]_| is there a standard approach to handling multihomed systems?
23:01 pcn you plug in all the cables.  Thank you, I'll be here all week!
23:01 pcn What are you thinking of 80s robot?
23:03 baweaver joined #salt
23:13 jasonrm joined #salt
23:15 baweaver joined #salt
23:17 joe_n joined #salt
23:25 |_[O_O]_| pcn: I've got a few systems with anywhere from 1-25 IP's, which the minions have access to through Pillar with an associated integer ID - im trying to find a sane approach to electing a primary IP, generating the gateway for it and assigning the additional IP's; the hope is to keep the logic, so to speak, within the state itself rather than going with a python module to do the "heavy" lifting
23:27 vexati0n wow, and people say i'm weird for running 1500 minions on remote networks with no direct access.
23:27 vexati0n :P
23:30 |_[O_O]_| i guess my real question is can you assign multiple IP's to a single interface in one network.managed stanza, or does it have to be broken out into indivial stanzas for each IP -- if the latter,  can I define "eth0" twice and have them bind to the same interface or do i have to use some funky aliasing "eth0:0"
23:31 |_[O_O]_| vexati0n: what access do you have? XD
23:31 pcn Are you using a distro where you can just create the interface file(s) and let ip get called via that mechanism?
23:31 |_[O_O]_| yes - Debian 8
23:32 |_[O_O]_| would you build out the interfaces file rather than using network.managed?
23:33 pcn I don't have that issue, but in your place I may... if it clearly works for you, then it's a win.
23:34 |_[O_O]_| my only quell would be how it would react in a bonded environment, but i'll cross that bridge when i find it -- thanks for help! <3
23:35 pcn Yeah, that's an interesting question, and depends on a lot of stuff.  On the positive side, if you have to do e.g. OVS or similar types of bonds or network namespaces, this may be the thing for you anyway
23:44 bfoxwell joined #salt
23:48 bluenemo joined #salt
23:49 sjorge joined #salt
23:49 sjorge joined #salt
23:50 dthom911 joined #salt
23:54 dthom91 joined #salt
23:55 aristedes joined #salt
23:55 mosen joined #salt
23:55 aristedes left #salt
23:56 protoz joined #salt
23:58 pm90__ joined #salt
23:58 bfoxwell joined #salt
23:59 protoz joined #salt

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary