Perl 6 - the future is here, just unevenly distributed

IRC log for #salt, 2015-10-27

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:05 larsfronius joined #salt
00:10 kinetic joined #salt
00:19 kinetic joined #salt
00:36 dthom91 joined #salt
00:39 hasues joined #salt
00:40 hasues left #salt
00:42 bussillis joined #salt
00:42 bussillis hey guys, where can i get definition of "get_config_value" used among salt-cloud modules
00:44 eliasp bussillis: there's only one "get_config_value()" and it's located in salt/log/handlers/sentry_mod.py
00:44 bussillis eliasp: ok
00:44 bussillis thnx
00:45 bussillis omg i feel so lost with this
00:45 bussillis i have libcloud module and i want just to make it work fromwithin salt-cloud
00:45 bussillis for third provider
00:46 bussillis i have all methods tested directly from libcloud but it all sound so confusing when i need o transfer it to salt-cloud module
00:46 bussillis :(
00:47 dthom91 left #salt
00:49 bussillis_2 joined #salt
00:50 bussillis2 joined #salt
00:50 pravka joined #salt
00:50 bussillis2 :) i wish salt-cloud module
00:50 bussillis2 page has more inputs
00:51 bussillis2 def get_config_value(name, default=None):     return __opts__['sentry_handler'].get(name, default)
00:51 bussillis2 does that mean that this config.get_config_value('win_installer', vm_, __opts__)
00:51 bussillis2 has some strange defaults
00:51 bussillis2 what is vm_ and __opts__
00:51 bussillis2 ?
00:51 bussillis2 where are those defines?
00:53 bussillis2 cant get an idea what is actually __opts__
00:53 bussillis2 ???
00:53 bussillis2 and vm_
00:53 bussillis2 :/
00:53 ajw0100 joined #salt
00:54 bussillis2 anyone???
00:54 baweaver joined #salt
00:57 bussillis2 :)
00:57 racooper joined #salt
01:02 hasues joined #salt
01:02 hasues left #salt
01:07 merlin` joined #salt
01:11 dthom91 joined #salt
01:30 ITChap joined #salt
01:36 ernetas joined #salt
01:36 tru_tru joined #salt
01:49 ageorgop joined #salt
01:55 fsteinel_ joined #salt
02:07 catpigger joined #salt
02:10 _JZ_ joined #salt
02:20 CaptainMagnus Anyone know how to create watch statement for git.latest. See https://gist.github.com/magnusboman/391e74f66272dce248b1
02:22 iggy dependencies should be `module: sls_id`
02:22 iggy not a random glob of files
02:23 iggy so `- file: /var/www/html*` becomes `- git: git@bitbucket.org:xyz/xyz.git`
02:24 * iggy really wishes the docs made that clearer as it gets asked _a_lot_
02:25 CaptainMagnus iggy: Awesome. Thanks!
02:26 mirkop_ joined #salt
02:27 merlin` joined #salt
02:29 mirkop_ hello, I am trying to figure out how to create a docker data volume container using salt. Any idea how to do that?
02:30 amcorreia joined #salt
02:30 Vye joined #salt
02:33 clintberry joined #salt
02:41 favadi joined #salt
02:54 evle joined #salt
02:57 auzty joined #salt
03:01 cro joined #salt
03:03 racooper joined #salt
03:13 evidence hmm.. getting a ton of [salt.transport.zeromq][ERROR   ][XXXXX] Bad load from minion errors on the master..
03:14 evidence looks like data zmq doesn't believe is a payload
03:17 evidence odd.. adding a print of the payload to the error log it looks valid..   Bad load from minion {'load': 'M\xa1#\..snip..\x11', 'enc': 'aes'}
03:18 evidence do bad keys cause this?
03:19 malinoff joined #salt
03:21 ALLmightySPIFF joined #salt
03:27 thehaven joined #salt
03:30 quix joined #salt
03:38 iggy the only time I've seen that was version issues (either old ass versions or mismatched versions)
03:42 aelmi_ joined #salt
03:45 evidence everything is 2015.8.1 .. it seems to spam when the aes key is rotated, so it's likely related to minions checking in without refreshing the key
03:46 iggy I'd open an issue
03:46 iggy logs shouldn't be spammed with crap under normal circumstances
03:48 evidence will do.. it's for sure that though.  deleting a key which rotates or simply restarting the master causes a massive influx of them
04:01 Daemonik joined #salt
04:02 ViciousL1ve joined #salt
04:02 aurynn joined #salt
04:14 malinoff joined #salt
04:24 bhosmer_ joined #salt
04:25 breakingmatter joined #salt
04:30 ramteid joined #salt
04:31 anmol joined #salt
04:35 Nazca joined #salt
04:48 rbjorklin joined #salt
04:50 mehakkahlon joined #salt
04:58 aparsons joined #salt
05:14 moogyver joined #salt
05:20 anmol joined #salt
05:21 impi joined #salt
05:32 kinetic joined #salt
05:35 aparsons joined #salt
05:36 aqua^c joined #salt
05:36 boargod2 joined #salt
05:37 favadi joined #salt
05:45 breakingmatter joined #salt
05:54 solidsnack joined #salt
05:55 dendazen joined #salt
06:04 malinoff joined #salt
06:08 larsfronius joined #salt
06:14 otter768 joined #salt
06:17 ITChap joined #salt
06:17 ITChap Hi
06:18 catpig joined #salt
06:32 jaguar_ joined #salt
06:35 keimlink joined #salt
06:38 solidsna_ joined #salt
06:39 hoonetorg joined #salt
06:49 Guest78532 joined #salt
06:52 favadi joined #salt
07:12 katyucha joined #salt
07:12 colttt joined #salt
07:17 scoates joined #salt
07:24 seweryn joined #salt
07:26 favadi joined #salt
07:27 impi joined #salt
07:32 scoates_ joined #salt
07:37 cberndt joined #salt
07:38 Guest78532 left #salt
07:46 breakingmatter joined #salt
07:50 mattiasr joined #salt
08:05 edulix joined #salt
08:06 kinetic joined #salt
08:09 gtmanfred joined #salt
08:09 manfred joined #salt
08:13 eseyman joined #salt
08:13 eseyman_ joined #salt
08:15 lb joined #salt
08:15 otter768 joined #salt
08:19 colegatron joined #salt
08:19 edulix joined #salt
08:19 colegatron good morning
08:20 rburkholder joined #salt
08:25 bhosmer joined #salt
08:32 babilen o/
08:34 OliverUK joined #salt
08:38 rim-k joined #salt
08:38 CeBe joined #salt
08:39 edulix joined #salt
08:43 KermitTheFragger joined #salt
08:44 ITChap joined #salt
08:44 kinetic joined #salt
08:46 edulix joined #salt
08:47 felskrone joined #salt
08:51 keimlink joined #salt
08:53 linjan joined #salt
08:55 kawa2014 joined #salt
08:56 anmol joined #salt
08:57 edulix joined #salt
08:58 _mel_ joined #salt
09:00 rotbeard joined #salt
09:05 colttt joined #salt
09:08 s_kunk joined #salt
09:09 trph joined #salt
09:09 stanchan joined #salt
09:13 Xevian joined #salt
09:13 lb joined #salt
09:18 kinetic joined #salt
09:29 thalleralexander joined #salt
09:31 bVector joined #salt
09:31 edulix joined #salt
09:48 breakingmatter joined #salt
09:53 kinetic joined #salt
09:55 larsfronius joined #salt
09:56 Ski2per_D joined #salt
10:03 Hydrosine joined #salt
10:03 Ski2per_Daye joined #salt
10:03 Ski2per_D left #salt
10:03 Ski2per_Daye test
10:04 favadi joined #salt
10:09 mage_ any idea when 2015.8.2 will go out ?
10:16 otter768 joined #salt
10:18 sgargan joined #salt
10:20 l13t joined #salt
10:21 ashmckenzie joined #salt
10:22 thalleralexander joined #salt
10:27 ramteid joined #salt
10:28 kinetic joined #salt
10:28 DammitJim joined #salt
10:29 sgargan joined #salt
10:30 edulix joined #salt
10:35 colegatron joined #salt
10:38 amcorreia joined #salt
10:44 rotbeard joined #salt
10:45 dendazen joined #salt
10:47 pezus i am having a problem with duplicate ids. i have to create a directory and ensure it is there. in the same directory i have to make sure files in it are there. so i have twice /path/to/files-statements
10:47 saffe joined #salt
10:48 pezus is there a way to combine file.managed and file.directory?
10:50 pezus or better file.recurse instead of managed
10:52 dendazen joined #salt
10:54 sgargan joined #salt
10:58 martintamare joined #salt
10:59 martintamare Hi everyone, i'm going to develop a module that handle dns record using an API. I'm looking for a module that has a good structure to inspire me : any idea ?
10:59 MAHDTech joined #salt
11:02 kinetic joined #salt
11:04 edulix joined #salt
11:12 bluenemo joined #salt
11:14 NV joined #salt
11:16 eliasp pezus: you can write as many states as you want below one ID
11:17 sgargan joined #salt
11:37 kinetic joined #salt
11:40 afics joined #salt
11:40 markm joined #salt
11:44 sgargan joined #salt
11:49 breakingmatter joined #salt
12:01 golodhrim|work joined #salt
12:01 golodhrim|work left #salt
12:10 TooLmaN joined #salt
12:12 kinetic joined #salt
12:12 illern_ joined #salt
12:15 colttt joined #salt
12:17 otter768 joined #salt
12:17 pviktori joined #salt
12:18 anmolb joined #salt
12:19 tmclaugh[work] joined #salt
12:25 sgargan joined #salt
12:27 thefish joined #salt
12:29 lb joined #salt
12:29 pviktori joined #salt
12:30 ALLmightySPIFF joined #salt
12:31 debian112 joined #salt
12:34 breakingmatter joined #salt
12:35 Edgan_ joined #salt
12:35 shnguyen joined #salt
12:44 linjan joined #salt
12:46 kinetic joined #salt
12:47 shiriru joined #salt
12:48 thalleralexander joined #salt
12:49 dthom91 joined #salt
12:54 illern joined #salt
12:57 larsfronius joined #salt
13:00 rvankleeck joined #salt
13:02 racooper joined #salt
13:03 subsignal joined #salt
13:06 Bryson joined #salt
13:12 cpowell joined #salt
13:13 sgargan joined #salt
13:13 msx joined #salt
13:13 jbub joined #salt
13:15 MadHatter42 joined #salt
13:16 Zytox joined #salt
13:18 cpattonj joined #salt
13:21 kinetic joined #salt
13:27 illern joined #salt
13:31 dthom91 joined #salt
13:31 winsalt joined #salt
13:32 illern joined #salt
13:32 murrdoc joined #salt
13:33 hasues joined #salt
13:34 hasues left #salt
13:34 fbettag joined #salt
13:35 jbub joined #salt
13:35 Voziv joined #salt
13:35 pravka joined #salt
13:37 DaveQB joined #salt
13:42 mage_ can I cann a custom module in a pillar file ?
13:42 mage_ s/cann/call
13:44 jalbretsen joined #salt
13:45 oherrala Can I use wildcards in pkg.removed's pkgs list? I would like to remove abrt* packages in CentOS
13:45 sgargan joined #salt
13:48 rudi_s_ joined #salt
13:48 kant joined #salt
13:48 Deevolution joined #salt
13:49 rudi_s_ Hi. Is there a pillar/grain with all known minion ids so I can iterate over all minions, e.g. in a jinja template?
13:51 Deevolution rudi_s_: I don't think there is.  You could create a pillar/grain on the master pretty easily if needed.  Just look at the /etc/salt/pki/master/minions directory.
13:51 rudi_s_ Deevolution: Ok, too bad.
13:52 Deevolution rudi_s_:  It would be pretty simple for you to create something that listed existing minions.
13:53 zmalone joined #salt
13:54 thebwt is there a way to make salt-cloud bootstrap to 2015.8.1 instead of 2015.5.6?
13:54 kant left #salt
13:55 sgargan joined #salt
13:58 kinetic joined #salt
13:58 Voziv Is it possible to manage a java keystore using salt?
13:59 Rkp Voziv: https://github.com/saltstack/salt/issues/10237 not currently through existing modules apparently?
14:02 Voziv Rkp: I ran into that but it doesn't look like the issue was addressed. I've found an issue for handling files using pillar (automatic importing as base64 into pillar). So I might be able to do that for now
14:02 bhosmer joined #salt
14:04 numkem joined #salt
14:05 Brew joined #salt
14:06 jeffpatton1971 joined #salt
14:06 jhauser joined #salt
14:06 zer0def ok, probably a dumb question, but how do i access a specific sub-dict key using pillar.get in mine.get?
14:08 nkuttler pillar.get(foo)['bar'] ?
14:09 nkuttler thebwt: isn't the just a matter of picking another install image? probably depends on the hoster though
14:09 dendazen I have this state https://gist.github.com/dendazen/7dc06cc05c726857a38c when i call it with this command salt -v  uat-dada.sec1.example.com state.sls packages.spacewalk_client  "pillar={companyenv: 'prod', user: 'jenkins', password: 'dada!}" I get an error
14:09 zer0def nkuttler: well, issue here is that i have such a hideous thing in a jinja-templated file: {{ salt['mine.get']('*', 'pillar.get') }}
14:10 zer0def and in the pillar i've defined so that it should call pillar.get with, let's say, as string like "mydict:mykey"
14:10 dendazen https://gist.github.com/dendazen/8b91240560f496f234c7
14:10 dendazen can someone take a look, please?
14:10 zer0def thing is that i'm getting proper results when calling the execution module directly, but the templated value returns an empty dict
14:11 cpattonj left #salt
14:11 zer0def should probably exemplify it in a paste, hold on.
14:11 edrocks joined #salt
14:12 kawa2014 joined #salt
14:14 _JZ_ joined #salt
14:16 quix joined #salt
14:16 sgargan joined #salt
14:17 zer0def there we go, example of my problem: http://codepad.org/vO3kR0Cf
14:17 mpanetta joined #salt
14:18 otter768 joined #salt
14:20 perfectsine joined #salt
14:22 JDiPierro joined #salt
14:22 thebwt nkuttler: the boostrap script adds "third party" repos for saltstack, epel in this case. I'm guessing we just have to wait for epel to update
14:22 racooper having a small problem with the users-formula when creating a new user. it's giving me an error "the following group(s) are not present: mysqldba" where "mysqldba" is the user being created.
14:22 racooper https://gist.github.com/racooper/5f7c688d477db0ebf820
14:23 racooper past experience with this module didn't have this problem so I'm not sure why it's not auto-creating the user's own group now.
14:24 Norrland racooper: which version of salt, and what command are you applying?
14:25 zmalone racooper: both the 2015.5 and 2015.8 docs state that the user state will fail if the group doesn't already exist.
14:25 dthom91 joined #salt
14:25 zmalone Maybe in a past version that wasn't the case?
14:26 sgargan joined #salt
14:26 racooper it's 2015.5.5-1 from EPEL. and that doesn't make sense then, because just doing a straight user.present works and creates the user groups without any special configuration. I just did that yesterday on the same version.
14:27 zmalone https://docs.saltstack.com/en/latest/ref/states/all/salt.states.user.html#salt.states.user.present
14:28 racooper if I manually run salt-call user.add tester, it creates the user tester and group tester. it's just not working in the users-formula from pillar data.
14:28 kaptk2 joined #salt
14:29 Norrland racooper: are you setting group: myusergroup in the user.present state?
14:30 racooper no....never have in the past (but I've only used the formula on one other server, and that hasn't been since April)
14:30 racooper users-formula appears to set that though
14:31 racooper https://github.com/saltstack-formulas/users-formula/blob/master/pillar.example
14:31 racooper um...the actual formula. https://github.com/saltstack-formulas/users-formula/blob/master/users/init.sls
14:31 edulix joined #salt
14:32 kinetic joined #salt
14:34 breakingmatter joined #salt
14:35 sgargan joined #salt
14:37 teebes joined #salt
14:39 otter768 joined #salt
14:40 anmolb joined #salt
14:43 pyropoptrt joined #salt
14:45 andrew_v joined #salt
14:46 sgargan joined #salt
14:51 moogyver joined #salt
14:53 ktosiek joined #salt
14:54 martintamare how to pass complex parameters to module using salt cli ? in my case : v=spf1 include:_spf.google.com ~all)
14:55 conan_the_destro joined #salt
14:56 dfinn joined #salt
14:56 sgargan joined #salt
14:57 jryberg joined #salt
14:58 teryx510 joined #salt
14:58 Akhter joined #salt
14:59 clintberry joined #salt
14:59 Akhter joined #salt
14:59 jryberg Hi, I just lost 50% of all my RHEL6 minions after updating to 2015.8.1-1.el6
14:59 jryberg salt-call test.ping from minion generates a crash
15:00 phx i wouldn't consider a RHEL6 a loss. it's almost a dinasour by now :)
15:01 jryberg http://pastebin.com/6DHYYkh4
15:01 jeffpatton1971 I need to define a variable in salt that has multiple values depending on what group the minion is in. ( I asked this last week ) and I think I have something really close, at least it *looks* like it will work https://gist.github.com/jeffpatton1971/09ef1ed1d16bb555290f
15:01 kawa2014 joined #salt
15:02 jryberg phx: it's still widely used in big companies
15:03 zmalone jryberg: That should probably be reported at https://github.com/saltstack/salt/issues
15:04 jryberg yeah, I know =) but I was crossing my fingers that someone know a work around.. my production system are without a driver ..
15:06 kinetic joined #salt
15:07 sdm24 joined #salt
15:07 zer0def btw, just as a side note - how experimental is mine-in-ssh? given that i've created a mine_functions pillar for a machine and all it returned was empty dicts, i'm guessing that *SOMETHING* doesn't work
15:08 SunPowered joined #salt
15:08 zmalone jryberg: it looks like on RHEL platforms, a lot of people have complained about missing log directories causing crashes
15:09 zmalone https://github.com/saltstack/salt/issues/27533 and the related issues.
15:09 dthom91 joined #salt
15:16 edulix joined #salt
15:18 pguinardco joined #salt
15:22 edulix joined #salt
15:23 evle joined #salt
15:23 is_null joined #salt
15:24 pravka joined #salt
15:32 adelcast left #salt
15:34 subsigna_ joined #salt
15:35 meye1677 joined #salt
15:38 RedundancyD joined #salt
15:40 jryberg zmalone: It turned out to be zeromq that needed to be upgraded
15:41 jryberg it's seems to be dependency issues
15:41 jryberg It has been reported for future reference and other who might end up with the same problem
15:42 bussillis joined #salt
15:43 bussillis guys,i try to run new salt-cloud module, just by simple example and i get this error, anyone hes clue about it? ValueError: Invalid tag name u'soapenv:Envelope'
15:43 bussillis python 2.7
15:43 bussillis ??
15:43 bussillis anyone?
15:45 malinoff joined #salt
15:47 zsoftich2 joined #salt
15:52 ALLmightySPIFF joined #salt
15:53 sdm24 bussillis: I think you need a space between "soapenv: Envelope". Not 100% sure, but if thats a Salt file, it should have a space
15:53 gasbakid joined #salt
15:53 sdm24 bussillis: to clarify, a space after the :
15:55 kinetic joined #salt
15:55 tmclaugh[work] joined #salt
15:56 subsignal joined #salt
15:59 sgargan joined #salt
15:59 evle joined #salt
16:00 dthom91 joined #salt
16:01 ron__ joined #salt
16:02 danlsgiga joined #salt
16:02 ron__ Has anyone upgraded a salt master from debian 7 to 8 using state files?
16:02 alemeno22 joined #salt
16:02 jeffpatton1971 Going to post again, this is a slightly dumbed down version of my previous question, as I think I was putting too much out there. https://gist.github.com/jeffpatton1971/af8adbe66456a6758c74
16:03 evle1 joined #salt
16:03 racooper joined #salt
16:03 racooper joined #salt
16:03 danlsgiga hey guys, can someone explain me how the ext_pillar works? I have it setup to use a master branch on github with ssh authentication, it downloads the files to the cache but it is not being added to the main pillar
16:03 gtmanfred jeffpatton1971: the node group isn't something that is really applied to the minion afaik.
16:04 gtmanfred jeffpatton1971: the nodegroup is just sugar to make extra stuff easier
16:04 sgargan joined #salt
16:04 gtmanfred jeffpatton1971: i would stop using node groups, since you can match on pillars, and use the top file in my pillar data to do a compound matching, than you can replace node groups entirely with pillar matching, since node groups require you to restart the master
16:05 jeffpatton1971 @gtmandfred ok, i'm down with that, so perhaps I should use grains instead? perhaps apply a grain to these servers based on their groups, and then let sample check the grain?
16:05 gtmanfred that is what I do
16:05 gtmanfred role:
16:05 gtmanfred - web
16:05 gtmanfred - api
16:05 gtmanfred and just put all the roles for that server in the grain
16:05 gtmanfred you can even configure them as part of the salt-cloud data if you are using that, so when the server comes online they already have their correct grains
16:06 moogyver joined #salt
16:06 furrowedbrow joined #salt
16:06 jeffpatton1971 can you assign a grain to a minion through salt? all I've done is push them manually
16:06 gtmanfred yes
16:06 gtmanfred grains.setval
16:06 gtmanfred or grains.present for the state
16:06 jeffpatton1971 we're using azure for our vm's and salt-cloud doesn't work with the azures arm stuff
16:06 gtmanfred jeffpatton1971: https://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.grains.html
16:06 Depado left #salt
16:06 gtmanfred for the module
16:07 gtmanfred https://docs.saltstack.com/en/latest/ref/states/all/salt.states.grains.html for the states
16:07 OliverUK joined #salt
16:07 gtmanfred if you do it with the state, i think you have to pass refresh_grains: True if you want to use it later on in the same highstate run
16:07 gtmanfred but don't quote me on that...
16:07 jeffpatton1971 lol
16:07 jeffpatton1971 dammit...ok ;-)
16:08 * jeffpatton1971 note to self...redact grmanfred from all documentation on this
16:08 gtmanfred :)
16:08 edulix joined #salt
16:08 gtmanfred you might not need to, i just remember a time in the past when they weren't reloaded for some reason
16:08 gtmanfred they might be now.
16:08 jeffpatton1971 ok...so what it sounds like I need to do is re-work this to push out the grains to my servers, and then have the state read the grain and apply the proper value
16:09 gtmanfred i know you have to use refresh_modules, if you install some python module that another state module needs in order to run
16:09 gtmanfred yar
16:09 gtmanfred that is how I would do it
16:09 jeffpatton1971 in the sample/init.sls I define the groups and then variable:value how would I change that?
16:09 jeffpatton1971 i'm concerned now that i'm over-thinking
16:10 gtmanfred {{ grains['variable'] }}
16:10 otter768 joined #salt
16:11 anotherZero joined #salt
16:11 Rumbles joined #salt
16:13 writtenoff joined #salt
16:14 tiadobatima joined #salt
16:20 twork n00b question: i've brought one of my branches into sync with current, on github. my fork of the bind formula is ten revs behind, and i'd like to update it, but so far i isn't apparent to me how to do that, and i *really* don't want to risk putting something where it doesn't belong, so i'd like a hint before i go and click something stupid.
16:20 DammitJim joined #salt
16:20 gasbakid_ joined #salt
16:21 twork crap. not "i've brougt", rather "i'd like to bring."
16:21 twork it's one of those days.
16:21 jeffpatton1971 @gtmanfred I've updated my example, I add a grain called instance, with the proper value in it, I assign that based on nodegroups (those are well defined for us) and then I *think* pull the value of instance in the sample state file, can you check it out to see if i'm close? https://gist.github.com/jeffpatton1971/af8adbe66456a6758c74
16:22 cyborg-one joined #salt
16:22 twork a tip on where i should be reading is welcome too. i get the impression that the interface just assumes that i should now more git lingo than i do.
16:23 dthom91 joined #salt
16:23 zmalone twork: I believe https://help.github.com/articles/syncing-a-fork/ is what you want
16:23 twork zmalone: thanks
16:24 zmalone it'll be something like "Pull your fork's changes, pull the main changes, merge them together, commit/push back to your fork"
16:25 twork hm. thanks, but reading there, it's a guide to using git on the command line. which is good, but what i'm looking at is the web ui, and that's what i'd like to bring into sync.
16:26 twork https://github.com/mjinks/bind-formula
16:26 twork i suppose it's just as well to drop that fork and switch to shell.
16:27 zmalone those changes on the command line will be reflected in the webui once you are done
16:27 twork ah, ok. i wondered.
16:28 twork in case it isn't apparent, i have absolutely no business pushing any change i've made upstream
16:28 twork anyhow. thanks.
16:30 zmalone github's ui is very useful, but it doesn't cover all possible git actions, merging upstream changes into your local fork is one of the actions I've never found in the web ui
16:30 twork ok
16:30 zmalone that article saying to do it via git command line actions suggests that there isn't a webui way to do it
16:32 sdm24 I need to have a count of all my minions, sorted by version number. I think the best way to do this would be to write a python module that runs "salt '*' grains.get saltversion --out=pprint". What salt modules do I need to import to have python be able to run that command?
16:34 sdm24 sounds like I want https://docs.saltstack.com/en/develop/ref/clients/index.html#salt-s-client-interfaces client interfaces. Is this the right track?
16:35 jalbretsen joined #salt
16:37 amcorreia joined #salt
16:38 jeffpatton1971 sdm can't you just pipe that to sort?
16:38 twork zmalone: i'm still doing something wrong. switched to my local copy, 'git fetch upstream' throws an error, "'upstream' does not appear to be a git repository". tried variants, going up a directory, fetching 'bind-formula' instead of 'upstream', same error
16:39 mapu joined #salt
16:39 jeffpatton1971 perhaps use sed and grep to massage it?
16:39 twork i'll go read. thanks.
16:39 sdm24 jeffpatton1971: I know nothing about python, so I'm not sure what you mean
16:39 sdm24 jeffpatton1971: yeah I was thinking of using that as a fallback. I'm having issues getting python to pass "--out=pprint" correctly
16:39 jeffpatton1971 @sdm24 it's not python it's just commands that you would run
16:40 jeffpatton1971 @sdm24 ah..i had to do something similar and wound up with a rather wicked command line that did give me what I was after
16:40 danlsgiga I have a ext_pillar configured and the master branch is being used... the pillar file is being cached successfully by the master but when I do a pillar.items, this error comes up: - Specified SLS 'gitmule' in environment 'base' is not available on the salt master
16:40 sdm24 jeffpatton1971: the end result is that I need to save this to a file so it can be picked up by a different python module and displayed on a webpage
16:41 danlsgiga Does anyone know how I should use it in my top.sls?
16:41 stomith joined #salt
16:41 danlsgiga I don't have a top.sls in my git repo... is it mandatory?
16:42 sdm24 danlsgiga: it should be the same as if you were using a local pillar/top.sls. base: /n '*': /n   path/to/gitmule.sls
16:42 sdm24 if you still have "roots" set as a fileserver_backend in /etc/salt/master, you can put the top.sls file there
16:42 danlsgiga sdm24: even if I'm using root: pillar in my master config?
16:42 jeffpatton1971 @sdm24 gotcha, I don't think you'll need to import anything spectacular, python is OOO so you *ought* to be able to find some examples of sorting key/value pairs online that are more or less straightforward..i hope
16:42 danlsgiga sdm24: this is the repo I'm using: https://github.com/danlsgiga/saltest
16:43 jdubski joined #salt
16:43 edulix joined #salt
16:43 tiadobatima hello there guys... I spent all day yesterday, without success, trying countless variations of serializing a pillar into a file using both file.serialize and file.managed. The catch is that the pillar has multiple lines (SSL certificates). This is the result of the some of the things I tried: http://pastebin.com/J8D6FfiB
16:44 sgargan joined #salt
16:44 aparsons joined #salt
16:44 danlsgiga sdm24: And this is my ext_pillar config https://gist.github.com/danlsgiga/1b47fa372676175fbbf2
16:45 sdm24 danlsgiga: it should be as simple as adding this https://gist.github.com/sdm24/bd721bbd840c706962f7 to your git pillar/ directory
16:45 gasbakid__ joined #salt
16:45 sdm24 err not gitmule.sls, just gitmule
16:46 danlsgiga sdm24: ok, got it! But here is the thing, I don't want all the minions to have this pillar
16:46 dthom91 joined #salt
16:46 danlsgiga sdm24: Also, I don't have the pillar_roots to use git
16:46 sdm24 then define which ones you do, replacing it with '*'. I'll update the example
16:46 danlsgiga I'm using git just for the external pillar
16:47 sdm24 you can put that pillar top.sls on your local master too if you want, in /srv/pillar/top.sls by default
16:47 danlsgiga sdm24: I don't want to define it in the external pillar, I want to define this in my filesystem pillar/top.sls
16:47 sdm24 yeah its the same format
16:48 sdm24 I updated my gist to show how to target on grains. You can also use globs, lists, compounds, etc
16:49 danlsgiga sdm24: I understand the targetting, my main concern is that I'm giving control to this specific pillar to some developers, and I don't want them to be able to change the target in the git top.sls
16:49 impi joined #salt
16:50 ubikite joined #salt
16:51 sdm24 danlsgiga: so you want to keep your top.sls local? you can do that. Just put it in where "base" is defined in pillar_roots in your /etc/salt/master config. By default this is /srv/pillar
16:52 danlsgiga sdm24: I'm already doing this, but it is not coming up
16:52 sdm24 oh
16:52 danlsgiga sdm24: and I can see the cached pillars in /var/cache/salt/master/ext_pillars
16:52 iggy you can also put it at the root of just about any pillar_root
16:53 iggy one common tactic is putting top files in a separate git repo (when using gitfs)
16:53 iggy so you don't have to maintain them across branches
16:54 iggy but it should work equally well for your case
16:55 danlsgiga iggy: yup, I'm using the local filesystems to store my pillar top.sls and using it to target... but this error appears when I try to pillar.items - Specified SLS 'gitmule' in environment 'base' is not available on the salt master
16:57 alemeno22 joined #salt
16:58 larsfronius joined #salt
16:58 wendall911 joined #salt
16:59 Akhter joined #salt
16:59 gasbakid_ joined #salt
16:59 sgargan joined #salt
17:00 iggy and you're setting root=pillar?
17:00 danlsgiga iggy: yes!
17:00 iggy sorry, I haven't read the enourmous backlog
17:00 iggy I'll shut up now
17:00 danlsgiga iggy: let me try to remove the root=pillar and set pillar.gitmule in my top.sls
17:02 danlsgiga iggy: same thing... - Specified SLS 'pillar.gitmule' in environment 'base' is not available on the salt master
17:03 danlsgiga iggy: Do I need to set the env: base in my ext_pillar config?
17:03 sgargan joined #salt
17:07 iggy I don't think it's necessary (at least I didn't)
17:08 danlsgiga yeah, the doc states it will use env: base as default
17:09 iggy what version of salt is this?
17:09 danlsgiga 2015.8.0
17:10 iggy are you using the new style  config or the old?
17:10 danlsgiga iggy: the new one
17:10 danlsgiga with pygit2
17:11 iggy and pygit is linked against libssh2?
17:12 danlsgiga iggy: How can I know it?
17:12 iggy there was something weird about that, hold on a sec
17:13 iggy https://github.com/saltstack/salt/issues/21979
17:13 iggy check that
17:13 gasbakid joined #salt
17:16 danlsgiga iggy: That's not the case... Check this gist https://gist.github.com/danlsgiga/45ca91583c1160978927
17:17 pcn What's the standard action when upgrading, to get rid of unwanted pyc files?  Just find | xargs rm?
17:17 danlsgiga iggy: This is my log showing that the git_pillar is successfully grabing the ext_pillar, and it is indeed, I can see it in my salt/cache/master/ext_pillars
17:18 gasbakid joined #salt
17:19 danlsgiga iggy: FYI, I have just ext_pillar setup, I don't have any gitfs_* config set
17:19 danlsgiga iggy: Is it required?
17:20 pcn I'm getting upgrades where the event cache appears to be crashing the salt-api because of UnicodeDecodeError: ... invalid continuation byte
17:22 solidsnack joined #salt
17:26 OliverUK left #salt
17:26 gasbakid joined #salt
17:26 tiadobatima howdy iggy, folks...  tried to serializing a pillar into a yaml file using both file.serialize and file.managed. The pillar has multiple lines (SSL certificates). This is the result of the some of the things I tried: http://pastebin.com/J8D6FfiB
17:31 danlsgiga iggy: So, it worked ONLY when I commited a top.sls to the git repo
17:33 aparsons joined #salt
17:34 edulix joined #salt
17:39 iggy I wouldn't be surprised if that was expected behavior
17:40 pcn tiadobatima: Have you thought of storing your pillar values as quoted strings with embedded newlines?
17:40 pcn danlsgiga iggy that sounds like what a gitfs should do - read from the index
17:41 tiadobatima pcn: unless I'm misunderstanding your suggesting yes.. see the first example here: http://pastebin.com/J8D6FfiB
17:42 danlsgiga pcn: It is reading from the index, I'm just questioning the requirement for a top.sls in the git repo instead of using the filesystem one to target my pillar
17:42 iggy danlsgiga: I'd search/file a ticket... either it's a bug or the docs need to be more clear on this
17:42 danlsgiga pcn: I was assuming I could have just the pillars itself in git and use my filesystem top.sls to use them, but this is not the case, I must have a top.sls in my gitrepo as well
17:43 iggy danlsgiga: if the top.sls in the git repo is completely empty does it work?
17:44 danlsgiga iggy: nope
17:46 Edgan How do I do the grains['cluster'] in {{ pillar['elasticsearch'][grains['cluster']]['data_dir'] }} with the pillar.get syntax?
17:47 KyleG joined #salt
17:47 KyleG joined #salt
17:48 iggy pillar.get('elasticsearch:' ~ grains['cluster'] ~ ':data_dir')
17:48 Edgan iggy: Thanks, would have never guessed that syntax
17:48 jeffpatton1971 joined #salt
17:49 iggy actually, it'd be more like salt['pillar.get']('elasticsearch:' ~ grains['cluster'] ~ ':data_dir'
17:49 iggy you have to use the salt version to get the nested dict lookups
17:49 iggy pillar.get just uses python's built-in dict lookups
17:50 iggy I was just being lazy
17:51 kinetic joined #salt
17:51 pravka joined #salt
17:52 danlsgiga iggy: hey... I found this param in the master config... ext_pillar_first: False
17:52 danlsgiga iggy: Does it have any impact on this?
17:53 iggy danlsgiga: I... don't know... it's worth a try (since you have a pretty easy way to test)
17:53 spokra joined #salt
17:56 mirkop_ joined #salt
17:57 racooper joined #salt
17:58 jeffpatton1971 we have a single pillar /srv/pillar/top.sls and then have another top file for states? /srv/salt/top.sls...we collectively consider this the pillar...but I think we're thinking this wrong...currently things are more or less duplicated between the two.
17:58 danlsgiga iggy: Changes nothing! :(
17:59 danlsgiga iggy: Well, will file a ticket for this one
17:59 jeffpatton1971 should we consider /srv/pillar/top.sls for storing things like passwords/keys/things that we don't want cached and then /srv/salt/top.sls for things that land/get configured on each minion
17:59 danlsgiga iggy: Thanks a lot
18:01 ajw0100 joined #salt
18:02 iggy jeffpatton1971: pillars are generally used for "sensitive" data (as they are targeted and rendered fully on the master, whereas everything in file_roots is available to all minions)
18:02 iggy jeffpatton1971: but that needn't be necessarily true
18:03 jeffpatton1971 @iggy i'm just trying to make sure we don't have things duplicated...currently that feels like how it's setup...such as we want admin accounts on all servers we have pillar/top that lists * with admin and a salt/top with the same
18:03 iggy ext_pillar is one thing that generally doesn't need to be sensitive data, but is much easier to do in pillar space than file_Roots
18:03 kinetic joined #salt
18:10 sgargan joined #salt
18:12 pfallenop joined #salt
18:12 pfallenop joined #salt
18:13 dthom91 joined #salt
18:14 perfectsine joined #salt
18:17 timoguin joined #salt
18:17 jeffpatton1971 how long do files live in /var/cache/salt/files ?
18:17 pcn danlsgiga: oh, interesting, you're saying that ifyou have a top.sls in the filesystem and it's configured before the top.sls in the git repo, it's not working?
18:18 solidsnack joined #salt
18:18 iggy jeffpatton1971: there should be nothing in that path
18:18 timoguin_ joined #salt
18:18 perfectsine_ joined #salt
18:19 danlsgiga pcn: yup
18:19 jeffpatton1971 @iggy sorry, /var/cache/salt/minion/files/base
18:20 danlsgiga pcn: Actually what I'm noticing is that I MUST have a top.sls in my ext_pillar git repo
18:22 danlsgiga pcn: I want to target my minions only in my filesystem top.sls and grab only the pillar itself from the git repo, but it doesn't work
18:22 pfallenop joined #salt
18:23 ubikite joined #salt
18:26 Fiber^ joined #salt
18:27 s_kunk joined #salt
18:27 alvinstarr joined #salt
18:27 pcn danlsgiga: yeah, that's interesting.
18:30 danlsgiga pcn: This way I can handover pillar managing to devs without compromising security
18:30 danlsgiga pcn: Because I'll still be managing the targets
18:31 forrest joined #salt
18:32 sdm24 danlsgiga: I use git for both gitfs and pillar. I have all of my pillar top.sls in git, but for testing, I have a salt/top.sls for highstate on the local fileserver
18:32 sdm24 so thats strange that pillar needs top.sls in git, while gitfs does not
18:34 tkharju joined #salt
18:38 pfallenop joined #salt
18:41 gasbakid_ joined #salt
18:42 flebel joined #salt
18:44 mansquid joined #salt
18:44 gasbakid joined #salt
18:45 dthom91 joined #salt
18:47 sgargan joined #salt
18:52 Akhter joined #salt
18:52 danlsgiga sdm24: Agree!
18:54 danlsgiga sdm24: It might be working for you because you have all your top.sls in git already.
18:56 sgargan joined #salt
18:57 Brew joined #salt
19:00 sgargan joined #salt
19:01 Rumbles joined #salt
19:03 grepory left #salt
19:04 zmalone1 joined #salt
19:05 seweryn joined #salt
19:07 zmalone1 for anyone using gitfs on their salt master and also using the salt fileserver, be careful about putting binaries and artifacts in there.
19:08 tiadobatima Hello there guys... does anyone around here manage SSL certificates/keys using salt inside yaml files? If yes what's the trick? I'm about to give up on this :D
19:09 rmnuvg joined #salt
19:10 solidsnack joined #salt
19:12 tapoxi joined #salt
19:12 Corey tiadobatima: Yes. For years now.
19:12 Corey It's standard multi-line YAML
19:13 tapoxi hi everyone, I wrote a little salt state to install the minion via salt-ssh, but when I run it it says "package salt-minion failed to update" and doesn't install. if I SSH in manually and install salt-minion it's fine. what am I missing? http://hastebin.com/gawomiwuke.sm
19:13 clintberry joined #salt
19:14 tiadobatima thx Corey... mind checking what I'm doing wrong here? http://pastebin.com/J8D6FfiB
19:16 Corey tiadobatima: Option 3 is correct, but check that you've got the right amount of indentation.
19:17 tiadobatima all configuration is defined in the pillar, and I just want to serialize that whole pillar into a file as is... regardless how I represent that SSL certificate within the pillar, after both file.serialize and file.managed mangle the multiline...
19:17 nofxrok joined #salt
19:17 felskrone joined #salt
19:18 tiadobatima Corey: I tried lots of different indentation levels
19:19 chingadero joined #salt
19:21 dthom91 joined #salt
19:21 tiadobatima as you can see in the example, Option 3 adds a line break...
19:21 tiadobatima I mean... an extra line break
19:23 forrest sdm24, Good job on those docs, thanks for fixing the line breaks.
19:24 alemeno22 joined #salt
19:24 forrest tapoxi, set refresh: True in your pkg.latest state.
19:24 tapoxi forrest: thanks!
19:25 forrest tapoxi, np, hopefully that does it.
19:25 forrest if not let me know
19:25 ajw0100 joined #salt
19:25 tapoxi forrest: no dice :/
19:26 forrest tapoxi, That was a test on a new system?
19:26 tapoxi forrest: yes
19:27 forrest any log output?
19:27 tapoxi it's the same every time, package salt-minion failed to install/update
19:28 forrest tapoxi, Okay, so when you did the manual install were you adding the repo content manually?
19:28 tapoxi it successfully adds the repo
19:28 tapoxi so all I need to do is yum install salt-minion
19:29 forrest hmm, it should be doing the ordering correctly. under the pkg.latest, can you try adding - require: \n - pkgrepo: salt
19:30 tapoxi working now, I removed the fromrepo: salt
19:30 tapoxi it must be using some other name
19:30 forrest Yeah
19:30 forrest oh
19:30 forrest maybe it is using the humanname value?
19:30 tapoxi that's my guess
19:30 forrest so that works with the refresh then?
19:31 tapoxi no refresh just removed fromrepo
19:31 forrest okay cool
19:33 dthom91 joined #salt
19:34 lemur joined #salt
19:36 wtheaker joined #salt
19:37 baweaver_ joined #salt
19:40 seweryn2 joined #salt
19:40 mohae joined #salt
19:41 sgargan joined #salt
19:41 edrocks joined #salt
19:44 dthom91 joined #salt
19:45 tapoxi left #salt
19:51 colegatron joined #salt
19:52 sgargan joined #salt
19:53 colegatron I should pass a contect var into a template. I need to quote the value because there is a space at the end of the value  cwd: "/home/{{ local_user }}/trovimapemrs/history-emr-swf\ "
19:55 sdm24 forrest: Thanks for helping me with the Docs edit. It wasn't as painful as I thought it would be haha
19:55 colegatron but then the {{ local_user }} is not replaced in the file. can I concat strings in a yaml value like '/home/{{local_user}}/trovimapemrs/history-emr-swf' + ' ' ?
19:55 forrest sdm24, Nah it's pretty easy!
19:56 forrest sdm24, You going to make another 3 before the end of the month to projects?
19:56 sdm24 haha probably not. I'm not sure what else to do
19:56 forrest Are you competent with Python?
19:56 sdm24 colegatron: make sure that you have " - template: jinja" on in your template file
19:56 sdm24 god no
19:57 forrest sdm24, You can make them against any public repo.
19:57 colegatron smd24: it is.
19:58 colegatron the problem is the value is a quoted string, so I see the {{ local_user }} not replaced.
19:58 sdm24 colegatron: what I do in that situation is create another jinja variable equal to the whole string
19:59 colegatron a solution is to set an extra variable before the state, but maybe there is some other elegan way
19:59 forrest sdm24, Here's a bunch of doc issues whiteinge, myself, and a few others put together a while back dor a docs sprint: https://github.com/saltstack/salt/issues/12446
19:59 toastedpenguin s3.keyid & s3.key = same creds used for salt master access to AWS api for salt-cloud?
19:59 colegatron smd24: I see, workarounds everywhere ;) Tnx, I'll do that
20:00 sdm24 so {% set cwd = " '/home/'"~ local_user ~"'/trovimapemrs/history-emr-swf'" %}
20:00 sdm24 then in yaml, - cwd: {{cwd }}
20:00 DammitJim joined #salt
20:00 jeffspeff joined #salt
20:01 sdm24 forrest: nice list. I'll skim through it and see if theres anything easy I can do'
20:01 forrest sdm24, There's also a ton of open docs issues: https://github.com/saltstack/salt/issues?q=is%3Aopen+is%3Aissue+label%3ADocumentation
20:01 forrest sdm24, Cool, some of those are a lot of work so don't feel like you need to do one of those.
20:01 sdm24 haha yeah definitely
20:02 jhauser joined #salt
20:02 aidalgol joined #salt
20:05 zmalone1 I'm never sure which branch to work from for doc stuff
20:05 zmalone1 usually it effects a half dozen branches
20:09 opensource_ninja joined #salt
20:09 ldelossa joined #salt
20:11 bhosmer joined #salt
20:11 forrest zmalone1, I usually just PR against develop, if they want to merge it to the other heads at some point they can do so.
20:11 ldelossa Hey guys, I have a map.jinja file and I wanted to create variables with "." in the same. I was trying to be able to get this to work in a state file {{ ssh.sshd.config.file }} but jinja seems to complain when I have a variable named with dots in it, such as 'sshd.conf.file': '/etc/ssh/sshd_config'
20:12 ldelossa is this correct that I can't use dots in my variable names?
20:12 forrest ldelossa, I'd suggest against it, because unless you change the delimiter it's going to consider those dots as extensions, so what it's looking for is ssh: \n sshd: \n config: \n file: my_file
20:13 ldelossa ahh okay
20:14 ldelossa so doing something like 'sshd_config_file' : '/etc/ssh/sshd_conf'
20:14 ldelossa is a better method?
20:14 forrest ldelossa, exactly.
20:14 ldelossa Okay cool - just wanted to confirm
20:14 ldelossa thanks a lot forrest
20:14 bastion1704 joined #salt
20:14 forrest ldelossa, Yeah np!
20:15 forrest sdm24, Clearly what you should work on is getting the reactor into masterless :D
20:15 forrest since Tom is slacking
20:18 gtmanfred isn't the event bus in the minion? youjust have to attach your own thing to it to kick off tasks?
20:18 gtmanfred that is what I did, read the event bus, then create celery tasks to do things
20:19 sgargan joined #salt
20:19 saltRookie joined #salt
20:20 ipmb joined #salt
20:20 ipmb I'm having an issue where salt doesn't seem to pick up a path change I added to /etc/profile.d/
20:20 dthom91 joined #salt
20:21 ipmb causing it to not find psql and all the postgres modules failing
20:21 pfallenop joined #salt
20:21 ipmb if I `echo $PATH` as my root user, I do see it
20:24 rotbeard joined #salt
20:25 Grokzen joined #salt
20:26 clintberry joined #salt
20:31 ldelossa joined #salt
20:32 aparsons joined #salt
20:32 ldelossa Hey guys, I'm back for one more question. What's honestly the best way to learn jinja and it's abilities? I see most articles are in regards to html and I'm not sure if it's going to be the best way to learn it in salt context
20:32 pfallenop joined #salt
20:34 honestly Just read the manual.
20:35 ajw0100 joined #salt
20:35 ldelossa Jinja or staltstack manual?
20:37 mr_chris Is it possible to reduce the number of threads that salt-minion spawns.
20:37 mr_chris ?
20:37 toastedpenguin are s3.keyid & s3.key the same as the keyid and key found in the cloud.providers.d conf file or should they be?
20:37 mr_chris It likes like by default it spawns 5. I'm trying to figure out to reduce the amount of virtual memory the salt minions consume.
20:38 forrest For anyone that wants an example of how to back port doc stuff rallytime did so here: https://github.com/saltstack/salt/pull/28342#issuecomment-151630914
20:39 Rumbles joined #salt
20:39 |Fiber^| joined #salt
20:39 forrest mr_chris, there's: https://docs.saltstack.com/en/latest/ref/configuration/master.html#worker-threads and https://docs.saltstack.com/en/latest/ref/configuration/minion.html#thread-settings
20:39 mr_chris forrest, That's for the master. Not the minion.
20:39 forrest mr_chris, The second one is for the minion.
20:40 forrest looks like it doesn't allow you to specify threads (though you could just try adding the option to the config if turning off multiprocessing doesn't work)
20:40 mr_chris forrest, I tried that one too. It defaults to true. At false, it actually increases the VM usage.
20:40 forrest mr_chris, Did you try adding that option for threads that exists on the master to the minion?
20:40 mr_chris Yes.
20:41 mr_chris Stays at 5 threads.
20:41 forrest mr_chris, Bummer, I don't know if anything exists past that, I'd say check if an issue exists for it, if not make one.
20:41 mr_chris Using ~600 M of VM seems a little heavy for small VPS instances.
20:41 forrest mr_chris, Yeah that seems odd, I never see that much usage.
20:42 forrest are you doing something that takes a lot of memory during the run?
20:42 mr_chris forrest, What are you seeing right now?
20:42 forrest I don't have anything running right now
20:42 forrest you're just seeing that when you START the minion?
20:42 forrest Not during a run?
20:42 mr_chris Yes.
20:43 mr_chris Just sitting idle.
20:43 forrest hang on
20:45 thebwt Is there a mechanism for running states across different system in a certain order, like making sure the fileserver is running before client servers try to mount the filesystem? Basically using the top file and writing states such that they can 'require' across systems.
20:45 forrest mr_chris, I'm seeing ~130
20:45 mr_chris Residential or virtual?
20:45 clintberry joined #salt
20:45 adelcast joined #salt
20:46 forrest that's virtual
20:46 forrest divided by 1024
20:46 forrest residential is 25708 before division
20:47 whytewolf thebwt: https://docs.saltstack.com/en/latest/topics/tutorials/states_pt5.html
20:47 mr_chris forrest, http://pastie.org/10512195
20:47 sgargan joined #salt
20:48 thebwt whytewolf: boom, that's EXACTLY what I was thinking, just couldn't find the right keywords for google. Thanks a ton
20:48 rome_390 joined #salt
20:48 forrest yeah I don't see that much usage mr_chris
20:48 forrest not sure what's up
20:48 teebes joined #salt
20:49 mr_chris forrest, Which distro and version? 32 bit or 64 bit?
20:49 mr_chris Which version of python?
20:49 forrest ubuntu 64 bit, this is running inside my local VM
20:49 forrest it's 2.7
20:49 forrest .6
20:50 mr_chris 14.04?
20:51 forrest yup
20:51 solidsnack joined #salt
20:52 breakingmatter joined #salt
20:52 ajw0100 joined #salt
20:54 mr_chris forrest, A quick test on Arch Linux http://pastie.org/10512211
20:54 clintberry joined #salt
20:54 forrest hmm
20:54 mr_chris I wonder if this has anything to do with the master.
20:55 ldelossa hey guys does anyone see why I'm getting the following error ? http://hastebin.com/azupiqenof.sm
20:55 whytewolf mr_chris: forrest: could it have to do with loaded grains & pillars? the mem usage i have on a openstack controller is about the same as what mr_chris is showing
20:56 forrest whytewolf, Could be, I'm running the dev version for testing/PRs so I don't have anything loaded in
20:56 mr_chris whytewolf, Let me try is a small set of grains and pillars.
20:56 mr_chris And states.
20:58 penguinpowernz joined #salt
20:59 larsfronius joined #salt
20:59 forrest ldelossa, Is the map import in the correct location?
21:00 forrest ldelossa, I also noticed you're not doing the pillar merge at the bottom of your map
21:01 mr_chris forrest, whytewolf I removed all top files and restarted the minion. Still the same usage.
21:02 forrest I'm not sure then :\
21:02 forrest maybe restart with some debug logging to see if something is going on?
21:02 ldelossa forrest - http://hastebin.com/ibaziqawuq.rb that's my directory tree
21:02 ldelossa not doing pillar merge because I have no pillars just yet
21:02 ldelossa this is for a very base image
21:02 ldelossa should be completely consistent between all linux distros
21:03 forrest ldelossa, And the configure_ssh.sls is in the salt dir, where as the map is in the core directory?
21:03 ldelossa both map and the sls files are in the core directory
21:04 forrest but your root is the salt dir
21:04 ldelossa i though it is by default recurisve
21:04 ldelossa so when I do high statse
21:04 ldelossa I do
21:04 ldelossa core.configure_ssh
21:05 ldelossa and that works fine
21:05 ldelossa {% from "core/map.jinja" import ssh with context %}
21:05 ldelossa that's my import
21:05 moogyver joined #salt
21:05 iggy mr_chris: are you looking at VIRT or RES? VIRT is almost a useless number
21:05 forrest I'm just saying /srv/salt is set as your root dir inside of salt (or you did not change the default)
21:05 mr_chris iggy, virt
21:05 ldelossa is that causing an issue?
21:06 forrest ldelossa, not if you didn't change it, since it will do that map import from the root salt dir.
21:06 ldelossa nope not changed
21:06 ldelossa so yes root is salt
21:06 ldelossa then I plan on making a folder for specific configurations
21:06 forrest ldelossa, Okay, try to run that state with state.sls core.configure_ssh -l debug
21:06 ldelossa inside that folder will be my .sls and map.json
21:06 ldelossa okay cool
21:07 forrest then you'll only run that one state and hopefully get some additional output
21:08 ldelossa http://hastebin.com/uroforigic.vhdl
21:08 ldelossa not much more detail
21:09 ldelossa it's funny because I just had it working with half the state static
21:09 ldelossa the other half pulling from the map file
21:09 ldelossa then I converted the whole thing, and now it won't work
21:09 ldelossa is something cached??
21:09 forrest Maybe but I doubt it, I'm doing something similar over here (but more simplistic) for an app I have: v
21:09 forrest https://github.com/gravyboat/hungryadmin-sls/blob/master/salt/ssh/map.jinja
21:10 ldelossa yeah essentially what I want to do
21:10 ldelossa it looks right on hastebin right?
21:11 ldelossa oh and while we're at it, do I need md5 sums ??
21:11 ldelossa source_hash
21:11 ldelossa is that a required field
21:11 forrest yeah I don't see anything specific that is problematic. source_hash is not required.
21:11 forrest I don't see anything realy that different other than the pillar merge
21:11 whytewolf source_hash is only needed if you are not pushing things from salt://
21:11 ldelossa okay cool
21:11 forrest I mean you could try clearing the cache, but I doubt that is the issue.
21:11 ldelossa You know the command off the top of your head?
21:12 forrest saltutil.clear_cache
21:12 winsalt can salt-cloud profiles be templatized?
21:12 forrest ldelossa, Might have to stop it to do that thoug.
21:12 forrest *though
21:13 ldelossa didn't help you were right
21:14 forrest ldelossa, I'm really not sure, it looks okay, maybe I'm just missing something. manfred can you point out what I'm missing here that is breaking this? http://hastebin.com/azupiqenof.sm
21:14 ldelossa thanks for the effor, I just restarted the service also - no go
21:15 forrest np
21:15 gtmanfred i haven't done a map.jinja in a long time, so IDK
21:15 forrest whaaat
21:15 gtmanfred it looks right to me
21:15 forrest iggy, http://hastebin.com/azupiqenof.sm WHAT'S WRONG WITH THIS
21:15 Phtes my salt minion key isnt showing up on my master grr... set the master ip in /etc/salt/minion and debug shows attempting to authentice with salt master at xx.xx.xxx.xx then initing new SAuth..swapping to the master running sudo salt-key -L shows no keys under any fields
21:15 Phtes any ideas?
21:16 forrest Phtes, Is this the only minion?
21:16 Phtes yes
21:16 ldelossa firewall off?
21:16 forrest Phtes, firewall?
21:16 Phtes bingo...forgot i have aws set to only allow ssh connections from specific ips and nothing else
21:16 Phtes :D
21:17 ldelossa Haha my first time using AWS, I trouble shot a firewall issue for almost 2 hours
21:17 ldelossa till I stepped back and was like wait...
21:18 Phtes the goal was for the salt master to only be accesible from our sys admin computers
21:18 Phtes but obv the minino servers need some way in as well
21:18 Phtes xD
21:18 ldelossa sounds right
21:18 Phtes hmm
21:19 ldelossa are your sysadmin's going thru a site to site vpn?
21:19 ldelossa or firewall
21:19 Phtes so my master can spin up new EC2 instances, butthe ips seem pretty random, anyways in aws to allow inbound rules for the entire vpc?
21:19 iggy forrest: looks okay (if somewhat useless... although I'm assuming that's a boiled down example)
21:19 Phtes and no there not
21:20 forrest iggy, ldelossa Is just experimenting with stuff to get a handle on the map
21:20 ldelossa yeah this is my first time using salt
21:20 forrest ldelossa, Can you change the directory for the map import? See if that results in a different error.
21:21 ldelossa move the .sls and the map into the /salt/ direcotory ?
21:21 ldelossa then update the import accordingly
21:21 iggy winsalt: directly, no, but salt can salt itself (see the salt-formula)
21:21 forrest ldelossa, no, just change the directory in your sls file for the map, so change it from core/ to no core/
21:21 ldelossa sure
21:21 forrest ldelossa, Just to see if it fails the import, or if you see the same error.
21:22 whytewolf ldelossa: basicly force it to be known wrong and see if it tosses an error that it can't find the map.jinja
21:22 iggy forrest: ldelossa: line 43... should be ssh.sshd_config_file_path
21:23 forrest iggy, good catch
21:23 ldelossa http://hastebin.com/jikodefeki.vhdl
21:23 whytewolf Doh!
21:23 ldelossa ahh let me go look hold on
21:23 forrest that's totally what it is
21:23 forrest I wish that those errors would output the line number :|
21:23 Phtes lol
21:24 ldelossa wowwwwwww
21:24 ldelossa thanks a ton guys
21:24 ldelossa yeah line numbers would help
21:24 ldelossa let me run this
21:24 ldelossa totally forgot I reused that
21:24 sunkist joined #salt
21:25 winsalt iggy, so would the end result be a profile file for each vm ?
21:25 ldelossa we are good!
21:25 ldelossa I'm going to need to get some syntax highlighing in vim for jinja to keep doing this hah
21:26 felskrone joined #salt
21:26 forrest I also created: https://github.com/saltstack/salt/issues/28345
21:26 forrest see if we can get soem movement on better error output again
21:26 ldelossa yes would be great
21:26 Phtes hoyl crap this is gonan get complicated real fast :/
21:26 Phtes lol
21:27 forrest just use the aws firewall stuff and add them to certain groups Phtes
21:27 sunkist1 joined #salt
21:27 Phtes oh not that forrest haha
21:27 Phtes just the final goal in general
21:28 forrest gotcha
21:28 ldelossa Phtes you can decide what ip your instance tkes inside your subnet
21:28 ldelossa does that help you?
21:28 ldelossa it doesn't need to be random
21:28 Phtes ldelossa: you can just add an entire security group to a rule, just ofund out
21:28 Phtes so that works
21:28 Phtes cause all the instances spin up under a specific group
21:29 ldelossa yes but if you're after just limiting down sysadmin, I woulddo that at your hardware firewall
21:29 ldelossa before you even get to aws
21:29 ldelossa you can specifically say which ips pass thru and what to except, deny, all that stuff
21:30 sgargan joined #salt
21:30 zmalone joined #salt
21:30 sunkist joined #salt
21:30 Phtes hmm, well atm the master server only allows connections from the office for ssh, and tcp connection from the minion security groups now
21:30 Phtes seems pretty locked to me?
21:30 breakingmatter joined #salt
21:34 ldelossa Works for me
21:34 ldelossa it's just added security, you wouldn't even push a packet past your office if it's not meant to
21:34 ldelossa but it's up to you, I'm a little paranoid haha
21:34 Phtes haha
21:34 Phtes hmm still not getting my key on the master
21:34 Phtes edited the iptables to
21:34 Phtes :'(
21:35 ViciousLove joined #salt
21:35 ldelossa I know saltutil has a utility to regenerate keys
21:35 ldelossa but not sure if that's the best thing to do
21:35 ldelossa whats the minion logs sayin
21:35 ldelossa you have a host file or dns setup to point to oyur master right
21:36 ldelossa if you re-ip'd the machine I found that salt minion needs to be restarted
21:36 Phtes its iped in etc/salt/minion
21:36 ldelossa could have just been me though i only trouble shot it quickly
21:36 Phtes and restarted
21:37 ldelossa you can do tcpdump -X on teh port number
21:37 ldelossa to see if packets are even getting there
21:37 adelcast left #salt
21:37 ldelossa don't know the ports off the top of my head but it'd be
21:37 ldelossa tcp port <port number> -X
21:37 ldelossa tcpdump*
21:40 Phtes hmmm
21:40 Phtes yeah nothing goign through
21:40 Phtes lol
21:41 adelcast1 joined #salt
21:42 Phtes hmmm
21:44 mariusv joined #salt
21:44 mariusv joined #salt
21:44 ldelossa wait when we said firewalls
21:44 ldelossa did you count the host firewalls also?
21:44 ldelossa firewalld maybe blocking everything
21:45 ldelossa or iptables
21:45 Phtes iptables is open
21:46 Phtes no firewalld on this ubuntu server
21:46 ldelossa master and minion on same subnet in vpc?
21:47 ldelossa nmap port scan from minion to master to see if it can find any ports open
21:47 ldelossa nmap <ip> -p <port>
21:47 ldelossa -p <port>,<port>,<port> works
21:49 aj_ joined #salt
21:50 Rockj joined #salt
21:51 ldelossa hey guys. this statement:
21:51 ldelossa {% from "core/map.jinja" import sysctl with context %}
21:51 ldelossa is that a jinja concept or is that a salt concept USING jinja
21:51 ldelossa would I find documentation on from, import, with context, in jinja2 documentation?
21:52 mapu joined #salt
21:52 whytewolf ldelossa: http://jinja.pocoo.org/docs/dev/templates/#import-context-behavior
21:52 ldelossa Ah! thank oyu
21:52 ldelossa I need to give this a good read through
21:53 ldelossa exactly what I was looking for
21:53 whytewolf ldelossa: while a lot of the documentation for jinja looks html based. just keep in mind it really is just text based.
21:54 ldelossa Thank you for the info
21:56 dthom91 joined #salt
21:57 Saravana joined #salt
21:58 opensource_ninja joined #salt
21:59 Saravana I am writing the reactor.sls in python. How do I access the "data" dict from event in my reactor?
22:00 ajw0100_ joined #salt
22:02 Rumbles joined #salt
22:02 viq joined #salt
22:03 racooper joined #salt
22:05 racooper afternoon. I'm hitting an error I haven't seen on file.managed states. https://gist.github.com/racooper/b25b854187e44cd0a8ab
22:05 racooper the message is "Requisite declaration file /etc/sysconfig/iptables in SLS library.lively is not formed as a single key dictionary"
22:06 Phtes grrr
22:06 whytewolf racooper: I think you forgot a :
22:07 Phtes oh what teh fuck
22:07 Phtes theres a ton of zombie master processes
22:08 racooper damn colons...they are going to be the death of me....
22:08 kinetic joined #salt
22:10 jmreicha_ joined #salt
22:10 trph joined #salt
22:16 Phtes nmap shows the ports are open hrmmmm
22:18 subsignal joined #salt
22:19 sunkist joined #salt
22:20 guest567 joined #salt
22:20 guest567 Is it possible to have a list of master ports?  Similar to the way you can have a list of master IP addresses.
22:28 keimlink joined #salt
22:29 amcorreia joined #salt
22:31 zsoftich2 joined #salt
22:33 opensource_ninja joined #salt
22:36 Phtes still cant get my minion to send tcp to master
22:36 Phtes :/
22:37 boldnetwarrior joined #salt
22:39 racooper joined #salt
22:42 rogst joined #salt
22:46 hackel joined #salt
22:47 dthom91 joined #salt
22:48 drawsmcgraw joined #salt
22:50 quix joined #salt
22:59 iggy winsalt: for each type... then a map tying those hosts to types
23:01 larsfronius joined #salt
23:06 pfallenop joined #salt
23:12 drawsmcgraw joined #salt
23:19 clintberry joined #salt
23:19 ldelossa joined #salt
23:23 kinetic joined #salt
23:23 dthom91 joined #salt
23:28 zer0def joined #salt
23:29 pfallenop joined #salt
23:30 ViciousLove Phtes: zombie master processes are bad, but are you sure they are zombies? They salt-master has a lot of processes
23:30 Phtes ViciousLove: solved it, there was jsut one from a bad shutdown
23:30 Phtes Still cant get the minion to send anything to the master though
23:31 Phtes :/
23:32 ViciousLove ah ok. soo lets go step by step. you have the correct address for "master:" in your conf? Have you tried running salt in the foreground by shutting down salt-minion and running "salt-minion -l debug"
23:32 Phtes correct, tried both public ip, and public dns
23:33 ViciousLove ahh public IP, so this is going over the internet?
23:33 otter768 joined #salt
23:33 iggy checked netstat to see if the connection is actually being established?
23:33 Phtes correct, its ec2 to ec2 instance
23:33 ViciousLove I'm not sure how possible that is. They really should be on their own network
23:33 Phtes well its the same vpc
23:34 Phtes so they are.
23:34 ViciousLove If it's a public IP to public IP, that usually doesn't work super well...
23:35 Phtes never thought to try the private one
23:35 Phtes lol
23:38 quix joined #salt
23:41 mattiasr joined #salt
23:46 fxhp joined #salt
23:46 fxhp joined #salt
23:48 keimlink joined #salt
23:52 ViciousLove I'd be curious if that works Phtes
23:53 otter768 joined #salt
23:53 mattiasr joined #salt
23:56 keimlink joined #salt
23:57 Phtes that moment when you left your salt configs not on the ebs volume and rebooted
23:57 Phtes :(
23:57 Phtes lol
23:58 hasues joined #salt
23:58 hasues left #salt

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary