Perl 6 - the future is here, just unevenly distributed

IRC log for #salt, 2015-12-03

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:01 burp my mind is TDD-trained, the main reason for the desire to unit-test salt modules, although i haven't really written any serious modules yet
00:01 bhosmer_ joined #salt
00:04 Guest89 joined #salt
00:04 burp joined #salt
00:05 burp joined #salt
00:05 burp got dc
00:05 cliluw joined #salt
00:07 pzip joined #salt
00:07 hightekvagabond joined #salt
00:16 kawa2014 joined #salt
00:18 falenn joined #salt
00:20 baweaver joined #salt
00:21 burp joined #salt
00:22 AlberTUX joined #salt
00:27 UtahDave joined #salt
00:28 UtahDave hola!
00:28 pbx_ joined #salt
00:29 ajw0100 joined #salt
00:30 spuder joined #salt
00:31 spuder spuder taking salt/modules/chef.py
00:32 rodrigc joined #salt
00:32 rodrigc Hi, I am at the Saltstack sprint at Pure Storage in Mountain View
00:33 mosen hiya
00:33 UtahDave cool, glad you're here, rodrigc!
00:33 UtahDave hey, mosen!
00:33 mosen hey UD :)
00:34 rodrigc one thing I would suggest is in future, you may want to look at using Slack to coordinate this Sprint instead of IRC.  There is a free one available related to Python activities which I use:  http://pythondev.slack.com
00:35 mosen I did a binary pkg for OSX minions FYI, not that this is a widely seen use case :)
00:36 zmalone joined #salt
00:36 Ch3LL rodrigc: thanks for the suggestions. I'll make sure to write that down. any other suggestions are welcomed
00:36 rodrigc no prob
00:37 rodrigc I've used IRC for over 20 years, so I am OK with it, but sometimes it is good to move with the newer technologies :)
00:38 rodrigc I have one question
00:38 rodrigc what is the bare minimum Python version that Salt supports running on?
00:38 UtahDave mosen: Oh yeah? We're actually looking into doing that now. Is your process documented somewhere public?
00:38 UtahDave rodrigc: python 2.6
00:39 mosen UtahDave: sorta kinda not really. Its a damn mess at the moment https://github.com/mosen/salt-osx-pkg
00:39 rodrigc UtahDave: thanks
00:43 ranomore joined #salt
00:43 asoc_ joined #salt
00:44 rodrigc does SaltStack still use M2Crypto for OpenSSL?
00:45 UtahDave yes, for now
00:45 cro joined #salt
00:45 rodrigc OK, I am submitting a bunch of patches to try and get M2Crypto to run under Python 3
00:46 cryptsting joined #salt
00:46 rodrigc I'm not finished yet, but I might get it to work in a few months
00:46 carson_anderson joined #salt
00:47 carson_anderson is this the right place to post which bugs we are working on for the sprint?
00:48 Ch3LL yeah carson_anderson which one do you want?
00:49 rodrigc I have another suggestion.  In addition to going introducing how to fork/pull the saltstack repo on GitHub
00:49 rodrigc I would suggest quickly covering how to run the saltstack tests after making a local change
00:49 rodrigc I see there is a tox.ini file
00:50 ranomore I second that
00:50 carson_anderson i'll start with the cpan module
00:50 carson_anderson easy bug :D
00:52 UtahDave awesome1
00:54 carson_anderson i'm carsonoid on github FYI
00:55 indrgun joined #salt
00:59 Ch3LL carson_anderson: k your assigned :)
01:00 otter768 joined #salt
01:03 keimlink joined #salt
01:05 carson_anderson @Ch3LL Submitted
01:07 pkimber joined #salt
01:07 Ch3LL carson_anderson: whats the PR?
01:08 carson_anderson #29357
01:10 Lionel_Debroux joined #salt
01:13 carson_anderson i'll do the virt module as well
01:13 ahammond joined #salt
01:14 zmalone joined #salt
01:14 Ch3LL carson_anderson: thanks i added the PR and i'll assign you the virt
01:14 ahammond joined #salt
01:15 tcouto joined #salt
01:24 carson_anderson virt done #29364
01:25 carson_anderson that's it for me. Thanks guys!
01:25 carson_anderson left #salt
01:26 Ch3LL carson_anderson: thanks! we appreciate it :)
01:36 larsfronius joined #salt
01:39 mapu joined #salt
01:40 jaybocc2 joined #salt
01:43 dthorman joined #salt
01:43 PatOShea joined #salt
01:57 jalbretsen joined #salt
01:59 colegatron joined #salt
02:03 burp joined #salt
02:04 shaggy_surfer joined #salt
02:04 kshlm joined #salt
02:13 solidsnack joined #salt
02:13 justanotheruser joined #salt
02:15 auzty joined #salt
02:17 catpigger joined #salt
02:23 zmalone joined #salt
02:29 shaggy_surfer joined #salt
02:37 brianfeister joined #salt
02:37 aidalgol joined #salt
02:45 mapu is there a way using salt to obtain the public IP address of an EC2 instance/ I can find it with salt, yet salt-cloud returns ‘public_ips”.
02:45 mapu can’t find it with salt that is
02:45 spuder_ joined #salt
02:46 dendazen joined #salt
02:54 nidr0x joined #salt
02:57 ipmb joined #salt
03:00 hightekvagabond joined #salt
03:00 evle joined #salt
03:00 otter768 joined #salt
03:01 RobertChen117 joined #salt
03:01 iggy mapu: there's some grains in salt-contrib that will do it
03:02 RobertChen117 anyone can give me detail doc for what each keyword mean in the returner ?
03:03 mapu thanks iggy - looking now
03:19 nszceta joined #salt
03:22 cberndt joined #salt
03:29 indrgun joined #salt
03:35 aw110f joined #salt
03:36 joehh joined #salt
03:40 ageorgop joined #salt
03:40 pkimber joined #salt
03:48 malinoff joined #salt
03:53 ipmb joined #salt
03:53 racooper joined #salt
03:55 jaybocc2 joined #salt
03:55 clintberry joined #salt
03:57 mosen joined #salt
04:06 joehh joined #salt
04:07 rdas joined #salt
04:23 burp__ joined #salt
04:26 brianfeister joined #salt
04:31 foundatron so i've been really struggling to make sense of how to structure a new salt instanc to scale.  And by scale I mean servers and a team work working on it...not the server hardware aspect.  I like using gitfs for formulas and states...but what do people do for things they shouldn't check into version control like passwords and private keys?
04:31 dayid foundatron: encrypt them, and check in the encrypted versions
04:31 dayid then store them as encrypted pillars that only the particular recipient hosts can retrieve
04:32 foundatron is that a documented best practice? I was thinking using a s3 bucket  that only the master has access to ( my infrastructure is all on AWS)
04:33 dayid I cannot attest to that
04:33 dayid it is just what I have seen done for that situation
04:33 ramteid joined #salt
04:33 foundatron It just seems like this would be everyone's situation...
04:34 foundatron so I'm surprised to not see it clearly articulated in some way in the docs or in community  posts
04:35 foundatron Doesn't everyone have passwords and private keys that they don't want to check into version control?
04:35 dayid not necessarily
04:35 dayid I don't for my personal machines, nor did my previous employer for their infrastructure/use-case
04:40 foundatron Do you have any links for encrypted pillars... I see a couple open issues but nothing definitive
04:40 foundatron https://github.com/saltstack/salt/issues/11147
04:40 saltstackbot [#11147]title: External Pillar for encrypted repositories | Automating decryption of data that only exists on the master is mostly handwaving.  ...
04:46 foundatron i guess this issue gets right to the point: https://github.com/saltstack/salt/issues/26236
04:46 saltstackbot [#26236]title: Managing secrets / secure data with Saltstack in a bigger team | In your best practice guide there is a chapter [Storing secure data](http://docs.saltstack.com/en/latest/topics/best_practices.html#storing-secure-data)....
04:47 burp joined #salt
04:48 jaybocc2 joined #salt
04:49 brianfeister joined #salt
04:55 anmolb joined #salt
04:57 RobertChen117 joined #salt
05:01 spuder_ joined #salt
05:02 otter768 joined #salt
05:03 jaybocc2 joined #salt
05:05 spuder__ joined #salt
05:05 kawa2014 joined #salt
05:37 anmolb joined #salt
05:45 colegatron joined #salt
05:50 ajw0100 joined #salt
05:50 ValF joined #salt
05:59 miked510 joined #salt
06:02 RobertChen117 joined #salt
06:05 RobertChen117 joined #salt
06:09 oida joined #salt
06:11 Bryson joined #salt
06:12 RobertChen117 joined #salt
06:14 cyborglone joined #salt
06:14 kshlm joined #salt
06:17 jfindlay Thanks to everyone who participated in the Salt Sprint.  It was fun.
06:20 babilen Will there be an earlier one soon? I'd like to participate, but it starts at midnight for me.
06:20 babilen (or is the idea that saltstack devs work on this in their free time?)
06:22 hightekvagabond joined #salt
06:36 nidr0x joined #salt
06:39 jcristau joined #salt
06:39 MeltedLux joined #salt
06:41 indrgun joined #salt
06:51 kshlm joined #salt
06:56 TyrfingMjolnir joined #salt
07:02 otter768 joined #salt
07:08 favadi joined #salt
07:11 LondonAppDev joined #salt
07:13 aqua^c joined #salt
07:15 jxm_ joined #salt
07:20 jaybocc2 joined #salt
07:21 hojgaard joined #salt
07:23 ageorgop joined #salt
07:24 RobertChen117 joined #salt
07:33 AndreasLutro joined #salt
07:36 cberndt joined #salt
07:38 larsfronius joined #salt
07:38 felskrone joined #salt
07:39 oida joined #salt
07:50 yuhlw joined #salt
07:51 spuder joined #salt
08:00 spuder joined #salt
08:05 bhosmer joined #salt
08:09 jaybocc2 joined #salt
08:14 slav0nic joined #salt
08:18 indrgun joined #salt
08:19 impi joined #salt
08:22 eseyman joined #salt
08:23 jhauser joined #salt
08:29 eseyman joined #salt
08:31 RobertChen117 joined #salt
08:32 ALLmightySPIFF joined #salt
08:35 Eugene joined #salt
08:35 Guest47941 joined #salt
08:35 cliluw joined #salt
08:36 skarn joined #salt
08:40 zerthimon joined #salt
08:40 illern joined #salt
08:40 arnoldB basepi: do you know whether there will be some kind of official saltstack event (like puppet camp) in Europe next year?
08:41 kshlm joined #salt
08:42 Bryson joined #salt
08:46 KermitTheFragger joined #salt
08:48 malinoff joined #salt
08:48 malinoff joined #salt
08:53 Grokzen joined #salt
08:54 linjan joined #salt
09:00 mage_ are there any "best practices" for pillar merges/overwrites/... ?
09:03 otter768 joined #salt
09:06 chiui joined #salt
09:07 GreatSnoopy joined #salt
09:08 cswang_ joined #salt
09:12 rotbeard joined #salt
09:12 giantlock joined #salt
09:16 linjan joined #salt
09:17 multiscan joined #salt
09:19 oida joined #salt
09:22 s_kunk joined #salt
09:27 viq joined #salt
09:30 SheetiS joined #salt
09:33 thalleralexander joined #salt
09:36 rowie_ joined #salt
09:36 rowie_ left #salt
09:37 rdas joined #salt
09:41 justanotheruser joined #salt
09:47 aonoIWA joined #salt
09:47 aonoIWA hi
09:47 aonoIWA i have a question about pillar files
09:48 aonoIWA salt['pillar.get'](' {{ task }}')  why does that not wor in a state file ?
09:48 thalleralexander joined #salt
09:50 permalac joined #salt
09:51 justanotheruser joined #salt
09:58 babilen aonoIWA: It should, but my *guess* is that you are using nested {{ .... {{ .. }} ... }}
10:02 KermitTheFragger joined #salt
10:02 aonoIWA when i execute the state, salt just does nothing like the variable is empty
10:05 babilen aonoIWA: Could you paste the entire state to one of http://refheap.com, http://paste.debian.net, https://gist.github.com, http://sprunge.us, http://dpaste.de, … ?
10:06 aonoIWA yeah sure
10:07 aonoIWA https://www.refheap.com/4b772afbfba8db5bae9a15c0f
10:10 mage_ can I use jinja in Pillar data ?
10:10 amcorreia joined #salt
10:21 jaybocc2 joined #salt
10:23 tristianc joined #salt
10:24 sgargan joined #salt
10:29 devops joined #salt
10:31 burp joined #salt
10:32 denys joined #salt
10:33 SirLagz why would a state file work for one debian box but not work for another 'debian' box? I'm running salt-ssh to apply the state file for both servers
10:34 RobertChen117 joined #salt
10:34 SirLagz the 'debian' box is actually a ProxMox server, but it still uses Debian underneath
10:36 jaybocc2 joined #salt
10:37 devops hi I am trying to use the salt-formula "redis-formula". I have configured master to use git-file-server and also configured redis-formula git url
10:37 babilen aonoIWA: Make that: {% for client in salt['pillar.get'](testTask) -%}
10:37 RobertChen117 joined #salt
10:38 devops I am new to salt. Is anything I am missing. This is my sls files http://pastie.org/private/ceib3uud90ygul2tdl84aq
10:38 jhauser_ joined #salt
10:38 jeddi joined #salt
10:41 slava432980 joined #salt
10:41 RobertChen117 joined #salt
10:47 mage_ can I use somethings like {% for k in salt['pillar.get']('webapps:items') %} ... {% endfor %} in a *pillar* sls ?
10:48 babilen mage_: You can't access pillars in pillars ... But look into https://github.com/bbinet/pillarstack
10:49 mage_ thanks!
10:50 codehotter Is salt on a fixed 6 month release schedule that sometimes slips
10:50 RobertChen117 joined #salt
10:50 codehotter or is it more "its done when its done" for releases?
10:52 rdas joined #salt
10:54 ecdhe joined #salt
10:54 Jimlad joined #salt
10:58 ericof joined #salt
11:03 mephx joined #salt
11:04 drags joined #salt
11:04 otter768 joined #salt
11:04 irctc570 joined #salt
11:04 irctc570 Hi Guys
11:05 alvinstarr joined #salt
11:05 irctc570 Is there any way to execute some command  in salt state file and get the result
11:05 jab416171 joined #salt
11:13 johtso joined #salt
11:17 sgargan joined #salt
11:29 RobertChen117 joined #salt
11:30 evle joined #salt
11:33 sgargan joined #salt
11:34 krymzon joined #salt
11:35 hemebond1 irctc570: Salt states use modules to do stuff. You can use modules directly from the CLI.
11:39 fe92 joined #salt
11:39 fe92 joined #salt
11:40 irctc570 hemebond1: Thanks
11:40 markm joined #salt
11:40 irctc570 {% for gid in salt['cmd.run']('<cmd>').split()%}   , I have used this in state file to loop it through the result
11:44 ponpanderer joined #salt
11:46 sgargan joined #salt
11:48 indrgun joined #salt
11:49 colegatron joined #salt
11:49 teryx510 joined #salt
11:52 aonoIWA babilen: Thank you very much. That worked
11:53 alexlist_ joined #salt
11:54 _JZ_ joined #salt
11:54 sgargan joined #salt
12:06 wm-bot4 joined #salt
12:12 XenophonF joined #salt
12:13 XenophonF anyone using salt-cloud and the boto_* states in 2015.8.1?
12:14 XenophonF i'm having problems getting them to work
12:14 XenophonF maybe i'm running the wrong version of boto
12:21 sgargan joined #salt
12:25 sgargan joined #salt
12:40 sgargan joined #salt
12:43 larsfronius joined #salt
12:43 CeBe joined #salt
12:48 jaybocc2 joined #salt
12:48 chiui joined #salt
12:52 giantlock joined #salt
12:53 markm joined #salt
12:55 Grokzen joined #salt
13:03 jaybocc2 joined #salt
13:05 otter768 joined #salt
13:06 mr-op5 joined #salt
13:08 hojgaard_ joined #salt
13:13 lloesche joined #salt
13:16 fe92 joined #salt
13:22 felskrone joined #salt
13:23 impi joined #salt
13:26 felskrone joined #salt
13:26 tpaul joined #salt
13:28 sgargan joined #salt
13:28 fe92 joined #salt
13:31 bluenemo joined #salt
13:32 sgargan joined #salt
13:37 hojgaard joined #salt
13:45 dendazen joined #salt
13:51 mattiasr joined #salt
13:51 indrgun joined #salt
13:53 pezus joined #salt
13:53 pezus hi guys
13:54 pezus is there anything i can do about the "order" in state files? i have a "master" state file that includes other sls-files but it executes things in the included sls file before it does on the master file
13:55 pezus which fails because the master file creates subdirs which the other sls files rely on
13:57 malinoff joined #salt
13:57 AndreasLutro pezus: `require` is a good way to ensure the order of states
13:57 xmj require_in too
13:58 pezus AndreasLutro thanks, I'll take a look at it
13:59 racooper joined #salt
14:00 sgargan joined #salt
14:02 Nebraskka can salt state execute only if some particular user exist?
14:02 Nebraskka (linux, ubuntu)
14:03 Nebraskka https://docs.saltstack.com/en/develop/ref/states/all/salt.states.user.html
14:03 Nebraskka i saw that user.absent is about deleting them, and user.present is about creating
14:03 xmj you want the user to exist before executing another state?
14:03 Nebraskka but can't find a way to check if it's exist and that's all
14:03 xmj Nebraskka: technically user.present is about making sure the user exists
14:03 Nebraskka not exactly; i just want to execute something only in case if particular user exist
14:04 xmj oh
14:04 xmj ew
14:05 Nebraskka yeah, not very flexible but that's the way i can achieve what i need
14:05 Nebraskka xmj, so there are params that can only return if it's exist or not, and not try to create one if not exist?
14:05 xmj i have no clue, never seen a usecase for that
14:06 subsignal joined #salt
14:07 Nebraskka the situation i'm stuck with: i need to send particular public key to all our minions (to be able to use salt-ssh later); we have mixed providers, and one of them using "admin" user instead of "root"
14:07 Nebraskka so i planned to add public key to "admin" instead of "root" on those one
14:07 bhosmer joined #salt
14:07 johtso joined #salt
14:07 Tanta joined #salt
14:07 Nebraskka i thought about working all that around by creating service user like "salt-remote" or something, but thought it would be a little messy
14:08 quasiben joined #salt
14:09 numkem joined #salt
14:10 jaybocc2 joined #salt
14:12 ssplatt joined #salt
14:12 Nebraskka one of the way i came up with is to do something like
14:12 Nebraskka {% if not salt['file.directory_exists' ]('/home/admin') %}
14:13 drawsmcgraw joined #salt
14:13 Striki joined #salt
14:16 xmj why does that one box use 'admin' ?
14:17 Nebraskka xmj, because OVH's base images for VPS accessible only by 'admin'
14:17 Nebraskka connection to 'root' results in a message about 'please connect to admin user'
14:17 xmj lol oops
14:18 Nebraskka yeah, a bummer
14:18 Nebraskka we have several VMs here
14:19 AndreasLutro Nebraskka: wrap the entire state in {% if salt['user.exists']('admin') %} I guess
14:20 Nebraskka AndreasLutro, :o it could support user.exists'?
14:20 Nebraskka i couldn't find it in docs, but in that case it would be simpler than i thought
14:21 bhosmer joined #salt
14:22 AndreasLutro err, maybe I've been imagining things?
14:22 AndreasLutro surely some module function will let you check for a user's existence though
14:22 ssplatt hey guys, i’m looking for a way to set the minion id to a fqdn when created with salt-cloud. i can’t do ‘salt-cloud -p myprofile fqdn.mysite.com’ because my provider doesn’t allow . in the names.  i tried adding —script-args=‘-i fqdn.mysite.com’  to the create line, but that isn’t working
14:23 sgargan joined #salt
14:23 morissette joined #salt
14:23 ssplatt it’s still highstating with ‘short_hostname’, and in /etc/salt/minion it has id: short_hostname  set
14:24 AndreasLutro Nebraskka: looks like you have to salt['user.info'] which will return an empty dictionary if the user doesn't exist
14:24 bhosmer_ joined #salt
14:28 cpowell joined #salt
14:28 stevej joined #salt
14:28 Nebraskka AndreasLutro, yeah, i tried to find standalone module function about checking user existance and didn't found one, that's why asking
14:28 Nebraskka user.info, hmmm. need to try, thanks =)
14:32 Guest47229 joined #salt
14:33 jaybocc2_ joined #salt
14:34 pyaaron joined #salt
14:34 pyaaron hi
14:36 pyaaron I am trying to create a Salt State to install Python 2.7.10, can I run it by you?  Here is the Gist with the previous that didn't work, and the new proposed State: https://gist.github.com/aronysidoro/7be59abce9c142f18196
14:36 pyaaron I wanted to know if the proposed state will run "synchronously"?
14:37 kawa2014 joined #salt
14:42 AndreasLutro pyaaron: try something like this instead https://bpaste.net/show/61af25270b9f
14:42 AlberTUX1 joined #salt
14:42 AndreasLutro you may need to indent lines 4-6 with 2 more spaces
14:44 sgargan joined #salt
14:44 pyaaron @AndreaLutro, great! thank you so much.  I am going to give it a try.
14:51 indrgun joined #salt
14:52 sgargan joined #salt
14:54 zmalone joined #salt
14:54 Brew joined #salt
14:55 thalleralexander joined #salt
14:57 londo_ joined #salt
14:58 TyrfingMjolnir joined #salt
14:59 protoz joined #salt
15:02 bhosmer joined #salt
15:02 jettero I'm using (from the docs) "log = logging.getLogger(__name__)" at the top of my _modules/file.py ... when I salt-call file.method blah... I'm not seeing the log messages.
15:02 jettero is there a way to get them to show up there?
15:03 jettero do they go somewhere else?
15:04 protoz joined #salt
15:04 codehotter I entered rest_cherrpy configurtion in /etc/salt/master, restarted salt-master, but salt doesn't startl istening on the port configured
15:04 codehotter how do I figure out what is going wrong?
15:04 zma joined #salt
15:05 protoz joined #salt
15:05 codehotter never mind, I needed to do systemctl start salt-api
15:05 codehotter got it now
15:06 otter768 joined #salt
15:06 zma can salt minion fire custom event over 0mq that salt master can get before next scheduled poll? use case, 200ms granularity for failure that Salt Master needs to know about
15:10 quasiben joined #salt
15:11 sgargan joined #salt
15:11 Gamer-Pro joined #salt
15:11 nbuchanan joined #salt
15:12 mpanetta joined #salt
15:15 andrew_v joined #salt
15:15 ssplatt joined #salt
15:16 elsmo joined #salt
15:17 nbuchanan Does anyone here using git as an external pillar source?
15:18 nbuchanan is their anyway to specify a mountpoint or use git submodules so that the pillar is not in the root?
15:18 sgargan joined #salt
15:18 oguz joined #salt
15:19 racooper howdy folks. having an issue with salt-minion trying to use local installed modules (/usr/local/lib64/python2.6/site-packages) instead of system installed versions (on SuSE 11).
15:19 racooper https://gist.github.com/racooper/ab4dae0b6d69b54c828a
15:20 racooper the problem is that our developers have installed old versions of modules raven, Twisted and pycrypto.  how do I force salt-minion to use the system packages in /usr/lib64/python2.6/site-packages/ ?
15:23 numkem As anyone came to find out how to call the local variable available in the jinja rendered for the reactor in any other renderer?
15:23 bhosmer joined #salt
15:23 numkem I'm using the py renderer and while I have access to the tag and data variables, local seems to be missing or at least under a different name
15:24 pyaaron <AndreasLutro> your suggestion here: https://bpaste.net/show/61af25270b9f worked. Thank you :)
15:25 pyaaron I did as you said, and indent lines 4-6 by 2 more spaces.
15:30 kaptk2 joined #salt
15:31 zerthimon joined #salt
15:35 Slimmons joined #salt
15:36 Slimmons OK, so my salt noobness is going to go to SaltConf16.  I'm going to try and get enough money to also do the pre conference training that comes with the SaltStack CE exam, but not certain I'll be able to get that together.  Assuming I do get it together, can you guys give me some advice on any books or websites to go through to prepare for the exam?  I'd really like to pass it, but as of right now, I'm a total noob.
15:38 Slimmons I know there's an abbreviation of what's included on the exam at http://saltstack.com/certification/ , but I wasn't sure if there was a preferred book or anything else I could use to prepare
15:41 drawsmcgraw Slimmons: This one's by a (rather elegant) Saltstack employee: http://www.amazon.com/Learning-Saltstack-Colton-Myers/dp/1784394602
15:41 drawsmcgraw Personally, I've read zero books on Saltstack. I just have time, scars, and lots and lots of reading the docs.
15:42 traph joined #salt
15:42 traph joined #salt
15:42 drawsmcgraw It looks like this one is also by an employee. I might actually get myself a copy of this: http://www.amazon.com/Mastering-SaltStack-Joseph-Hall-ebook/dp/B010BEEIM0/
15:42 zmalone til basepi is a "rather elegant saltstack employee"
15:42 Slimmons I'm fairly new to devops in general, being very junior, and my workplace doesn't really require many features of saltstack.  I can basically get by with the most simple setups, so I'm having trouble making time to implement the more advanced features.  Just want something extra
15:44 drawsmcgraw Slimmons: I can understand the challenge. As they say, 'start small' (though it sounds like you've already done that)
15:45 bensons left #salt
15:46 Slimmons Thanks for the suggestions!  I'll be in here probably the rest of the day if anybody else has any input.
15:50 racooper jfindlay,  I've added comments to https://github.com/saltstack/salt/issues/29268
15:50 saltstackbot [#29268]title: Crypto.Cipher cannot import name PKCS1_OAEP | I've got several SuSE 11.3 servers that are generating the following error when trying to start the minion:...
15:56 WesleyTech_ joined #salt
15:56 zma how to install saltutil module?
15:58 drawsmcgraw zma: There's no need to install the module, it should be available with a Salt installation
15:59 drawsmcgraw It's likely you're just misusing it - possibly misspelling one of the functions?
15:59 zma drawsmcgraw: thx, I read somewhere I need to install it separately, but that was old info
16:00 zma I see now it's part of the current version
16:01 rm_jorge joined #salt
16:01 favadi joined #salt
16:02 DammitJim joined #salt
16:04 keimlink joined #salt
16:05 Tanta many orgs decide to 'automate things' and arbitrarily pick a tool like salt, when they don't have the operational competence to automate anything
16:05 Tanta if you find yourself working at one of those companies, run
16:06 winsalt joined #salt
16:10 TyrfingMjolnir joined #salt
16:13 Lionel_Debroux joined #salt
16:14 jfindlay racooper: nice, thanks
16:15 jfindlay I'm not sure how to make that happen.  It seems to be an open form problem in general, but we could try to work out some best practices
16:16 sdm24 joined #salt
16:18 lumtnman joined #salt
16:19 NV joined #salt
16:23 Slimmons Tanta: if that was directed at me, and my earlier question....I am very possibly in "mid-run", but since I'm still junior, figured I'd learn as much as I can here before I head out.
16:23 Slimmons Tanta: but I agree with what you say.
16:23 ssplatt joined #salt
16:23 LondonAppDev joined #salt
16:26 mschiff when comitting changes to a top file there is risk of minions runnfing wild in case of syntax errors in top.sls... what do you do to check a file before comitting to git?
16:27 larsfronius joined #salt
16:30 djstorm joined #salt
16:38 ziro` joined #salt
16:40 perfectsine joined #salt
16:40 sdm24 mschiff: have a test environment, maybe even a completely seperate master and some minions dedicated only to testing
16:42 sdm24 mschiff: and for us, we have our fileserver_backend order as "- roots,  - git", so we can run "salt 'testminion' state.highstate (or state.apply)" on that one test minion, make sure the highstate doesn't break anything, and then upload it to git
16:42 sdm24 and delete the local version
16:44 Ludo joined #salt
16:45 protoz joined #salt
16:51 mikepea joined #salt
16:51 malinoff joined #salt
16:52 andrew_v_ joined #salt
16:52 seanie joined #salt
16:53 seanie Hey guys
16:53 Slimmons hi
16:54 seanie Is there anyway to change the output of cmd.run so the host name is not returned. something similar to when you run salt-run manage.up
16:55 Nebraskka is it possible to include a pillar inside other pillar, but change some values of it?
16:56 Nebraskka we have something like default pillar (came with formula), and wanted to include it to other pillar + change some particular value in it
16:58 ageorgop joined #salt
16:58 mschiff sdm24: thanks, I like the idea with the additional non-git root, but how do you make sure this file root only is visible to a test minion?
16:59 seanie Ok figured that out next question for salt.client can you change the output type?
17:01 Aleks3Y joined #salt
17:04 edrocks joined #salt
17:06 Nebraskka oh, looks like pillars can't be extended by now?
17:07 indrgun joined #salt
17:07 otter768 joined #salt
17:07 hightekvagabond joined #salt
17:10 tcouto joined #salt
17:15 winsalt joined #salt
17:19 denys joined #salt
17:19 protoz joined #salt
17:22 protoz joined #salt
17:25 writtenoff joined #salt
17:25 tcouto Has anyone used ceph RDB on the same machines as compute nodes? Is ceph too cpu intensive to do something like this?
17:26 spiette joined #salt
17:27 Andre-B joined #salt
17:28 tcouto sorry, wrong channel...
17:29 kevinqui2nyo joined #salt
17:29 kevinqui2nyo are there any gotchas invloved with an sls that includes another sls, which in turn includes another sls?
17:31 ssplatt joined #salt
17:38 ipmb joined #salt
17:49 colegatron joined #salt
17:50 Fiber^ joined #salt
17:52 hal58th__ kevinquinnyo: Nope. Just don't recursive includes.
17:53 kevinquinnyo hal58th: thanks.  I tracked my issue down to forgetting a return statement in a state function -- looks like chained includes work just fine
17:55 ViciousLove joined #salt
17:56 tawm04 joined #salt
17:56 gnord joined #salt
17:59 indrgun joined #salt
18:01 Bryson joined #salt
18:05 silicon_id joined #salt
18:05 Lionel_Debroux joined #salt
18:06 indrgun joined #salt
18:06 baweaver joined #salt
18:09 silicon_id with Ansible, I was able to specify a variable in playbooks and use the --extra-args=foo parameter to pass in values at runtime... is that possible with salt? specifically, things like grains or ip addresses at deployment?
18:10 bhosmer_ joined #salt
18:11 tawm04 joined #salt
18:11 silicon_id something like "salt-cloud -p base_profile web01 --extra-args 'grains=role:webserver, ipaddress=10.0.0.10'" ?
18:12 jhauser joined #salt
18:14 asoc silicon_id: https://docs.saltstack.com/en/latest/topics/tutorials/pillar.html#setting-pillar-data-on-the-command-line
18:15 asoc I don't know if you can do that with salt-cloud or not
18:16 Laogeodritt joined #salt
18:18 brianfeister joined #salt
18:18 pkimber joined #salt
18:23 hightekvagabond joined #salt
18:25 shaggy_surfer joined #salt
18:27 PredatorVI joined #salt
18:27 jfindlay silicon_id: you can put minion configs (including grains) in a cloud map, https://docs.saltstack.com/en/latest/topics/cloud/map.html
18:29 PredatorVI joined #salt
18:29 iggy Slimmons: the exam is open internet (or was when I took it)... just keep a couple tabs of https://docs.saltstack.com/en/latest/salt-modindex.html open along with some other docs pages and it helped that I had access to an actual salt-master/salt-minion to test a few things that I couldn't remember off the top of my head
18:29 iggy Slimmons: do that and you should be fine
18:31 silicon_id jfindlay: thanks, maybe that's the way I need to go
18:31 PredatorVI Has anyone used the new file.line state?  I set the path to the full path of the file I want to edit (/etc/default/tomcat7) but the error I get says 'java_opts is not an absolute path'.  'java_opts' is the id.  What am I missing?  https://gist.github.com/PredatorVI/b2c8aa6410b3f0a33e6e
18:35 cberndt joined #salt
18:37 foundatron joined #salt
18:37 iggy PredatorVI: the docs are incorrect, for the state, name is the path (not path)
18:38 PredatorVI ah
18:38 PredatorVI thanks...updating now ;)
18:38 iggy so, 's|- path:|- name:|' your state
18:39 iggy but wouldn't file.replace be easier to use there? (it doesn't look like you actually need the after bit)
18:40 PredatorVI not sure :)  the line isn't guaranteed to be there and if it is, I want to update it.
18:41 PredatorVI I'm still figuring out the nuances of all the file options.
18:41 Slimmons Iggy:  Thanks!
18:43 iggy Slimmons: might also be nice to have the pdf version of the docs
18:43 PredatorVI iggy:  I'm a little confused why file.line is there after looking at file.replace.
18:43 bryguy joined #salt
18:43 iggy the wifi at the conf was pretty much crap last year
18:43 iggy PredatorVI: most for before/after support
18:46 kaictl joined #salt
18:46 lumtnman joined #salt
18:48 Andre-B_ joined #salt
18:53 bhosmer joined #salt
18:54 Grokzen joined #salt
18:56 solidsnack joined #salt
18:59 viq joined #salt
18:59 hunmonk_ joined #salt
19:00 hunmonk_ is there any documentation about how to upgrade salt on a server when it's been installed via salt-bootstrap? in particular, using the option for a git tag.
19:03 iggy just install a new tag
19:04 cro joined #salt
19:06 protoz joined #salt
19:08 otter768 joined #salt
19:08 Grok joined #salt
19:12 perfectsine joined #salt
19:12 hunmonk_ iggy: i tried that once and it didn't seem to work so well.
19:12 hunmonk_ iggy: are you suggesting to re-run salt-bootstrap with the new tag?
19:12 giantlock joined #salt
19:13 whytewolf hunmonk_: I have done the rerun the salt-bootstrap with a new tag to update before. seemed to work fine
19:13 whytewolf as long as all the same options were used
19:14 protoz joined #salt
19:14 GreatSnoopy joined #salt
19:15 solidsnack joined #salt
19:18 chadhs joined #salt
19:22 edrocks joined #salt
19:22 chadhs with the boto_asg module is there a way to apply a tag to the ec2 instances you create?
19:22 chadhs @Ryan_Lane is that something you do? ^
19:24 baweaver joined #salt
19:27 shaggy_surfer joined #salt
19:30 iggy hunmonk_: that's how I always did it
19:30 hunmonk_ iggy, whytewolf: ok, thx. i'll give it a test run on a vagrant install
19:31 perfectsine joined #salt
19:32 akhter joined #salt
19:36 cberndt joined #salt
19:36 multiscan joined #salt
19:36 elsmo joined #salt
19:39 Netwizard joined #salt
19:39 ageorgop joined #salt
19:40 jaybocc2 joined #salt
19:41 dfh_ joined #salt
19:41 dfh_ hello
19:41 dfh_ anyone active?
19:42 JDiPierro joined #salt
19:45 protoz joined #salt
19:45 yidhra joined #salt
19:46 dfh_ trying out salt for the first time, i am getting an error message that I'm having trouble resolving
19:46 dfh_ "No cloud providers matched 'my-ec2'. Available selections:"
19:46 Ryan_Lane chadhs: yeah
19:47 dfh_ when I do, in fact, have my-ec2 defined in cloud.providers.d/ec2.provider.cond
19:47 dfh_ when I do, in fact, have my-ec2 defined in cloud.providers.d/ec2.provider.conf
19:47 iggy dfh_: try adding `-l debug` to your salt-cloud command
19:47 Ryan_Lane chadhs: https://github.com/lyft/confidant/blob/master/salt/orchestration/confidant.sls#L200-L203
19:47 Ryan_Lane there's an actual example :)
19:48 dfh_ awesome! i'll look into both, thank you @iggy and @Ryan_Lane
19:48 losh joined #salt
19:49 Ryan_Lane boto_asg isn't salt-cloud, btw :)
19:49 chadhs thanks @Ryan_Lane, i think i was missing "propagate_at_launch: true"
19:50 Ryan_Lane chadhs: yep. otherwise it just tags the asg itself
19:50 chadhs yup that's what was happening
19:50 chadhs i've got it now where i can run one command to provision an environment and keeping the aws profile data out of the repo of course too; pretty stokked
19:51 jeffspeff joined #salt
19:54 dfh_ iggy: that solved my problem, thanks for the tip
19:56 forrest joined #salt
19:58 howardroark joined #salt
19:59 howardroark Hey!  If were use archive to download and extract node binaries, then use file.symlink to link the bin files.... How would I 'require' npm before I run npm states?
20:00 howardroark I guess there still is no require 'id'
20:00 forrest howardroark, ? There is
20:00 howardroark really?
20:00 forrest yeah hang on
20:01 forrest howardroark, https://gist.github.com/gravyboat/ea25b9a0e9cbb4543991
20:01 KennethWilke joined #salt
20:01 forrest There I'm basing the require off the ID
20:02 Guest89 joined #salt
20:03 chadhs @Ryan_Lane propagate_at_launch: true worked like a champ in test!  didn't see that in the docs… thnx again
20:04 howardroark Hey @forrest I think that example still requires the ID to be of the 'pkg' type
20:04 howardroark https://gist.github.com/howardroark/af14d60cca7b53774edf
20:04 howardroark that is what I am doing
20:05 Ryan_Lane chadhs: the salt modules are pretty 1:1 with boto. if you don't see something documented in the salt modules, you can usually find it in boto's docs
20:05 howardroark id rather not use 'pkg' just because i'd rather stick to a version of node
20:05 chadhs ah… good call
20:07 forrest howardroark, I updated your gist
20:07 forrest Is that what you mean?
20:07 aidalgol joined #salt
20:08 tiadobatima joined #salt
20:09 tiadobatima joined #salt
20:09 howardroark @forrest... Not really... but i should do that too!
20:10 howardroark I want to use the 'npm' states
20:10 yidhra joined #salt
20:10 howardroark But I need to require that npm bin before I run them
20:10 howardroark I tried -require: -file: /usr/local/bin/npm
20:11 howardroark https://github.com/saltstack/salt/issues/4597
20:11 saltstackbot [#4597]title: Require by id/label | As discussed with UtahDave on IRC:...
20:11 mapu joined #salt
20:11 howardroark this is what I mean about require id
20:11 DammitJim joined #salt
20:12 howardroark Is it possible to 'require' a file.symlink state?
20:12 forrest howardroark, of course, - require: \n    - file: dat_file
20:12 protoz joined #salt
20:13 howardroark @forrest  ok... i may just be doing something wrong.  thanks for the help!
20:13 forrest howardroark, I'd say give it a shot, I don't know if the npm states have a hard coded path.
20:13 shaggy_surfer joined #salt
20:14 Tanta_G joined #salt
20:14 howardroark yeah I symlinked to the path that standard node package installs use
20:14 forrest yeah I saw that.
20:14 forrest What error do you get when you try to use npm.installed after that?
20:15 howardroark "/bin/bash: npm: command not found"
20:16 whytewolf path issue?
20:16 forrest howardroark, I see, any chance that it's not by default installed into /usr/local?
20:16 howardroark not on arch
20:17 forrest howardroark, Can you run the state with -l debug
20:17 forrest get some more output from it, maybe something will become obvious
20:17 gcorey joined #salt
20:18 forrest howardroark, You could also set an env var in the npm.installed state.
20:19 howardroark let me start with a fresh vm and run it with -l :)
20:19 racooper joined #salt
20:19 forrest sounds good
20:19 jdubski joined #salt
20:20 fyb3r joined #salt
20:21 forrest howardroark, Also make sure to check what the order of execution is when it tries to do the npm.installed, make sure that isn't happening in an odd order (it should not if you drop it below that last section)
20:22 howardroark yeah...you know what...
20:22 bhosmer joined #salt
20:22 howardroark it may just be as simple as changing the 'file_roots' order
20:22 howardroark in the minion
20:23 howardroark I am including the 'main' states after the 'specific' states
20:23 whatapain joined #salt
20:23 howardroark in that array
20:23 solidsnack joined #salt
20:23 whatapain does anyone know how i could execte a rand() function inside a jinja template?  i looked at the jinja docs and it looks like arbitrary code isn't allowed, anyone have any tricks or tips?
20:24 whatapain i'm creating a server config file but i need to randomize a value
20:24 jakehilton joined #salt
20:25 brianfeister joined #salt
20:25 forrest whatapain, You can use random: {{ 1000000 |random }}
20:27 whatapain ahh! random filter
20:28 whatapain thanks
20:28 forrest np
20:28 baweaver joined #salt
20:32 LtLefse joined #salt
20:35 jakehilton I'm hitting this super helpful error: State 'schedule' in SLS 'packages.schedule_state' is not formed as a list. Which would lead me to believe my data structure is bad. But I took the example straight from here: https://docs.saltstack.com/en/latest/topics/jobs/schedule.html#states  And not to be redundant.. but this is the contents of the file in question:  https://gist.github.com/jakehilton/7ab342f5fe5312ea24da
20:35 jakehilton just trying to set up a simple schedule..
20:35 shaggy_surfer joined #salt
20:36 jakehilton it passes all YAML validators.. so not sure what salt is talking about.. I should have put "super helpful error" in quotes.. seeing as that's not much help with this
20:38 mapu joined #salt
20:38 whatapain forrest: doesn't seem to be working, keeps saying that int() has no len,  i'm doing this "hostname = server{{ 100 | random }}"
20:39 DammitJim joined #salt
20:39 forrest whatapain, Do you get that when running salt?
20:39 forrest Your file has - template: jinja right?
20:39 baweaver joined #salt
20:40 whatapain forrest: yea, when i run a state that include that config, - template: jinja is set on the file
20:40 forrest Weird
20:41 forrest whatapain, What about at the top of the file {% server_num = random(100) %}, then "hostname = server{{server_num}}"
20:41 forrest but with better spacing around server_num
20:43 edrocks joined #salt
20:44 fyb3r Getting a syndic error: Unable to call _fire_master on None, that syndic is not connected           What gives?
20:44 whatapain forrest: nah, different problem now saying server_num is not a valid tag.  there's another item in the file that pulls a grain and that is processing just fine so it's processing as a jinija template
20:45 whatapain Comment: Unable to manage file: Jinja syntax error: Encountered unknown tag 'server_num'.; line 1
20:46 forrest whatapain, I'm sorry then I have no idea :( I haven't used random in that way before
20:46 whatapain erm... so i set it to {% set server_num = random(100) %} instead which is the right jinja syntax but now it's saying that random() is undefined
20:47 brianfeister joined #salt
20:48 surge_ joined #salt
20:49 surge_ Is it possible to set a grain value via the command line ?
20:49 protoz joined #salt
20:49 jakehilton surge_: salt '*' grains.setval super cool
20:50 whytewolf surge_: yes https://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.grains.html#salt.modules.grains.setval
20:50 jakehilton or from a minion: salt-call grains.setval
20:50 surge_ awesome! my google fu was failling me
20:50 solidsnack joined #salt
20:50 fyb3r pretty sure you can have a grains file too
20:50 zmalone joined #salt
20:51 whytewolf fyb3r: /etc/salt/grains is the grains file. and setval actually updates that file so that they persist after minion restart
20:52 fyb3r ohhhhh ok that makes sense :) sup again whyte
20:52 whytewolf not much fyb3r, hating my job cause i don't get to use salt goodness
20:53 fyb3r haha. that would suck :(
20:53 whytewolf and am forced to use rsyslog to send "syslog" style logs to logstash
20:53 fyb3r i actually got hired to create our devops dep and use any tools i see fit to.
20:53 fyb3r ewwwwwww
20:54 fyb3r i feel for you mate
20:54 whytewolf I keep trying to tell them that syslog was so 1980's
20:54 fyb3r read that as 1890's lol
20:54 whytewolf lol, might as well be
20:55 fyb3r yeah, the problem im running into currently is that im 27 and my superiors are in their 60s and refuse to change
20:55 whytewolf oh well. I can complain but they do pay me pretty well
20:55 fyb3r unfortunately many of us have egos and pride, and take a alot of pride on our craft lol
20:56 jakehilton I resemble that comment!
20:56 whytewolf I'm 39, but i have always been adaptable and have high situational awarness
20:56 fyb3r ^^^^ key values many companies need to be looking for.  time for a smoke break / relieve my migraine
20:56 fyb3r :D
20:57 whytewolf lol, alright.
20:58 whatapain forrest: fixed it, hostname = server{{ range(100) | random }}
20:58 spiette joined #salt
20:58 forrest whatapain, Ahh that totally makes sense since the range makes it an interable item, nice.
21:02 ekristen joined #salt
21:03 tkharju joined #salt
21:04 MeltedLux joined #salt
21:04 evilrob joined #salt
21:05 Tanta_G there is nothing wrong with syslog
21:05 Tanta_G it's a perfectly serviceable event logging system
21:05 Tanta_G taking something that has worked for 30 years and chucking it aside for some JSON monstrosity is not good engineering
21:06 jakehilton anyone using schedule in states? https://docs.saltstack.com/en/latest/topics/jobs/schedule.html#states  I can't get it to even compile
21:06 jakehilton local:
21:06 jakehilton Data failed to compile:
21:06 jakehilton ----------
21:06 jakehilton State 'scheduler' in SLS 'packages.schedule_state' is not formed as a list
21:06 rburkholder joined #salt
21:06 dyasny joined #salt
21:06 jakehilton well that came across ugly.. sorry..
21:07 protoz joined #salt
21:08 hasues joined #salt
21:09 otter768 joined #salt
21:09 hasues left #salt
21:09 whytewolf jakehilton: that is a pillar file. and should be targeted in pillar
21:09 dynamicudpate joined #salt
21:10 murrdoc joined #salt
21:11 jakehilton I'll give that a whirl.. but is there no way to schedule something based off of a state? Trying to match a grain value to trigger the schedule.
21:11 bhosmer_ joined #salt
21:11 whytewolf Tanta_G: my problem with syslog, isn't syslog. it is the resources needed to parse syslog into a more well thought out scheme. honestly ELK isn't meant to replace centralized log storage. just make searching and statistics on that easier.
21:12 whytewolf jakehilton: schedule triggers off of time. if you want something to trigger based on something else you want to look at reactors
21:13 indrgun joined #salt
21:13 solidsnack joined #salt
21:13 whytewolf or explain better what you are trying to do
21:13 jakehilton right.. time is fine.. just when the minion initializes I want to set a schedule to run.
21:13 jakehilton but not in every minion.. but base it off of a grain
21:14 jakehilton was hoping to just initialize a state based off of a grain check..
21:14 whytewolf you can target pillars based on grains
21:14 howardroark @forrest... Just to give you an update...  the npm.installed state works only if I do not supply 'user'.  Though if I don't supply user then the packages are unavailable outside of root.
21:14 forrest howardroark, Gotcha, thanks for the update.
21:15 forrest howardroark, Could that be an issue with how you set the permissions on the symlinks and such?
21:15 forrest howardroark, So you either need to use the root user right now I'm assuming, or modify the permissions for your stuff so that others can access it.
21:15 howardroark maybe...it's odd... I can use npm after the states run with 'user'
21:15 jakehilton true whytewolf..  I'll work this over for a spell..
21:16 howardroark im going to switch to debian and see if this is all unique to arch
21:17 forrest howardroark, So you have to run it twice but it works the second time? Order of operations again perhaps
21:18 howardroark no oddly the state fails over and over
21:18 howardroark weird
21:18 howardroark but npm installs and is usable
21:19 shalkie joined #salt
21:19 shaggy_surfer So I ran into a huge bottleneck and issue w/ the way I was using salt, it only took 2 weeks to track down and it didn't help having the debug logging on either
21:20 shaggy_surfer everything was slow and taking 3 min just to do a simple state.sls, it had come about after adding our web deploy in jenkins to the /nfs mount point exposed to salt via the config file for file_roots
21:21 shaggy_surfer it turned out the file_roots was reading the uncompressed web files because I included the location of the build tree in the file roots for the environments, i.e. /nfs/jenkins/workspace
21:22 surge_ fyb3r: yeah, i just needed to override a grain for a 1 off thing so no real need for a grains file
21:23 shaggy_surfer so salt reads every file and if the file tree is huge which it was for web for all 3 env's ( each 750MB uncompressed) X 3 (qa/staging/prod). it was reading over 2gig of new web files, including all our gems/assets/ and .git files , etc.
21:23 shaggy_surfer Once I added the path's for only the compiled war/tar locations of files to be distributed or "looked" at by salt, the time went from 3 min down to 2 seconds….. wow
21:24 forrest shaggy_surfer, Why did you include the workspace location in the first place?
21:24 shaggy_surfer My question to the channel is, I have google search and looked everywhere including the official salt faq's but found nothing relevant on how to trouble shoot this slow issue, shouldn't this be a high priority documented issue
21:25 whatapain if i include: state does it automatically run the init.sls?
21:25 jakehilton whytewolf: so I'm using a pillar now for the schedule.. but it doesn't seem to want to run my custom scheduler.. no compiler errors but it just doesn't run: https://gist.github.com/jakehilton/239b4e22b17ad288080c
21:25 shaggy_surfer so I can deploy code using deploy_code.sls files
21:25 shaggy_surfer I use it to copy files from the jenkins mount point and push out to all my servers, in other words, I am using the salt for orchestration and deployment
21:26 forrest shaggy_surfer, Gotcha
21:26 oida joined #salt
21:26 whytewolf jakehilton: salt 'minion' schedule.list
21:26 subsignal joined #salt
21:26 whytewolf and see if the job is even being created
21:27 whytewolf also don't forget to saltutil.refresh_pillar
21:28 shaggy_surfer here is an example of what my file_roots looks like now: https://gist.github.com/mf-collinhayden/c566539e0e5a13daf210
21:29 shaggy_surfer maybe I should be doing this a different way, but back a year and a half ago when I started using salt, I didn't know how else to do it
21:29 jakehilton as it turns out the refresh_pillar did it.. even though the master showed it had pulled the pillar changes.. blargh..
21:29 jakehilton thanks for the help whytewolf.. time to bandage up my forehead and move on
21:30 shaggy_surfer but i did rathole down other path's like increasing salt -t timeout, increasing threads on server…. when it had nothing to do w/ it.  The timeouts were because it was hash'ing thousands and thousands of files every time I ran anything against the tagged env (i.e. QA)
21:30 sbogg joined #salt
21:31 shaggy_surfer I would like to share as it took me a very long time to figure out
21:31 shaggy_surfer debugging doesn't show it traversing the /nfs file mount and what files it's looking at etc
21:31 forrest shaggy_surfer, You should write up a blog post. You should also submit an issue documenting all this so that it can be corrected.
21:32 shaggy_surfer so it was more of process of, what changed?, then remove configurations and restart and test until I found the lines causing the problem
21:32 shaggy_surfer where can I write the blog post?
21:32 mage_ mmh how could a have and "include:" key in my pillar data ?
21:32 forrest shaggy_surfer, Even better, propose it as a talk for saltconf, lol
21:32 shaggy_surfer would this "issue" be considered a bug?
21:33 forrest shaggy_surfer, I would say it is a bug as it is an issue with how the output is logged which caused you to troubleshoot this long
21:33 forrest If it's not a bug, it's definitely a failure in how the system provides that data so users can see what is happening
21:33 shaggy_surfer I used to use puppet a long time ago and ran into this same type issue…. I think that it's common across all CMS systems
21:33 shaggy_surfer as it's by design…
21:33 whytewolf I would think it both a bug and a feature request
21:34 shaggy_surfer the system is comparing files , so the more files you have to hash and compare the slower it will get if you aren't careful
21:34 akhter Hey guys, I'm trying to launch an instance via salt-cloud, it launches the instance but it never bootstraps.  Keeps reporting "[DEBUG   ] Waiting for VM IP. Giving up in 00:05:30"
21:34 whytewolf a but cause on large systems it would be deadly to production. but a feature request cause it might get implimented as some kind of lazy hashing [hash only files actually being used]
21:34 shaggy_surfer another thing I discovered is that salt sux for recursion… and this is not just salt, this is the CMS tools… i.e. do a recursive chown on a huge dir w/ logs of tree (directories)
21:35 shaggy_surfer it takes forever as it's comparing every file through the whole tree
21:35 shaggy_surfer hash
21:35 intel joined #salt
21:35 jakehilton yea. true.
21:35 shaggy_surfer the way I get around this is I have salt call a simple bash script that contains the recursive changes, like "chown -R whoever:whoever somedirthathasahugetree"
21:35 akhter The queried instance meta-data is correct and the instance is running but it doesn't bootstrap.
21:36 jakehilton I'm sure using git_pillar doesn't help much with it
21:38 subsignal joined #salt
21:40 roock joined #salt
21:42 solidsnack joined #salt
21:42 akhter Anyone else run into the issue where salt will not bootstrap/connect an instance
21:42 shaggy_surfer also, in my opinion, the orchestration (deployment) documentation is weak and so is the FAQ's.  I haven't read all the documentation, but I have searched the relevant areas and sections and followed all the walk through's…. I will definitely be writing something up but I really would like to share this and understand the best way to do this.
21:44 tiadobatima joined #salt
21:46 diegows joined #salt
21:47 lorengordon joined #salt
21:57 tiadobatima joined #salt
21:59 Guest89 joined #salt
22:00 thalleralexander joined #salt
22:09 tiadobatima joined #salt
22:10 thalleralexander joined #salt
22:11 perfectsine joined #salt
22:16 akhter joined #salt
22:16 amcorreia joined #salt
22:16 edrocks joined #salt
22:16 cyborglone joined #salt
22:20 DanyC_ joined #salt
22:21 DanyC_ all, anyone knows if salt-cloud works on aws using the MFA ?
22:21 ziro` joined #salt
22:22 DanyC_ same q applies for boto_ module. so far i've seen only aws key/secret but if you have cross-account or assumeRole you do need more info
22:23 DanyC_ @Ryan_Lane if you are around, do you have any idea since you are a heavy AWS user?
22:26 hightekvagabond joined #salt
22:29 baweaver joined #salt
22:30 andrew_v joined #salt
22:33 PredatorVI joined #salt
22:34 SheetiS joined #salt
22:36 hightekvagabond joined #salt
22:37 burp joined #salt
22:41 DanyC_ nobody is using salt on aws ?
22:42 burp joined #salt
22:45 pzipoy left #salt
22:48 zmalone DanyC_: I use salt on aws, but we don't use salt-cloud, because the impression was that it isn't stable in 2015.*, whether that was deserved or not
22:49 jaybocc2_ joined #salt
22:49 DanyC_ zmalone: okay. Even w/o salt-cloud and only using boto_ do you have MFA/ role_arn defined? (which basically use the AssumeRole)
22:50 zmalone I'm not using boto either, I'm bootstrapping salt onto hosts that were created outside of salt, and then managing from there
22:50 tiadobatima joined #salt
22:51 DanyC_ zmalone: okay but then creating resources like sec_groups/ elastic lb how do you map them to the instances ?
22:51 silicon_id joined #salt
22:51 Ryan_Lane DanyC_: boto_* works with MFA
22:52 Ryan_Lane boto_* can get its credentials in any way that boto normally does
22:52 Ryan_Lane so environment vars, boto config, or you can pass in stuff to salt through pillars or through the states
22:52 DanyC_ Ryan_Lane: really? that is a good news ;)
22:52 mosen joined #salt
22:52 Ryan_Lane you need to lean on boto for mfa, though, since the state modules don't take token as an arg
22:53 Ryan_Lane it also works with metadata, obviously :)
22:53 DanyC_ Ryan_Lane: i guess Santa came to me earlier this year :) much thanks!
22:54 Ryan_Lane yw
22:54 DanyC_ zmalone: what you doing is what i'm doing now but that has limitation with creating/ assigning from salt master the seg groups
22:54 bensons joined #salt
22:54 bensons how do i set sysfs entries via salt state?
22:54 DanyC_ zmalone: hence why i'm looking for other options
22:55 include joined #salt
22:55 Ryan_Lane DanyC_: have you seen the example from confidant?
22:55 Ryan_Lane https://github.com/lyft/confidant/tree/master/salt
22:56 Ryan_Lane it's not a 100% working example (because of elasticache), but it's pretty close
22:56 burp joined #salt
22:58 DanyC_ Ryan_Lane: looking over as we speak, i wished more attention will be on  https://github.com/saltstack/salt/issues/28793 so i can properly use to split the pillar secrets vs pillar 'config' data
22:58 saltstackbot [#28793]title: Enable ext_pillar for minions in master/minion mode | When using secret management systems like Confidant, it's better for minions to fetch their secrets directly, rather than having the master fetch the secrets, then distribute them to the minions. It would be nice to be able to use ext_pillar on minions directly, even if in master/minion mode (it already works in masterless). In this mode it should merge the pillars from the master with t
22:58 Ryan_Lane yeah
22:58 Ryan_Lane the benefits of using masterless :D
22:58 DanyC_ Ryan_Lane: i guess there will be v little done in that area in the near future ..i lost hope tbh
22:59 Ryan_Lane it's tagged for next release
22:59 TOoSmOotH joined #salt
23:00 DanyC_ Ryan_Lane: well i don't see any activity on the develop branch hence is easy to slip to next and then next etc
23:01 DanyC_ Ryan_Lane: imho (and not saying cause i have an interest on it) but having this future will basically solve all the security around Salt Master and the common prob across the industry wrt storing secrets
23:02 DanyC_ Ryan_Lane: you've been lucky picking masterless, i went opposite and is hard to switch directions ...i'm not a green field project :)
23:02 sgargan joined #salt
23:07 PeterO joined #salt
23:08 sgargan joined #salt
23:09 otter768 joined #salt
23:12 forrest Ryan_Lane, Did you see the docker thing I made? Had to go with a master for the reactor :( Was tired of waiting
23:13 colegatron joined #salt
23:13 murrdoc ?
23:13 forrest murrdoc, https://github.com/gravyboat/docka-docka-docka
23:13 forrest Had to include a master for that so the damn reactor would work
23:14 whytewolf humm. just a crazy thought on the masterless subject. and it already seem slike "a bad idea". but what about running a master on each minion. the master would only be fore that minion. and would be locked out from the rest of the system. giving you all the benifits of master.
23:14 Ryan_Lane forrest: looks kind of similar to what we're doing for our dev environments
23:15 Ryan_Lane except we have no docker files
23:15 whytewolf coarse the down side would be the extra resources for running a master on each minion
23:15 jaybocc2 joined #salt
23:15 forrest whytewolf, You lose all the benefits of running masterless even with a master on that single node.
23:15 slav0nic joined #salt
23:16 NV joined #salt
23:16 Ryan_Lane a lot of master features just work in masterless
23:16 Ryan_Lane if you run a minion
23:16 whytewolf yeah, but i love reactors :P
23:16 Ryan_Lane we currently run masterless without even a minion daemon
23:16 akhter joined #salt
23:16 forrest Yeah I do the same on my system Ryan_Lane
23:16 forrest no need for a daemon, just envoke when it needs to run
23:17 ssplatt joined #salt
23:18 burp joined #salt
23:20 jaybocc2_ joined #salt
23:25 akhter joined #salt
23:25 penguinp1wernz joined #salt
23:27 akhter joined #salt
23:30 bhosmer joined #salt
23:31 oida joined #salt
23:32 bfoxwell joined #salt
23:35 akhter joined #salt
23:51 hightekvagabond joined #salt
23:52 TreborTech joined #salt
23:54 colegatron joined #salt
23:55 TreborTech Basic Docker container with SaltStack -- https://www.youtube.com/watch?v=ugF4_X9wrEs
23:55 TreborTech How to configure GITFS in SaltStack  -- https://www.youtube.com/watch?v=0VFKRExZotM
23:55 TreborTech Private Git Repo in SaltStack --- https://www.youtube.com/watch?v=RaeKLKaqPoo
23:55 TreborTech GIT branches to SaltStack Environments --- https://www.youtube.com/watch?v=ZVAUfAiP6qo
23:57 hightekvagabond joined #salt

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary