Perl 6 - the future is here, just unevenly distributed

IRC log for #salt, 2015-12-16

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:01 alexanderilyin joined #salt
00:03 andrei_ oh, thank you very much, looks very helpfull and hopeful
00:07 forrest joined #salt
00:11 saltstackbot [reddit-saltstack] bad hour in cron error https://www.reddit.com/r/saltstack/comments/3x0fkv/bad_hour_in_cron_error/ - 2015-12-16 - 00:08:25
00:11 tkharju1 joined #salt
00:12 forrest iggy, Was it really necessary to link reddit posts in here? lol
00:16 kusams joined #salt
00:18 iggy it happens like once a week
00:18 iggy get over it
00:18 iggy /ignore saltstackbot
00:18 stooj joined #salt
00:19 iggy carry on with life
00:20 forrest iggy, I'm just fucking with you
00:20 murrdoc joined #salt
00:20 forrest Don't be cranky, order some more amazon packages
00:21 baweaver joined #salt
00:22 murrdoc1 joined #salt
00:22 iggy I'm done with that for the year
00:23 murrdoc1 ?
00:23 iggy (mailing room people are happy about that fact)
00:24 stooj joined #salt
00:26 rojac99 joined #salt
00:27 abednarik joined #salt
00:27 murrdoc1 with what
00:27 murrdoc1 shipping BIG things to work /
00:27 forrest I think in general shipping anything to work
00:28 forrest if everyone has 1 package a day, that sucks
00:29 overyander joined #salt
00:31 iggy I had 3 Monday
00:31 iggy but I live in the ghetto... I'm not about having that stuff sent to the house
00:32 forrest Man you don't even have to live in the ghetto to get packages stolen
00:32 otter768 joined #salt
00:33 iggy I at least go to the mailroom and grab my own boxes... I don't make them lug them up the stairs
00:34 stooj joined #salt
00:36 dendazen joined #salt
00:40 abednarik joined #salt
00:40 ajw0100 joined #salt
00:43 yomilk joined #salt
00:46 flowstat_ joined #salt
00:46 shaggy_surfer joined #salt
00:56 kusams joined #salt
00:58 woodtablet left #salt
01:02 nidr0x joined #salt
01:05 tiadobatima joined #salt
01:07 abednarik joined #salt
01:10 murrdoc1 is that because u dont awnat to lug them downstairs
01:10 murrdoc1 or because u are a nice guy
01:10 murrdoc1 #showerthoughts
01:12 iggy A
01:12 iggy maybe little column B
01:12 bhosmer_ joined #salt
01:15 yomilk joined #salt
01:23 yomilk joined #salt
01:23 justanotheruser joined #salt
01:23 dyasny joined #salt
01:24 baweaver joined #salt
01:35 chadhs joined #salt
01:47 flowstat_ joined #salt
01:48 buhman joined #salt
01:54 bemehow joined #salt
01:59 abednarik joined #salt
02:00 om hey guys
02:00 om http://pastebin.com/MEXa0EQN
02:00 om I got this but... it fails
02:00 om how do you do conditionals inside state sls files?
02:01 om I see something similar works inside jinja files but not in sls files
02:06 om anyone around?
02:07 aurynn what's the error?
02:07 nsim joined #salt
02:08 om gives a traceback
02:08 om http://pastebin.com/8VKvecs5
02:09 hightekvagabond joined #salt
02:11 iggy I personally wouldn't use unicode (python2 sucks)
02:11 iggy you are missing a ' at the end of the line
02:13 iggy I would personally make that a pillar variable and just pull that, but that's personal preference I guess
02:16 justanotheruser joined #salt
02:18 racooper joined #salt
02:18 dyasny joined #salt
02:19 TyrfingMjolnir joined #salt
02:24 tehsufn anyone here using rackspace know how to deploy a new server using salt-cloud to block device storage
02:31 om thanks iggy
02:32 om on that note, what IDE works well for saltstack ?
02:32 om pycharm?
02:32 om or something else?
02:32 clintberry joined #salt
02:33 otter768 joined #salt
02:34 om hopefully a community or open-source IDE for python with a salt plugin?
02:36 justanotheruser joined #salt
02:38 iggy I've been using atom lately with a salt plugin, it's far from perfect, but works for the most part
02:46 flowstat_ joined #salt
02:53 chadhs joined #salt
02:57 catpigger joined #salt
02:59 PeterO joined #salt
02:59 overyander joined #salt
03:03 iggy trying bot maint again
03:03 bhosmer joined #salt
03:08 PeterO joined #salt
03:09 saltstackbot joined #salt
03:12 virusuy joined #salt
03:13 dyasny joined #salt
03:13 favadi joined #salt
03:15 darien joined #salt
03:17 kusams joined #salt
03:21 iggy https://github.com/saltstack/salt/issues/21797
03:21 saltstackbot [#21797]title: [outputter] add sort option | We have minions named by this scheme:...
03:22 iggy !salt modules.match.grain
03:22 saltstackbot http://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.match.html#salt.modules.match.grain
03:22 iggy okay, everything is back to normal
03:26 evle joined #salt
03:28 malinoff joined #salt
03:36 tpaul joined #salt
03:40 bryguy joined #salt
03:46 flowstat_ joined #salt
03:47 larsfronius joined #salt
03:52 chadhs joined #salt
03:55 writteno1 joined #salt
03:57 yomilk joined #salt
04:05 kshlm joined #salt
04:18 hasues joined #salt
04:18 hasues left #salt
04:21 ramteid joined #salt
04:21 dkrae joined #salt
04:31 brianfeister joined #salt
04:33 otter768 joined #salt
04:39 kusams joined #salt
04:44 hightekvagabond ok…. salt-cp doesn't select the same way as salt….. I can run: salt -C 'G@dcjob:database and G@dcregion:aws'
04:44 hightekvagabond but salt-cp doesn't work the same way
04:45 tpaul f i n a l l y . . . I got a salt-minion running in the smart-os global zone! I've been working on this on and off for at least 2 weeks.
04:45 hightekvagabond If I want to select all the minions that match two grains with salt-cp, how would I?
04:46 tkharju1 joined #salt
04:47 flowstat_ joined #salt
04:52 tkharju1 joined #salt
04:53 tkharju joined #salt
05:04 * geekatcmu just uses emacs
05:17 anmol joined #salt
05:20 rdas joined #salt
05:23 mdupont joined #salt
05:33 colegatron joined #salt
05:41 nafg joined #salt
05:41 favadi joined #salt
05:43 cberndt joined #salt
05:45 flowstat_ joined #salt
05:47 wenxin joined #salt
05:48 grumm_servire joined #salt
06:00 jaybocc2 joined #salt
06:02 Garo_ I'm developing new runners and it seems that salt doesn't immediatelly pick up if I edit runner source code. How can I force salt to notice that I've changed the source code?
06:03 calvinh joined #salt
06:06 VishalB joined #salt
06:09 VishalB Hi, I am working with Publish module and wanting to get some data about grains of other minions. But I am able to get only one grain at a time or all. If I ask for multiple grains - publish module converts it to a single string and hence does not get any results
06:15 tristianc joined #salt
06:17 solidsnack joined #salt
06:20 berto- joined #salt
06:21 malinoff joined #salt
06:31 alexanderilyin joined #salt
06:33 mdupont joined #salt
06:34 otter768 joined #salt
06:35 solidsnack joined #salt
06:37 jamesp9 joined #salt
06:37 jaybocc2 joined #salt
06:38 brianfeister joined #salt
06:39 brianfeister joined #salt
06:43 jaybocc2 joined #salt
06:44 colegatron joined #salt
06:45 felskrone joined #salt
06:45 flowstat_ joined #salt
06:48 whytewolf hightekvagabond: IIRC salt-cp has been depreceated in favor of the cp module.
06:49 hamsham joined #salt
06:50 ham_sham joined #salt
07:01 AlberTUX joined #salt
07:02 malinoff joined #salt
07:04 malinoff joined #salt
07:14 wendall911 joined #salt
07:16 chadhs joined #salt
07:24 colegatron I have written a python script which config is harcoded as jinja template and I should replace it each time the script is deployed. there is anyway to use the pillar info inside a python script to avoid use the template/replacement approach?
07:30 hightekvagabond whywolf: I've yet to get the cp module to work in a way that makes much sense to me
07:32 ex-cowboy joined #salt
07:33 kusams joined #salt
07:42 nafg_ joined #salt
07:43 KermitTheFragger joined #salt
07:44 mirko joined #salt
07:45 flowstat_ joined #salt
07:45 morissette joined #salt
07:47 wendall911 joined #salt
07:48 larsfronius joined #salt
07:56 Garo_ How I should send events from a salt runner? Tried for example __jid_event__.fire_event but __jid_event__ doesn't exists
07:58 cybacolt joined #salt
08:03 elsmo joined #salt
08:07 ranomore1 joined #salt
08:09 yomilk joined #salt
08:15 eseyman joined #salt
08:20 linjan joined #salt
08:33 kusams joined #salt
08:35 kshlm joined #salt
08:35 otter768 joined #salt
08:39 mohae_ joined #salt
08:40 jhauser joined #salt
08:47 flowstat_ joined #salt
08:49 keimlink joined #salt
08:54 quarcu hello chaps
08:57 quarcu i'm using directory as a module structure
08:58 quarcu questions is, how can I order modules if included from other ?
08:58 morissette should be top down
08:58 morissette if I'm understanding correctly
08:59 quarcu yes, that is the default, at least should be that way
08:59 quarcu is there any other option to make it request / onchange / etc ?
08:59 quarcu just to be sure
09:00 morissette Can I get a more detailed explanation of what you are trying to do
09:00 quarcu well, basically lets say I have 3 modules, each managing a separate part
09:01 quarcu lets call them a b c
09:01 quarcu however c module requires a and b to be included and executed before
09:01 quarcu c
09:02 quarcu so, the include itself should manage it properly, but, is there a require statement way to be sure it will include it in proper order ?
09:02 quarcu it is just a theory question ;)
09:02 slav0nic joined #salt
09:03 Grokzen joined #salt
09:05 vishalb joined #salt
09:05 bhosmer_ joined #salt
09:06 s_kunk joined #salt
09:06 s_kunk joined #salt
09:10 yomilk joined #salt
09:13 ingslovak joined #salt
09:13 babilen joined #salt
09:14 babilen joined #salt
09:14 rotbeard joined #salt
09:17 acsir joined #salt
09:20 Xevian joined #salt
09:22 cyteen joined #salt
09:23 zanhsieh joined #salt
09:24 hightekvagabond stupid question: in the docs for the cp module the source in the examples always start with salt://    is this pointing to some special salt file structure or the local machine's file structure?
09:24 zanhsieh hi all, just wonder a minion under syndic, how to fetch the grand master ip or id?
09:25 GreatSnoopy joined #salt
09:27 zanhsieh @hightekvagabond: the answer is salt file structure, where you specify under /etc/salt/master  -> file_roots
09:32 anubhaskar joined #salt
09:40 bluenemo joined #salt
09:41 ksj_ joined #salt
09:46 flowstat_ joined #salt
09:57 ksj_ joined #salt
10:01 elsmo joined #salt
10:01 anubhaskar left #salt
10:03 thalleralexander joined #salt
10:04 Joren_ joined #salt
10:04 vishalb joined #salt
10:08 dariusjs joined #salt
10:08 fredvd joined #salt
10:13 denys joined #salt
10:16 denys joined #salt
10:19 Joren_ joined #salt
10:22 kusams joined #salt
10:22 larsfronius joined #salt
10:26 larsfron_ joined #salt
10:29 amcorreia joined #salt
10:32 TyrfingMjolnir joined #salt
10:34 jaybocc2 joined #salt
10:36 otter768 joined #salt
10:40 DanyC joined #salt
10:45 Rumbles joined #salt
11:00 yomilk joined #salt
11:02 blacktoko joined #salt
11:08 mariusv joined #salt
11:09 jamesp9 joined #salt
11:10 Grokzen joined #salt
11:16 georgemarshall joined #salt
11:25 abednarik joined #salt
11:30 N-Mi joined #salt
11:30 N-Mi joined #salt
11:30 elsmo joined #salt
11:32 denys joined #salt
11:34 kshlm joined #salt
11:35 zigurat joined #salt
11:35 _mel_ joined #salt
11:41 dariusjs joined #salt
11:42 Dev0n joined #salt
11:43 17WABBW99 joined #salt
11:45 illern joined #salt
11:47 dendazen joined #salt
11:50 aqua^c joined #salt
11:52 DanyC hi, anyone knows if there is a bug where after every clear_cache backend=git run from master the highstate fails with top.sls not found
11:53 DanyC however after few min it works? I'm on 2015.5.x and is very annoying
11:53 quarcu well, I assume salt is pulling the stuff at that particular moment
11:54 quarcu you can adjust refresh rate from git backend
11:54 DanyC quarcu: ah i see, thanks will do that
11:59 quarcu also, you can simply use roots backend, and put a cronjob to pull stuff from git
12:00 DanyC quarcu: yeah but that is a bit messy, imo that should be covered by Salt internally
12:05 chadhs joined #salt
12:11 kusams joined #salt
12:14 LondonAppDev joined #salt
12:15 amcorreia joined #salt
12:23 masterkorp joined #salt
12:24 masterkorp Hello everyone
12:26 masterkorp So i am trying to use a file state to fill an ssh privete key
12:26 masterkorp but salt always complains at the 3rd line
12:26 masterkorp https://ptpb.pw/3MdA
12:27 masterkorp Here is show the pilar data is set https://ptpb.pw/QvZl
12:27 malinoff joined #salt
12:28 masterkorp (with the full key in there)
12:29 masterkorp Here is the file state https://ptpb.pw/OXB1
12:29 masterkorp any suggestions welcome
12:32 ramteid joined #salt
12:32 johnkeates joined #salt
12:34 abednarik joined #salt
12:35 slav0nic masterkorp, maybe - contents_pillar:| ...
12:35 slav0nic masterkorp, like http://stackoverflow.com/questions/3790454/in-yaml-how-do-i-break-a-string-over-multiple-lines
12:37 otter768 joined #salt
12:39 bhosmer joined #salt
12:45 jaybocc2 joined #salt
12:47 justanotheruser joined #salt
12:52 DanyC joined #salt
12:52 akhter joined #salt
12:57 akhter joined #salt
12:57 colegatron joined #salt
13:00 bhosmer joined #salt
13:01 quarcu chaps, is there a possibility to use salt via api with permanent credentials ie permanent tokens or certificates or keys ?
13:01 jaybocc2 joined #salt
13:04 akhter joined #salt
13:07 jespada joined #salt
13:08 flowstat_ joined #salt
13:11 DanyC quarcu: sorry but i never used the api hence can't help much
13:12 DanyC anyone around who used/is using salt boto_ on AWS?
13:17 bhosmer joined #salt
13:20 wenxin joined #salt
13:21 wenxin Hi, I noticed that there's no formula for chrony, so I wrote one myself, and I'm interesting to help make it to the salt-formula organization. How may I help?
13:21 wenxin The repo is https://github.com/stieizc/chrony-formula/
13:26 KennethWilke joined #salt
13:26 antpa joined #salt
13:26 kwilke joined #salt
13:30 dariusjs joined #salt
13:31 marsdominion joined #salt
13:31 marsdominion joined #salt
13:32 zigurat Hi. How can I parse data returned by file.stats /etc/passwd inside salt?
13:32 zigurat I need the mtime to compare
13:36 abednarik joined #salt
13:38 dendazen joined #salt
13:40 netcho joined #salt
13:42 DanyC joined #salt
13:44 masterkorp slav0nic: thanks I will try that
13:46 quarcu wenxin: make a pull request
13:46 chadhs joined #salt
13:49 tpaul joined #salt
13:49 subsignal joined #salt
13:49 slav0nic masterkorp, https://github.com/saltstack/salt/pull/5920/files also check this if you want use variables
13:49 saltstackbot [#5920]title: Added note about multiline content when using file.managed.contents | Closes #5480
13:51 masterkorp slav0nic: that makes sense, maybe its the jinja template not obeying identation
13:52 rotbeard joined #salt
13:55 masterkorp saltstackbot: that works!
13:56 wenxin quarcu: But there's no upstream repository to pull request to. I didn't find any chrony-formula under saltstack-formulas.
13:57 dyasny joined #salt
14:03 dyasny joined #salt
14:03 toastedpenguin joined #salt
14:06 jdwilly2001 joined #salt
14:14 flowstat_ joined #salt
14:19 Tanta joined #salt
14:20 tkharju joined #salt
14:21 quarcu wenxin: http://saltstarters.org/example/saltstack/salt-contrib
14:22 tkharju joined #salt
14:27 slav0nic joined #salt
14:29 bhosmer joined #salt
14:32 wenxin quarcu: It seems that salt-contrib is for community modules (python code), am I right? Mine is a formula for setting up chrony (sls code), so I suppose salt-contrib is not the right place to go.
14:33 drawsmcgraw joined #salt
14:38 jdwilly2001 I am adding support to the log_file: setting in minion to support python's RotatingFileHandler would this be bug fix or new feature...
14:38 otter768 joined #salt
14:39 drawsmcgraw jdwilly2001: I'm not an authority but I'd consider it a new feature.
14:39 drawsmcgraw Either way, I don't think the label itself is all that consequential
14:39 drawsmcgraw Philosophical question for anyone in here - I need to rebuild our Opengrok installation, so I get a chance to automate everything now.
14:40 zer0def uh, quick question - how would you guys implement an compound alternative of requisites?
14:40 drawsmcgraw The question, do I Salt everything for installing/configuring Opengrok? Or do I run Opengrok in a Docker container (then have Salt manage the build/launch)?
14:40 scoates joined #salt
14:40 drawsmcgraw zer0def: You mean a requisite with more than one conditional?
14:41 zer0def drawsmcgraw: yeah, basically `do this if one of those succeed`
14:42 lukayeh joined #salt
14:42 drawsmcgraw Ah, so more of an 'or' situation?
14:43 lukayeh any idea how to set a 'random' minion name as minion id in /etc/salt/minion struggling with this one !
14:43 zer0def yup
14:43 drawsmcgraw zer0def: Are you able to paste a couple of your states that you're trying to get to work together?
14:43 zer0def i'm still piecing this together myself
14:43 drawsmcgraw I understand the concept but am having a hard time visualizing it without something a little more concrete :/
14:43 drawsmcgraw Fair enough. Able to paste what you have so far?
14:43 zer0def not really, no
14:44 drawsmcgraw heh, that's fine :)
14:44 zer0def think of it in a manner: "try pulling this file, but if that fails, run a command that generates it"
14:44 perfectsine joined #salt
14:44 zer0def actually, this is sounds a lot like an `onfail` scenario
14:44 mpanetta_ joined #salt
14:45 drawsmcgraw I was about to paste a link to that
14:45 drawsmcgraw In fact, since it's already on my clipboard - https://docs.saltstack.com/en/latest/ref/states/requisites.html#onfail
14:46 zer0def this wouldn't be the first time i'm bumping into an idea like "alternate requirements", though
14:46 zer0def but i guess `onfail` covers it, since you could just chain the damn thing
14:46 zer0def not pretty, but workable
14:46 drawsmcgraw A lot of things are not pretty...
14:47 zer0def i know, i guess i'm having a bit of a tunnel-vision problem today ;)
14:48 winsalt joined #salt
14:48 mclosson joined #salt
14:52 edrocks joined #salt
14:52 racooper joined #salt
14:56 nZac joined #salt
14:56 DanyC anyone knows how i can enable more debug/ trace so i can see the requests being made by salt using boto python module ?
15:00 mclosson I'm trying to use the freebsdjail module to restart some jails after installing certain packages on some FreeBSD systems but I'm getting an error: freebsdjail.restart is not available. - https://gist.github.com/anonymous/0f43ad4ad0541238fae1  any suggestions on what I might look for or be missing?
15:01 numkem joined #salt
15:02 numkem joined #salt
15:03 numkem joined #salt
15:04 nZac joined #salt
15:06 numkem joined #salt
15:06 andrew_v joined #salt
15:07 justanotheruser joined #salt
15:09 flowstat_ joined #salt
15:12 jaybocc2 joined #salt
15:15 winsalt DanyC, have you tried adding "-l all"
15:15 DanyC winsalt: nope, only with debug/ trace
15:15 DanyC winsalt: will give it a go now
15:16 kevinquinnyo joined #salt
15:16 nZac joined #salt
15:17 kevinquinnyo so i'm trying to eliminate all instances of hard-coded password-y things in my pillar data by using __salt__['grains.get_or_set_hash'], but for a percona xtradb cluster, i need the sst user to be the same for each node within a cluster
15:18 kevinquinnyo what's the best way for me to do that?
15:18 favadi joined #salt
15:19 kusams joined #salt
15:21 DanyC winsalt: no difference from debug/ trace/ all
15:22 winsalt then you'll probably need something like fiddler
15:24 DanyC winsalt: fiddler ?
15:24 winsalt it captures network traffic
15:24 babilen kevinquinnyo: Make it available in the mine (not that this is very secure) or send it around as event payloud
15:24 babilen *payload
15:25 kevinquinnyo i forgot all about salt mine
15:25 kevinquinnyo babilen: why is it more insecure to use salt mine than to use a grain?
15:25 babilen Because other minions have access to that data
15:26 babilen This is just wrong ...
15:26 kevinquinnyo ah
15:26 _JZ_ joined #salt
15:27 babilen I'd argue that what you *really* want is an external pillar for hashicorp vault (or something similar) or the ability to write to other (external) pillars
15:27 babilen Storing all those passwords in plain text in the minion config is just ... inviting trouble
15:28 jaybocc2 joined #salt
15:30 kevinquinnyo babilen: is it that much different that having a /root/.my.cnf file with the mysql root user pass in plain text
15:30 kevinquinnyo i guess one could argue that's also pretty insecure
15:30 favadi joined #salt
15:30 kevinquinnyo but at least it, like the grain file on the minion is owned by root
15:31 anotherZero joined #salt
15:31 DanyC winsalt: ah i see, okay will check. the error i get is not useful either http://hastebin.com/rohameziyo.vhdl
15:32 babilen kevinquinnyo: I'm totally with you on that.
15:32 zmalone joined #salt
15:33 kevinquinnyo https://github.com/saltstack/salt/issues/26236  i'm reviewing this now -- i'll consider your idea above as well
15:33 saltstackbot [#26236]title: Managing secrets / secure data with Saltstack in a bigger team | In your best practice guide there is a chapter [Storing secure data](http://docs.saltstack.com/en/latest/topics/best_practices.html#storing-secure-data)....
15:33 kevinquinnyo thanks
15:33 babilen kevinquinnyo: Yeah, I was just about to send you that link
15:35 blu_ joined #salt
15:35 chadhs joined #salt
15:35 zmalone gpg encryption in salt is tricky, and it decrypts on the master, so it doesn't really solve the problem that andygrunwald is asking about.
15:36 zmalone ryanlane's solution isn't mentioned there, but his environment is special enough (masterless salt with a custom secret store like vault) that it doesn't really apply to most cases
15:36 babilen A read and writable pillar implementation for vault would be fantastic (or just a vault.get_or_set_password() function)
15:37 zmalone the problem is that they render on the master, and vault is all predicated on the final consumer of the secrets being the one requesting them
15:37 babilen zmalone: https://github.com/saltstack/salt/issues/28793
15:37 saltstackbot [#28793]title: Enable ext_pillar for minions in master/minion mode | When using secret management systems like Confidant, it's better for minions to fetch their secrets directly, rather than having the master fetch the secrets, then distribute them to the minions. It would be nice to be able to use ext_pillar on minions directly, even if in master/minion mode (it already works in masterless). In this mode it should merge the pillars from the m
15:38 zmalone yeah, exactly
15:39 flowstat_ joined #salt
15:39 zmalone I was going to subscribe to that issue/request, then I realized I already am.
15:39 favadi joined #salt
15:39 babilen :)
15:43 Brew joined #salt
15:43 Ahlee yuck
15:44 Phoenix joined #salt
15:45 Guest27072 left #salt
15:45 irctc092 joined #salt
15:47 quarcu wenxin: yup, the url was for modules, my bad
15:47 quarcu wenxin: but on http://saltstarters.org/ at top you have add your own
15:47 quarcu so this way you can add your formula
15:50 bmcorser joined #salt
15:54 tuxx quarcu: what do you mean
15:57 debian112 joined #salt
15:58 mattiasr joined #salt
16:02 wenxin quarcu: yeah that's a good place to go, and when I clicked "add my own" I got "Internal Server Error" :)
16:05 bemehow joined #salt
16:10 quarcu wenxin: it worked for me
16:10 bemehow_ joined #salt
16:14 sdm24 joined #salt
16:15 DammitJim joined #salt
16:16 salt-lick joined #salt
16:17 wenxin quarcu: I will try tomorrow on my computer. The site looks a bit like puppetforge, and it would be nice if salt have one. And it would be even better if there's a standard for testing, versioning and dependency management. I'm new to salt, though, and don't know if salt really need these things.
16:18 salt-lick Hello - question : How can I / is it possible to use the eAuth system with key based authentication? The business goal is I do not want the auth use to use a password to get the token for REST API access. Currently - I'm using CherryPy.
16:21 marsdominion joined #salt
16:21 marsdominion joined #salt
16:24 PeterO joined #salt
16:25 zmalone wenxin: I think salt needs them, but I don't believe they exist.
16:26 mclosson joined #salt
16:26 ericof joined #salt
16:30 nafg_ joined #salt
16:31 amcorreia joined #salt
16:32 wenxin zmalone: Yeah..
16:33 denys joined #salt
16:33 zmalone I've been using serverspec/inspec with my formulas, although there isn't any formal framework for it.  kitchen-salt should be able to help, but the team I'm on had mixed luck with it.  I've never seen an equivalent of the version/dependency metadata that exists in chef, and I assume exists in puppet.
16:34 zmalone integration tests are great for catching both bugs in your sls files, and places where salt is being buggy but reporting sanely.
16:34 zmalone or rather, reporting success while failing.
16:34 zmalone ex. https://docs.saltstack.com/en/latest/topics/troubleshooting/yaml_idiosyncrasies.html#integers-are-parsed-as-integers (which shouldn't effect any recent version)
16:35 jefferyharrell joined #salt
16:37 kevinquinnyo does py renderer work for pillars?
16:38 hasues joined #salt
16:38 hasues left #salt
16:39 otter768 joined #salt
16:42 pegmanm joined #salt
16:48 kevinquinnyo http://hastebin.com/yujipanuno.tex  I really dislike trying to convert puthon data structures to YAML for pillar data.  Can someone help me figure this out?
16:48 kevinquinnyo i don't think the output in my pastebin there is going to be correct in a way that salt is happy
16:48 kevinquinnyo or is it?
16:49 AndreasLutro kevinquinnyo: it is
16:49 winsalt I think you can use the py renderer, with #!py at the top
16:49 kevinquinnyo winsalt: do i have to define a run() function like you do with an SLS using the py renderer?
16:49 conan_the_destro joined #salt
16:49 kevinquinnyo AndreasLutro: thank you
16:50 justanotheruser joined #salt
16:50 tkharju2 joined #salt
16:51 winsalt yeah i believe you use run()
16:51 kevinquinnyo thanks
16:53 tehsu anyone seen this on rackspace? The following exception was thrown by libcloud when trying to run the initial deployment: 403 Forbidden Policy doesn't allow memory_flavor:create:image_backed to be performed.
16:55 dariusjs left #salt
16:56 mattiasr joined #salt
16:57 cpowell joined #salt
16:57 akhter joined #salt
16:58 cpowell joined #salt
17:07 msx joined #salt
17:07 msx left #salt
17:08 DanyC joined #salt
17:13 wendall911 joined #salt
17:14 cyborg-one joined #salt
17:14 wendall911 left #salt
17:15 wendall911 joined #salt
17:19 DanyC left #salt
17:19 DanyC joined #salt
17:20 DanyC what do you guys understand the behaviour of this _salt.states.boto_secgroup.present_ should be? If the group exist it should do nothing, correct? Well on 2015.5.x i get this error http://hastebin.com/abuzenayav.xml Anyone is aware of any bug like this ?
17:22 bemehow joined #salt
17:22 armguy Not sure if I am not groking how purged works but does https://pastee.org/r3rnr look correct? The issue I am getting is it gives an error if the package is not already installed or in a half uninstalled state. Is this normal and I need to put it in an if?
17:23 sybix joined #salt
17:24 RandyT lorengordon: whytewolf (or anyone else who enjoys critiquing approach...) Regarding my question yesterday on state and sequential ordering/requirements.
17:24 RandyT I ended up taking the approach in this gist: https://gist.github.com/rterbush/9719d2280d19eb95d583
17:25 RandyT Still feels hacky
17:25 RandyT I'd appreciate any comments to correct misconceptions I may still have or other ways to preserve this state
17:26 RandyT Reasons for not using stateful: or cmd.script are mentioned in the gist, but mainly reservations about what I can expect from powershell...
17:26 nZac joined #salt
17:28 RandyT On a related note, I really need to figure out how to create a custom grain that would set a value taking from win_wua.get_needs_reboot
17:28 whytewolf RandyT: I would think that is still a little hacky. but a lot less hacky then you had. anyway to get the cmd.run to create the file?
17:28 RandyT Seems it would be very helpful to be able to drop a state in sls files to reboot if that grain is true.
17:29 RandyT whytewolf: I suspect there may be some way to chain command from powershell execution, but that area still a clust... to me
17:30 RandyT would be trivial with a shell environment we are all familiar with.
17:30 whytewolf RandyT: how about invoke-sqlcmd does it create a file that you can key off of?
17:31 kusams joined #salt
17:32 marsdominion joined #salt
17:32 malinoff joined #salt
17:32 hightekvagabond joined #salt
17:32 RandyT whytewolf: perhaps... I see an "out-file" command that might allow me to create a file from return
17:33 RandyT will investigate. that gap that you catch was my concern...
17:33 RandyT lorengordon: has given me some other more advanced guidance on powershell, so perhaps he has some thoughts there as well.
17:34 RandyT thanks for the tutelage
17:35 marsdomi_ joined #salt
17:35 DanyC Warnings: 'rules_egress' is an invalid keyword argument for 'boto_secgroup.present'. If you were trying to pass additional data to be used in a template context, please populate 'context' with 'key: value' pairs. Your approach will work until Salt Carbon is out. Please update your state files.
17:35 DanyC anyone is aware of this ^?
17:36 DanyC funny nothing is in the docs about the new way
17:36 DanyC lool
17:38 whytewolf RandyT: btw, about the grain. you could crreate a _grain script that just reports that key. I have seen it done, but the catch is the jinja is rendered before the state is run. so if anything triggers that grain to change during the same run then it won't run that highstate
17:38 Trauma joined #salt
17:38 rmnuvg joined #salt
17:39 whytewolf DanyC: might want to talk to Ryan Lane if he shows up. he is the expert on the boto states. although one thing I have seen him recomend a lot is to use the development modules and states vs the current stable ones.
17:39 jaybocc2 joined #salt
17:40 Ryan_Lane DanyC: rules_egress is only available in relatively new salt versions
17:40 whytewolf speak of the devil..
17:40 Ryan_Lane I have pings setup ;)
17:40 Joren_ joined #salt
17:40 whytewolf lol
17:41 DanyC whytewolf: thanks :) Ryan_Lane i'm on salt 2015.5.x hence is that considered new salt versions?
17:41 DanyC *version
17:41 bhosmer joined #salt
17:41 Ryan_Lane 2015.8 should have it
17:41 Ryan_Lane let me look
17:41 Ryan_Lane yep. 2015.8 has it
17:41 Ryan_Lane which is the current stable
17:42 DanyC Ryan_Lane: because i run like http://hastebin.com/ulojimaton.sm and it did created the Sg only that i got that warning which caught my attention
17:44 writtenoff joined #salt
17:44 RandyT whytewolf: regarding the grain, I see the challenge...
17:45 nZac joined #salt
17:45 DanyC Ryan_Lane: hence i'm confused why it works in 2015.5 if is only in 2015.8 :) (i guess nobody back ported it)
17:45 Ryan_Lane DanyC: it'll work without being able to use rules_egress
17:45 Ryan_Lane it just won't manage the egress rules
17:45 Trauma joined #salt
17:46 Ryan_Lane note that the rule you have for egress is the default
17:46 RandyT whytewolf: if the reboot_state: with grain tgt: of reboot_needed true is in a different sls , does that work, or are all sls files rendered before the highstate run?
17:46 Ryan_Lane so right now it's just being ignored
17:46 chitown joined #salt
17:46 Ryan_Lane DanyC: later, when you start using 2015.8, that'll apply and it'll ensure that egress rule is set
17:46 Ryan_Lane which hopefully matches properly :)
17:47 Ryan_Lane if you don't define rules_egress, it'll just continue using AWS's default forever. it'll just ignore the setting
17:47 DanyC Ryan_Lane: let me test to see if that is the case :) cause the SG created has the outbound rule
17:47 Ryan_Lane yeah, that's aws's default egress
17:49 DanyC Ryan_Lane: yes you are right, bugger.
17:49 izrail hi
17:49 Ryan_Lane 2015.8 is more stable anyway :)
17:50 Ryan_Lane note that I use masterless, so that may not be as true for you ;)
17:50 DanyC Ryan_Lane: well i wished i could convince my team to move / upgrade (nobody wants to bite the bullet ) :). Yes i know you are on masterless and not using salt-cloud etc etc
17:51 izrail i installed a masterless minion (2015.8.3) on ubuntu 14.04. now i want to schedule a job, but it does not run and also does not log anything, even though i have set log_level: debug
17:51 DanyC Ryan_Lane: question though - is any way i can get the boto modules for .8 and dump it into .5 ? in this case if s'thing goes wrong will be only the boto part
17:52 izrail how do i best debug this? :) i know for sure that i had this work with an earlier release on debian
17:52 DanyC Ryan_Lane: but don't know how to get the boto module and its dependencies & deploy it to minions .... if you have any tips pls let me know
17:53 Ryan_Lane yep, you can
17:53 Ryan_Lane DanyC: just like you would with custom modules
17:53 Ryan_Lane DanyC: http://ryandlane.com/blog/2015/06/03/using-development-branch-saltstack-python-modules-in-the-stable-release/
17:54 Ryan_Lane that's how to do it for masterless
17:54 Ryan_Lane I think you need to put it into your _modules and _states directories or something like that?
17:55 jaybocc2 joined #salt
17:56 Ryan_Lane I'm sure salt's docs must mention this somewhere :)
17:56 whytewolf Ryan_Lane: DanyC: yeap pretty simple. states go in _states off the file_roots and modules go in _modules off of file roots. then a saltutil.sync_all and blamo updated modules and states
17:56 Ryan_Lane oh....
17:56 Ryan_Lane I wonder if this will work
17:57 Ryan_Lane does 2015.8 have support for __utils__?
17:57 izrail anyone? help? :)
17:57 marsdominion joined #salt
17:57 izrail this is my configuration: https://paste.linuxlounge.net/?e928f09da8594b29#rrDlmVjBx6w3GOQaJfiobn1KIyJZ3GKLvJlIIkUKKoo=
17:57 Ryan_Lane oh, good 2015.8's version doesn't use __utils__
17:57 izrail the job never runs and nothing gets logged
17:57 izrail is there any known issue?
17:57 Ryan_Lane wait. I take it back. it does
17:58 whytewolf izrail: sorry I'm not sure how the scheduler works with masterless configs.
17:58 izrail uhm, so this might actually make the difference?
17:58 DanyC Ryan_Lane: thx for the blog link, will try that
17:58 izrail i'll go try to install a local master then
17:58 Ryan_Lane DanyC: I think the 2015.8 version of the modules requires a feature that doesn't exist in 2015.5
17:58 whytewolf izrail: I'm sure it does work. I'm just not sure how.
17:59 DanyC whytewolf: so if i use salt-cloud do i put the _states/ _grains/ _modules in the cloud profiles or in the salt master and then salt cloud during the minion bootstrap process copy over the custom stuff ?
17:59 DanyC Ryan_Lane: oh damn, so i can't use it then ?
18:00 Ryan_Lane yeah. I think you can't
18:00 nZac joined #salt
18:00 Ryan_Lane DanyC: that said... do you need to control egress rules?
18:00 whytewolf DanyC: in theory. if the modules worked yes.
18:00 izrail i don't beleive this! install a master, echo "127.0.0.1 salt" to /etc/hosts, salt-key -A
18:00 Ryan_Lane whytewolf: __utils__ was added in 2015.8
18:00 Ryan_Lane and boto_secgroup uses __utils__ in those modules
18:01 izrail and the job already ran before i was able to check the logs
18:01 Ryan_Lane so it's not backwards compat :(
18:01 izrail whytewolf thx for the hint :)
18:01 izrail interesting, however ...
18:01 nZac joined #salt
18:01 izrail maybe this behaviour should at least be documented
18:02 Ryan_Lane DanyC: you may be able to slightly modify the module to make it work.
18:02 whytewolf izrail: well your not truley masterless at that point. and I am sure that it is possable to do schedule without a master
18:02 colegatron I am getting a "Specified SLS '/srv/pillar/configuration' in environment 'base' is not available on the salt master" but it is there, as you can see (https://paste.debian.net/hidden/558af67b/). Just upgraded to 2015.8.3. Any idea which could be the problem?
18:02 DanyC Ryan_Lane: really? all ears/ hints
18:02 colegatron it is a masterless configuration, no idea why it says 'not available on the salt master'
18:03 Ryan_Lane hm. well, it's probably a massive pain in the ass
18:03 izrail whytewolf yeah, but having a local master is ok for me as long as the scheduler works :)
18:03 DanyC whytewolf: right, i can do/ dump other stuff like that then in salt master and let it do the work
18:03 DanyC Ryan_Lane: ah okay, i'll give up then
18:03 linjan joined #salt
18:03 Ryan_Lane yeah. utils/boto.py needs to exist
18:03 izrail interestingly, the file /etc/salt/minion.d/_schedule.conf first appeared when i added the minions key to the master
18:04 Ryan_Lane so you'd need to modify your salt on whichever node needs it
18:04 whytewolf izrail: thats what the master does to create schedule jobs
18:04 DanyC Ryan_Lane: can u give me the full path for the utils/boto.py ?
18:04 Ryan_Lane in the repo: salt/utils
18:04 Ryan_Lane I don't know about on systems. I install frozen virtualenvs
18:05 DanyC Ryan_Lane: ah okay, :)  glad you pick up the easy path :)))
18:05 Ryan_Lane heh
18:05 Ryan_Lane well, it's easier for us because we maintain our own stable branch of salt
18:05 Ryan_Lane and we include a ton of python dependencies for our custom modules
18:06 lorengordon RandyT: `shell: powershell` on cmd.run allows the `name` parameter to specify powershell commands directly
18:06 Ryan_Lane if you upgrade to 2015.8 all of the develop branch boto modules are backwards compat ;)
18:07 whytewolf DanyC: <saltpath {ubuntu: /usr/lib/python2.7/dist-packages/salt} >/utils
18:07 mattiasr joined #salt
18:07 lorengordon RandyT: and in powershell, you can use ';' to chain commands
18:07 DanyC Ryan_Lane: i guess i'll have to turn into a pre-sales chap and convince people
18:07 DanyC whytewolf: thanks !
18:08 Ryan_Lane it's easier to upgrade every release than to skip releases :)
18:08 Ryan_Lane the more stuff that changes the harder it is to move
18:08 whytewolf the more likely things are to break.
18:09 thekingofbandit joined #salt
18:11 lorengordon RandyT: `if` and `try` blocks in powershell both work to help determine state, and most commands accept `-ErrorAction Stop` to throw an exception if there is a problem
18:13 foundatron joined #salt
18:14 RandyT lorengordon: thanks, I really only need to run invoke-sqlcmd with inputfile, so trying to avoid developing a complete script to do this (perhaps a mistake). I'm going to give the pipe to out-file a try to see if I can tighten that up a bit more. Dreaming of getting off of this platform...
18:16 ex-cowboy joined #salt
18:18 Fiber^ joined #salt
18:20 shaggy_surfer joined #salt
18:20 mclosson Why would a module && module function be available when called directly from the salt command line, but not when called from an SLS file?
18:21 Kelsar joined #salt
18:21 whytewolf mclosson: that would be a state vs a exacution module.
18:22 whytewolf mclosson: whats the module.function
18:22 babilen (but you can call execution functions from a state)
18:22 babilen What are you trying to do?
18:22 mclosson trying to do jail.restart or jail.* from within a state
18:23 mclosson jail being the __virtualname__ for freebsdjail
18:24 mclosson I'll go read up on execution vs state modules, thanks for the pointers!
18:25 babilen https://docs.saltstack.com/en/latest/ref/states/all/salt.states.module.html#salt.states.module.run -- not sure if there's a state for freebsdjails already
18:25 whytewolf mclosson: looks like there is not a state module for that module. you can run it with module.run
18:25 marsdominion joined #salt
18:27 mclosson whytewolf: okay thanks, I didn't realize there was a distinction before.  So I take it state is more like the abstract high level task are trying to accomplish and execution is basically its platform specific implementation details when it differs, or something like that.
18:27 akhter joined #salt
18:28 DanyC joined #salt
18:28 whytewolf mclosson: states are meant to be more ... stateful. they tend to use already exisiting exacution modules to gather data and run based on that info
18:28 marsdominion joined #salt
18:28 marsdominion joined #salt
18:30 shaggy_surfer joined #salt
18:32 akhter joined #salt
18:33 baweaver joined #salt
18:33 jfindlay I like to think of it as execution modules abstract away all of the platform- and implementation-specific details into a common, uniform interface with which state modules are able to statefully manage systems in a consistent manner
18:33 flowstat_ joined #salt
18:34 Striki joined #salt
18:34 colegatron ok. fixed. was a stupid mistake. 2015.5.3 did not shown any error when running states but 2015.8.3 does.
18:35 cliluw joined #salt
18:36 colegatron I am thinking to take the official training for saltstack. Do anyone took it? Would be nice to hear any history advice. I think it is very expensive and I'm not sure if it really worths the pay.
18:38 ranomore1 colegatron: It is worth it, and more econimical at SaltConf.
18:39 jfindlay saltconf is a great place to gather all kinds of salt related knowledge and advice
18:39 ranomore1 although they changed the SaltConf pricing this year so you have to stay at the Grand America Hotel for three nights to get the free training. :)
18:40 otter768 joined #salt
18:40 shaggy_surfer joined #salt
18:46 forrest joined #salt
18:46 forrest sdm24, I received my shirt yesterday as a heads up
18:46 sdm24 forrest: yeah mine arrived two days ago! woohoo
18:46 forrest Nice
18:47 herlo joined #salt
18:47 sdm24 forrest: I forgot to tell you haha
18:47 forrest All good!
18:47 herlo forrest: !!!
18:47 forrest hey herl
18:47 forrest hey herlo
18:48 herlo how goes it man?
18:48 forrest can't hit tab this morning apparently
18:48 herlo lol
18:48 forrest Pretty good, still on the hunt for jobs :) You?
18:48 herlo nw
18:48 herlo Oh, you are looking for work?
18:48 shaggy_surfer joined #salt
18:48 forrest Yup
18:48 herlo I'm working on a problem with a salt sls file that I'm trying to wrap my brain around. Pretty easy thouhg.
18:48 whytewolf who isn't :P
18:48 herlo though
18:48 herlo whytewolf: not me
18:48 herlo work comes looking for me. :)
18:49 whytewolf herlo: work comes to me also. just not work i actually want
18:49 herlo quick question. What is the easiest way to get a name for pkg.installed to differentiate between distro?
18:49 herlo whytewolf: lol. I have that, too.
18:49 forrest herlo, I'd check against the os grain if you aren't using a map.jinja file already
18:50 whytewolf herlo: https://docs.saltstack.com/en/latest/topics/development/conventions/formulas.html#abstracting-static-defaults-into-a-lookup-table
18:50 herlo forrest: I *could* do that, but I was hoping for something simpler.
18:50 whytewolf herlo: forrest's idea is simpler then map.jinja
18:50 herlo It's a simple vagrant provisioner. Turns out the difference is between centos6 and centos7
18:51 forrest herlo, Then just do a grain check {% if salt['grains.get']('os') == 'Debian' %} blah {% else %} blah blah {% endif %}
18:51 forrest ahh
18:51 forrest I don't think you can use the os_famil grain there.
18:51 herlo well, this seems a bit complex for something simple I'm trying to do.
18:51 forrest so you might have to double check which grain
18:51 jfindlay herlo: don't drink or drive
18:51 forrest the if statement stuff does?
18:51 jdipierro joined #salt
18:51 herlo I was hoping to put in a simple jinja bit around 'name'
18:52 herlo but a map.jinja seems way overkill for this purpose.
18:52 forrest I don't think so, your map.jinja could be 5 lines
18:52 forrest maybe 6
18:52 herlo heh
18:52 antpa joined #salt
18:52 forrest But yeah, simplist way I can think is the if statement check if you don't want to do that.
18:53 forrest unless you set a grain on the system based on the distro or something, but that's more work
18:53 herlo what's the grain for distro version?
18:53 jfindlay osmajorrelease
18:53 forrest yup
18:53 ageorgop joined #salt
18:54 herlo so I put something like 'name: {% if salt['grains.get']('os') == 'Debian' %} blah {% else %} blah blah {% endif %}?
18:54 jfindlay herlo: I might do something like this: https://github.com/saltstack/salt-pkg-tests/blob/master/test_install/ss_repo/rhel.sls#L5 (well, I guess I did do it there) so the jinja grain logic doesn't confuse the sls data
18:54 flowstat_ joined #salt
18:54 forrest yeah a set could work as well
18:55 forrest herlo, I'd put structure it so - name: gets used twice, otherwise it might be confusing to look at.
18:55 jfindlay and then later you only need to check `{% if on_rhel_5 %} ...`
18:55 herlo yeah, okay.
18:55 whytewolf I would use a set. that way name is just - name: {{ package_name }}
18:55 cberndt joined #salt
18:58 herlo jfindlay: Rendering SLS 'base:core' failed: Jinja variable 'os_family' is undefined
18:58 colegatron joined #salt
18:58 herlo I only have salt-minion installed, but shouldn't that grain be there?
18:58 denys joined #salt
18:59 jdipierro @herlo Did you copy the line that pulls the grain into a jinja variable? {% set os_family = salt['grains.get']('os_family', '')  %}
18:59 herlo yes
18:59 ajw0100 joined #salt
18:59 forrest herlo, Do a salt-call grains.ls
18:59 herlo oh, not that line.
18:59 * herlo runs again
19:00 jdipierro If you copied his on_rhel_5 line exactly you'll need this too: {% set os_major_release = salt['grains.get']('osmajorrelease', '') %}
19:00 forrest yeah os_family is just going to return RedHat
19:00 forrest need to use majorrelease.
19:00 jfindlay yeah, sorry for not being very clear
19:01 jfindlay herlo: are you still working on salt-vagrant or whatever it is going to be called?
19:01 herlo jfindlay: not right now.
19:01 herlo yeah, I found the majorrelease problem, too. :)
19:01 jfindlay or rather, when are you going to come over again and hack? :-)
19:01 herlo all fixed so far.
19:01 herlo jfindlay: yes, I'd like to. Probably after the holidays though.
19:02 jfindlay cool
19:02 eyeball_ joined #salt
19:04 hackel joined #salt
19:05 herlo what have I got wrong here now? http://ur1.ca/ocjdi
19:05 baweaver joined #salt
19:05 herlo I get an error: Rendering SLS 'base:core' failed: mapping values are not allowed here; line 14
19:05 herlo forrest: jfindlay ^^
19:05 eyeball_ hi folks i have a newbie question that i'm sure has been asked lots before but I can't seem to find an answer on google.. basically I have some shell scripts that only needs to run once. there are no services associated with them so I don't think a watch statement works here.
19:05 AndreasLutro missing a colon after pkg.installed on line 11
19:05 AndreasLutro and a -  on line 14
19:06 herlo AndreasLutro: ahh, yes.
19:06 forrest eyeball_, use cmd.script combined with - unless: bash check here
19:07 whytewolf eyeball_: if the script also creates a file you can use creates with cmd.script also
19:08 giantlock joined #salt
19:08 deus_ex joined #salt
19:09 eyeball_ thx
19:12 solidsnack joined #salt
19:13 herlo forrest: jfindlay: got it working, this is what worked for me. http://ur1.ca/ocjdy
19:13 forrest cool
19:14 herlo this feels very much like writing spec files. :)
19:14 foundatron Hi, I've been banging my head with the best way to get to automate minion/master key dance. The preseed strategy w/ iam roles to pass creds seems good, but running a script on the master that automatically creates a minion folder and adds a public key (step 2) to it seems janky... how are folks automating this?
19:14 foundatron https://docs.saltstack.com/en/latest/topics/tutorials/preseed_key.html
19:16 foundatron and then what about cleanup?
19:17 flowstat_ joined #salt
19:17 colegatron ranomore1, I'm not going to saltconf, it would be expensier than the training :)
19:17 justanotheruser joined #salt
19:19 ranomore1 haha
19:20 bhosmer__ joined #salt
19:22 cberndt joined #salt
19:23 ranomore1 I was hoping to have a little bacon or sausage with my breakfast, but other than that SaltConf was well worth it. :)
19:23 tiadobatima joined #salt
19:23 ranomore1 but the training is excellent, wherever you take it.
19:25 armguy Would it be a bug using purged like this https://pastee.org/r3rnr if I get an error that it fails when it runs against something where there is nothing to remove or purge? Or am I not getting how purged should be used?
19:26 zmalone armguy: it might already be reported, ex. https://github.com/saltstack/salt/issues/25670
19:26 saltstackbot [#25670]title: pkg.purged fails on some packages but not others (none are installed) | Running SaltStack (master & minion) v2015.5.2 on Ubuntu 14.04.2 (fully updated)...
19:27 zmalone (I've had those issues with some packages)
19:27 armguy zmalone~ Thanks my googlefu was failing me searching.
19:27 zmalone I ended up cmd.run-ing the apt command I wanted to be run and working around it
19:28 armguy Ahh good idea. Thanks that should solve my issue in the mean time. Will see if I can contribute to the bug as well.
19:31 solidsnack joined #salt
19:32 flowstat_ joined #salt
19:36 elsmo joined #salt
19:38 kevinquinnyo can anyone think of a reason service.running in pkg.installed is being ignored?  I've verified that the init script returns non-zero for it's status command
19:39 gekitsuu joined #salt
19:40 DanyC joined #salt
19:40 kevinquinnyo https://gist.github.com/kevinquinnyo/55f1442c2895b9f7b14b <-- here.  service.running seems to be being ignored, any ideas?  would you need to see my cache.varnish.config state?
19:42 gekitsuu I'm writing a formula for mariadb. I have .sls files and .py files (to support new salt states like mariadb.user_present). What is the correct way to bundle the two so someone can use the mariadb-formula that includes both the .sls and .py files. in saltstack-formulas I see lots of repos but I haven't found any examples yet that include .py files
19:42 flowstat_ joined #salt
19:42 whytewolf gekitsuu: typically you put them in _modules and _states in your repo.
19:43 gekitsuu OK I'll give that a shot, thanks!
19:43 buhman gekitsuu: that sounds really cool
19:43 iggy gekitsuu: the postgres one does
19:44 buhman way better than https://github.com/saltstack-formulas/mysql-formula/blob/master/mysql/database.sls#L41 surely
19:44 whytewolf gekitsuu: one question. doesn't mariadb us most of the same functions as mysql. so shouldn't the mysql modules and states already work?
19:44 cberndt joined #salt
19:45 gekitsuu As a user they are pretty much the same but they have different repositories, file names in some cases, there are some features in maria that aren't in mysql
19:45 gekitsuu I felt like it was better to make a new formula than ad a more "If's" to the mysql formula
19:45 AndreasLutro I use the same state for mysql and mariadb
19:46 whytewolf yeah i was alsking about the already existing states for mysql. which don't use the filenames/repos they just use pymysql to connect
19:48 gekitsuu whytewolf: for install though you have to different package names and repos. After that they end up being pretty similar
19:48 gekitsuu have to use
19:49 whytewolf gekitsuu: I'm not talking about the need for a formula. I'm talkiing about you create _states and _modules
19:49 gekitsuu ahhh ok
19:49 gekitsuu sorry
19:49 gekitsuu I don't see _states or _modules in the mysql-formula https://github.com/saltstack-formulas/mysql-formula/tree/master/mysql
19:50 whytewolf gekitsuu: thats because there are already mysql states and modules built into salt
19:51 whytewolf gekitsuu: https://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.mysql.html https://docs.saltstack.com/en/latest/ref/states/all/salt.states.mysql_database.html#module-salt.states.mysql_database https://docs.saltstack.com/en/latest/ref/states/all/salt.states.mysql_grants.html#module-salt.states.mysql_grants https://docs.saltstack.com/en/latest/ref/states/all/salt.states.mysql_query.html#module-salt.states.mysql_query https://docs.saltstack.com/e
19:51 gekitsuu DANGIT I totally missed that
19:51 gekitsuu lol
19:52 gekitsuu OK I'll take a look at these, they're probably better than what I've done so far. Thanks
19:52 solidsnack joined #salt
19:52 whytewolf no problem. just thought i would save you some work
20:00 hightekvagabond joined #salt
20:02 flowstat_ hello all
20:03 AlberTUX joined #salt
20:04 mpanetta_ joined #salt
20:10 LondonAppDev__ joined #salt
20:10 nZac joined #salt
20:10 solidsnack joined #salt
20:12 morissette Hmmm
20:12 morissette How long does micro instance usually take to provision?
20:12 morissette I've got this: http://paste.linux.chat/view/e6db1778
20:12 morissette been hung here for like 4 mins
20:15 flowstat_ has anyone orchestrated replacing old nodes behind an ELB once the new ones are up and running?
20:15 flowstat_ (masterless?)
20:16 cpowell joined #salt
20:18 baweaver joined #salt
20:19 solidsnack joined #salt
20:21 s_kunk joined #salt
20:23 nZac joined #salt
20:26 ahammond @basepi @jfindlay can one of you guys please update the "2015.8.1 is the latest"? :)
20:27 morissette looks like the issue was ssh :)
20:27 solidsnack joined #salt
20:27 ahammond flowstat_ I'm not aware of any orchestration that can be done in a masterless environment.
20:28 tawm04 joined #salt
20:28 flowstat_ I'm using the boto modules in jenkins to spin up minions which set themselves up by downloading the required state as an artifact
20:29 flowstat_ all that works, right up until I have to add the new versions to their ELB, and remove the old ones
20:29 thalleralexander joined #salt
20:30 flowstat_ I haven't explored just standing up a new ELB and doing some naming trickery to move people to the new one, mainly because that's not how we do it now, and I'm worried about people's sessions being dropped
20:30 flowstat_ but I'm at a bit of a brick wall atm
20:31 tpaul I'm looking for the salt documentation that shows how to use various modules in the sls files, I can only find the documentation on how to use the modules from the command line.
20:32 AndreasLutro tpaul: {{ salt['module.function']() }} or {% if salt['module.function']() %}
20:32 kevinquinnyo i'm getting an error in the file.managed module.  Comment: contents_piullar ...REDACTED CONTENTS HERE... results in empty contents
20:32 kevinquinnyo contents_pillar rather
20:33 kevinquinnyo error makes no sense
20:33 solidsna_ joined #salt
20:34 tpaul AndreasLutro: I'm not sure if you meant to sent that to someone else or if I don't understand your response
20:34 whytewolf there is also {{ salt.module.function() }} which i find cleaner then salt['module.function']() or module.run if you are just looking to run an exacution module in a state instead of do jinja fanciness
20:35 flowstat_ hey whytewolf, can you think of a way in a masterless setup to remove old instances from an ELB after your new ones have added themselves?
20:35 flowstat_ my brain keeps saying 'reactor', but that doesn't really apply here
20:36 marsdominion joined #salt
20:36 marsdominion joined #salt
20:36 kevinquinnyo oh nm on my question, it was looking for a pillar key with the REDACTED CONTENTS... i think what i need is contents, not pillar_contents
20:36 tpaul I'm looking for the docs that detail how to use modules in sls files, for example, how to use the cron module in an init.sls file
20:36 whytewolf tpaul: https://docs.saltstack.com/en/latest/ref/states/all/salt.states.cron.html
20:36 whytewolf tpaul: it helps to look at the state modules when dealing with sls files
20:37 tpaul whytewolf: thank you! I can never find the states section when looking for it for some reason
20:37 jfindlay ahammond: where?
20:37 whytewolf flowstat_: a reactor actually would be the best thing for that :/
20:37 jfindlay in the docs?
20:38 flowstat_ hmm, maybe I could do it in jenkins
20:38 marsdominion joined #salt
20:38 marsdominion joined #salt
20:38 whytewolf tpaul: https://docs.saltstack.com/en/latest/salt-modindex.html look under s. or use salt-call sys.state_doc
20:38 RandyT lorengordon: just noticed your script example in gist. very cool. thanks once again for the education
20:39 lorengordon RandyT: np, hit me up if you have any questions or problems
20:39 viq joined #salt
20:39 flowstat_ wait, can you only run reactor on a master?
20:40 whytewolf flowstat_: yes, it is one of the feature requests to be able to do masterless reactors. but currently is not there yet
20:40 flowstat_ welp, I'm screwed
20:40 flowstat_ good thing I only spent 2 weeks implementing all of this
20:40 ahammond @jfindlay announce message for the channel
20:40 otter768 joined #salt
20:41 whytewolf jfindlay: i think he means channel title
20:42 whytewolf flowstat_: well it is time to think creativly.
20:42 flowstat_ so the requirement is:
20:42 flowstat_ new nodes come up.
20:42 flowstat_ if successful, get added to ELB.
20:43 Topic for #salt is now Welcome to #salt | 2015.8.3 is the latest | Please use https://gist.github.com for code, don't paste directly into the channel | Please be patient when asking questions as we are volunteers and may not have immediate answers | Channel logs are available at http://irclog.perlgeek.de/salt/
20:43 shaggy_surfer joined #salt
20:43 viq1 joined #salt
20:43 jfindlay ahammond, whytewolf: thanks :-)
20:43 flowstat_ then remove the old ones from the ELB (or just from the naming, or whatever) in such a way that we don't interrupt peoples' sessions
20:43 moogyver joined #salt
20:43 flowstat_ because the only state in our app is in their session
20:43 whytewolf flowstat_: adding to the ELB is easy. just have the minion add it's self when it comes up
20:44 jfindlay one more thing to add to the release checklist
20:44 flowstat_ yep, that part's not a problem
20:44 flowstat_ :D
20:44 whytewolf I would have done this with autoscale since it has the ability to auto add and remove to the ELB
20:45 flowstat_ I do have an ASG, but I've turned off the automatic addition to the ELB so that I only add them on successful bootstrap
20:45 whytewolf but anyway. you could have the minion send some kind of signal to jenkins when it is finished and up to run another script that removes old minions
20:45 whytewolf doesn't HAVE to be salt event driven
20:46 flowstat_ yeah, I'm just trying to minimize the footprint
20:46 fredvd joined #salt
20:46 flowstat_ but I think that may be the only option
20:46 flowstat_ basically, give it some way to kick off a post-bootstrap event / hook
20:46 whytewolf yeah
20:46 flowstat_ abstracted away so that if I can get masterless reactor soon, I can just change it
20:46 flowstat_ whytewolf, you so sexy
20:47 whytewolf lol.
20:47 flowstat_ srsly though, thanks for the help
20:47 flowstat_ beeteedubs, if you see that dude back in here who dropped salt altogether because he thought he couldn't make EBS volumes
20:47 whytewolf no problem. it's what i do. think of new boxes so i can think outside them
20:47 flowstat_ it's totally possible
20:48 flowstat_ all you do is set the block device mappings in your launch config
20:48 flowstat_ follow the general boto documentation to know what attributes to give it
20:49 whytewolf very nice. if he dropped salt altogether cause of hitting a wall and not bothering to look deeper into it. most likely was a troll to begin with
20:50 flowstat_ yeah, I just rage at the world for 30 seconds, then find another engineer and get to a solution. Rinse, repeat
20:52 RandyT is it possible to render a string in a state file using some python? something like {{ data['id'].re.match('\w+\..*').translate('.','-').upper() }} ??
20:53 whytewolf RandyT: you are hitting the ends of jinja at that point. you will need to switch to a different render at that point
20:53 RandyT not finding anything in the docs..
20:53 RandyT ruby??
20:53 RandyT :-)
20:53 whytewolf RandyT: lol, no. python
20:54 * baweaver may have made a ruby salt gem
20:54 RandyT oooh...
20:54 * baweaver also hasn't been able to opensource it yet
20:54 RandyT whytewolf: will have a look at renderers
20:54 * baweaver grumbles
20:54 RandyT dang
20:55 baweaver Apparently we get clearance to OS stuff by end of year
20:55 baweaver so we'll see
20:55 ViciousLove joined #salt
20:55 RandyT baweaver: where would I see that if it appeared?
20:56 baweaver don't have a repo yet
20:56 pegmanm joined #salt
20:56 baweaver but expect to see something on my twitter @keystonelemur or over on SNEI Engineering blogs
20:56 RandyT baweaver: cool, thanks I will watch. It would make the world a better place... :-)
20:57 baweaver I have a lot I want to get out
20:57 baweaver and a lot more I want to contribute back to
20:57 baweaver almost there....
21:05 baweaver noted that it's only a rest interface, but it'd be enough to start with at least.
21:05 mephx joined #salt
21:07 rotbart joined #salt
21:12 GreatSnoopy joined #salt
21:18 hightekvagabond joined #salt
21:20 TyrfingMjolnir joined #salt
21:22 shaggy_surfer What GUI tools do you recommend using w/ salt-api?  I searched the net and found saltpad and foreman, but not sure on the community take on this.
21:22 shaggy_surfer if we for say wanted to integrate eauth of ldap and permissions based usage using a gui, what would you recommend?
21:23 herlo left #salt
21:23 shaggy_surfer I got the salt-api running and tested.  I know there is a jenkins salt-api plugin too
21:23 shaggy_surfer anything else I should look at?
21:24 whytewolf for gui i would suggest either saltpad. or getting the enterprise version of salt which has it's own gui [that is supported by saltstack]
21:25 akhter joined #salt
21:26 shaggy_surfer ok, let me check out the enterprise version pricing. thx.
21:27 marsdominion joined #salt
21:28 ekristen joined #salt
21:29 TyrfingMjolnir joined #salt
21:30 cliluw joined #salt
21:31 baweaver joined #salt
21:32 LondonAppDev Hey guys, if I need to set the mysql.host and mysql.user in the minion config, how can I provision the initial root passowrd when I first install MySQL with Salt?
21:32 whytewolf LondonAppDev: what distro?
21:33 LondonAppDev whytewolf: Debian Jessie.
21:33 whytewolf humm. I belive but i am not sure that they use the debconf tools also.
21:34 LondonAppDev I'm actually using MariaDB but it works the same as MySQL. I got it to install and I can get it to set the initial root password on first install, but then it doesn't work after that.
21:35 RandyT so I've written my first python state and am getting an error. https://gist.github.com/rterbush/486ff95f6b9e1fa109a9
21:35 RandyT The same salt command applied at the command line works.
21:35 tpaul Anyone know how I can write to the minion's log file from within a module? I'm trying to debug why a state is is failing
21:36 RandyT comments appreciated on anything that can be done more cleanly in that python
21:36 whytewolf LondonAppDev: this is what i use to install mysql on ubuntu [should be about the same for debian] https://gist.github.com/whytewolf/6526bfc300ba8f583be6 and actually use the mysql.default_file setting and use the debian maint user
21:36 RandyT are there salt classes I need to import?
21:36 whytewolf LondonAppDev: mysql.default_file: '/etc/mysql/debian.cnf'
21:38 whytewolf LondonAppDev: also, I use a pillar file instead of setting it up in the minion config. saves me on reboots
21:38 tpaul nvm, just needed to import logging and init
21:39 marsdominion joined #salt
21:39 whytewolf LondonAppDev: of coarse I'm on ubuntu. but the setup should be close
21:43 TyrfingMjolnir joined #salt
21:45 DanyC joined #salt
21:46 aidalgol joined #salt
21:47 jhauser joined #salt
21:49 linjan joined #salt
21:51 LondonAppDev whytewolf: fantastic, thank you! appreciate it.
21:51 beardedeagle joined #salt
21:57 Rumbles joined #salt
21:58 scooby2 joined #salt
21:58 RandyT https://gist.github.com/rterbush/486ff95f6b9e1fa109a9
21:58 RandyT I've tried this both as py renderer and pydsl. Same result
21:59 solidsnack joined #salt
22:00 RandyT Here is a thought, does my minion need to have python installed outside of what is available in the minion namespace?
22:01 ahammond our salt master has a pretty high load. I was looking at salt-syndic. will this help us offload some of the load from the master?
22:01 whytewolf RandyT:it looks like it is trying to work. however system.set_computer_name isn't a state it is a exacution module
22:01 akhter joined #salt
22:01 iggy ^
22:01 edrocks joined #salt
22:02 RandyT ah.
22:02 * RandyT smack
22:02 Trauma joined #salt
22:02 ahammond also, we're running 0mq and looking at switching over to raet to reduce our load. how much of an improvement would this be?
22:02 marsdominion joined #salt
22:02 marsdominion joined #salt
22:03 iggy ahammond: depends what's causing the load really... how many minions?
22:03 iggy returner setup? job cache?
22:04 ahammond iggy about 450 minions
22:04 ahammond iggy default returner / job cache stuff (we haven't configured anything there)
22:04 beardedeagle ugh jenkins saltstack plugin is pissing me off
22:04 zmalone I was under the impression that raet was on the way out
22:05 solidsnack joined #salt
22:05 ahammond zmalone news to me, it was the big new thing at saltconf last year
22:05 iggy probably not on the way out, but it probably won't become the default ever either
22:05 zmalone it hasn't seen any salt contributions since early this year, and tornado was announced.
22:06 iggy there's a new raw tcp transport that has more hope of becoming the default at some point
22:06 whytewolf raet kind of hit the back burner when UDP was found to require a lot of reengineering
22:06 bruce549 joined #salt
22:07 v0rtex I think someone was saying that the focus was more on the TCP transport - I could be wrong though: https://docs.saltstack.com/en/latest/topics/transports/tcp.html
22:07 whytewolf tornado
22:07 whytewolf it's the new hottness
22:07 ahammond that makes me glad we haven't switched over. so... to get the load down on our salt master some time this month... syndics? or tornado?
22:08 v0rtex ahh, I see
22:08 iggy ahammond: C. proper diagnosing of the problem
22:08 whytewolf ^
22:08 marsdominion joined #salt
22:08 zmalone I would probably avoid tornado too right now, it's in stable, but there were release notes surrounding it when it was added that it had problems on most platforms
22:09 whytewolf zmalone: which is why it isn't the default yet either
22:09 zmalone sticking with 0mq will at least keep you on the beaten path, while raet/tornado will probably just add to your problems
22:09 kitplummer joined #salt
22:10 zmalone (unless you are looking for a reason to dig into either, in which case, have fun)
22:10 kitplummer left #salt
22:10 keimlink joined #salt
22:10 jfindlay the tcp transport is getting better although still not quite to the level of 0mq
22:11 jfindlay also tornado is now a core salt dep and is used for more async purposes than only transport
22:11 DanyC joined #salt
22:13 whytewolf ahammond: how beefy is your salt master currently?
22:13 jfindlay also https://docs.python.org/dev/whatsnew/3.5.html#pep-492-coroutines-with-async-and-await-syntax
22:15 dyasny joined #salt
22:16 PeterO joined #salt
22:21 LondonAppDev Something I observed... When learning new languages and technologies, I think *I wonder if this will work?* and I try it, and it doens't work so I need to try again or read the docs or something. For some reason, with Salt, everything I try thinking *Hmmm I wonder if this will work...*, it just seems to work :) I guess it's just really intutive. Thanks guys!
22:28 sdm24 LondonAppDev: until you do find something that doesn't work haha
22:28 shaggy_surfer joined #salt
22:29 sdm24 but yeah, the main reason I chose salt over other config managers was because it was the simplest to get doing the basics
22:30 cpowell_ joined #salt
22:30 marsdominion joined #salt
22:32 diegows joined #salt
22:33 AlberTUX joined #salt
22:37 abednarik joined #salt
22:40 flowstat_ joined #salt
22:41 otter768 joined #salt
22:43 DanyC_ joined #salt
22:43 marsdominion joined #salt
22:44 nafg joined #salt
22:44 aidalgol joined #salt
22:44 Ashald_ Hey guys
22:45 Ashald_ Another question :)
22:45 Ashald_ I have Master of Masters and 2 syndics, let's say X and Y
22:45 Ashald_ These syndics are hosted under different AWS accounts and have permissions specific to these accounts (through IAM roles)
22:46 Ashald_ This is what I want to setup
22:46 Ashald_ The question is whether it will work in terms of permissions
22:46 flowstat_ joined #salt
22:47 Ashald_ So if I execute an orchestration runner through Master of Masters, where credentials are resolved? On Master of Masters? Or on syndics closest to minions?
22:47 Trauma_ joined #salt
22:48 DanyC_ Ryan_Lane: in case you are still around, have a quick q about boto_secgroup: so if the boto state gets applied on a VM already up with a default SG, following the state apply will the VM be mapped to the new SG?
22:48 Ryan_Lane hm. not sure.
22:48 ahammond whytewolf 8 cores, 8gb of ram
22:49 Ryan_Lane DanyC_: you mean, if you modify a vm's secgroups?
22:49 Ryan_Lane or do you mean if a secgroup's rules are changed?
22:49 Ryan_Lane if the rules are changed, it's automatically applied
22:50 ahammond whytewolf er, sorry, was looking at the wrong server. 16GB of memory, 8 cores
22:50 DanyC_ Ryan_Lane: the former one. the use case is simple: i spun up my VM using salt cloud profile which map the VM to a default SG, following the boto state i want to change the default SG with the new one
22:50 Ryan_Lane DanyC_: I know previously that AWS didn't allow that
22:51 whytewolf ahammond: that should defintly be enough to handle the number of minions you said. I would do what iggy sugests and look into the why.
22:51 Ryan_Lane I think that may have changed, but the boto_secgroup state wouldn't matter there
22:51 Ryan_Lane you'd need salt-cloud to support it
22:51 ahammond ok. vmstat says cpu is roughly 90% in wait state.
22:51 Ryan_Lane since you change the secgroup on the vm
22:52 iggy ahammond: if that's disk, then you might be having issues with the job cache
22:53 ahammond iggy I'll take a look
22:53 druonysus joined #salt
22:53 druonysus joined #salt
22:53 DanyC_ Ryan_Lane: hmm .. cause i wanted to say - for the VMs which are exposed/ behind the AWS Elb, change the default SG following highstate (and achieve that using boto_secgroup)
22:54 kitplumm_ joined #salt
22:54 kitplumm_ left #salt
22:56 DanyC_ Ryan_Lane: otherwise i need to create its own SG from the cloud profile & have a dedicated profile for this type of VMs ...when i could have achieved directly from within the VM
22:58 ahammond iggy iostat -x says disk utilization is only 8% on both sda and sdb (the two halves of md2, which is a raid1 mount for /)
22:58 ahammond iggy that doesn't seem too bad
22:58 DanyC_ Ryan_Lane: done mind if i have 2 SGs applied: default & a new one instead of swapping
22:58 DanyC_ *don't
22:59 baweaver joined #salt
22:59 Ryan_Lane yeah. I'm not sure. I never do this kind of action
22:59 Ryan_Lane since it wasn't even possible before
23:01 DanyC_ Ryan_Lane: are you using EC2-Classic or VPC ?
23:01 Ryan_Lane vpc
23:02 DanyC_ Ryan_Lane:  Per the EC2 docs "After you launch an instance in EC2-Classic, you can't change its security groups." In my case, my instances are in Classic. Additionally, "After you launch an instance in a VPC, you can change its security groups." Reference: http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-network-security.html
23:02 DanyC_ *my case is VPC
23:03 Ryan_Lane yeah
23:03 Ryan_Lane I know it works now :)
23:03 Ryan_Lane haven't tried it, though
23:04 DanyC_ and funny enough, same prob exist in ansible where their ec2 module doesn't allow changing the SG https://github.com/ansible/ansible-modules-core/issues/454
23:04 saltstackbot [#454]title: Alter Security Groups on EC2 Instances | ##### Issue Type:...
23:04 DanyC_ Ryan_Lane: will give it a try tmw , thanks a bunch for your time!
23:04 Ryan_Lane yw
23:04 marsdominion joined #salt
23:04 Ryan_Lane DanyC_: it's dependent on salt-cloud or the boto_ec2 module, not boto_secgroup, btw
23:05 Ryan_Lane boto_secgroup only manages the presence of a secgroup, or its config if it exists
23:05 Ryan_Lane boto_ec2 is the one that needs to handle updating individual instances (and boto_asg for autoscale groups)
23:05 Ryan_Lane (or maybe boto_lc, if that's in the launch config - can't remember)
23:06 chadhs joined #salt
23:06 ahammond I've already implemented the stuff covered in https://docs.saltstack.com/en/latest/topics/tutorials/intro_scale.html as well as tuning the kernel's networking... any suggestions where else I look for performance issues?
23:07 DanyC_ Ryan_Lane: ah i see but then i would assume that in case i create a new SG using boto_secgroup (for the sake of this discussing let's say we have a new action: update) that will trigger in the bg the boto_ec2 to change the SG
23:07 abednarik joined #salt
23:07 DanyC_ Ryan_Lane: i know it doesn't exist as of today and i do hope that i can chain the boto_ec2 to require boto_secgroup
23:08 Ryan_Lane oh, well, you'd normally make the boto_secgroup state run first, then just reference the group in boto_ec2
23:08 DanyC_ Ryan_Lane: and in that way to achieve the SG "update" of a running instance
23:08 Ryan_Lane since you can reference secgroups by name in boto_ec2 (and boto_asg)
23:09 chadhs joined #salt
23:09 Ryan_Lane you need the boto_ec2 module from develop branch for managing individual nodes, though
23:09 DanyC_ Ryan_Lane: oh boy, another idea washed...grrr
23:09 Ryan_Lane DanyC_: here's an example: https://github.com/lyft/confidant/tree/master/salt
23:09 Ryan_Lane that uses autoscale groups, of course
23:10 Ryan_Lane we don't use anything other than asgs
23:10 Ryan_Lane so, for instance: https://github.com/lyft/confidant/blob/master/salt/orchestration/confidant.sls#L41-L59, then https://github.com/lyft/confidant/blob/master/salt/orchestration/confidant.sls#L154-L155
23:11 marsdominion joined #salt
23:11 marsdominion joined #salt
23:11 DanyC_ Ryan_Lane: right, i can see that. Shame i can't do anything since i'm not on .8
23:12 * Ryan_Lane nods
23:13 DanyC_ Ryan_Lane: on a minor side note, on L41-L59 you have the you have source_group_name for ingress rules, is anything for rules_egress for dst ?
23:13 DanyC_ Ryan_Lane: so i can say: allow the outbound traffic to SG dani from source_group_name = Ryan
23:14 DanyC_ Ryan_Lane: so i can move away from cidr/ ip - is cleaner/ scalable
23:15 nZac joined #salt
23:15 Ryan_Lane @DanyC_ that's a good question. I've never tried that :)
23:15 Ryan_Lane would need to check with aws's docs for that
23:15 Ryan_Lane I can't imagine why they wouldn't support that
23:16 DanyC_ Ryan_Lane: i bet they do since i know i can do that in OpenStack (done it already) the q is more from boto_secgroup :D
23:18 whytewolf openstack "liberated" the idea from aws
23:19 DanyC_ Ryan_Lane: When you specify a security group as the source or destination for a rule, the rule affects all instances associated with the security group . Ref - http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-network-security.html
23:19 DanyC_ whytewolf: i know hence why my answer on why i'm sure is supported :)
23:19 Ryan_Lane DanyC_: for sure source group works with rules
23:19 Ryan_Lane I didn't add the support for rules_egress, so I'm not sure there
23:20 DanyC_ Ryan_Lane: right, so if you were not the one with rules_egress i guess i'd have to jump into the code and see but i bet (again) there is not dst_source_group
23:21 DanyC_ Ryan_Lane: and only source group works with rules ...   oh well, learnt s'thing new :D
23:21 jrgochan1 Hey all. I'm getting a lot of errors similar to this "UnicodeDecodeError: 'ascii' codec can't decode byte 0xc3 in position 104: ordinal not in range(128)" but I'm not quite sure where they are coming from. Is there a good way to debug the stack traces that salt spits out? I feel like one of my sls files is broken, but I'm not sure which one, or how to figure it out
23:24 whytewolf jrgochan1: sounds like you have a unicode umlaut char in one of your sls files
23:24 iggy jrgochan1: check anything you've c&p'ed, quotes, etc
23:24 whytewolf ÷
23:26 jrgochan1 Hrmmmm. k. I'll see if I can find it. Thanks whytewolf
23:26 Knuta jrgochan1: sounds like https://github.com/saltstack/salt/issues/16139
23:26 saltstackbot [#16139]title: UnicodeDecodeError in highstate outputter | I get this crash when running state.highstate test=True:...
23:28 marsdominion joined #salt
23:28 marsdominion joined #salt
23:29 jrgochan1 Handy for future reference
23:29 jrgochan1 grep --color='auto' -P -n "[\x80-\xFF]" -r .
23:29 bhosmer_ joined #salt
23:32 conan_the_destro joined #salt
23:33 Trauma joined #salt
23:38 burp_ joined #salt
23:39 burp_ joined #salt
23:39 jrgochan1 Possible useful information about the unicode thing. I had a directory in /srv/salt/ that had a ton of files to copy to minions. Quite a few of the files had unicode characters in them. I wasn't referencing any of them in my sls files, but the problem went away after I moved the files out of /srv/salt/
23:40 whytewolf jrgochan1: were they used in file.recurse? and if so is file.recurse
23:41 burp_ joined #salt
23:41 jrgochan1 they were intended to be, but I removed the file.recurse from my sls files
23:43 burp_ joined #salt
23:44 flowstat_ joined #salt
23:45 kusams joined #salt
23:45 clintberry joined #salt
23:47 aqua^c joined #salt
23:49 bhosmer joined #salt
23:49 pegmanm joined #salt
23:57 antpa joined #salt
23:58 RandyT anyone have any examples of setup for schedules? the doc is very thin here and not finding many (any) examples...
23:59 nZac joined #salt

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary