Perl 6 - the future is here, just unevenly distributed

IRC log for #salt, 2015-12-18

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:05 brianfeister joined #salt
00:08 nmadhok joined #salt
00:12 anotherZero joined #salt
00:15 goldbuick__ joined #salt
00:26 DanyC joined #salt
00:27 jfindlay kevinquinnyo: there's an issue for all the exit code woes: https://github.com/saltstack/salt/issues/18510
00:27 saltstackbot [#18510]title: salt exit codes | is there a reason why test.* returns False and exits with bash exit code 0 instead of 1 ? ...
00:30 otter768 joined #salt
00:32 zmalone aw, that ole ticket
00:32 zmalone s/ticket/issue/g
00:33 zmalone I ran into a case where jinja2's docs would have meant a similar bizarre behavior, although it didn't work the way it had been documented
00:34 zmalone https://github.com/mitsuhiko/jinja2/pull/521/files
00:34 saltstackbot [#521]title: The behavior seems to be an and, not an or |
00:34 abednarik joined #salt
00:35 zmalone (https://github.com/mitsuhiko/jinja2/issues/508 is a little scary, for anyone else using jinja in salt)
00:35 saltstackbot [#508]title: Nonstandard operator precedence | In most programming languages, operators are grouped into families having equal precedence.  In Jinja2's parser, each operator has its own precedence level.  This affects the associativity of some expressions....
00:37 LondonAppDev Is it possible to always extract with archive.extracted even if the target already exists?
00:42 rem5 joined #salt
00:42 baweaver joined #salt
00:43 jfindlay LondonAppDev: I don't see an immediate option for that, but it seems like it could be useful
00:44 jfindlay you can work around it by removing the extraction point and reextracting
00:44 LondonAppDev jfindlay: yes basically I want to extract a tar which is treated as a repository so I can automate updating my WordPress theme.
00:44 jfindlay zmalone: ugh
00:44 flowstat_ joined #salt
00:44 LondonAppDev jfindlay: yes looks like I need to delete it first.
00:46 jfindlay the disadvantage to that is that it could be very inefficient
00:47 LondonAppDev jfindlay: how so?
00:47 LondonAppDev my jenkins will have a hook to my git repo
00:47 LondonAppDev when it chagnes it will pull it down, tar.gz the theme
00:47 LondonAppDev store it in /srv/salt/repo/my_theme.tar.zp
00:48 LondonAppDev then I run state.highstate
00:48 LondonAppDev BOOM! it pulls the latest version of my theme and puts it on the web server.
00:48 LondonAppDev Does that not sound like a good plan?
00:48 LondonAppDev I can't think of any other good way to package WordPress themes.
00:49 jfindlay LondonAppDev: every time you rerun the state, the extracted archive will get removed and reapplied, which may not be too bad if: 1) you're not running (high)states very often and/or 2) every time they are run, a change needs to be made
00:49 LondonAppDev jfindlay: hmmm you are correct...
00:50 zmalone LondonAppDev: is /srv/salt/repo a git repo?
00:50 jfindlay or if the theme archive is small enough, but we use wordpress for salt docs and I remember the themes not being too small :)
00:50 whytewolf LondonAppDev: how about instead of a archive. why not put your wordpress into a git repo and use the git state to deploy it
00:50 LondonAppDev zmalone: no it's my place to store packages that will be installed.
00:51 LondonAppDev whytewolf: because then it pulls all the other stuff in my git repos such as vagrant box etc...
00:51 zmalone whytewolf: managing WP in git is a nightmare
00:51 zmalone there are some projects around it
00:51 whytewolf LondonAppDev: those all shouldn't be in the same repo.
00:52 zmalone the problem is that stuff changes between releases, and within the repo, so it's tough to manage that way
00:52 LondonAppDev whytewolf: my Vagrantfile shouldn't be in the project repo?
00:52 jfindlay LondonAppDev: you could cheat by setting a hash somehow if you can manage some other way to know when the theme needs to be updated and predicate the archive.extracted state on that
00:52 zmalone storing binaries in git is also awful, which is why that isn't the best solution
00:52 zmalone tarball distributed by salt (that isn't in a repo on the master) is a decent enough approach
00:52 jfindlay or just hash the archive file itself and save it as a file somewhere
00:52 LondonAppDev jfindlay, I was thinking that. I could copy the tar to /tmp/ and then have a version file
00:53 LondonAppDev If the version file is > existing, copy it and remove the tmp
00:53 LondonAppDev if not then don't.
00:53 LondonAppDev I wonder if there is a feature in salt to compare values in files...
00:53 whytewolf LondonAppDev: actually no it shouldn't. anything not part of the main project should be a subrepo
00:53 whytewolf or submodule
00:54 zmalone submodules are also considered bad git by many people
00:54 LondonAppDev whytewolf: so it should be in a different git repo or just a sub directory inside the main repo?
00:54 jfindlay LondonAppDev: I was thinking of a simple cmd.run you could use to compare the hash/version file
00:55 whytewolf LondonAppDev: a different repo that is linked as a submodule in git
00:55 jfindlay if development is orthogonal enough to your other stuff, it's usually best to use a separate repo, and yeah, submodules can be annoying to work with
00:55 LondonAppDev whytewolf: that's interesting, I didn't think of that. I will try it.
00:57 zmalone if you put things like tarballs in git, expect to eventually need to rewrite git history, which is pretty painful if you have many users of your repo.
00:58 LondonAppDev zmalone: no I wouldn't put tarballs in the git. The Jenkins server will create the tarball when it detects a change.
00:59 colegatron joined #salt
01:00 zmalone if you are going to explore submodules, check things like https://codingkilledthecat.wordpress.com/2012/04/28/why-your-company-shouldnt-use-git-submodules/ / http://ayende.com/blog/4746/the-problem-with-git-submodules / http://somethingsinistral.net/blog/git-submodules-are-probably-not-the-answer/ and make sure you can live with the choice first
01:01 LondonAppDev Ah I got it. I will put a file called VERSION in my wp_theme. Then I will extract to /tmp/theme, then I will compare using file.show_changes if the version is different, if it is I will overwrite, if it's not I will leave it.
01:01 LondonAppDev zmalone: thanks for the links
01:02 zmalone cool, it's easy for places to git into the "binaries in git" approach between salt's gitfs for salt-master common solution + using salt as a source for file.managed files
01:02 zmalone when the repo hits 5gb in size, everyone starts crying about how long it takes to clone/merge/etc.
01:02 LondonAppDev zmalone: Google and Facebook have just one Git repo for every one of their projects lol.
01:03 yetAnotherZero joined #salt
01:03 iggy git lfs (don't know if it's specific to github or an open standard)
01:03 zmalone github specific
01:03 TTimo specific to github. lookup git-annex for an independent solution
01:03 LondonAppDev I wonder if there is a limit on BitBucket or GitHub repos?
01:03 hightekvagabond1 joined #salt
01:04 iggy yes
01:04 LondonAppDev 1GB
01:04 jfindlay zmalone: in my opinion, salt should be handling large nontext files well enough that users aren't tempted by the evil ways of blobs in git
01:04 iggy github will prune out bins without even really telling you too
01:04 zmalone your local repos will punish you too
01:04 jfindlay which it probably doesn't do well enough yet
01:04 zmalone you'll do a merge or commit and wait, and wait, and wait
01:04 kusams joined #salt
01:05 LondonAppDev I was thinking if it would be possible to make a version of Dropbox which commits the files to GitHub. They probably wouldn't like that though.
01:05 zmalone jfindlay: I've never had an issue with salt handling them, but I have had issues with them ending up in the git repo that all of a project's states are in
01:06 jfindlay at my last job one of the junior devs committed his tags file to the git repo
01:06 zmalone https://docs.saltstack.com/en/latest/topics/tutorials/gitfs.html contributes to that
01:06 jfindlay it was ~1G, which probably says more about how terrible the codebase was than anything else
01:06 murrdoc left #salt
01:07 zmalone if git is a good place to store text files, why not put your psd assets in it too!
01:07 jfindlay zmalone: yeah :(
01:08 zmalone I think I diverted that conversation far enough though, I just wanted to make sure you were aware of some of the pitfalls in the "easy" solutions
01:09 whytewolf there are pitfalls in any kind of solution
01:09 jfindlay I'm supposed to start writing some blog entries on how to use salt (for beginners!) at least to address sketchy and confusing salt uses such as this
01:10 jfindlay I would love feedback if anyone wants to read them over, although I haven't started this yet
01:10 * iggy
01:10 * whytewolf
01:11 zmalone I ran into a fun one recently with jinja/salt
01:11 zmalone {% if 'web' and 'prod' in salt['grains.get']('host') %}
01:12 jfindlay zmalone: if you know python, that should be easy to spot :)
01:12 zmalone looks legit, but is equivalent to {% if 'prod' in salt['grains.get']('host') %}
01:12 zmalone yeah
01:13 zmalone the jinja docs are kind of hard to get through though, so I think it's easy to just learn enough to hurt yourself
01:13 whytewolf not even python. almost any modern scripting lang treats strings as true
01:13 ajw0100 joined #salt
01:13 zmalone (it wasn't my mistake)
01:14 whytewolf lol. zmalone that much was obvious
01:15 hightekvagabond joined #salt
01:16 whytewolf would have had to be someone without a programing or even scripting background to have made that mistake. cause yes it looks legit unless you have been working on code a long time. and worse it will run. so a PITA to debug
01:29 DanyC joined #salt
01:31 Ashald_ one more question :)
01:31 Ashald_ I have file template that I reference with salt://path/to/file.jinja
01:31 Ashald_ and it's a Jinja template
01:32 Ashald_ Ho do I make Salt to render it as a Jinja template
01:32 Ashald_ And how do I provide context for this template?
01:33 yetAnotherZero joined #salt
01:33 whytewolf Ashald_: you might want to look into all the options for https://docs.saltstack.com/en/latest/ref/states/all/salt.states.file.html#salt.states.file.managed
01:33 Ashald_ when I use it in SLS like: - body: salt://templates/my_template.jinja
01:34 Ashald_ The problem that it's note file.managed state :(
01:34 Ashald_ but rather a state from boto_cfn
01:34 Ashald_ Although for some reason I though that there is a generic way to render files referenced through salt://
01:36 whytewolf Ashald_: typically - template: jinja is added to let the system know what template lang to use. I'm not sure about boto_cfn though
01:37 Ashald_ Maybe I can do that with template tags somehow?
01:37 rem5 joined #salt
01:38 whytewolf Ashald_: looking at the code now. see if it even calls the template engine in salt
01:38 Ashald_ I'm trying to figure out that as well although I'm not very familiar with salt internals
01:39 Ashald_ But if it's not - is there is a way to render template into some variable within SLS and then just pass that variable?
01:39 whytewolf it does not
01:39 Ashald_ :(
01:40 whytewolf only thing i can think of is to use file.manged to put the file somewhere [getting the benafit of - template:] then use file:// instead of salt://
01:41 whytewolf and putting in a feature request for boto_cfn templates having the ability to be run through the salt template engine
01:41 Ashald_ will it work within runner?...
01:42 Ashald_ and what't the best way to file feature requests? issue on github?
01:42 Ashald_ I have a number of ideas :)
01:42 whytewolf issue on github
01:42 Ashald_ thanks
01:42 whytewolf if you need a runner then maybe use the cp module
01:44 otter768 joined #salt
01:45 flowstat_ joined #salt
01:46 emosher joined #salt
01:52 MK_FG joined #salt
01:54 brianfeister joined #salt
02:02 MindDrive joined #salt
02:07 kusams joined #salt
02:07 bhosmer joined #salt
02:08 yetAnotherZero joined #salt
02:09 brianfeister joined #salt
02:13 zmalone joined #salt
02:15 MindDrive joined #salt
02:16 akhter joined #salt
02:17 shaggy_surfer joined #salt
02:30 DanyC joined #salt
02:45 untamo13 joined #salt
02:45 flowstat_ joined #salt
02:47 ilbot3 joined #salt
02:47 Topic for #salt is now Welcome to #salt | 2015.8.3 is the latest | Please use https://gist.github.com for code, don't paste directly into the channel | Please be patient when asking questions as we are volunteers and may not have immediate answers | Channel logs are available at http://irclog.perlgeek.de/salt/
02:48 MindDrive joined #salt
02:54 catpigger joined #salt
03:02 dwfreed joined #salt
03:03 emosher joined #salt
03:04 dwfreed joined #salt
03:05 racooper joined #salt
03:17 favadi joined #salt
03:17 dendazen joined #salt
03:26 nidr0x joined #salt
03:28 antpa joined #salt
03:29 scoates joined #salt
03:29 PeterO joined #salt
03:31 beardedeagle joined #salt
03:31 DanyC joined #salt
03:32 beardedeagle joined #salt
03:34 scoates joined #salt
03:35 ageorgop joined #salt
03:36 kusams joined #salt
03:42 rem5 joined #salt
03:43 flowstat_ joined #salt
03:44 rem5 joined #salt
03:53 evle joined #salt
03:55 rem5 joined #salt
03:57 evle joined #salt
04:26 antpa joined #salt
04:32 DanyC joined #salt
04:35 hightekvagabond joined #salt
04:43 flowstat_ joined #salt
04:45 kshlm joined #salt
04:53 racooper joined #salt
05:14 Ashald_ whytewolf, just FYI I solved my problem by using Jinja macros :)
05:17 favadi joined #salt
05:20 hightekvagabond1 joined #salt
05:22 hightekvagabond joined #salt
05:22 ageorgop joined #salt
05:24 anmol joined #salt
05:34 anmol joined #salt
05:34 kshlm joined #salt
05:40 cberndt joined #salt
05:43 flowstat_ joined #salt
05:43 AndroUser joined #salt
05:57 bryceml joined #salt
06:00 hightekvagabond joined #salt
06:02 hightekvagabond joined #salt
06:02 bryceml_ joined #salt
06:04 calvinh joined #salt
06:05 calvinh_ joined #salt
06:08 ashb joined #salt
06:09 bhosmer joined #salt
06:11 serverascode joined #salt
06:11 jay_d joined #salt
06:11 nidr0x joined #salt
06:18 otter768 joined #salt
06:33 rdas joined #salt
06:34 DanyC joined #salt
06:41 jle joined #salt
06:41 jle hey.. are mailinglist patches not accepted anymore?
06:43 iggy what are those?
06:44 linjan joined #salt
06:47 colegatron joined #salt
06:53 jle I mean patches posted on the mailing list.. sorry
06:59 AlberTUX joined #salt
07:22 kusams joined #salt
07:23 Destreyf joined #salt
07:23 iggy not really , no... It's easy enough to submit a PR on github
07:26 keimlink joined #salt
07:35 DanyC joined #salt
07:36 jle iggy: then you have to register an account
07:42 elsmo joined #salt
07:56 acsir joined #salt
08:03 Trauma joined #salt
08:04 zigurat joined #salt
08:05 zigurat Hi. I would like to fail the salt state if a file is older than 7 days. Thoughts?
08:07 TyrfingMjolnir joined #salt
08:08 zerthimon joined #salt
08:11 eseyman joined #salt
08:13 DanyC joined #salt
08:15 Joren_ joined #salt
08:19 otter768 joined #salt
08:22 llua just do it(tm)
08:27 felskrone joined #salt
08:28 dgutu joined #salt
08:35 antpa joined #salt
08:37 cyborg-one joined #salt
08:41 dgutu joined #salt
08:44 jhauser joined #salt
08:51 colegatron zigurat, test.succeed_with_changes with an unless ?
08:52 colegatron and require that test state  on the state that needs do the check the file age
08:55 felskrone1 joined #salt
08:56 netcho joined #salt
08:56 zigurat Yes. I don't know how to check that file age
08:57 babilen zigurat: Use a suitable find command.
08:58 zigurat But that will not fail. It will show the file or not
08:58 dgutu joined #salt
08:59 babilen colegatron: ... yes combine that with what colegatron suggested. You can probably also get the age out of stat .. and then: What is 'age' anyway? ctime? mtime? ...
08:59 babilen zigurat: ^
08:59 zigurat mtime
08:59 keimlink joined #salt
08:59 zigurat But doesn't really matter
09:01 babilen 'stat -c %Y ...' gives you mtime, but then I personally prefer the find approach as it is more explicit and readable (with the danger that it searches too much and is less atomic)
09:04 colegatron zigurat, http://pastebin.com/c1WccL65
09:04 colegatron not checked, although
09:05 babilen yeah, exactly
09:09 upb joined #salt
09:18 GreatSnoopy joined #salt
09:19 Xevian joined #salt
09:22 DanyC joined #salt
09:23 rem5 joined #salt
09:29 s_kunk joined #salt
09:33 yomilk joined #salt
09:36 Hydrosine joined #salt
09:37 akhter joined #salt
09:38 DanyC joined #salt
09:40 nafg joined #salt
09:41 slav0nic joined #salt
09:45 yomilk joined #salt
09:46 pegmanm joined #salt
09:57 thalleralexander joined #salt
09:58 cberndt joined #salt
09:59 averell joined #salt
10:03 peters-tx joined #salt
10:05 antpa I have a growing number of minions on a local network with slow internet...  I have think I have the timeout settings as best as I can get them but things continue to timeout.
10:08 antpa There are my settings and the error I routinely receive: https://gist.github.com/anthonyscolaro/06b38c9dbfdee8d9bf21
10:08 malinoff joined #salt
10:20 otter768 joined #salt
10:27 avenda joined #salt
10:40 giantlock joined #salt
10:42 cberndt joined #salt
11:01 yomilk joined #salt
11:06 amcorreia joined #salt
11:12 LondonAppDev joined #salt
11:15 Rumbles joined #salt
11:16 TyrfingMjolnir joined #salt
11:23 KermitTheFragger joined #salt
11:24 tongpu joined #salt
11:26 dendazen joined #salt
11:33 Rumbles joined #salt
11:48 rotbeard joined #salt
11:55 cornfeedhobo joined #salt
11:56 Diaoul joined #salt
12:06 denys joined #salt
12:09 giantlock joined #salt
12:12 bhosmer joined #salt
12:15 Grokzen joined #salt
12:19 evle1 joined #salt
12:20 BogdanR Hello
12:21 BogdanR I have a state which I run right after my servers are provisioned with salt-cloud and for this state to be successfull it is important that both these servers are up.
12:21 otter768 joined #salt
12:21 BogdanR How do I make sure that the state get's run when both servers are up?
12:22 upb joined #salt
12:23 babilen BogdanR: I'd try to *not* run them when both aren't up and simply repeat the request to run them until it has completed once. What does "up" constitute exactly?
12:24 babilen (e.g. "salt-minion replies to ping", "ICMP traffic comes through", "chassis powered on", "certain service replies with "oh, yeah", ...)
12:25 BogdanR babilen: salt-minion should reply to ping
12:26 BogdanR Basically this is all integrated with orchestrate
12:26 babilen BogdanR: I'd encode some test (e.g. test.ping) in the state that prevents it from running if the other side can't be reached and then tie the running of that state to salt/minion/start
12:27 babilen Or you send suitable events from the minions to "activate" the next phase of the orchestration. You, naturally, need to keep your state (minion A is online) somewhere and test for that before you react to the event.
12:28 babilen Then you just wait for two events to complete
12:28 BogdanR Yep. this was also my plan but I don't know how to do it :)
12:28 babilen Which part?
12:29 BogdanR To run a state on the server when the other one responds to either an event or to test.ping
12:29 babilen No, don't wait, react
12:30 BogdanR Yep, I suppose I will have to try a lot more to figure out the reactor system
12:31 babilen Say both minions come online and send a "salt/minion/*/start" event .. You can then save that one has come online (e.g. with the grains.present state) and test for that whenever you see a "salt/minion/*/start" event. If that grain is set to "0" you don't kick of the state, but if it is >= 0 you do
12:33 Grokzen joined #salt
12:33 BogdanR I tried a little to test the reactor system but it didn't really work for me
12:33 BogdanR Let me show you what I did?
12:33 babilen You could also just fire of the state whenever a minion comes online and have an explicit test in the state itself (e.g. try to get the address of the other minion from the salt mine, or run test.ping in there and check the return)
12:34 babilen Sure, just paste it to one of http://refheap.com, http://paste.debian.net, https://gist.github.com, http://sprunge.us, http://dpaste.de, …
12:36 yomilk joined #salt
12:37 BogdanR http://hastebin.com/zoqixogase.sh
12:37 keimlink joined #salt
12:38 babilen fwiw, I'd strongly recommend to reference reactor SLS files with salt:// and place them somehwere in file_roots (e.g. /srv/salt/reactor/...)
12:38 babilen Okay, what's the problem with that?
12:39 babilen And why do both boxes have to be up anyway?
12:40 BogdanR These boxes have to be both up because they are setting up glusterfs
12:41 BogdanR And if one of the nodes is not up it can't mount the filesystem and do all those things
12:49 colegatron joined #salt
12:50 Diaoul joined #salt
12:55 Diaoul joined #salt
12:59 shiriru joined #salt
13:02 jvblasco joined #salt
13:08 quasiben joined #salt
13:10 DanyC joined #salt
13:25 giantlock joined #salt
13:26 kusams joined #salt
13:26 teryx510 joined #salt
13:28 morissette joined #salt
13:28 DammitJim joined #salt
13:29 akhter joined #salt
13:31 elsmo joined #salt
13:33 mattiasr joined #salt
13:36 cyborg-one joined #salt
13:38 XenophonF joined #salt
13:38 akhter joined #salt
13:39 antpa joined #salt
13:40 ggoZ joined #salt
13:48 DammitJim man, how do you deal with multiple servers
13:48 DammitJim that use similar files
13:48 DammitJim let's say server 1 uses files 1 through 5
13:48 DammitJim server 2 files 3 through 8
13:49 DammitJim and server 3 files 1 through 8
13:49 hollyb joined #salt
13:49 DammitJim what is the best way to define that in a state or pillar?
13:49 tracphil joined #salt
13:51 tpaul joined #salt
13:52 mapu joined #salt
13:56 subsignal joined #salt
13:59 ericof joined #salt
14:00 Tanta joined #salt
14:04 AlberTUX joined #salt
14:07 AlberTUX1 joined #salt
14:08 dyasny joined #salt
14:08 Tanta joined #salt
14:09 Tanta joined #salt
14:12 KennethWilke joined #salt
14:15 lwm joined #salt
14:17 DaveQB joined #salt
14:18 lwm joined #salt
14:19 tkharju joined #salt
14:19 lwm heyo folks, new to saltstack and I've been handed a master/minion1,2 setup to play around with but I am a bit clueless
14:19 lwm I've done the getting started tutorial
14:19 lwm anyway, here is the log -> https://gist.githubusercontent.com/lwm/fc7a1464811a9a485f3a/raw/0beb69c3b0fa385e3b3e093c2caa065690635e5a/gistfile1.txt
14:19 lwm any pointers would be appreciated!
14:19 jhauser_ joined #salt
14:20 AndreasLutro lwm: states and modules are different - there is a dockerng.ps module function, but not a dockerng.ps state function
14:21 kusams joined #salt
14:22 schuyler1d joined #salt
14:22 bhosmer joined #salt
14:22 otter768 joined #salt
14:23 DanyC i think i've asked before, anyone knows how i can enable full boto debug log? I need to understand why a basic command like "salt-call boto_elb.get_attribute" returns
14:23 DanyC [DEBUG   ] LazyLoaded boto_elb.get_attributes
14:23 DanyC [ERROR   ] An un-handled exception was caught by salt's global exception handler:
14:23 DanyC gaierror: [Errno -3] Temporary failure in name resolution
14:24 lwm AndreasLutro: Hmmm, not sure what you mean. I think I need to read more :|
14:24 DanyC done with -l all nothing spit out
14:25 RandyT DanyC: not sure how this applies to boto specifically, but I have recently been pointed to 'salt-run state.event pretty=True' and find it invaluable.
14:26 quasiben joined #salt
14:26 phw joined #salt
14:27 RandyT keeping that running in a terminal window shows you everything that happens in the exchange when applying states.
14:27 DanyC RandyT: thx but i think that it only applies to reactors/events being sent down between minions/ masters. My prob he is that the minion is trying to reach out to AWS via boto module and i can't see why it throw that error - surely is s'thing between boto <> AWS
14:28 RandyT DanyC: perhaps, will be heading down boto path in a few...
14:29 RandyT DanyC: event info includes return values, stdout, etc for all interactions from what I am seeing.
14:29 AndreasLutro lwm: https://gist.github.com/anlutro/cd0c16d1d23d55ded19b
14:29 RandyT much more useful than looking at a log
14:30 DanyC RandyT: and if i'm trying just from cli on the minion that doesn't spit out anything
14:33 derphilipp left #salt
14:35 ubikite joined #salt
14:35 lwm AndreasLutro: thanks! That is definitely helping
14:35 RandyT DanyC: not sure why... just tested. I see in the event log exchange of keys from minion when executing test.ping for example.
14:35 ubikite joined #salt
14:36 RandyT DanyC: pretty much anything put on the salt bus is there...
14:36 DanyC RandyT: not sure either
14:39 DammitJim joined #salt
14:39 DammitJim anybody?
14:40 DammitJim how do you deal with different files on different servers (file.manage type of thing)
14:41 numkem joined #salt
14:42 marsdominion joined #salt
14:42 edrocks joined #salt
14:42 ferbla joined #salt
14:42 numkem joined #salt
14:46 racooper joined #salt
14:46 AndreasLutro DammitJim: pillars
14:47 DammitJim what do you do on the pillars?
14:47 DammitJim I need to define each file name for each server?
14:47 AndreasLutro DammitJim: https://bpaste.net/show/d64c31970293
14:47 ekristen joined #salt
14:48 AndreasLutro just one example
14:48 RandyT DammitJim: https://docs.saltstack.com/en/latest/topics/targeting/compound.html
14:48 RandyT Matchers are pretty powerful way to define roles and the application of state
14:49 DammitJim are you using that example for services
14:49 DammitJim but for me, I'd have to write the file names?
14:50 DammitJim I was going to do that
14:50 DammitJim right now I have folders with the files and doing recurse
14:52 AndreasLutro DammitJim: yes, but you could like put a list of files into the pillar, and overwrite that list on a per-minion basis
14:53 thalleralexander joined #salt
14:54 DammitJim does that mean that one has a different list for each minion?
14:54 DammitJim that's how I do connection pools for example
14:54 AndreasLutro maybe, but you could have like a default list
14:54 AndreasLutro or per environment, per application role... whatever
14:55 AndreasLutro in my example, pillar.services is a dict
14:56 AndreasLutro actually it should be {% for service in pillar.collectd.services if pillar.services.get(service, false) %}
15:00 DammitJim oh ok
15:03 rem5 joined #salt
15:03 DammitJim yeah, I have server 1 with files file1 through file5, but then server 2 has file6 through file10 and server 3 has file3 through file7
15:03 DammitJim so, I would need 3 lists, right?
15:06 winsalt joined #salt
15:07 wangofett joined #salt
15:08 eseyman joined #salt
15:13 AndreasLutro guess so
15:15 thalleralexander joined #salt
15:15 enginxx joined #salt
15:15 enginxx hi there
15:16 enginxx is there any solution to add a grain during machine create with salt-cloud
15:16 enginxx ?
15:16 babilen AndreasLutro: The "server 1 with file 1 through 5, server 2 with ..." feels wrong. I have nothing like that anywhere in my deployment
15:17 babilen enginxx: I was under the impression that you can set that in the cloud map file, can't you?
15:17 enginxx i need to add a grain such as roles during machine create using salt-cloud
15:17 babilen uuugh, grains for roles
15:17 enginxx but cannot find any trick to do this.
15:18 babilen https://docs.saltstack.com/en/latest/topics/cloud/map.html → A map file can include grains and minion configuration options:
15:18 mpanetta_ joined #salt
15:18 babilen But don't use grains for roles
15:19 schuyler1d joined #salt
15:19 RandyT enginxx: based on some help I received here from whytewolf I am doing the following to set pillar data on cloud/*/created event. https://gist.github.com/rterbush/aac6ac73a6d8e01c8f32
15:20 hasues joined #salt
15:20 hasues left #salt
15:20 nmadhok joined #salt
15:20 enginxx of course i can do it.I have created .conf files which contains several specify options like this,but i need to add as a option during salt-cloud process is working
15:21 enginxx i want to use it as dynamic options during machine creation
15:21 enginxx not set it in a file
15:22 RandyT enginxx: that gist is hit from reactor
15:22 enginxx hım
15:22 enginxx could you please give me an example
15:24 RandyT enginxx: gist updated https://gist.github.com/rterbush/aac6ac73a6d8e01c8f32
15:24 RandyT relevant part is setting pillar value in that reactor state
15:24 RandyT pillar['incoming_id']
15:27 drawsmcgraw joined #salt
15:28 TaiSHi left #salt
15:28 DammitJim joined #salt
15:30 DanyC Ryan_Lane: not sure if you are around or still sleeping, in case you are can i borrow your brain a bit? Particularly have you run/ used boto_secgroup.authorize to alter the rules of a SG ?
15:31 Heartsbane joined #salt
15:31 Heartsbane joined #salt
15:32 drawsmcgraw joined #salt
15:34 drawsmcgraw Using git.latest() with an http:// endpoint and Github is asking me (er.. .my Salt run) for a name/password
15:34 drawsmcgraw Did I Git wrong?
15:36 murrdoc joined #salt
15:37 murrdoc basepi:  so no openings for a talk on how to do salt simple-y
15:38 akhter Anyone know how to specify a different ssh port for bootstrap in salt-cloud?
15:38 eseyman left #salt
15:41 schuyler1d noob question: trying to use environments in top file.  When I run `salt \* state.highstate saltenv=prod` does that exclude rules in the 'base:
15:42 drawsmcgraw akhter: That's a good question. I'm not sure the script supports that, as a quick search for 'port' in salt-bootstrap yields unhelpful results
15:42 drawsmcgraw https://github.com/saltstack/salt-bootstrap/search?utf8=%E2%9C%93&amp;q=port
15:43 drawsmcgraw There *may* be a way to configure your SSH client to always try your alternate port. I'm thinking something in ~/.ssh/config
15:44 RandyT anyone know how to specify times in schedule as 24hr?
15:44 RandyT just exclude the am/pm?
15:45 DanyC if i want to run the code like http://hastebin.com/xevicenelo.sm, is the require defined properly?  Cause is not a pkg, is not a file, is not a service so what "type" should be then ?
15:48 nafg joined #salt
15:49 buhman DanyC: require: - boto_secgroup: elb_for_secgroup
15:49 drawsmcgraw RandyT: There are several ways to express time, I think. I have mine using the cron-style method
15:49 drawsmcgraw But that requires an install of python-cronitor
15:50 drawsmcgraw So the answer depends on what your current stanza looks like. It's been a while since I wrote some scheduled jobs
15:50 drawsmcgraw Yeah, no. Salt is trying to execute a 'git ls http://github.com/project/repo.git' when I use git.latest()
15:50 drawsmcgraw And that's causing Github(?) to prompt it for a username/password
15:51 RandyT drawsmcgraw: thanks, I suspected more of a python dependency. I will dig in that direction. Running these on windows minions, so need to comply with bare minimum... :-)
15:51 drawsmcgraw Is there a way to guarantee that I'm not asked for a creds when cloning a repo?
15:51 cpowell joined #salt
15:52 ranomore1 I would assume salt.states.git.config_set
15:52 drawsmcgraw RandyT: Ah, I see. Yeah... even the am/pm method requires python-dateutil
15:52 denys joined #salt
15:52 drawsmcgraw I wonder how hard it is to install a couple Python modules into a Windows minion though?
15:53 DanyC buhman: awesome, much thanks !
15:53 RandyT drawsmcgraw: not that hard from what I have found, provided they work on windows...
15:53 drawsmcgraw RandyT: Have you tried out pip.installed() on a Windows minion? I'm not convinced that you can't install more python modules on a Windows minion
15:53 drawsmcgraw makes sense
15:53 akhter drawsmcgraw: ~/.ssh/config might work, I'll try that and raise an issue on the repo.
15:53 akhter Thanks.
15:53 drawsmcgraw ranomore1: Thanks! I wasn't aware of git.config_set. I'll look at those docs
15:53 drawsmcgraw akhter: Yeah that's not an unreasonable feature request
15:54 RandyT drawsmcgraw: yes, successfully using pip.installed for things I know are targeted at windoze function. Just avoiding adding more things where possible... as you point out, Ii may need to add some things just to get the basics working. Not sure if that is in the salt-minion namespace on windows or not now that you raise that point.
15:55 drawsmcgraw ranomore1: Ah.... my Git knowledge is lacking... any clues as to what values would need setting there? I'm always using the http endpoint if it makes any difference
15:57 ranomore1 drawsmcgraw: 'git config user.name' is how you would do it on the command line
15:57 ranomore1 user.name is the key
15:58 drawsmcgraw ranomore1: Thanks. I was hoping to not have to have an account just for making read-only clones of Git repos
15:58 drawsmcgraw But maybe I need to blow the dust off that bot account I made forever ago
15:58 murrdoc drawsmcgraw:  few options
15:58 netcho joined #salt
15:58 netcho joined #salt
15:58 murrdoc one deploy key
15:58 murrdoc ssh key you attach to the repo
15:58 murrdoc all that can do is read only clones
15:59 murrdoc two setup an api key
15:59 murrdoc that too can be used to clone as readonly
15:59 murrdoc three, use the read only checkout url of your git repo
15:59 RandyT anyone here using an s3 git repo for external pillar?
15:59 murrdoc and make it public
15:59 murrdoc drawsmcgraw:  either of those will work to clone the repo as read only
16:00 RandyT Looking for suggestions as to best tool to setup git repo on s3 and I guess, if it even works..
16:00 murrdoc best option, git-export -> fpm -> package
16:00 drawsmcgraw murrdoc: I'm a fan of the deploy key - used it in previous lives. But I'm cloning lots of repos, not all of which are mine.
16:00 drawsmcgraw So maybe I'm missing the 'read only checkout url' of the repos ?
16:00 murrdoc are u using submodules ?
16:00 drawsmcgraw I thought that was the http:// url ?
16:01 murrdoc it should be for stuff in github
16:01 murrdoc at least
16:01 murrdoc try git clone git://
16:01 murrdoc instead of http
16:01 murrdoc ?
16:02 DanyC buhman: i will ask in case you might be able to help, any chance you have exp with boto_secgroup.authorize ?
16:02 debian112 joined #salt
16:02 drawsmcgraw murrdoc: I'm populating an Opengrok source code directory (*lots* of internal projects) so a simple git clone is all I need...
16:02 drawsmcgraw Wouldn't git:// prompt for ssh creds?
16:02 morissette joined #salt
16:02 murrdoc nope
16:02 drawsmcgraw 'course... I suppose that could work. Maybe I just need to have Salt auth with the deploy key after all
16:02 murrdoc git@ will
16:02 drawsmcgraw oh!
16:02 murrdoc from what i know
16:03 drawsmcgraw murrdoc: we'll I'll be damned! git:// seems to be working. I think I have more reading to do
16:03 drawsmcgraw Thanks!
16:04 murrdoc you are welcome kind sir
16:04 buhman DanyC: zero
16:06 blitz2145 joined #salt
16:07 sdm24 joined #salt
16:10 yomilk joined #salt
16:21 colttt joined #salt
16:23 otter768 joined #salt
16:24 hightekvagabond joined #salt
16:29 thebwt joined #salt
16:29 DanyC buhman: sure thx. On a different note do you have any idea if on the previous url http://hastebin.com/xevicenelo.sm i can reference the SG name in boto_elb section with the one from boto_secgroup? So i don't have to mantain 2 copies of the secgroup name
16:30 andrew_v joined #salt
16:37 tkharju joined #salt
16:39 mapu Yesterday I was having an issue with route53 via salt-cloud. When I run salt ‘myhost’ state.sls rt53 I get State 'boto_route53.present' was not found in SLS 'rt53’. I am running 2015.8.3 on both the master and the minion. However, the master is boto v2.38.0, while the minion is 2.25.0.
16:39 amcorreia joined #salt
16:40 mapu I was under the impression that I did not need to separately install or update boto as the required dependencies exist with the salt version.
16:46 kusams joined #salt
16:47 deus_ex joined #salt
16:55 mapu Looks like I found the issue- needed a yum update on the minion instance to bring python-boto to 2.38
16:57 dipk joined #salt
16:58 blueyed How can I check that dockerng/dockerng.ps is available in a template?  This throws a KeyError: "{% if 'dockerng' in salt %}"
16:59 foundatron How does one get ec2 specific information from minions?
16:59 iggy blueyed: that shouldn't throw a key error... that's a valid test
17:00 iggy foundatron: there are some grains/etc in salt-contrib that can read ec2 data
17:00 indispeq_ joined #salt
17:01 KennethWilke joined #salt
17:01 foundatron How do you use salt-contrib? I'm looking at the repo now but don't see any documentation how to integrate it
17:02 iggy just pull whatever files you need
17:02 foundatron cool
17:02 iggy it's not something you probably want to pull everything from
17:03 foundatron do you add it like a gitfs source?
17:03 foundatron or you literally just copy the file
17:04 schuyler1d i'm really confused about environments.  If I don't set saltenv, then it runs base, but then saltenv=prod ignores the content of base.  But if I put something in both base: section and prod: section, I get errors about conflicting IDs
17:06 malinoff joined #salt
17:07 iggy foundatron: literally just copy the file to your local file_roots
17:08 foundatron gotcha
17:08 moogyver joined #salt
17:09 drawsmcgraw schuyler1d: I've avoided multiple environments because I couldn't quite get it to reliably work either. But this may be worth a read if you haven't already: https://docs.saltstack.com/en/latest/ref/states/top.html#how-top-files-are-compiled
17:09 clintberry joined #salt
17:09 drawsmcgraw I understand there have been a lot of improvements in the last few months re: top file merging
17:10 blueyed iggy: http://sprunge.us/iSEW
17:11 colegatron hello, I'm back with more doubts :)
17:11 zmalone joined #salt
17:11 colegatron I want to dockerize my apps and configure the containers (images) using salt.
17:12 sdm24 schuyler1d: if, on the same minion, you have a sls file in Base and another in Prod that both share the same ID (i.e. "/etc/foo/bar"), that will conflict I believe
17:12 malinoff colegatron: are you going to put salt minions into your containers?
17:12 colegatron that images will have its own key identifying the container to the saltmaster. if I run multiple containers from the same image, do all of them will be updated at the same time?
17:13 writtenoff joined #salt
17:13 colegatron malinoff, yes, that is the idea, but I do not know nobody who did it before, so I'm trying to guess what is going to happen and if there is some pitfall I'm not taking in care
17:13 clintberry joined #salt
17:13 malinoff colegatron: that's not how docker works
17:13 brianfeister joined #salt
17:14 schuyler1d @drawsmcgraw: thanks -- i've been reading that, and tried top_file_merging_strategy=same and also merge, and haven't really been able to get it to work either way.  I really just want the top file to be the same for all environments, but i want environments for file_roots: (so salt://... will also look in e.g. 'prod' dir)
17:14 malinoff colegatron: instead of configuring a container, you should build it using whatever you like (pure Dockerfile, docker-compose etc) and let it just run without extra modifications
17:15 schuyler1d sdm24: right, but how do i just have the same top file processing for all envs?
17:16 colegatron malinoff, I would like to use salt instead pure dockerfiles. in the long run I understand dockerfile will be the same that maintain long bash scripts. I have replaced bash-configuration-scripts with salt states and I am happy
17:16 s_kunk joined #salt
17:16 indispeq joined #salt
17:16 colegatron malinoff, the idea is not configure _thecontainer_ but _the image_
17:16 malinoff colegatron: you said you're going to put minions into containers. Not to use salt to prepare images
17:17 colegatron but, collaterally, if I do not remove the minion from the image, I understand I could continue updating it in real time (yes, I know it breaks the inmutability idea)
17:17 blueyed iggy: {% if salt['dockerng'] is defined %} seems to work.
17:18 colegatron malinoff, ok, my fault, sorry the misunderstanding
17:18 Rumbles joined #salt
17:19 colegatron malinoff, you mean is not a good idea (or even possible) to leave the clone-minions running on the containers?
17:19 malinoff colegatron: it is possible, but docker wasn't built for this. Looks like you simply need general virtualization
17:20 malinoff colegatron: without all this 'one process per container' and 'layered images' stuff
17:20 johnkeates joined #salt
17:20 bhosmer joined #salt
17:20 giantlock joined #salt
17:20 colegatron nop, I want containers, smaller, clonabe and easily movable from one server to another
17:21 johnkeates no you don't. containers are poop
17:21 johnkeates everybody knows it
17:21 johnkeates the hype will blow over and we'll be back on track with proper state and configuration management
17:22 malinoff colegatron: 'clonable' is just a marketing. I can recreate all my deployed projects from the scratch in minutes on a freshly provisioned environment, without using docker
17:23 colegatron yes, me too, but it would be great to avoid to have to create a 'freshly provisioned environment' and replace it for a healthy cluster of docker machines
17:24 malinoff colegatron: docker is the current state is like broken packaging format, package manager and process manager all-in-one
17:24 malinoff s/is/in/
17:24 malinoff colegatron: I don't have such need, but I'm able to do that - if I need to
17:24 zmalone joined #salt
17:25 schuyler1d colegatron: I might have done what you're trying to do.  I used docker-compose with e.g. "environment:    - SALT_GRAIN_ROLE=nagios" and then the docker file writes to a /etc/salt/minion.d/ with that grain, etc
17:27 colegatron schuyler1d, then from the docker file run a salt-call state.hightstate to configure it, right?
17:28 clintberry joined #salt
17:29 schuyler1d yes
17:30 linjan joined #salt
17:30 colegatron schuyler1d, are you running autoscaling (aws) or similar to scale out apps alongside this method of container/image preparation?
17:31 schuyler1d i have a single dockerfile for all.   https://gist.github.com/schuyler1d/2a1e9b8366eeb2952f33
17:31 schuyler1d colegatron: haven't gotten that far yet.  just trying to bootstrap
17:32 colegatron schuyler1d, did you tried to manage two containers of the same app with salt?
17:33 schuyler1d not yet
17:34 schuyler1d but, if you send it different build/volume values that connect to its state, i can't imagine why that wouldn't be possible
17:35 bonzibuddy hey folks
17:35 bonzibuddy I'd like to deploy sensitive SSL info via salt
17:35 bonzibuddy right now i have it stored in the pillar and being selective via {% if grains['fqdn'] == 'foo.bar.bz' %}
17:36 colegatron why do you need to send build/volume values? it is supposed the minion to connect to master and if the two minions use the same ID and key, it will work without further configuration. as far as I understand
17:36 bonzibuddy right now im storing the keys right in the pillar and templating them into some file.managed files
17:36 bonzibuddy im wondering if ppl have other approaches or recommendations
17:37 colegatron I use the same approach for certificates, bonzibuddy
17:38 bonzibuddy colegatron: so I'm not completely out to lunch then :D
17:39 bonzibuddy in my setup all that gets versioned tho, im considering templating a file path to the certs so i can not version the public/private keys
17:39 colegatron I also think it is the best practice. sensitive data should be inside the pillar because the data will only travel to the corresponding minion
17:40 colegatron why you can't version it? even if they do not change, every time you need to move back and forth from a release, you will be sure there is no change on the data (accidental/malicious modifications)
17:41 bonzibuddy colegatron: I'm on the fence about it... conceivably the less places i store the public/private keys, the better
17:41 bonzibuddy less overall chance of a key compromise is my thinking
17:42 zmalone bonzibuddy: What version of salt are you on? Do you do auto-acceptance of minion keys?
17:42 zmalone How do you store your pillars?  Are they in a VCS repo of some kind?
17:42 bonzibuddy zmalone: nope, no auto-accept
17:42 bonzibuddy the pillar is in git
17:42 bonzibuddy a private git
17:42 bonzibuddy ie not github, git ala ssh://git.mycompany.com/path/to/repo.git
17:43 frew joined #salt
17:43 bonzibuddy like its already going to be pretty secre
17:43 colegatron your production configuration repository should be access restricted, if it gets compromised do not care if the certs are versioned or not
17:43 bonzibuddy secure*
17:43 bonzibuddy yeah thats trye colegatron
17:43 zmalone in general, storing unencrypted ssl private keys in any git repo is asking for some trouble, in that anyone with appropriate access to stash (and even people who don't, in some cases, like the 2014 stash bug) can get it.
17:43 bonzibuddy true* man cant type today
17:43 frew hey guys, I'm trying to make a salt state faster (I think I'm saying that right?)  The goal is to ensure that a blacklist of users have no processes running
17:44 frew currently it does ps -U $user for each user and then if it finds any does a killall
17:44 spuder joined #salt
17:44 colegatron frew: cron is for that
17:44 frew I think that making it do ps -U $user1 -U $user2 etc would be better, but I guess we would lose the details of which got stopped
17:45 frew colegatron: I disagree, part of the whole point is taht when a user gets fired or w/e they are removed from the system on the next push
17:46 colegatron frew; it is another approach
17:46 frew true
17:48 colegatron on your approach you have to be informed when someone is going to be fired or w/e. using cron and if you have a ldap/ad you can be sure there is no unauthorized logged users even between pushes. but of course will depend on your use case
17:48 frew is there a way I can get a thing (directive?) to run before another one runs, only if that other one runs?
17:48 upb joined #salt
17:48 frew yeah that's true, and we expect to get there at some point
17:48 colegatron onlyif
17:48 colegatron run before; require/require_in
17:49 colegatron frew; have a look to https://docs.saltstack.com/en/latest/ref/states/requisites.html
17:50 frew perfect, thanks
17:50 colegatron welcome
17:50 frew still very much getting used to salt
17:51 frew ah, it looks like prereq might be what I want
17:51 frew remove user has prereq of kill user's processes
17:52 frew hmmm, nope.
17:52 colegatron require
17:52 frew it already is require
17:52 frew and it runs every time
17:52 frew the goal is to not run it unless it really needs to
17:53 frew it's like what I need is onchanges but before?
17:53 colegatron unless ps axu myuser
17:53 colegatron nop
17:53 frew already ahve that, the problem is that running ps -U user 100 times is slow
17:55 colegatron maybe a -listen to kill the processes ?
17:55 frew the issue here is that a user is not on the system; if they are not on the system, even doing the ps check is silly; I'd like to only do the ps check if they are on the system
17:56 frew I don't know what that is?
17:57 colegatron it listens for the run of a state and always is executed after that state. have a look to the doc I think it can help
17:57 frew ok
17:57 frew also I sorta thing a slightly smarter require might be sufficient?
17:59 frew it's like I want a user.present that won't create the user
17:59 DanyC joined #salt
18:00 shaggy_surfer joined #salt
18:07 freelock joined #salt
18:12 nmadhok joined #salt
18:12 ubikite joined #salt
18:13 marsdominion joined #salt
18:13 marsdominion joined #salt
18:14 bhosmer_ joined #salt
18:16 denys joined #salt
18:22 ldelossa joined #salt
18:22 ldelossa Hey guys, I'm trying to automate icinga client installation. At one point, I need to reach out to the master server, run an ssh command, and then use the output of that command. Is this possible to do in a salt state?
18:23 ldelossa If I have the master server managed by salt, I could run an arbitrary command on it, can I then store that output in a jinja variable?
18:24 otter768 joined #salt
18:27 DanyC joined #salt
18:29 nethershaw joined #salt
18:30 DanyC Ryan_Lane: in case you are online may i bother you with another boto q?
18:30 mapu joined #salt
18:32 frew I think I need to make my own module for something; where are the docs for that?
18:33 anotherZero joined #salt
18:33 frew https://docs.saltstack.com/en/latest/ref/modules/index.html#modules-are-easy-to-write
18:33 frew found it
18:33 frew thanks anywa
18:35 RandyT am I able to load multiple schedule: files for a specific role from pillar?
18:36 RandyT wondering what is the affect to the dict that is created. is it additive, or does loading another file with schedule: key overwrite?
18:37 kulty joined #salt
18:37 johnkeates left #salt
18:39 bhosmer_ joined #salt
18:51 colegatron joined #salt
18:57 ageorgop joined #salt
18:59 sdm24 hey schuyler1d: you still here? I missed your response, sorry
19:00 sdm24 the easiest way to eliminate duplicate state IDs is to change your states to use a distinct ID and the - name property, like this https://gist.github.com/sdm24/b66021e549891f9ca1d4
19:03 frew does anyone have any example modules or states where you just simply wrap an existing state and add stuff to it?
19:03 frew I think I can figure out how but an example would nbe nice
19:03 jfindlay frew: do you mean write a custom state or exec module?
19:04 frew yes
19:04 frew custom state, based on an existing one
19:04 jfindlay you're welcome to look at https://github.com/jfindlay/precipitate
19:04 frew cool, thanks
19:04 jfindlay that may be what you need
19:05 jfindlay that's an embarrassingly incomplete project, but it should have a decent example of a custom module and state
19:05 frew mmm
19:10 cheus joined #salt
19:11 marsdominion joined #salt
19:11 marsdominion joined #salt
19:14 brianfeister joined #salt
19:14 ferbla_ joined #salt
19:17 netcho joined #salt
19:27 Derek_ joined #salt
19:30 Guest67521 Hi all, I was wondering if someone could tell me if it is possible to read in a section from an ini file as a pillar within top.sls?
19:32 sdm24 guest67521: would https://docs.saltstack.com/en/latest/ref/pillar/all/salt.pillar.file_tree.html maybe be a solution? It recursively goes through the specified directory, looking for a subdir with a minion's id, and puts all files in the subdir in the pillar for that minion
19:33 rem5 joined #salt
19:33 schuyler1d @Guest67521: I ended up using environments and additional file_roots: for that
19:34 flowstat_ joined #salt
19:36 johnkeates joined #salt
19:36 forrest joined #salt
19:38 clintberry joined #salt
19:39 rem5 joined #salt
19:43 forresta joined #salt
19:43 johnkeates joined #salt
19:55 frew this might sound stupid, but I made a module and now I can't figure out how to use it from a state
19:55 frew is there a way I can import a module or something?
19:56 runiq joined #salt
20:01 whytewolf frew: https://docs.saltstack.com/en/latest/ref/states/writing.html
20:03 runiq Hello all, I have a problem: I cannot get "salt <minion> pillar.get <anything>" to work, not even with a stub pillar! Interestingly, "pillar.items" shows me my items just fine…
20:04 whytewolf runiq: try salt '*' saltutil.refresh_pillar and try again
20:05 ferbla joined #salt
20:05 izrail joined #salt
20:07 runiq …augh. Thanks a lot, now I feel stupid, haha. I always thought both pillar.get and pillar.items did a "fresh" run and took their data straight from the master, why do I have to refresh the pillar data in this case?
20:08 baweaver joined #salt
20:08 whytewolf pillar.get uses cache. pillar.items does not [nor does it update the cache]
20:10 runiq Ah, alright, thanks!
20:10 whytewolf no problem :)
20:11 RandyT reasking my earlier question: If I include multiple files in pillar that set the schedule: dict, are they additive, or does it replace previous values associated with schedule:?
20:11 winsalt pillar data gets replaced if the key is the same
20:12 ctrlrsf joined #salt
20:13 whytewolf RandyT: IIRC it merges first item. but everything after is replaced. https://docs.saltstack.com/en/latest/topics/pillar/#pillar-namespace-merges
20:13 ctrlrsf Hi all. I was wondering what the best way to have require: require either a package or a file
20:14 lemur joined #salt
20:14 marsdominion joined #salt
20:14 marsdominion joined #salt
20:15 RandyT whytewolf: ah, ok. so I can extend a schedule: with multiple files. Just knowing that if both files have identical keys, those keys get overloaded.
20:15 whytewolf RandyT: I wouldn't call it overloaded. overloading implys you know which one gets presadence
20:16 RandyT fair point, making assumption that last in wins here...
20:18 ajw0100 joined #salt
20:23 DanyC joined #salt
20:25 otter768 joined #salt
20:30 scoates joined #salt
20:34 marsdominion joined #salt
20:39 viq joined #salt
20:40 DanyC joined #salt
20:40 rotbeard joined #salt
20:42 flowstat_ joined #salt
20:43 martoss joined #salt
20:43 marsdominion joined #salt
20:43 viq1 joined #salt
20:51 clintberry joined #salt
20:52 iggy rubenb: pillar.item should do a refresh (whereas pillar.get shouldn't as it would absolutely kill peformance of state runs)
20:53 iggy RandyT: there are also some options in the master config to control merge behavior
20:54 RandyT iggy: thanks, will have a look
20:57 RandyT I see the default is "smart" so I can rest easy. ;-P
20:59 martoss joined #salt
21:02 Netwizard joined #salt
21:03 brianfeister joined #salt
21:05 LondonAppDev__ joined #salt
21:07 jfindlay pillar definitely needs some attention
21:11 Trauma joined #salt
21:18 DanyC sorry to stress you too much, i'll ask one more time: anyone can help with boto_secgroup.authorize? i know the MAN is Ryan_Lane but he is not online
21:21 DanyC_ joined #salt
21:22 hackel joined #salt
21:26 scoates joined #salt
21:26 brianfeister joined #salt
21:27 subsignal joined #salt
21:28 schuyler1d joined #salt
21:29 aberdine left #salt
21:30 DanyC_ is anyone using Salt as part of a CI/CD pipeline ?
21:31 DanyC_ not for testing Salt but for the apps
21:33 flowstat_ joined #salt
21:37 ranomore1 I remember seeing some demos on using salt as a build server if that's what you're asking. We're using it to augment our build server to keep all the stuff that rarely changes up to date.
21:39 DanyC_ ranomore1: so what i currently have is an env where i'm deploy apps using salt-cloud (brings AWS EC2 up) and salt master to apply the states. What i was thinking is to have a way to hooks that with Jenkins or GO or you name it
21:40 DanyC_ ranomore1: so i can for a CI/ CD which allows me to fan in/ out at various stages
21:40 pegmanm_ joined #salt
21:42 DanyC_ ranomore1: or more like this, will do for 1st phase http://stackoverflow.com/questions/30068627/how-do-i-pass-on-my-build-file-from-jenkins-to-saltstack-master
21:43 ashmckenzie joined #salt
21:43 keepguessing joined #salt
21:44 keepguessing I do not see any packages getting installed until I do a "highstate" on my master. Is there a reason behind that?
21:44 ranomore1 yeah, that is something we are looking at too
21:44 pegmanm joined #salt
21:44 keepguessing I see that salt master is running.
21:46 DanyC_ ranomore1: ah cool, we are on same side then :D
21:46 ranomore1 DanyC: so far we just have builds that call salt over salt-api
21:49 ranomore1 DanyC: but that's problematic because we don't have any monitoring on the salt side to know whether the states passed or failed. it's just a quick hand-off.
21:53 DanyC_ ranomore1: and what is your flow, if you don't mind sharing? git -> Jenkins master(outside the cloud) and where are you jenkins slaves (agents) ?
21:55 rocket joined #salt
21:55 kusams joined #salt
21:55 rocket does anyone have an example where you use a #!py renderer to update a set of pillars?
21:56 rocket eg I want to extend the existing file_roots variable
21:58 ranomore1 DanyC pretty much the same except svn and teamcity and we're all internally hosted. but the salt states get the stuff from svn too, so they can update the machines on a highstate independently
21:58 Rumbles joined #salt
22:04 akhter joined #salt
22:05 baweaver joined #salt
22:07 DanyC_ ranomore1: ah i see
22:09 babilen keepguessing: Why would you expect anything to get installed if you do *not* run a highstate?
22:09 babilen salt doesn't magically do things
22:12 stomith I have a state.highstate that doesn't compile. is there a way to specifically tell where it's failing?
22:15 babilen It's output? salt-master log, "salt-call -ldebug state.highstate" on the minion, ...
22:15 babilen *Its
22:15 stomith thanks!
22:17 stomith though that didn't tell me anything.
22:21 stomith except that I had two salt-minions running.
22:21 stomith bingo.
22:25 otter768 joined #salt
22:34 blitz2145 joined #salt
22:36 hasues joined #salt
22:36 blitz2145 Hi all, I'm getting a TypeError from a salt-minion when running any salt cmd. Version Info and Traceback here: https://gist.github.com/Blitz2145/92b227b4dc9bf418cea6
22:36 nZac joined #salt
22:37 hasues left #salt
22:39 jfindlay blitz2145: what platform and how did you install?
22:40 jfindlay also, the latest packages are available from repo.saltstack.com
22:41 blitz2145 Ubuntu 14.04 LTS and I used the bootstrap script
22:41 jfindlay hmm
22:42 blitz2145 Updated gist with my sources list https://gist.github.com/Blitz2145/92b227b4dc9bf418cea6
22:42 flowstat_ joined #salt
22:42 blitz2145 is that the right one?
22:43 blitz2145 I tried to upgrade, never got new versions
22:44 jfindlay do you know the version of bootstrap you're using?
22:44 jfindlay are you using it as part of salt-cloud?
22:44 blitz2145 ok, I see, we're are on an old version of bootstrap it seems
22:44 jfindlay from some other salt installation, perhaps?
22:45 jfindlay yeah, the latest bootstrap should source from repo.saltstack.com
22:45 blitz2145 got it
22:45 blitz2145 can I just rerun the bootstrap script on master and then minion?
22:46 cliluw joined #salt
22:46 jfindlay you should be able to as bootstrap will use the local package manager to do the update
22:46 jfindlay but if you have 2015.5.3 installed, you'll have to update bootstrap first
22:47 blitz2145 ok, I'll update it
22:49 rem5 joined #salt
22:52 jeffspeff joined #salt
22:53 Topic for #salt is now Welcome to #salt! | Latest Version: 2015.8.3 | Logs: http://irclog.perlgeek.de/salt/ | Paste: https://gist.github.com/ (please don't multiline paste directly into the channel) | Have patience when asking questions as we are volunteers and may not have immediate answers
22:54 nmadhok joined #salt
23:06 akhter joined #salt
23:09 rem5 joined #salt
23:13 flowstat_ joined #salt
23:13 keepguessing joined #salt
23:16 danlsgiga joined #salt
23:17 danlsgiga Hey guys, anyone using Jenkins to automate deploys using Salt?
23:17 danlsgiga If yes, how are you doing it?
23:17 geekatcmu We use it for Leck
23:18 danlsgiga Leck?
23:18 geekatcmu (linting the salt states, and managing the merge into the production branch of git)
23:18 geekatcmu https://github.com/llnw/Leck
23:19 danlsgiga My intention is basically get the built artifact from Jenkins and deploy to all the nodes
23:19 geekatcmu So, that's something entirely differernt.
23:19 geekatcmu I would recommend an intermediate stage.
23:20 geekatcmu Jenkins should be publishing artifacts to Artifactory or some similar object repository.
23:20 geekatcmu Then salt can simply use that for the canonical source
23:20 danlsgiga Yup, i just want deployment automation, zero build automation
23:21 danlsgiga Humm, geekatcmu, that's actually a good idea
23:22 _JZ_ joined #salt
23:22 danlsgiga How Jenkins would specify the url to download the war file? Does it need to be preset in the salt deploy state?
23:23 geekatcmu Getting it directly from Jenkins means you have to have a build number to generate the relevant URL
23:23 geekatcmu (though there may be a plugin to change that)
23:23 keepguessing joined #salt
23:23 geekatcmu Most object repositories work with both a specific version as well as -LATEST and/or -SNAPSHOT
23:24 ranomore1 we are starting to use the artifactory approach too.
23:24 ranomore1 it's nice.
23:28 LondonAppDev joined #salt
23:29 rem5 joined #salt
23:30 RandyT anyone have hints as to how to debug s3 ext_pillar?
23:30 RandyT I've quieted any errors in the log. Appears to be working, but pillars.items shows nothing
23:30 RandyT nothing logged
23:31 RandyT Have done pillar_refresh
23:49 bonzibuddy joined #salt
23:56 kusams joined #salt

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary