Perl 6 - the future is here, just unevenly distributed

IRC log for #salt, 2016-01-12

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:03 lemur joined #salt
00:07 rem5 joined #salt
00:07 ryau joined #salt
00:08 gimpy937 joined #salt
00:08 foundatron_ left #salt
00:09 gimpy937 I have a number fo minions who call highstate when they start.  How can I determine if that highstate succeeds?  It doesn't seem to be logged on the master.
00:09 hasues joined #salt
00:10 XenophonF Corey: https://docs.saltstack.com/en/latest/ref/configuration/minion.html#minion-logging-settings
00:10 XenophonF Corey: there are corresponding settings for the master, syndic, etc.
00:11 zenion joined #salt
00:11 perfectsine joined #salt
00:11 XenophonF gimpy937: check the salt master's job history
00:12 foundatron_ joined #salt
00:12 XenophonF RandyT: i haven't run into problems with powershell execution policies
00:13 XenophonF cmdmod automatically adds the relevant flags to the powershell.exe command
00:13 ryau_ joined #salt
00:13 XenophonF admittedly i'm usually calling cmd.run or cmd.wait in that context
00:13 XenophonF i haven't needed to call a powershell script using cmd.script yet
00:13 XenophonF but again it should DTRT
00:14 liskl joined #salt
00:14 gimpy937 XenophonF: Any more information on that?  I can see jobs with `salt-run jobs.list_jobs` but I don't see how to ask salt "what is the state of node X" or "give me jobs which ran on node X"
00:14 bluenemo joined #salt
00:15 RandyT XenophonF: fwiw, cmd.run did not work with this script and apparently was blocking because the zip process insisted on creating a dialog window. from what I have learned, that cannot be controlled as it can be when operating on filesystem folders. cmd.script gets me to point of it running.
00:15 XenophonF gimpy937: salt-run jobs.last_run target=nodename
00:15 RandyT the odd thing here is that the script works perfectly from the command prompt on the box.
00:15 XenophonF gimpy937: https://docs.saltstack.com/en/latest/ref/runners/all/salt.runners.jobs.html#salt.runners.jobs.last_run
00:15 gimpy937 XenophonF: That gives "'jobs.last_run' is not available."
00:15 XenophonF gimpy937: what version of salt on the minion?
00:16 amcorreia joined #salt
00:16 XenophonF gimpy937: that command's new in 2015.8
00:16 gimpy937 XenophonF: too old, any other ways to get the info?
00:17 gimpy937 (at least in the off world of Salt something we put in place with the latest available release just a few months ago is considered "old")
00:17 digitalhero joined #salt
00:18 XenophonF gimpy937: piping the output of list_jobs to something for parsing? i dunno
00:19 XenophonF RandyT: hm iirc something goofy about interactive powershell sessions and windows services
00:20 digitalh_ joined #salt
00:20 XenophonF RandyT: why are you shelling out to unzip something? it should be possible to do that natively within powershell
00:20 RandyT XenophonF: I am doing it natively with -com
00:21 k00mi joined #salt
00:21 XenophonF so something along these lines? http://powershell.com/cs/blogs/tips/archive/2012/10/12/unzipping-files.aspx
00:21 RandyT XenophonF:
00:21 RandyT here is where I am at: https://gist.github.com/rterbush/b08c2eb429162d40d77f
00:21 RandyT and fwiw, I am zipping individual files.
00:22 denys joined #salt
00:22 XenophonF is the shell accessible from a windows service not marked desktop-interactive?
00:22 XenophonF you're probably better of calling out to .NET
00:22 RandyT some other funky behavior, if I try to add Import-Module to top of script, it begins to error out with the Param( statement at the top and fails in more glorious ways. Wondering if this needs some other container when passed into the salt execution process.
00:23 XenophonF https://gallery.technet.microsoft.com/scriptcenter/PowerShell-Function-to-727d6200
00:23 RandyT XenophonF: not even touching services that I am aware of unless by definition, I am without a console.
00:24 XenophonF no i mean the powershell commands are running within the context of the salt-minion
00:24 XenophonF which is a service
00:24 RandyT XenophonF: yes, I have seen this and with help from lorengordon learned a very useful way of doing the unziip with -com
00:24 XenophonF so the shell might not be accessible
00:24 RandyT that all works fine
00:25 RandyT and as mentioned, this script runs from the command line
00:25 XenophonF that's my point
00:25 RandyT so somewhere, I am losing some context when passed via salt...
00:25 XenophonF from the command line, the script has access to your logon session, which is interactive
00:25 XenophonF when salt-minion executes the command, it's in a completely different context
00:26 XenophonF i dunno if you can call the shell via com
00:26 XenophonF i think you need to use .net's system.io.compression.filesystem instead of the shell
00:27 XenophonF in the context of the salt-minion service, the windows shell isn't running
00:27 frew there aren't any salt commands to generate ssh keys are there?
00:27 frew oh wait, I see one
00:27 frew salt.modules.gpg
00:28 frew not quite the same thouhg
00:28 * frew has never used gpg to create an ssh key
00:29 dendazen joined #salt
00:30 RandyT XenophonF: seems basic functions like an "Import-Module" should work as they do form command line.
00:31 RandyT oh well, will see if this works https://blogs.aws.amazon.com/net/post/Tx1UX89ARJV7UC7/Response-Logging-in-AWS-Tools-for-Windows-PowerShell as lorengordon suggested
00:34 XenophonF frew: there's a creates kwarg for cmd.run, so the command only executes if the file specified by creates doesn't exist
00:34 antpa joined #salt
00:34 frew right that's what I'm doing
00:35 frew naming the state id  the command is really bizarre to me
00:35 RandyT lorengordon: fwiw, adding the parameters to that script to do logging also  blow the entire script up as does adding Import-Module
00:36 RandyT I've added the error to the bottom of the gist I am working in
00:37 XenophonF frew: same here, i don't do that except for very simple states
00:37 frew ok
00:37 frew just making sure
00:37 XenophonF i generally override name in the arguments to cmd.run
00:38 seblu joined #salt
00:39 dancat joined #salt
00:41 mapu joined #salt
00:45 larsfronius joined #salt
00:46 stanchan joined #salt
00:49 hightekvagabond joined #salt
00:51 stanchan joined #salt
00:52 lorengordon RandyT: enable the logging on the instance outside of the script
00:52 lorengordon it should be a global setting
00:54 lorengordon Import-Module does work just fine in a script, i do it all the time
00:55 lorengordon and i've also used the shell functions to unzip files inside functions and scripts, works fine
01:02 AdamSewell joined #salt
01:08 digitalhero joined #salt
01:08 CheKoLyN joined #salt
01:11 teryx510 joined #salt
01:14 RandyT lorengordon: not sure why it is complaining, but adding the Import-Module causes problems for the Param( block.
01:14 RandyT I think I have some idea what is going on here now.. appears that credentials assigned via IAM Profile are not loaded when executing these scripts.
01:15 RandyT I need to figure out the magic to manage the credentials within the script it seems by pulling them from the instance meta-data...
01:15 RandyT I am at a point where it is complaining about the key I am providing, so will figure this out after some chow...
01:23 snarfy well i feel pretty silly
01:23 digitalhero joined #salt
01:31 dancat joined #salt
01:31 antpa joined #salt
01:32 brianfeister joined #salt
01:35 akhter joined #salt
01:37 antpa joined #salt
01:37 ryau joined #salt
01:39 rem5 joined #salt
01:47 lemur joined #salt
01:47 lorengordon RandyT: I've never seen anything like that. The only other thing I tend to do is use `[CmdLetBinding()]` at the top of the script, though I'm not sure you're doing anything that would require it
01:58 ryau_ joined #salt
02:02 neogenix joined #salt
02:07 MeltedLux joined #salt
02:09 malinoff joined #salt
02:11 lemur joined #salt
02:11 shaggy_surfer joined #salt
02:21 otter768 joined #salt
02:21 quasiben joined #salt
02:28 antpa joined #salt
02:31 MeltedLux joined #salt
02:33 digitalhero joined #salt
02:33 MeltedLux joined #salt
02:36 cuonglm joined #salt
02:47 ageorgop joined #salt
02:48 ilbot3 joined #salt
02:48 Topic for #salt is now Welcome to #salt! | Latest Version: 2015.8.3 | Paid support available for open source Salt! www.saltstack.com/support | Logs: http://irclog.perlgeek.de/salt/ | Paste: https://gist.github.com/ (please don't multiline paste into channel) | Ask with patience as we are volunteers and may not have immediate answers
02:54 tristianc_ joined #salt
02:55 asco1aro joined #salt
02:55 catpiggest joined #salt
02:59 ryau joined #salt
03:01 jalbretsen joined #salt
03:04 ryau_ joined #salt
03:09 ageorgop joined #salt
03:09 iamtew joined #salt
03:10 antpa joined #salt
03:15 asco1aro joined #salt
03:17 racooper joined #salt
03:20 brianfeister joined #salt
03:42 jalbretsen joined #salt
03:42 jalbretsen left #salt
03:44 brianfeister joined #salt
03:47 dayid_ joined #salt
03:48 favadi joined #salt
03:49 digitalhero joined #salt
03:49 hasues left #salt
03:50 writtenoff joined #salt
03:51 zmalone joined #salt
04:03 _JZ_ joined #salt
04:07 evle joined #salt
04:11 bhosmer joined #salt
04:21 ramteid joined #salt
04:22 otter768 joined #salt
04:22 colegatron joined #salt
04:33 antpa joined #salt
04:39 snarfy joined #salt
04:50 blckbit10 joined #salt
05:09 zmalone joined #salt
05:11 dancat joined #salt
05:21 cberndt joined #salt
05:32 malinoff joined #salt
05:39 antpa joined #salt
05:40 lompik joined #salt
05:41 asco1aro joined #salt
05:51 digitalhero joined #salt
05:53 digitalh_ joined #salt
05:54 favadi joined #salt
05:58 joyrida08 joined #salt
06:03 calvinh joined #salt
06:03 rdas joined #salt
06:05 Grokzen joined #salt
06:11 ryau joined #salt
06:14 JPT joined #salt
06:22 antpa joined #salt
06:23 jhauser joined #salt
06:28 digitalhero joined #salt
06:41 felskrone joined #salt
06:50 digitalhero joined #salt
06:51 asco1aro joined #salt
06:59 LondonAppDev joined #salt
07:14 zer0def joined #salt
07:17 snarfy joined #salt
07:32 duncanmv joined #salt
07:34 slav0nic_ joined #salt
07:36 antpa joined #salt
07:37 rdas joined #salt
07:37 cyborg-one joined #salt
07:38 asco1aro joined #salt
07:38 antpa_ joined #salt
07:49 impi joined #salt
07:49 wych joined #salt
07:56 elsmo joined #salt
08:00 otter768 joined #salt
08:02 otter768_ joined #salt
08:04 otter768 joined #salt
08:06 otter76__ joined #salt
08:08 otter768_ joined #salt
08:10 otter768 joined #salt
08:11 oida joined #salt
08:12 otter768_ joined #salt
08:13 bhosmer joined #salt
08:14 otter76__ joined #salt
08:16 otter768 joined #salt
08:17 otter768 joined #salt
08:19 douardda joined #salt
08:19 otter768 joined #salt
08:21 otter768_ joined #salt
08:23 otter76__ joined #salt
08:25 otter768 joined #salt
08:27 otter768 joined #salt
08:29 otter768_ joined #salt
08:29 fredvd joined #salt
08:31 otter768 joined #salt
08:33 otter768 joined #salt
08:35 otter768_ joined #salt
08:37 otter768_ joined #salt
08:37 dariusjs joined #salt
08:38 otter768 joined #salt
08:40 otter768 joined #salt
08:42 otter768_ joined #salt
08:44 kawa2014 joined #salt
08:44 harkx joined #salt
08:46 otter768 joined #salt
08:48 otter768 joined #salt
08:50 otter768_ joined #salt
08:51 rotbeard joined #salt
08:52 otter768_ joined #salt
08:52 Hydrosine joined #salt
08:55 zerthimon joined #salt
08:56 otter768 joined #salt
08:56 Hydrosine joined #salt
08:57 Rumbles joined #salt
08:57 otter768_ joined #salt
08:59 otter768 joined #salt
09:02 otter768_ joined #salt
09:04 otter768_ joined #salt
09:05 favadi joined #salt
09:05 otter76__ joined #salt
09:05 antpa joined #salt
09:07 otter7___ joined #salt
09:09 otter____ joined #salt
09:10 keimlink joined #salt
09:11 otte_____ joined #salt
09:13 otter____ joined #salt
09:13 GreatSnoopy joined #salt
09:15 antpa joined #salt
09:15 otter768 joined #salt
09:15 antpa joined #salt
09:17 otter768_ joined #salt
09:17 dariusjs joined #salt
09:17 asco1aro joined #salt
09:18 liskl joined #salt
09:19 otter768 joined #salt
09:19 LondonAppDev joined #salt
09:20 antpa joined #salt
09:21 otter76__ joined #salt
09:23 otter768_ joined #salt
09:24 otter768 joined #salt
09:25 antpa joined #salt
09:26 slav0nic_ is there full custom requirements list for salt?
09:26 otter768_ joined #salt
09:26 impi joined #salt
09:28 malinoff joined #salt
09:28 otter768 joined #salt
09:30 s_kunk joined #salt
09:30 s_kunk joined #salt
09:30 otter768 joined #salt
09:31 asco1aro joined #salt
09:32 ingslovak joined #salt
09:32 otter768 joined #salt
09:33 antpa_ joined #salt
09:34 otter768 joined #salt
09:35 larsfronius joined #salt
09:36 otter768 joined #salt
09:38 otter768_ joined #salt
09:38 larsfron_ joined #salt
09:40 otter768_ joined #salt
09:41 otter768 joined #salt
09:44 otter768 joined #salt
09:45 asco1aro joined #salt
09:45 otter768 joined #salt
09:47 otter768 joined #salt
09:49 otter768 joined #salt
09:51 otter768 joined #salt
09:51 chiui joined #salt
09:53 favadi joined #salt
09:53 tercenya_ joined #salt
09:53 otter768_ joined #salt
09:54 darvon joined #salt
09:55 lionel joined #salt
09:55 otter768_ joined #salt
09:55 Vaelatern joined #salt
09:56 antpa joined #salt
09:56 dayid_ joined #salt
09:56 dayid_ joined #salt
09:57 otter768 joined #salt
09:57 anmol joined #salt
09:58 M-MadsRC joined #salt
10:01 otter768 joined #salt
10:02 nahkiss What's the best way to make sure that authorized_keys file only holds the ssh keys I specify?
10:03 nahkiss SALT.STATES.SSH_AUTH.PRESENT seems to be lacking "exclusive" feature that ansible has
10:04 otter768_ joined #salt
10:05 malinoff joined #salt
10:06 dgutu joined #salt
10:07 otter768 joined #salt
10:08 ericof joined #salt
10:08 otter768 joined #salt
10:10 otter768_ joined #salt
10:11 eliasp joined #salt
10:11 digitalhero joined #salt
10:12 otter768 joined #salt
10:12 amcorreia joined #salt
10:15 wuxort joined #salt
10:16 M-MadsRC joined #salt
10:16 wuxort Hello! I've search the web for a solution, but couldn't find one. My problem is that i get 'Reason: 'dockerng' __virtual__ returned False: 'dockerng' __virtual__ returned False: Docker module could not get imported'
10:16 otter768_ joined #salt
10:17 anmol joined #salt
10:17 wuxort I have salt-minion 2015.8.3, docker-ng: 1.6.0, docker: 1.9.1
10:18 otter768 joined #salt
10:18 tmclaugh[work]_ joined #salt
10:19 AbyssOne_ joined #salt
10:20 otter768_ joined #salt
10:22 otter768 joined #salt
10:22 colegatron joined #salt
10:23 viq nahkiss: file.managed
10:23 viq wuxort: open python shell and try importing the docker module, see what happens
10:23 Rumbles joined #salt
10:23 wuxort It can import it
10:24 otter768_ joined #salt
10:24 wuxort >>> import docker >>> docker.__version__ '1.6.0' >>>
10:25 otter76__ joined #salt
10:25 viq wuxort: did you restart salt minion since you installed the module?
10:26 favadi joined #salt
10:27 wuxort viq: Oh, that helped :) Thank you :) How can I be this dumb??
10:28 otter768 joined #salt
10:29 otter768 joined #salt
10:31 douardda joined #salt
10:35 giantlock joined #salt
10:37 bmcorser joined #salt
10:48 Rumbles in my top file I wanted to have a rue for a few servers, I can't just wildcard the part of the domain name that differs as there is another hostname which is similarly named which doesn't want the same config... I was hoping I could use some syntax like 'service.(name1|name2).domain.com': but this doesn't pply any config at all when I have tested.... can anyone confirm if this kind of thing is possible?
11:05 viq Rumbles: you have to tell it what matcher to use, https://docs.saltstack.com/en/latest/topics/targeting/globbing.html#regular-expressions
11:10 Rumbles thanks, I'll have a read
11:21 LondonAppDev__ joined #salt
11:26 rihannon joined #salt
11:28 linjan joined #salt
11:29 _mel_ joined #salt
11:43 Rumbles hmmmmm, I'm using Lithium, trying match: pcre isn't working for me, can you tell me what I'm doing wrong viq? http://fpaste.org/309741/
11:43 viq Rumbles: please use numbers, I can never match codenames to "real version" on any of the projects that use them :P
11:44 Rumbles sorry
11:44 Rumbles salt 2015.5.2 (Lithium)
11:44 Rumbles the docs show 2015.5.9 hough
11:44 Rumbles is that US style dates?
11:44 viq Rumbles: p* in glob is not the same as p* in PCRE
11:45 viq 'proc-dp.*\.(name|name2).*\.domain.net' is what you want
11:45 Rumbles ahhhh
11:45 Rumbles thanks :)
11:45 * Rumbles goes to try
11:45 rmnuvg joined #salt
11:46 viq p* in glob is "p and any characters after". p* in pcre means "p repeated any amount of times, 0 to infinity"
11:46 viq where . is "any character", therefore if you want an explicit period you have to escape it
11:46 Rumbles yeah I should know this :)
11:47 viq https://docs.python.org/2/library/re.html#module-re
11:47 Rumbles yeah that's perfect
11:47 Rumbles thanks!
11:47 dariusjs joined #salt
12:02 LondonAppDev__ joined #salt
12:04 SVQTQ joined #salt
12:05 Rumbles joined #salt
12:05 harkx joined #salt
12:11 ericof joined #salt
12:14 rm_jorge joined #salt
12:14 bhosmer joined #salt
12:17 rubenb joined #salt
12:27 LondonAppDev__ joined #salt
12:30 otter768 joined #salt
12:36 denys joined #salt
12:36 Grokzen joined #salt
12:47 Mandorath joined #salt
12:47 pkimber joined #salt
12:47 chiui joined #salt
12:52 Rumbles joined #salt
12:58 Rumbles joined #salt
12:58 Mandorath Can i resize an logical volume using a state or is it only possible using the module?
13:03 giantlock joined #salt
13:12 SVQTQ joined #salt
13:13 akhter joined #salt
13:13 patrek joined #salt
13:15 morissette joined #salt
13:19 Rumbles joined #salt
13:22 zerthimon joined #salt
13:42 s_kunk joined #salt
13:42 s_kunk joined #salt
13:43 evle1 joined #salt
13:47 antpa joined #salt
13:48 favadi joined #salt
13:51 TyrfingMjolnir joined #salt
13:52 bhosmer joined #salt
13:53 mage_ any idea why something the minion id is "machine" and sometime "machine.fqdn" ?
13:54 edrocks joined #salt
13:57 lompik joined #salt
13:57 irctc745 joined #salt
13:58 vieira_ joined #salt
13:59 vieira_ hello, I am using 2015.5.3 but cannot use haproxy module
13:59 viq mage_: gethostname(), possibly gotten from /etc/hosts
13:59 vieira_ is there any dep that has to be installed? I was looking at the module documentation
13:59 vieira_ but nothing is mentioned there
13:59 vieira_ Module 'haproxy' is not available.
13:59 vieira_ that's all I get
13:59 viq vieira_: https://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.haproxyconn.html ?
14:00 vieira_ that's what I was reading
14:00 vieira_ did I miss something?
14:01 lothiraldan joined #salt
14:01 viq https://github.com/saltstack/salt/blob/2015.5/salt/modules/haproxyconn.py
14:01 viq do you have haproxyctl in path?
14:02 AdamSewell joined #salt
14:03 asco1aro joined #salt
14:05 scoates joined #salt
14:06 anmol joined #salt
14:12 CeBe joined #salt
14:16 racooper joined #salt
14:18 mapu joined #salt
14:20 numkem joined #salt
14:22 giantlock joined #salt
14:25 huddy joined #salt
14:25 tinyhippo joined #salt
14:28 antpa joined #salt
14:28 viq joined #salt
14:29 digitalhero joined #salt
14:31 otter768 joined #salt
14:32 winsalt joined #salt
14:33 cpowell joined #salt
14:38 hasues joined #salt
14:38 hasues left #salt
14:40 bhosmer joined #salt
14:42 asco1aro joined #salt
14:43 antpa joined #salt
14:44 evle3 joined #salt
14:46 antpa joined #salt
14:47 lorengordon joined #salt
14:48 wangofett Hey, is there a way to just echo the results of rendering a template rather than actually applying it? i.e. I have some information in the pillars, and I have a state that generates /etc/hosts, and I want to make sure that I'm generating what I think I am before I actually apply the change to my minion
14:49 coval3nce joined #salt
14:50 perfectsine joined #salt
14:51 dariusjs joined #salt
14:51 FreeSpencer Is it possible to set mysql.host/user/pass from another pillar without declaring it all the time?
14:58 tristianc_ joined #salt
14:59 zmalone joined #salt
14:59 mpanetta joined #salt
15:00 blckbit10 joined #salt
15:01 brianfeister joined #salt
15:02 Tanta joined #salt
15:03 akhter Anyone run into the following error before when using boto_route53?  NameError: global name '__salt__' is not defined
15:04 viq FreeSpencer: elaborate
15:04 FreeSpencer viq well I want to use mysql.user/host/pass in my pillar data but that naming scheme doesnt work with my current pillar data. So I just want to set them to my pillar data
15:05 viq akhter: https://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.state.html#salt.modules.state.show_lowstate  ?
15:05 akhter viq: Checking.
15:05 viq FreeSpencer: I don't think you can use pillars in pillars, if that's what you're asking
15:06 FreeSpencer Basically yeah, and thats what I thought, thanks!
15:06 viq FreeSpencer: though I believe I've seen people playing with jinja includes
15:07 akhter viq: show_lostate does return data if that's what you're asking.
15:07 ekristen joined #salt
15:07 FreeSpencer Hmm interesting concept, I shall look. Thanks!
15:08 viq akhter: argh, sorry, I meant wangofett ....
15:08 viq wangofett: https://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.state.html#salt.modules.state.show_lowstate  ?
15:09 viq akhter: sorry again, and another one for not knowing anything about boto
15:09 akhter viq: The problem doesn't seem to be with boto particularly.
15:09 akhter It seems that the __salt__ dictionary isn't loaded on this module for some reason.
15:10 viq akhter: that's too deep into the internals for me to know anything, sorry
15:10 dendazen joined #salt
15:11 wangofett viq: that seems like it would show the whole shebang. I just went ahead and did the thing anyway... I did a wrong thing the first time, and that failed to run, then I fixed it and did the wrong thing that ran, but it only took two seconds to change it to the right thing and run again. So, no big deal, I guess lol
15:12 Brew joined #salt
15:12 viq wangofett: also there's "salt somehost state.sls somestate test=True"
15:13 wangofett So, the docs (https://docs.saltstack.com/en/latest/ref/states/all/salt.states.service.html) don't show that you can do an unless/onlyif on services... but that's what I want to do. I only want to make sure a service is running if a file exists - that apparently I can't manage via salt
15:13 wangofett (i.e. a file that centrify creates once you've joined active directory)
15:14 AndreasLutro wangofett: unless/onlyif works on every state type
15:14 quasiben joined #salt
15:14 wangofett ah. Well that'll do then :) thanks AndreasLutro
15:15 gh34 joined #salt
15:15 AndreasLutro wangofett: alternatively, you can have a file.exists state with the name of the path to the file, and then your service state require that file state - that'll make your highstate fail until the file exists
15:15 andrew_v joined #salt
15:16 viq wangofett: file.exists
15:16 viq yeah, AndreasLutro beat me to it ;)
15:17 spiette joined #salt
15:20 wangofett I actually like that approach. At first I was thinking I wouldn't want to - but it actually makes more sense to fail on file.exists
15:20 wangofett same way you'd fail if something else didn't work
15:21 wangofett because we expect that centrify will be up and running - it just requires manual intervention (grumblcakes)
15:22 kaptk2 joined #salt
15:22 CheKoLyN joined #salt
15:23 sknebel joined #salt
15:23 deus_ex joined #salt
15:27 digitalhero joined #salt
15:29 kbyrne joined #salt
15:29 teryx510 joined #salt
15:29 tristianc_ joined #salt
15:29 tehsu joined #salt
15:30 kbyrne joined #salt
15:34 favadi joined #salt
15:40 viq wangofett: maybe you can automate that part too? ;)
15:42 cedwards joined #salt
15:44 oliv` joined #salt
15:48 relidy joined #salt
15:50 spuder joined #salt
15:55 ingslovak joined #salt
15:56 dfinn joined #salt
15:57 quasiben joined #salt
16:08 digitalh_ joined #salt
16:09 kbyrne joined #salt
16:14 bhosmer joined #salt
16:14 AdamSewell joined #salt
16:15 AdamSewell joined #salt
16:15 spuder joined #salt
16:17 tristianc_ joined #salt
16:17 akhter Is there a way to attach volumes via salt-cloud profile?
16:17 hightekvagabond joined #salt
16:17 akhter I don't want to create volumes.
16:18 akhter And using volumes argument doesn't work with ephemerals and cannot increase the size of the root volume.
16:18 digitalhero joined #salt
16:19 digitalhero joined #salt
16:21 colegatron joined #salt
16:22 antpa joined #salt
16:26 murrdoc joined #salt
16:32 mapu joined #salt
16:32 ageorgop joined #salt
16:32 otter768 joined #salt
16:34 Trauma joined #salt
16:36 toastedpenguin left #salt
16:38 giantlock joined #salt
16:39 _JZ_ joined #salt
16:42 fas3r joined #salt
16:42 fas3r Hello
16:44 XenophonF akhter: new or existing EC2 instances?
16:44 akhter XenophonF: New.
16:44 spuder joined #salt
16:50 XenophonF akhter: https://gist.github.com/xenophonf/65a318afa1b9fa7e614a
16:50 XenophonF akhter: hm, i guess i assumed you meant AWS
16:50 favadi joined #salt
16:50 akhter Yes.
16:50 XenophonF akhter: anyway, in my example, i'm modifying the root volume
16:51 akhter XenophonF: I commented with what I have, however it's not modifying the root volume.
16:51 dfinn anyone know if the saltstack ppa for ubuntu trusty is still being updated?  it looks like it hasn't been updated since July and the latest version is 2015.5.3
16:51 XenophonF akhter: but you can add to the block_device_mappings list if you want more volumes attached
16:51 akhter XenophonF: How bout already created volumes?
16:51 XenophonF akhter: then once salt-minion's installed on the instance, you can format and mount them
16:51 akhter I have volumes with volume ID's that I'd like to mount.
16:52 XenophonF akhter: then specify the EBS volume IDs just like you would if you were using the AWS CLI
16:53 akhter XenophonF: is that argument "Ebs.VolumeId"?
16:55 XenophonF akhter: http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/block-device-mapping-concepts.html#Using_OverridingAMIBDM
16:56 impi joined #salt
16:56 XenophonF akhter: maybe?
16:57 akhter XenophonF: Not really, this requires snapshots of the EBS volume.
16:57 akhter I only have the volumes without the snapshots and would not like to create a brand new one.  I just want to mount already created blocks.
16:57 justanotheruser joined #salt
16:59 antpa joined #salt
16:59 akhter XenophonF: Check your gist, that's how I'm providing volumes now, however I can't increase sda on that since volumes is parsed after instance creation
16:59 akhter However block_device_mapping and volumes cannot go together.
17:00 akhter Ohhh.
17:00 akhter I see why.
17:00 akhter Stupid error.
17:00 akhter XenophonF: block_device_mappings vs block_device_mapping
17:01 alxchk joined #salt
17:02 XenophonF oh
17:02 XenophonF hah
17:03 akhter Yeah.
17:03 XenophonF i've done that too :)
17:04 akhter But yeah, just for future reference for anyone that wants to know, you can still use the volumes dict to add already created volumes or create new ones.
17:04 akhter I thought it was supposed to be deprecated, however it's not yet.
17:05 dfinn let me rephrase my question, is it recommended to use the saltstack managed repos vs the ubuntu ppa?  i'm debating if it's worth switching from the ppa as things have been really stable but I noticed recently that the versions are a bit out of date (+6 months)
17:06 XenophonF dfinn: i use the saltstack repos since the ppa is so very outdated
17:06 XenophonF as are the fedora coprs
17:07 XenophonF and epel
17:07 zmalone the ppa/copr repos are no longer seeing updates, and there were security fixes in the last ~8 months
17:07 XenophonF :(
17:07 zmalone the new saltstack repo has dependency issues though, so expect some problems there too
17:10 akhter I just end up cloning from git.
17:12 Bryson joined #salt
17:15 shaggy_surfer joined #salt
17:15 fas3r_ joined #salt
17:15 fas3r_ Hello
17:15 wangofett Yeah, I've pretty much exclusively used the bootstrap script. It would be nice if the different repos were a little more... recent :P
17:16 fas3r_ is it possible to have more than one master salt but independant from each other ?
17:16 shaggy_surfer joined #salt
17:17 akhter wangofett: the bootstrap script can also pull from the git stable branch.
17:17 beardedeagle joined #salt
17:17 akhter fas3r_: Yes, with syndic.
17:17 wangofett yeah, I'm pretty sure that's what I do - or give it a specific tag :)
17:17 fas3r_ I need to set up separate masters for different department, interacting on the same servers. I just would like to avoid to have everybody usig the same salt master to do there tasks.
17:18 akhter fas3r_: You can have multiple masters.
17:18 akhter fas3r_: https://docs.saltstack.com/en/latest/topics/tutorials/multimaster.html
17:19 fas3r_ akhter: just started to read about syndic, what would be the best for my case scenario ? multimaster or syndic ?
17:20 akhter If you want a tiered master level where you have one master that can control multiple masters, go with that.
17:20 akhter If you don't want a single master to be able to control others, go with multimaster.
17:20 anotherZero joined #salt
17:21 akhter I've been using syndic, I can't say it's always reliable though.  So far it's been good for me.
17:21 whytewolf even in multimaster the minion only connects to one master at a time. from what it sounds like it wants seperate masters that control different things on the same minions.
17:21 murrdoc is syndic really a thing still
17:21 fas3r_ whytewolf: yes
17:21 fas3r_ basically each department will manage a layer of the minions
17:22 fas3r_ so I was thinkin about configuring an indepedant master for each dep. instead of setting ACL and so on.
17:23 Grokzen joined #salt
17:23 akhter Yeah that can be difficult to do.  I ended configuring a master for each environment and used syndic.
17:23 akhter I almost never use syndic but it's nice to have just in case.
17:24 akhter If you get in the 200+ nodes range, syndic has trouble.
17:24 fas3r_ I have more or less 1000...
17:25 dfinn zmalone, any info on what kind of dependency issues I might run into?
17:26 whytewolf akhter: you have minions that are part of more then one enviroment?
17:26 zmalone They added a dependency on pyopenssl in newer versions, but don't package it, so on most platforms, you'll get non-stop log errors about not having pyopenssl
17:26 fas3r_ akhter: whytewolf: if I configure it in multimaster, each master will be able to deploy on the minions that the key was accepted ? and only push the recipe that are available on each master ?
17:26 akhter fas3r_: That's tough
17:26 zmalone zeromq conflicts with the system zeromq on some platforms, so you need to uninstall salt/zeromq in order to upgrade/install the newer version
17:26 zmalone stuff like that
17:26 jnilsson joined #salt
17:26 dfinn hmm…sounds somewhat annoying
17:26 akhter whytewolf: No, my environment is different, each of my minion is part of a different environment, thus I have masters for each and a single syndic master.
17:27 zmalone It is somewhat annoying.
17:27 whytewolf akhter: basicly what he is asking for isn't possable and will cause cache errors
17:27 akhter Yeah, that's why I say it's tough =]
17:27 fas3r_ hahah aseems that I'm screwed hahah :D
17:27 akhter More than one master will cause cache errors or overwrites on the minions.
17:28 whytewolf maybe seperate users. each running a copy of salt-minion
17:28 fas3r_ I was thinking about setting a new network interface ad use a differet network
17:28 akhter That's heavy.
17:28 fas3r_ like 1network by dep or master but that will be heavy quite fast...
17:29 whytewolf fas3r_: network isn't the problem. even the minion config would be easy. the problem comes from when the minion trys acting on the masters commands.
17:29 fas3r_ I will have to wait then :D
17:29 akhter The minion caches states from the masters and if you have multiple masters, the cache can't stay consistent.
17:30 anotherZero joined #salt
17:30 fas3r_ so to achieve that I would have to share the cache/states between the master ?
17:31 akhter Not sure, I've never tried it this way.
17:31 fas3r_ like explain here : https://docs.saltstack.com/en/latest/topics/tutorials/multimaster.html
17:31 akhter I can't promise you won't run into other issues.
17:31 fas3r_ migrate to salt they told me it's better aaah :D
17:32 whytewolf honestly this approch is fit with problems for any number of softwares.
17:32 stooj joined #salt
17:33 fas3r_ whytewolf: I know just joking.
17:33 akhter For me, salt's been easier than chef.
17:33 akhter Maybe I'm not smart enough for chef :)
17:33 fas3r_ it is.
17:33 whytewolf fas3r_: the shared cache between multimaster is for the masters that are running the same stuff on the minions it is meant as an attept at HA not as a gateway
17:33 fas3r_ it's just that I like the ACL approach but I dont want to share the access to the main master.
17:35 whytewolf well, at some point you need to trust. :P
17:35 fas3r_ hahaa
17:35 whytewolf give them salt-call access?
17:36 whytewolf so they can run commands on the minions but don't have access to the master?
17:36 fas3r_ whytewolf: they wants to be able to preprare there recipe.
17:36 geekatcmu That reminds me: I need to give my IRC bot the capability of running highstates on demand.
17:37 whytewolf give them a git repo. and a development box and get someone to audit everything coming out of them
17:37 fas3r_ wych: I was thiking about it but I'm not sure about limitation and if I can set it up easily
17:37 amcorreia joined #salt
17:37 fas3r_ whytewolf: git repo on te master ?
17:38 dfinn we do something similar with that.  devs get read access to the git repo and can submit merge requests which we have to approve
17:38 whytewolf no a git repo in what ever repo manager software you use. setup a seperate master for a dev enviroment let them have control over that.
17:39 fas3r_ whytewolf: that was the idea but they want to be able to push in prod directl.
17:39 whytewolf when they want to push something to prod have a check and balances audit to make sure it doesn't south
17:39 whytewolf devs should never touch prod directly
17:39 fas3r_ I mean not directly, but by them self.
17:39 fas3r_ sorry wrong word.
17:39 digitalhero joined #salt
17:39 akhter I do this via docker.
17:40 whytewolf devs should never touch anything that pushes prod directly :P
17:40 akhter create dummy docker minions and test states and push whenever possible.
17:40 fas3r_ I dont manage the push.
17:40 fas3r_ the manage there shit hahah :D
17:40 whytewolf idealy humans should never touch prod
17:41 akhter Agreed.
17:41 fas3r_ I just restore when they break everything haa :D
17:41 whytewolf fas3r_: "when they break everything" is exactly why devs shouldn't touch prod.
17:41 writtenoff joined #salt
17:41 fas3r_ whytewolf: I dont make the rules...
17:42 fas3r_ anyway I'n not C/C++ dev so I can not really help them or check what they do
17:42 XenophonF WTH does salt-formula try to install a bunch of stuff using pip when installing salt-cloud?
17:42 XenophonF esp. when installing salt-cloud from a package?
17:42 whytewolf fas3r_: there should be testing in place that runs tests. you shouldn't have to know a lang to audit it.
17:43 fas3r_ whytewolf: we have staging, dev, preprod and pro.
17:43 whytewolf and devs touch it all and contiminate it?
17:43 fas3r_ whytewolf: we have people to check and submit the commit.
17:44 whytewolf ops? or qa?
17:44 whytewolf or devs?
17:44 whytewolf or hopefully devops
17:44 dfinn ha, contaminate :)
17:44 dfinn back to that "gotta trust" thing
17:45 fas3r_ whytewolf: you pointig the fact that I need to trust people :D
17:45 whytewolf trust only goes so far :P
17:45 fas3r_ for sure :D
17:46 fas3r_ it's possible to do a  test=True with salt-call ?
17:46 whytewolf yeah
17:46 fas3r_ ok
17:47 fas3r_ I think I will hit this way because the multimaster does not seems really clean.
17:47 fas3r_ I mean for my needs.
17:48 whytewolf good luck! :)
17:50 fas3r_ thanks mate good day
18:02 digitalhero joined #salt
18:05 hasues joined #salt
18:05 hasues left #salt
18:05 impi_ joined #salt
18:06 digitalh_ joined #salt
18:07 digitalhero joined #salt
18:07 Fiber^ joined #salt
18:08 snarfy joined #salt
18:09 shaggy_surfer joined #salt
18:10 AlberTUX joined #salt
18:19 edrocks joined #salt
18:21 hightekvagabond joined #salt
18:24 fridder joined #salt
18:31 bhosmer_ joined #salt
18:33 otter768 joined #salt
18:34 morissette joined #salt
18:37 Bryson joined #salt
18:37 snarfy joined #salt
18:44 coval3nce there a way to call salt-call where it won’t refresh the files root from the master?
18:45 Ch3LL joined #salt
18:48 lemur joined #salt
18:49 snarfy^ joined #salt
18:54 antpa joined #salt
18:57 frew my google fu may be failing me; there's not already a salt module that handles linux capabilites is there?
18:57 wangofett As it turns out, for the s3 buckets back end salt does not handle empty buckets very well: https://github.com/saltstack/salt/issues/30276#issuecomment-170675631
18:57 saltstackbot [#30276]title: Is filesystem s3fs broken on Centos7 w/2015.8.1, or am I doin' it wrong? | Master config:...
18:57 wangofett frew: linux capabilities?
18:57 frew yes
18:57 wangofett e.g.?
18:57 frew see man setcap, getcap
18:58 frew sorta like setuid bits but more limited
18:58 frew you can make a given program able to open low ports wihtout setuid root
18:58 GreatSnoopy joined #salt
18:59 larsfronius joined #salt
18:59 wangofett interesting!
19:00 wangofett I've actually never seen that before... My google-fu doesn't bring anything up
19:00 frew wangofett: http://linux.die.net/man/7/capabilities
19:01 ryau joined #salt
19:01 wangofett I think you may have to do cmd.run for that - I'm not seeing anything myself via Google
19:01 frew yeah I am
19:01 frew it's just really gross
19:02 frew https://gist.github.com/frioux/2b6049d75a09643664b0
19:02 frew that's what I came up with
19:02 whytewolf you could always write a module/state :P
19:03 frew whytewolf: yeah I was thinking about it
19:03 hightekvagabond joined #salt
19:03 wangofett Doesn't seem that gnarly. Less awesome than desired of course, but it could be worse
19:03 frew the quoting in the onlyif kills me
19:04 wangofett Fair enough. It certainly makes it awkward
19:05 frew anyway this will probably work.
19:05 elsmo joined #salt
19:05 frew but later on I might contribute a module or something.
19:05 wangofett +1
19:05 frew esp if python has a way to check the capability more directly (haven't checked)
19:06 whytewolf frew: https://pythonhosted.org/python-prctl/
19:06 iggy coval3nce: --local I think should do it
19:06 wangofett frew: http://stackoverflow.com/a/21561663/344286
19:07 frew sweet
19:07 wangofett Since I'm guessing you're not running Salt on Python3 yet...
19:08 frew oh I can't tell, does pythonhosted.org mean python3?
19:08 wangofett It's not awful, but I don't know that I'd call it elegant either ;)
19:09 wangofett Hm. Not sure if pyxattr is good for python2 or not
19:09 whytewolf wangofett: I think he was mixing the doc i posted and the one you posted
19:09 frew I am
19:09 frew sorry
19:09 wangofett frew: nah, python3.3 included os.getxattr
19:10 whytewolf python3.3 has os.getxattr. before that there is the python module python-prctl
19:10 frew prctl seems like the best path forward to me
19:10 diegows joined #salt
19:11 diegows is there a way to regenerate the /usr/lib/python2.7/site-packages/salt/_syspaths.py file?
19:13 diegows fixed :)
19:18 quasiben joined #salt
19:24 seanie joined #salt
19:25 seanie Hey
19:25 seanie Has anyone had any luck with the live profiling?
19:25 seanie https://docs.saltstack.com/en/develop/topics/troubleshooting/master.html#live-salt-master-profiling
19:25 seanie when I send my sig command nothing happens and there is no log output and when I send it again nothing happens and nothing in is written
19:25 seanie salt-master 2015.5.0 (Lithium)
19:26 lemur joined #salt
19:28 denys joined #salt
19:28 zmalone I don't get any output on 2015.8.3 either, although my master seems to hand when I run killall -SIGUSR2 salt-master
19:29 zmalone subsequent salt commands never run
19:32 mansquid joined #salt
19:33 seanie :S
19:33 seanie Know any other way to profile?
19:34 gimpy937 left #salt
19:35 flowstate joined #salt
19:36 snarfy joined #salt
19:38 Fiber^ joined #salt
19:39 noel joined #salt
19:39 hightekvagabond joined #salt
19:41 antpa joined #salt
19:41 quasiben joined #salt
19:43 brianfeister joined #salt
19:47 brianfeister joined #salt
19:52 giantlock joined #salt
19:57 impi_ joined #salt
19:58 viq_ joined #salt
19:59 shaggy_surfer joined #salt
20:02 MikeyYeahYeah joined #salt
20:13 neogenix joined #salt
20:14 onlyanegg joined #salt
20:17 neogenix_ joined #salt
20:18 snarfy joined #salt
20:26 eagles0513875_ joined #salt
20:27 flowstate joined #salt
20:34 otter768 joined #salt
20:38 neogenix joined #salt
20:42 eagles0513875_ joined #salt
20:43 brianfeister joined #salt
20:44 viq_ joined #salt
20:46 mateus joined #salt
20:47 mateus Hello
20:47 aurynn hi
20:47 mateus how do I echo a value inside a loop please ?
20:48 murrdoc whats a loop please
20:49 aurynn salt uses jinja2 templating, so I'd check the docs at http://jinja.pocoo.org/
20:49 fredvd joined #salt
20:51 GreatSnoopy joined #salt
20:53 mateus murrdoc:  http://pastebin.com/gKtm1xkD
20:53 mateus better with an example.
20:55 TyrfingMjolnir joined #salt
20:55 jnilsson joined #salt
20:59 lemur joined #salt
21:01 mtottenh joined #salt
21:02 mtottenh Hi there, I've been poking around in the code but I'm having trouble, is there a way in which I can specify to Salt-SSH the path to the ssh binary to use?
21:06 AndreasLutro mtottenh: I wouldn't think so, you'd have to poke around in the source to make sure I guess
21:07 babilen mateus: That is, essentially, how you do it. It would, however, not constitute a syntactically correct state.
21:08 eliasp joined #salt
21:14 mateus babilen: what do you mean ?
21:14 brianfeister joined #salt
21:15 cberndt joined #salt
21:15 mateus babilen: basically I would like to pass a list of argument to execute different part of my code. Is it the wrong approach to do so ?
21:15 RandyT lorengordon: reporting back that the issues I was struggling with on that script were all about some jinja globbing I was trying to do.
21:15 lorengordon right on
21:16 RandyT lorengordon: it works as designed now
21:16 lorengordon glad you figured it out :)
21:16 RandyT I do need to add a bit more state checking of return values, but the worst is over. :-)
21:16 RandyT thanks for your help with it.
21:16 lorengordon np
21:16 babilen mateus: I'd simply write different states for that and call them explicitly .. or better even, just run highstates against your minions
21:16 elsmo joined #salt
21:18 mateus babilen: you call more than one states at the time ?
21:20 antpa joined #salt
21:25 lemur joined #salt
21:25 babilen mateus: I typically run highstates against my minions ..But then, you shouldn't think about what I'm doing, but tell us what you want to do
21:27 justanotheruser joined #salt
21:28 rotbeard joined #salt
21:29 Borromini joined #salt
21:30 Borromini hi guys. i want to extract an archive through salt from salt:// and keep the tarball there, the docummentation suggests i need to add a 'keep' option into the sls file
21:31 Borromini but when i do salt complains it's an invalid keyword for archive.extracted, and that my 'approach will work until salt lithium is out'
21:31 lemur joined #salt
21:32 Borromini https://paste.debian.net/365101/ < this is my sls code
21:32 snarfy joined #salt
21:32 mateus babilen: I would like to execute/change some scripts/files depends on some argument that could be pass to salt.
21:33 babilen mateus: Could you be more specific?
21:33 babilen Borromini: doesn't "keep" just cause it to be kept in the minion's cache?
21:33 Borromini babilen: yes, that's what it should do
21:33 babilen Borromini: And it doesn't?
21:34 Borromini babilen: i'm just running tests now, it does
21:34 babilen So .. all is well?
21:34 Borromini the warning confuses me as to what is best practice though :)
21:34 babilen Which version of salt are you running?
21:34 Borromini 2015.8.3
21:35 babilen That is way past lithiom
21:35 Borromini ah ok
21:36 bonzibuddy joined #salt
21:36 Borromini i guess i can safely ignore that warning then, thanks :)
21:36 AndreasLutro other way around
21:36 brianfeister joined #salt
21:36 bonzibuddy hello folks! I have a file.symlink on a windows minion, i want to update it (ie link it to a different file), but it gives me an permission error - is there a better way to replace the symlink via salt?
21:36 AndreasLutro your code is only working by accident (someone forgot to remove deprecated code)
21:37 babilen Borromini: What's the exact phrasing? I can't quite find a version check on keep ..
21:37 Borromini sec
21:37 mateus babilen: for example I have a states to deploy an application and depends of the users,location,etc, etc, etc I have some specific features that need to be deploy and many files need to be updated/modified.  I thought that passing them via an array as an argument and treat it directly in the sls file would be the best.
21:38 babilen Borromini: What's the actual error you get?
21:38 Borromini Warnings: 'keep' is an invalid keyword argument for 'archive.extracted'. If you were trying to pass additional data to be used in a template context, please populate 'context' with 'key: value' pairs. Your approach will work until Salt Lithium is out. Please update your state files.'
21:38 Borromini babilen: give me a sec, looks like the minion is outdated >_>
21:39 babilen mateus: You could do that, but it is not really what I would consider best practice for salt. Salt is more about describing a "state" that you want a specific minion to be in and to write quite generic states to achieve it. Those generic states can then be tailored to your needs by passing in minion specific data via pillars.
21:40 babilen mateus: You then simply tell the minion "achieve your state" (i.e. what is called a highstate run) rather than using it to *manually* perform the steps to achieve that state yourself.
21:40 babilen Borromini: That sounds like a likely explanation
21:42 mateus babilen: OK but you have to pass some data to this highstate no ?
21:43 babilen mateus: Not really, no. I mean you do that by means of pillars (which are essentially python dictionaries that are specific to each minion), but you wouldn't necessarily pass them on the command line
21:44 mateus babilen: OK that's I saw in doc. But it needs static data no ?
21:45 mateus or it can be given dinamically
21:45 babilen But if you just want to fire of a few "quick-n-dirty" SLS files that you can control via some data in pillars that can be done
21:45 mateus or you need to generate the pillar before calling salt ?
21:45 babilen What does "dynamically" mean in this context exactly?
21:46 babilen You would typically write your pillars before you run your highstate, yes.
21:46 babilen But lets make this specific .. one actual problem that you are trying to solve
21:46 amcorreia joined #salt
21:47 mateus babilen: for example I have a new user and I want to deploy everything that he needs depends on certain values from a DB. I should then generate the pillar flat file before calling salt.
21:48 babilen You can access various databases as external pillars .. but "everything" is still a bit vague.
21:49 babilen I mean you would naturally check pillar values in your SLS files and execute different states or just use pillar arguments as states, but you wouldn't necessarily want to force your users to pass them via the command line all the time.
21:49 Borromini babilen: sorry about the fuss. getting the minion on 2015.8.3 makes the warning go away indeed
21:50 babilen mateus: Take a look at https://github.com/saltstack-formulas/users-formula/blob/master/users/init.sls#L7 and the example pillar at https://github.com/saltstack-formulas/users-formula/blob/master/pillar.example#L7 for example. This code creates users based on the data passed via pillars and wouldn't do *anything* if no data is passed. You therefore configure your state entirely via pillars.
21:50 krishnak joined #salt
21:51 babilen Borromini: Great!
21:51 Borromini a quick question: i am a bit confused about state files vs pillar, but am i assuming correctly if i want e.g. salt to do something for user a/b/c/d, then i should define the users present on each system (because they vary) through salt?
21:52 Borromini erm through pillar, so salt looks at pillar to match a system to the users present?
21:52 krishnak hi there! for windows minion state win_update (to install security patche), is there a way to skip one of the patch?
21:52 krishnak It seems to install all patches
21:54 krishnak we want to skip some security patches that we surely know will break our code
21:54 krishnak https://docs.saltstack.com/en/latest/ref/states/all/salt.states.win_update.html
21:56 babilen Borromini: Exactly .. Take a look at the users formula I just linked in a message to mateus earlier. It essentially creates and configures users based on data in the pillar (which is specific to each minion). You would then write a single SLS file for each user (or compose multiple) and just target each user to the minions you want it on.
21:56 Borromini babilen: thanks a lot.
21:57 joyrida08 joined #salt
22:00 brianfeister joined #salt
22:03 snarfy joined #salt
22:04 snarfy^ joined #salt
22:06 Borromini night gents
22:06 Borromini left #salt
22:07 baweaver joined #salt
22:20 morissette joined #salt
22:21 colegatron joined #salt
22:22 hightekvagabond anyone around to help with some newbie questions about states?
22:22 babilen Just ask
22:23 hightekvagabond I'm very confused, I've built a top.sls that is supposed to just copy a file from my master to the minion, I can see the top.sls land on the minion, but I don't see it exicuted
22:25 hightekvagabond this is the error I'm seeing: TypeError: unhashable type: 'OrderedDict'
22:25 shaggy_surfer joined #salt
22:25 babilen Paste your top.sls, the state, your command and its output to one of http://refheap.com, http://paste.debian.net, https://gist.github.com, http://sprunge.us, http://dpaste.de, … please
22:26 ekristen does saltstack support docker registry v2 and its token auth yet?
22:29 brianfeister joined #salt
22:33 murrdoc no
22:33 murrdoc clue
22:33 bhosmer joined #salt
22:34 murrdoc it uses docker.imprt_image
22:34 murrdoc from python
22:34 murrdoc https://github.com/docker/docker-py#api
22:35 otter768 joined #salt
22:36 RandyT question, having a hard time formulating this question to produce anything useful in search.
22:36 RandyT I have a state that runs to install an application and associated databases.
22:37 RandyT I'm using that same state to deploy new releases which often include database updates.
22:37 teryx510 joined #salt
22:37 RandyT in my development environment, those databases all live on the same minion.
22:37 RandyT in production, they are on different minions.
22:38 RandyT How do I conditionally apply the state of the database updates to a different minion than the one running the current state to update the application?
22:39 RandyT {% if {{ environment }} == production %} state.sls on this target minion.
22:40 hightekvagabond ok, problems running my top.sls here: https://gist.github.com/hightekvagabond/3a9f7ade826c32481128
22:42 babilen hightekvagabond: https://gist.github.com/hightekvagabond/3a9f7ade826c32481128#file-top_sls_problem-log-L14 that shouldn't be in top.sls, but in a separate SLS file that you reference in thw top.sls
22:42 hightekvagabond is that an issue of mechanics or just proper use?
22:42 babilen mechanics?
22:43 whytewolf hightekvagabond: https://gist.github.com/hightekvagabond/3a9f7ade826c32481128#file-top_sls_problem-log-L6-L11 this should be in your /etc/salt/master file
22:43 babilen Oh, that too
22:44 babilen Essentially .. split that. Put the upper part in your master config and the lower part in a file in file_roots (e.g. /srv/salt/setupdb.sls). Then write a top.sls file in /srv/salt/top.sls with something like "base: '*': - setupdb" (+ indentation) in it
22:46 wangofett Is it possible to like... dynamically select the pillar data you want to pass to a file/jinja template?
22:46 wangofett say you have three config files that go in /etc/A/fnord.conf and /etc/B/fnord.conf and /etc/C/fnord.conf
22:47 wangofett maybe make that <thing>/A/fnord.conf, etc.
22:47 zenlot joined #salt
22:49 hightekvagabond SUCESS! Thank you!
22:49 wangofett we've got three different configurations of the same service that need mostly the same but slightly different configs...
22:51 mosen joined #salt
22:52 elsmo joined #salt
22:53 RandyT can a watch: be applied to a file on S3?
22:53 flowstate joined #salt
22:53 norii joined #salt
22:53 whytewolf I do get tired of saying this. cause it comes up in here A LOT. watch does not watch files. it watches states. and most times those states effect files.
22:54 RandyT ah, so the example I am looking at... just a coincidence that it is looking at a file.managed: state...
22:55 Eureka703 joined #salt
22:55 whytewolf RandyT: correct
22:55 RandyT I see, thanks
22:57 baweaver joined #salt
22:57 patrek_ joined #salt
22:57 hasues joined #salt
22:59 beardedeagle @whytewolf: the gift of having people come from puppet
23:01 whytewolf beardedeagle: ah. well. as yoda says. you must unlearn all you have learned.
23:04 hasues joined #salt
23:04 hasues left #salt
23:05 elsmo joined #salt
23:05 RandyT so continuing the line of questioning around my current challenge...
23:05 RandyT is it possible to trigger a state run off of a listen: targeted at a specific minion?
23:06 whytewolf RandyT: well. for cross minion configurations instead of highstate typically orchestrate is used
23:07 RandyT whytewolf: ok, interesting.. so make my software updates an orchestrated task...
23:07 whytewolf RandyT: well gets a little more complex then that. need to split things up so that one thing can trigger another
23:08 hasues joined #salt
23:08 hasues left #salt
23:08 whytewolf RandyT: basicly expand on this https://docs.saltstack.com/en/latest/topics/tutorials/states_pt5.html#more-complex-orchestration
23:09 RandyT whytewolf: thanks, I think you've given me what I needed. I have the states written, just struggling with how to "orchestrate" them. :-)
23:09 * RandyT slap
23:10 onlyanegg joined #salt
23:14 digitalhero joined #salt
23:16 RandyT would jinja in an orchestrate state file be processed when orchestrate is called on that file?
23:16 whytewolf just like with states it is done before hand
23:17 RandyT thks
23:18 whytewolf I tend to use states with orch.
23:18 whytewolf with salt.state
23:18 RandyT yep, that is where I am pointed.
23:18 beardedeagle I use it for cloud shiz
23:19 whytewolf I use it for building clouds :P
23:19 flowstate joined #salt
23:20 beardedeagle event driven orchestration? what is this sorcery!?!
23:20 whytewolf it is a beautiful beautiful thing
23:22 snave joined #salt
23:28 TimMc left #salt
23:32 MindDrive joined #salt
23:33 zmalone joined #salt
23:33 mansquad joined #salt
23:43 tristianc_ joined #salt
23:46 iggy RandyT: also of note, orchestrate jobs run in the master context, so they don't have access to all the things that minions normally do
23:47 iggy (that's why most of my orch jobs end up being a lot of "run this state here, run that state there" etc)
23:47 perfectsine joined #salt
23:47 RandyT iggy: thanks good to be aware of that
23:49 snarfy^ joined #salt
23:50 viq joined #salt
23:51 mansquid joined #salt
23:53 baweaver joined #salt
23:53 krishnak joined #salt

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary