Perl 6 - the future is here, just unevenly distributed

IRC log for #salt, 2016-02-06

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:01 murrdoc iggy:  whats the option to see the errors for a state.sls run
00:01 saltsa joined #salt
00:05 jfindlay murrdoc: are you talking about a test run or do you want to filter the output to only show errors?
00:05 keimlink_ joined #salt
00:06 Guest36793 joined #salt
00:07 bhosmer_ joined #salt
00:09 murrdoc joined #salt
00:10 baweaver joined #salt
00:15 jtylers joined #salt
00:15 ewenig joined #salt
00:18 coderMe joined #salt
00:21 Guest36793 joined #salt
00:28 ewenig has anyone run into issues trying to pass a `user.present` state as a `prereq` to another state?
00:30 iggy murrdoc: I'm going to have to refer you to SPO
00:41 Guest36793 joined #salt
00:49 cyborg-one joined #salt
00:52 joe__n joined #salt
00:56 Guest36793 joined #salt
00:57 terratoma joined #salt
01:02 bhosmer joined #salt
01:14 justanotheruser joined #salt
01:18 Guest36793 joined #salt
01:29 shoemonkey joined #salt
01:33 rem5 joined #salt
01:35 whytewolf joined #salt
01:40 spaceSub joined #salt
01:40 whytewolf joined #salt
01:43 spaceSub joined #salt
01:45 baweaver joined #salt
01:46 krymzon joined #salt
01:53 subsignal joined #salt
01:55 amcorreia joined #salt
01:56 bhosmer joined #salt
02:10 stooj joined #salt
02:12 aqua^c joined #salt
02:20 Guest36793 joined #salt
02:23 hightekvagabond joined #salt
02:26 catpiggest joined #salt
02:35 Guest36793 joined #salt
02:36 buglessdr joined #salt
02:37 rem5 joined #salt
02:38 ninjada joined #salt
02:49 akhter joined #salt
02:51 rem5 joined #salt
02:55 michelangelo joined #salt
02:55 shoemonkey joined #salt
03:15 Diaoul joined #salt
03:17 antpa joined #salt
03:21 buglessdr joined #salt
03:22 shoemonkey joined #salt
03:28 buglessdr joined #salt
03:34 digitalhero joined #salt
03:41 racooper joined #salt
03:44 bhosmer joined #salt
04:03 hasues joined #salt
04:05 hasues left #salt
04:08 hightekvagabond joined #salt
04:09 hightekvagabond joined #salt
04:10 hightekvagabond joined #salt
04:12 hightekvagabond1 joined #salt
04:13 hightekvagabond joined #salt
04:15 treaki joined #salt
04:17 _beardedeagle joined #salt
04:19 lompik joined #salt
04:22 saltsa joined #salt
04:26 Guest36793 joined #salt
04:34 Pie_Mage joined #salt
04:35 beardedeagle joined #salt
04:41 Guest36793 joined #salt
04:47 lyh joined #salt
04:47 buglessdr joined #salt
04:59 Guest36793 joined #salt
05:14 subsignal joined #salt
05:16 zmalone joined #salt
05:32 JPaul joined #salt
05:37 ruxu joined #salt
05:38 Guest36793 joined #salt
05:41 ruxu joined #salt
05:48 tligda joined #salt
05:52 joe__n joined #salt
06:05 FeatherKing joined #salt
06:10 joe__n joined #salt
06:15 tweakism joined #salt
06:16 tweakism Wow, guys... the develop docs seem like someone has been working on them really hard.
06:19 rickflare2 joined #salt
06:36 kalessin joined #salt
06:38 ruxu joined #salt
06:41 cztanu joined #salt
06:41 cztanu freenode
06:41 cztanu oopsie
06:42 aqua^c joined #salt
06:45 linjan_ joined #salt
06:47 Guest36793 joined #salt
06:51 beardedeagle left #salt
06:53 beardedeagle joined #salt
06:54 aqua^c joined #salt
06:56 kshlm joined #salt
07:09 antpa joined #salt
07:11 Guest36793 joined #salt
07:20 tligda joined #salt
07:31 jeffspeff joined #salt
07:32 jeffspeff joined #salt
07:33 jeffspeff joined #salt
07:35 Guest36793 joined #salt
07:38 tehsu joined #salt
07:47 Crazy67 joined #salt
07:48 jxm_ joined #salt
08:02 ninjada joined #salt
08:08 ninjada joined #salt
08:11 aidenir left #salt
08:32 FeatherKing joined #salt
08:34 aqua^c joined #salt
08:34 Guest36793 joined #salt
08:38 _JZ_ joined #salt
08:41 saltsa joined #salt
08:42 Yoda-BZH joined #salt
08:43 antpa joined #salt
08:43 malinoff joined #salt
08:45 slav0nic joined #salt
08:45 Rumbles joined #salt
08:52 Trauma joined #salt
09:04 wych joined #salt
09:07 Trauma joined #salt
09:09 bhosmer_ joined #salt
09:15 garphy joined #salt
09:18 ggoZ joined #salt
09:22 joe__n joined #salt
09:26 cyborg-one joined #salt
09:37 ggoZ joined #salt
09:39 ninjada joined #salt
09:42 cztanu joined #salt
09:47 malinoff joined #salt
10:02 elsmo joined #salt
10:03 krymzon joined #salt
10:03 RandyT joined #salt
10:04 bhosmer_ joined #salt
10:04 ruxu joined #salt
10:13 ruxu joined #salt
10:16 pduersteler joined #salt
10:16 totzky joined #salt
10:18 pduersteler Hi all. I'm currently trying to write a state that compiles a piece of software, which requires a few other packages as well as development libraries. I'm now wondering what the way-to-go is.. would I write an sls for every package and require/include them in my compiling state, or would I just add all required packages in my compiling state to kg.installed?
10:28 tweakism possibly none of those
10:28 tweakism I'm just a beginner, btw, ... fair warning
10:28 tweakism but I think it's more common in Salt to just have 1 state that "installs packages", that runs on every host
10:28 AndreasLutro pduersteler: whichever you want ;)
10:28 tweakism but it gets its list of which packages to install from, usually I think, pillar data
10:29 tweakism which can be hierarchial, etc. etc.
10:29 pduersteler I'm playing around on many things and getting my hands dirty, and if it works im always like "okay, and how do I put that into something clean", hence my question ;) thanks, I'll keep it simple then
10:30 tweakism and people actually seem to really like doing it that way once they get into it... it feels really foriegn to me, coming from puppet though... probably to most people... I really do wish I could keep related code together... but I'm slowy coming to understand the wisdom.
10:32 tweakism like one thing I loved in puppet, was I could have one file that was about Install Product XYZ, and it would list 1) dependent packages to install, 2) setup of XYZ itself, 3) firewall rules that need to be added for XYZ, 4) a description of how to monitor XYZ on this host, which will actually be exported from this host, and realized on a different host, where the monitoring system and its config lives, 5) same
10:32 tweakism idea as the last one, except could be DNS records, etc.
10:32 tweakism Salt seems like that's no longer much of a goal, keeping those together?
10:34 tweakism I feel like remembering to update firewall rules when I adjust a service config, is going to require me to remember that there are also firewall rules configured, and where they are, rather than just being naturally in front of my face once I start working on the service.
10:34 tweakism (that's a contrived example, obviously.)  Input welcome, I may have just totally confused myself!
10:35 Crazy67 joined #salt
10:37 xf10e joined #salt
10:37 xf10e hi *
10:41 xf10e oh, the channels topic is outdated. we are at 2015.8.5 now
10:43 AndreasLutro tweakism: what you'd do is have a pillar file for your service that adds a bunch of data to existing states
10:45 malinoff joined #salt
10:46 AndreasLutro tweakism: an example from my personal setup: https://bpaste.net/show/64c716500cab this pillar data is consumed by the nginx state to generate vhosts, uwsgi state to generate uwsgi configs, python state to create a virtualenv, postgres state to create the database/user, fail2ban state to add the filter and jail
10:53 tweakism your description sounds like *exactly* what I'd want
10:53 ruxu joined #salt
10:53 tweakism but I am pretty confused by your file :)
10:54 AndreasLutro okay, that file would go in /srv/pillar/qdb.sls
10:54 AndreasLutro and for whatever server I'd want to run that website, I'd add "qdb" to it in /srv/pillar/top.sls
10:54 AndreasLutro if you have any more specific questions, please go ahead
10:56 GnuLxUsr joined #salt
10:57 Guest36793 joined #salt
10:57 tweakism nah, I actually get it now
10:57 tweakism thx, that was very helpful.. I hadn't gotten how pillar data could be grouped usefully like this before.
10:58 AndreasLutro cool
10:58 bhosmer_ joined #salt
10:59 AndreasLutro yeah it's very neat. the yaml can get a bit annoying if you have lots of servers, but you can alleviate that by using external pillars and a database or external app for storing this sort of data
10:59 xf10e or just write your data in separate yaml files which you load into your jinja ;)
11:00 AndreasLutro well.. my issue is we have like 400 servers running customer websites, I don't want 400 yaml files, especially if I at some point need to add some data to all of them
11:00 xf10e *G*
11:00 xf10e yeah
11:01 AndreasLutro so we'll be writing a python web app with a REST API for the customer data, and grab that data with an external pillar module
11:03 xf10e maybe i'll look into consul or even use postgresql and have it assembling the data I want into JSON
11:04 xf10e for now 50ish users and workstations + probably the same number of servers and VMs works well enough with file_roots
11:04 tweakism I'm definitely thinking of doing IP addressing, including final assignment to hosts, in an IPAM tool e.g. NIPAP, then having something that can synthesize from that, whatever salt needs, to teach all my nodes how to configure all of their 2nd-ary addresses and whatnot.
11:05 tweakism so I guess it could interrogate the IPAM tool's API (or database tables, or whatever), and just output YAML into /srv/pillars ?
11:05 tweakism or is there a better way to do that?
11:05 AndreasLutro just write a python function that returns a dict, and add that as an external pillar in salt
11:06 AndreasLutro https://docs.saltstack.com/en/latest/topics/development/external_pillars.html
11:06 tweakism ah, k.  out of curiosity, what happens if, on one run, the pillar can't connect to the data source and {returns and error} or whatever, instead.  would the old data be cached until new authoriattive data is available?
11:06 AndreasLutro or use existing external pillars, like cmd_json
11:06 AndreasLutro don't know, actually
11:06 * AndreasLutro notes to self
11:07 xf10e I /would think/ the master caches external pillars but I don't know either
11:09 AndreasLutro and I would think that if you throw an exception, salt would abort
11:09 AndreasLutro but, should be tested
11:10 GnuLxUsr joined #salt
11:12 keimlink joined #salt
11:15 jack_ joined #salt
11:27 malinoff joined #salt
11:33 kshlm joined #salt
11:38 catpig joined #salt
11:41 pduersteler How would you evaluate a script template (e.g. put pillar data into it) and then execute it on a minion? The only way I currently see is by using file.managed to put it onto the minion, and then executing it. but I basically don't need the file on the minion
11:42 AndreasLutro pduersteler: cmd.script
11:46 joe__n joined #salt
11:47 pduersteler nice, there it is, thanks
11:52 bhosmer_ joined #salt
12:09 aqua^c joined #salt
12:13 ninjada joined #salt
12:15 kshlm joined #salt
12:16 cangiani joined #salt
12:20 Sterek joined #salt
12:25 jack_ joined #salt
12:29 ruxu joined #salt
12:34 cangiani joined #salt
12:43 cangiani joined #salt
12:47 bhosmer joined #salt
12:48 cangiani joined #salt
12:48 jack_ joined #salt
12:51 ruxu joined #salt
12:52 denys joined #salt
12:56 tracphil joined #salt
12:58 Fiber^ joined #salt
13:03 keimlink joined #salt
13:05 jack_ joined #salt
13:09 antpa joined #salt
13:10 giantlock joined #salt
13:18 jack_ joined #salt
13:19 MK_FG joined #salt
13:26 coderMe joined #salt
13:28 abednarik joined #salt
13:40 malinoff joined #salt
13:41 bhosmer joined #salt
13:46 kawa2014 joined #salt
13:47 donmichelangelo joined #salt
13:54 tligda joined #salt
13:55 jack_ joined #salt
13:57 tweakism joined #salt
13:58 tweakism Can I somehow force a Windows minion to only connect to the master via IPv6?
13:58 hoonetorg joined #salt
14:01 malinoff joined #salt
14:03 joe__n joined #salt
14:07 joe__n joined #salt
14:07 scoates joined #salt
14:08 jack_ joined #salt
14:09 lompik joined #salt
14:11 tweakism also, IMO, running 'salt-key' should automatically print the key fingerprints of any pending keys, to encourage/remind people that fingerprint verification is important.
14:12 tweakism and, it could display the master's fingerprint every time it's run as well
14:12 shoemonkey joined #salt
14:14 AndreasLutro that's a pretty good idea
14:15 tweakism I don't see any reason not to.
14:16 tweakism if anyone's unfortunate enough to be parsing it's output via a shell script right now, they wouldn't even have to make too big of a change ;)
14:17 AndreasLutro apparently there is `salt-key -f`
14:17 AndreasLutro and -F
14:17 tweakism yeah, I know
14:18 tweakism it might be slightly opinionated behavior, but I really think it'd be a nice reminder, if 'salt-key' printed relevant (unverified) fingerprints
14:18 tweakism since *most* people will just be doing that, and will never care enough to use -f -F explicitly
14:19 tweakism but over time of seeing it in the output, they may learn
14:20 jack_ joined #salt
14:22 shoemonkey joined #salt
14:23 AndreasLutro that may be a tall order... but I would like to be able to do `salt-key -f unaccepted` or something like that
14:23 tweakism it was just an idea :)
14:24 tweakism also I fixed my ipv6 issue
14:24 tweakism once I realized I needed to tell salt to listen on ipv6, and then when I realized my salt master DNS name needs an AAAA record ... </user-error>
14:24 zsoftich2 joined #salt
14:25 AndreasLutro you should open a github issue for your idea
14:27 tweakism I'm having second thoughts about the realistic value and likelihood of adoption for fingerprints
14:27 tweakism most people are going to verify the fp via ssh, right?
14:27 tweakism do you supposed they verify their ssh hostkeys out-of-band? :)
14:28 AndreasLutro security conscious people should pre-generate their keys on the master
14:28 AndreasLutro or on some third server with even more restricted access
14:28 tweakism you know, I usually consider that an anti-pattern.  generating keys centrally and then distributing them, I mean.
14:29 tweakism for ssh keys, SSL keys, etc.
14:29 tweakism but I can't decide if it really matters for typical salt use cases
14:29 rem5 joined #salt
14:29 AndreasLutro well, we need automation, we can't ssh into the master and accept a key manually each time a new server gets provisioned
14:30 tweakism ah, yeah, I see what you mean
14:30 tweakism seems like a reasonable tradeoff to me, then
14:32 shoemonkey joined #salt
14:32 coderMe joined #salt
14:33 sfxandy joined #salt
14:35 bhosmer joined #salt
14:40 jack_ joined #salt
14:41 cangiani joined #salt
14:46 jhauser joined #salt
14:47 pduersteler joined #salt
14:48 malinoff joined #salt
15:03 abednarik joined #salt
15:10 cangiani joined #salt
15:10 Pie_Mage joined #salt
15:11 antpa joined #salt
15:13 rem5 joined #salt
15:15 abednarik joined #salt
15:21 malinoff joined #salt
15:23 jack_ joined #salt
15:29 bhosmer joined #salt
15:31 Rumbles joined #salt
15:32 jack_ joined #salt
15:35 amcorreia joined #salt
15:36 slav0nic joined #salt
15:39 jack_ joined #salt
15:40 shoemonkey joined #salt
15:42 tristianc joined #salt
15:45 buglessdr joined #salt
15:56 jack_ joined #salt
15:57 subsignal joined #salt
16:04 joe_n joined #salt
16:04 jack_ joined #salt
16:10 joe_n joined #salt
16:15 jack_ joined #salt
16:19 sjorge nahamu: the non smartos specific bits should also improve support for solaris 10 at least
16:19 sjorge I think solaris 11 too but I am not sure as I know they diverged a bit
16:22 rem5 joined #salt
16:23 bhosmer joined #salt
16:24 jack_ joined #salt
16:26 cangiani joined #salt
16:30 edulix joined #salt
16:33 jhauser joined #salt
16:38 pduersteler I'm hanging a bit.. how do I access variables in a jinja template set through "defaults" in a state?
16:40 _JZ_ joined #salt
16:43 jack_ joined #salt
16:44 pduersteler ah, got it, .. assigning was wrong
16:45 CheKoLyN joined #salt
16:45 joe_n joined #salt
16:49 ggoZ joined #salt
16:51 kawa2014 joined #salt
16:53 noname joined #salt
16:59 cangiani joined #salt
16:59 pduersteler Is it possible to let a stateful script via cmd.script fail? as far as I have seen, you can only return "changed" with values yes or no
17:01 scoates joined #salt
17:01 jack_ joined #salt
17:06 AndreasLutro pduersteler: a cmd.script fails if it exits with a status code != 0
17:07 malinoff joined #salt
17:12 antpa joined #salt
17:16 krymzon joined #salt
17:19 abednarik joined #salt
17:26 rem5 joined #salt
17:28 writtenoff joined #salt
17:30 nyx_ joined #salt
17:34 cangiani joined #salt
17:36 jack_ joined #salt
17:45 rem5 joined #salt
17:47 mapu joined #salt
17:48 pmcg joined #salt
17:57 onlyanegg joined #salt
18:00 zmalone joined #salt
18:00 zmalone left #salt
18:03 hightekvagabond joined #salt
18:05 EvaSDK joined #salt
18:06 yidhra joined #salt
18:12 bhosmer joined #salt
18:12 yidhra joined #salt
18:22 quinguu joined #salt
18:23 quinguu left #salt
18:27 aqua^c joined #salt
18:30 jack_ joined #salt
18:40 yidhra joined #salt
18:42 jack_ joined #salt
18:44 tehsu Is there a way to redact pillar info from smtp returner?
18:56 Rumbles joined #salt
18:57 jack_ joined #salt
19:06 bhosmer joined #salt
19:06 nikogonzo tehsu: afaik any modification to the return data involves writing a wrapper returner
19:07 hosttor joined #salt
19:08 edulix joined #salt
19:09 jack_ joined #salt
19:12 tracphil joined #salt
19:12 tehsu ok
19:17 shoemonkey joined #salt
19:23 tehsu trying to use block_volume with the nova driver and it asks for an image
19:24 mechleg joined #salt
19:26 Rumbles joined #salt
19:28 shoemonkey joined #salt
19:30 krymzon joined #salt
19:30 nyx_ joined #salt
19:30 shoemonk_ joined #salt
19:32 shoemon__ joined #salt
19:32 jack_ joined #salt
19:33 aqua^c joined #salt
19:36 shoemonkey joined #salt
19:36 amcorreia joined #salt
19:41 shoemonkey joined #salt
19:41 coderMe joined #salt
19:45 abednarik joined #salt
19:59 |Fiber^| joined #salt
20:01 bhosmer joined #salt
20:05 viq joined #salt
20:07 digitalhero joined #salt
20:11 jack_ joined #salt
20:22 Rumbles joined #salt
20:25 jack_ joined #salt
20:34 digitalhero joined #salt
20:35 jack_ joined #salt
20:39 joe_n joined #salt
20:40 joe_n joined #salt
20:41 joe_n joined #salt
20:42 joe_n joined #salt
20:45 ruxu joined #salt
20:47 joe_n joined #salt
20:51 joe_n joined #salt
20:54 joe_n joined #salt
20:55 joe_n joined #salt
20:55 bhosmer joined #salt
20:56 rem5 joined #salt
20:58 antpa joined #salt
21:00 joe_n joined #salt
21:06 digitalhero joined #salt
21:09 digitalhero joined #salt
21:12 slav0nic joined #salt
21:14 Rumbles joined #salt

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary