Perl 6 - the future is here, just unevenly distributed

IRC log for #salt, 2016-03-10

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:00 ajw0100 joined #salt
00:00 nZac joined #salt
00:01 mitsuhiko joined #salt
00:08 onlyanegg joined #salt
00:15 jhauser joined #salt
00:20 GreatSnoopy joined #salt
00:20 baweaver joined #salt
00:22 zenlot6 joined #salt
00:28 digitalhero joined #salt
00:30 flowstate joined #salt
00:35 djgerm Is there a way to make a distributed message bus?
00:36 scoates joined #salt
00:44 Eureka70_ joined #salt
00:46 tpaul_ joined #salt
00:46 tristianc_ joined #salt
00:46 jrklein_ joined #salt
00:46 mrbobbytables_ joined #salt
00:46 kuromagi^ joined #salt
00:47 JamieH_ joined #salt
00:47 denys_ joined #salt
00:47 kukacz_ joined #salt
00:47 antonw_ joined #salt
00:48 Garo__ joined #salt
00:48 honestly_ joined #salt
00:48 XenophonF joined #salt
00:48 rogst joined #salt
00:49 JoeJulian_ joined #salt
00:49 xenoxaos- joined #salt
00:49 flebel joined #salt
00:49 TomJepp joined #salt
00:49 akhter joined #salt
00:49 Vlad__ joined #salt
00:49 Puckel_ joined #salt
00:49 Puckel_ joined #salt
00:50 kbaikov joined #salt
00:50 GreatSnoopy joined #salt
00:50 CeBe joined #salt
00:50 yawniek joined #salt
00:50 tweakism joined #salt
00:50 djinni` joined #salt
00:50 rhand joined #salt
00:50 relidy joined #salt
00:50 Zachary_DuBois joined #salt
00:50 Patch joined #salt
00:51 deus_ex joined #salt
00:51 cyborg-one joined #salt
00:51 thebwt joined #salt
00:55 feliks joined #salt
00:55 iceyao joined #salt
00:55 edrocks joined #salt
00:56 iceyao_ joined #salt
00:57 flowstate joined #salt
00:58 kalessin_ joined #salt
00:59 wendall911 joined #salt
00:59 aqua^c joined #salt
01:05 flowstate joined #salt
01:07 fracklen joined #salt
01:10 i90rr joined #salt
01:10 nZac joined #salt
01:15 bhosmer_ joined #salt
01:15 flowstate joined #salt
01:16 djgerm1 joined #salt
01:18 rodr1c joined #salt
01:18 toastedpenguin joined #salt
01:20 jhauser joined #salt
01:22 nikogonzo assuming one has many states that require a http proxy, is there an easy way to set that proxy across all states  that call git.latest for example? or do we have to specify proxies each time for each state
01:22 nikogonzo thanks!
01:22 djgerm1 left #salt
01:29 scoates joined #salt
01:30 digitalhero joined #salt
01:34 akhter joined #salt
01:37 sagerdearia joined #salt
01:43 mowntan joined #salt
01:50 sjmh joined #salt
01:54 subsignal joined #salt
01:54 racooper joined #salt
01:54 brianfeister joined #salt
01:59 peter joined #salt
02:00 Guest49394 hello ,i'm new to salt .is there any opensource base for salt,like forge for puppet?
02:02 Guest49394 any one who can help me?
02:04 Nazca__ joined #salt
02:05 digitalhero joined #salt
02:08 tweakism you might be thinking of the salt formulas repo
02:09 tweakism https://github.com/saltstack-formulas
02:09 dendazen joined #salt
02:13 mr_chris joined #salt
02:14 euidzero joined #salt
02:14 Guest49394 ok ,thank you. i also find one on https://docs.saltstack.com/en/develop/ref/modules/all/index.html. that's good. thank you.
02:21 flowstate joined #salt
02:23 jhauser joined #salt
02:25 digitalhero joined #salt
02:25 Rebus joined #salt
02:27 jeffspeff joined #salt
02:30 quasiben joined #salt
02:37 nZac joined #salt
02:42 calculon joined #salt
02:47 ilbot3 joined #salt
02:47 Topic for #salt is now Welcome to #salt! | Latest Version: 2015.8.7 | Register for SaltConf16: http://saltconf.com/register/ | Paid support available for open source Salt! https://www.saltstack.com/support/ | Logs: http://irclog.perlgeek.de/salt/ | Paste: https://gist.github.com/ (please don't multiline paste into channel) | Ask with patience as we are volunteers and may not have immediate answers
02:48 anmol joined #salt
02:52 edeefelt joined #salt
02:55 digitalhero joined #salt
02:57 catpigger joined #salt
03:00 Riz joined #salt
03:02 darvon joined #salt
03:03 favadi joined #salt
03:04 bhosmer joined #salt
03:05 sjmh joined #salt
03:05 liqw joined #salt
03:12 teryx510 joined #salt
03:13 antpa joined #salt
03:14 tristianc joined #salt
03:16 Nazzy joined #salt
03:21 liqw joined #salt
03:21 Lionel_Debroux joined #salt
03:24 digitalhero joined #salt
03:25 iceyao joined #salt
03:29 tristianc joined #salt
03:30 flowstate joined #salt
03:31 iceyao_ joined #salt
03:31 brianfeister joined #salt
03:39 akhter joined #salt
03:43 digitalhero joined #salt
03:47 digitalhero joined #salt
03:49 digitalh_ joined #salt
03:54 digitalhero joined #salt
04:00 Administrator joined #salt
04:00 Guest6885 anyone here?
04:01 hemebond Many people.
04:01 Fzh test
04:08 Fzh i hav a pc with winxp, and i've install msys2(/mingw32), but my salt installing failed
04:10 digitalhero joined #salt
04:21 mdasilva joined #salt
04:26 Fzh left #salt
04:29 N-Mi_ joined #salt
04:30 flowstate joined #salt
04:30 hasues joined #salt
04:31 hasues left #salt
04:32 mr_chris joined #salt
04:34 malinoff joined #salt
04:35 iceyao joined #salt
04:35 euidzero joined #salt
04:40 quasiben joined #salt
04:42 Heartsbane joined #salt
04:42 Heartsbane joined #salt
04:47 euidzero joined #salt
04:48 Nazzy joined #salt
04:51 highbury joined #salt
04:52 rdas joined #salt
04:53 bhosmer joined #salt
04:53 colegatron joined #salt
04:55 honestly joined #salt
04:56 jambulance joined #salt
04:56 zer0def joined #salt
04:59 nkuttler joined #salt
04:59 sab3r joined #salt
05:03 beardedeagle joined #salt
05:05 nZac joined #salt
05:06 ericsysmin joined #salt
05:06 ericsysmin looking for the best deployment tool for salt, anything out there? 40 git submodules just sounds retarded
05:07 hemebond ericsysmin: I don't understand. Salt... kind of is a deployment tool.
05:07 hemebond (don't appreciate the language)
05:08 ericsysmin lets say i have 40 salt states, for 600 types of servers, each state has 30+ variables that can be defined by pillars
05:09 ericsysmin doesn't having one giant git repo to contain those salt states seem odd?
05:09 fracklen joined #salt
05:09 tweakism no.
05:09 ericsysmin really?
05:09 tweakism maybe due to other details, but not from anything you've said so far.
05:10 beardedeagle not at all
05:10 drawsmcgraw one giant git repo means simple
05:10 beardedeagle gitfs that stuff for the funs
05:10 ericsysmin beardedeagle, tried, i get lock errors within 2 minutes
05:11 malinoff joined #salt
05:11 ericsysmin even on newer versions
05:11 ericsysmin 2015.8
05:12 drawsmcgraw ericsysmin: lock errors...
05:12 drawsmcgraw What exactly shows up in the logs?
05:13 digitalhero joined #salt
05:14 beardedeagle are you using https or ssh?
05:14 ericsysmin ssh
05:14 ericsysmin can't use https
05:14 ericsysmin it's a private github enterprise server
05:15 ericsysmin and has a non-passworded user
05:15 ericsysmin rsa key only
05:15 drawsmcgraw We use the same (ssh + key Github on prem)
05:15 ericsysmin how many states?
05:16 drawsmcgraw hrm... good question. A lot, but I don't have an exact count
05:16 drawsmcgraw ericsysmin: At the risk of being pedantic -> do you mean individual states? Or state files?
05:16 ericsysmin individual states
05:16 drawsmcgraw I guess either way, my answer is "well over 40"
05:16 ericsysmin http://screencast.com/t/hA0enisC2Rf3
05:16 drawsmcgraw The number of states being run shouldn't impact your ability to use GitFS though
05:17 drawsmcgraw Pretty big list there :)
05:17 writtenoff joined #salt
05:17 drawsmcgraw Ours isn't quite that large, but we have a good number of directories
05:17 ericsysmin yea, which is why i get offended when people act like im a first time user, each of those have many sub directorys
05:17 anmol joined #salt
05:17 ericsysmin it takes almost 20 minutes to deploy salt
05:17 ericsysmin configuration to the master
05:18 drawsmcgraw "20 minutes to deploy Salt" <-- What exactly do you mean?
05:18 ericsysmin pull from git and deploy to the 3 salt masters we have
05:18 hemebond So you're copying the files to a master? Are you specifying a depth when you clone?
05:18 ericsysmin nope, we need all of it
05:19 drawsmcgraw I wonder how big the repo is...?
05:19 hemebond You need all revisions for each of your states?
05:19 ericsysmin revisions aren't packaged
05:19 ericsysmin .git is excluded from the deploy
05:19 hemebond Oh you're just copying files out.
05:20 ericsysmin no, we tar then deploy
05:20 beardedeagle and that takes 20 minutes...ouch
05:20 drawsmcgraw ericsysmin: Do you also have binaries, etc, in your repo ?
05:20 ericsysmin ok, so salt has about 895mb of data in it
05:21 drawsmcgraw ok
05:21 ericsysmin yes, we do
05:21 ericsysmin maybe I should write a deployment tool for salt lol
05:21 drawsmcgraw My Git repo is 346MB. Someone must've checked in some binaries on mine >.<
05:21 ericsysmin most people do check binarys in
05:21 drawsmcgraw ericsysmin: At a previous job, I used GitFS for states, then S3 for binaries
05:21 XenophonF that's what i do
05:21 ericsysmin yea, we can't use S3, no access
05:22 ericsysmin some networks we use salt in don't have internet access lol
05:22 drawsmcgraw I can't do that at my current gig (no storage cloud), so I put my binaries on-disk on the salt master
05:22 drawsmcgraw ericsysmin: I feel your pain. I've been there, too.
05:22 beardedeagle all of our stuff is spun up in openstack so I have a user_data file I pass in that pulls all my stuff and bootsraps salt on the server.
05:23 drawsmcgraw ericsysmin: It sounds like the current theory is "The size of the Git repo is so large that you can't use the GitFS backend"
05:23 drawsmcgraw Is that about right?
05:23 ericsysmin yes, that is true
05:23 beardedeagle I would be interested in what the logs say
05:23 ericsysmin gitfs doesn't handle a long term git pull
05:23 ericsysmin oh, it just gives the locking error
05:24 ericsysmin Update lockfile is present for git_pillar remote 'master git@bitbucket.org:bthurber/salt-master-pillar-db.git', skipping. If this warning persists, it is possible that the update process was interrupted. Removing /var/cache/salt/master/git_pillar/ff758f3207d2061300390d06413309ef/update.lk or running 'salt-run fileserver.clear_lock git_pillar' will allow updates to continue for this remote.
05:24 ericsysmin something like that
05:24 drawsmcgraw I would say to look into taking the binaries out of that repo. Then find a way (cron + rsync?) to ensure that all three masters have copies of the binaries on-disk.
05:24 beardedeagle I have seen a couple of issues about pillar locks with gitfs
05:24 drawsmcgraw But I know that's highly nontrivial, given the current situation.
05:24 ericsysmin that doesn't sound very devopsy
05:24 ericsysmin i've never had issues with other tools and binarys
05:24 drawsmcgraw ericsysmin: Devopsy is running your own storage cloud or using an S3 service :P
05:25 hemebond Ceph?
05:25 drawsmcgraw I'm actually planning to build a Ceph cluster for exactly this purpose (among several other reasons)
05:25 drawsmcgraw hemebond: (or anyone else), have you used the S3 backend with Ceph successfully?
05:25 hemebond I wish I was in your team.
05:25 ericsysmin not all is open when you have over 30 million customers
05:26 drawsmcgraw hemebond: So do I! I don't know a thing about Ceph :)
05:26 ericsysmin many of those servers have phone numbers and other data going through it
05:26 hemebond We use Ceph for a cloud application.
05:26 XenophonF brb
05:26 beardedeagle we use ceph in our openstack deployment
05:26 ericsysmin we have ceph for backend storage, actually found out theres a known bug with ceph and iscsi on vmware
05:26 drawsmcgraw ericsysmin: I fully understand.
05:26 drawsmcgraw beardedeagle: That's the other reason for us. Cinder volumes
05:27 ericsysmin which causes storage to literally go poof
05:27 ageorgop joined #salt
05:27 drawsmcgraw ericsysmin: I guess it goes without saying that your Ceph cluster is a no-go for the S3 backend?
05:27 ericsysmin we actually have 20 tickets and they were able to replicate some of those issues
05:28 ericsysmin you mean as a substitute S3 as a backend?
05:28 drawsmcgraw To store binaries, yes.
05:28 beardedeagle yeah looking through open issues in github and there are a few around this particular issue
05:28 drawsmcgraw Maybe I'm too strict about it, but I always try to keep the state files in Git, then the binaries *anywhere else*
05:29 drawsmcgraw To keep the size of the repo down, even if it complicates the setup.
05:29 ericsysmin i wonder what it would mean if i built a wrapper like r10k, or ansible-galaxy which simply only supported git repos
05:30 ericsysmin salt-deploy install -r mylistofstatesandformulas.txt
05:30 rawzone joined #salt
05:30 drawsmcgraw huh... TIL what Ansible Galaxy is.
05:30 drawsmcgraw Neat
05:30 XenophonF joined #salt
05:31 flowstate joined #salt
05:31 ericsysmin r10k reads Puppetfile, Ansible reads a txt file (just like pip),
05:32 drawsmcgraw Interesting.
05:32 ericsysmin essentially you could use it to do caching
05:32 ericsysmin so you cache repos locally
05:32 ericsysmin and deploy only changes
05:32 ericsysmin which then doesn't cause salt to have issues
05:33 drawsmcgraw Right...
05:33 ericsysmin then you can put repos into organizations within your company
05:33 drawsmcgraw ericsysmin: I don't suppose the default GitFS refresh could be related to the locking error?
05:33 ericsysmin and let dev/devops teams do that
05:33 drawsmcgraw Now *that's* an idea. Productizing the work
05:34 ericsysmin nope
05:34 drawsmcgraw Fair enough. I figured you've already explored that
05:34 ericsysmin so basically you can have a team build their custom state for their application, also reducing the people needing access to the "main" salt repository
05:36 beardedeagle that's kinda what we do here....but with gitfs so that doesn't really help you
05:36 ericsysmin actually, i could probably port ansible-galaxy
05:37 ericsysmin then essentially bring the features of a forge/galaxy, but without the forge/galaxy, and then easily be able to run tests on the commited states in travis-ci
05:37 ericsysmin so that you can validify the functionality of a salt state before committing it into an environment
05:37 ericsysmin basically if a ops guy accidently screws up top.sls, salt is down for all your servers
05:37 anmol joined #salt
05:38 drawsmcgraw I know that scenario...
05:38 ericsysmin you could use salt-lint and verify that the commit is valid before it goes into prod
05:38 ericsysmin drawsmcgraw: i know, its a new concept to anything salt, but chef, puppet, ansible, all have it
05:39 drawsmcgraw Would make it a lot easier in the larger environments, like I imagine you're in.
05:39 ericsysmin another devops/agile idea test-driven development for operations
05:39 ericsysmin yea, which is why right now im like fuck, we hit this block, and literally fucks you cause if i make a commit, and try to push even within 2 minutes i need to do a pull
05:39 ericsysmin cause we have too many commits per day going to that repo
05:40 drawsmcgraw o.o
05:40 mavhq joined #salt
05:40 ericsysmin likely that too is causing gitfs to go "oh noooooo, im screwed"
05:41 drawsmcgraw Certainly isn't helping
05:41 ericsysmin we've also ran into the issue of salt-minions losing their connection to the salt-master
05:42 drawsmcgraw ooohhhhh..... I thought that bug was gone...
05:42 ericsysmin nope
05:42 ericsysmin we got it duplicated in 2015.8
05:43 drawsmcgraw This was the issue that came to my mind: https://github.com/saltstack/salt/issues/16518
05:43 saltstackbot [#16518]title: Minions respond after repeated commands and not initially (even when specifying large timeout) | I've been using salt for a very long time now. One problem i noticed is that sometimes minions don't respond initially and start responding after repeated ``test.ping``. If after a day or some duration i login to my master and issue a high state, it does not get applied to certain servers in the first attempt. I have tried setting a timeout as we
05:43 drawsmcgraw But that says it's closed.....
05:43 drawsmcgraw My master still has `ping_on_rotate: True` in the config
05:43 ericsysmin actually talked to a guy in front of the Salt rep, at Motorolla, the motorolla guy was like "do you guys have an issue with minions unable to talk to the master randomly, what do you do? - The Salt Sales rep was right there
05:44 ericsysmin I said, we run ansible and restart the salt minion rofl
05:44 drawsmcgraw Ah..... The circle of life.
05:44 malinoff ericsysmin: why can't you just use ansible?
05:44 drawsmcgraw I've heard of people using Salt to ensure that Puppet is alive
05:44 ericsysmin sales guy said "ahhh they have a different problem though"
05:45 ericsysmin malinoff: because we have a massive list of salt states and pillars, supporting too many hosts to migrate, and ansible is ad-hoc, not agent based
05:45 malinoff ericsysmin: i count this as feature
05:45 ericsysmin what is a feature?
05:45 malinoff to be agentless
05:46 wendall911 joined #salt
05:46 Puckel_ joined #salt
05:46 xenoxaos joined #salt
05:46 mrbobbytables joined #salt
05:46 ancients joined #salt
05:46 malinoff no connection issues, no upgrade process burden
05:46 beardedeagle technically salt can be agentless
05:46 ericsysmin yes, but it doesn't assist in compliance with security regulations, do you really want to run ansible on ~1000 servers to remove 1 user who quit the operations team?
05:46 beardedeagle and we use artifactory here to store binaries
05:46 ericsysmin salt, chef, puppet, ansible can all be agentless
05:47 ericsysmin beardedeagle: we have 3 Nexus installations with 5TB total storage used, and 2 Artifactory installations, and currently setting up a 4 region HA and Replicated cluster
05:47 beardedeagle noice
05:48 ericsysmin actually met one of the JFrog engineers the other day, he was like that migration will be fun...I guess Oracle uses Artifactory pretty heavily, and replicated across the world
05:48 malinoff ericsysmin: you have to run salt on ~1000 servers to remove that user too.
05:48 ericsysmin nope, not if highstate works
05:48 drawsmcgraw ericsysmin and his people are building their own Internet :)
05:48 ericsysmin agent's can check in
05:48 ericsysmin drawsmcgraw: we are the internet
05:48 ericsysmin drawsmcgraw: maybe you can guess what company i work for
05:48 drawsmcgraw Ah. That would explain it.
05:49 drawsmcgraw I could guess, but it's way past my bedtime and my guesses would be wrong.
05:49 ericsysmin lets just say xfinity is a product of ours and our office manages and maintains x1 apps
05:49 drawsmcgraw I was off by one company :)
05:50 ericsysmin lol
05:50 ericsysmin we are also the largest Slack customer
05:50 beardedeagle not going to lie, had a ton of issues with service from your company when I lived in phoenix lol
05:51 beardedeagle water under the bridge though
05:51 drawsmcgraw Yeah I'm sure he gets it all the time. Not sure I'd advertise it either :P
05:51 ericsysmin yea, and our customer support sucks, trust me, they put a hold on my credit because they lost my returned cable boxes years ago
05:52 ericsysmin but yea, i just wish it was easier to deploy salt to large infrastructures, i've even integrated forman-salt to get reports
05:52 drawsmcgraw I was about to say some sort of masterless minion setup could be worth looking into. But Compliance....
05:52 beardedeagle if it makes you feel better, the company I work for used to and still does get customer hate on a global scale.
05:53 ericsysmin beardedeagle: if you work for a large company, people hate you
05:53 ericsysmin it doesn't even matter the company
05:53 beardedeagle well they hated us for many things, but our super bowl ads got the most talk
05:53 beardedeagle except this year. we didn't do an add this year.
05:53 ericsysmin darn, i was hoping for puppymonkeybaby
05:53 ageorgop joined #salt
05:54 ericsysmin wait, are you here in the bay?
05:54 ericsysmin if you work in the bay, and work at 1020 Enterprise Way, i'll die laughing
05:55 beardedeagle err we have an office there, I see xfinity.com is not registered through us
05:55 ericsysmin no, but a few of our domains are
05:55 ericsysmin plaxo.com was the company comcast bought
05:55 ericsysmin we actually have a floor in the same building as your company
05:56 ericsysmin also have 2 floors next door to your office
05:56 kukacz joined #salt
05:56 ericsysmin but damn google built 6 more buildings on the other side of that 1020 building
05:57 ericsysmin you know i talked to the guys that develop Alexa on the VTA on my way to work the other day
05:57 beardedeagle haven't been to that office yet, mainly I just lurk around the phoenix/cedar rapids offices.
05:57 ericsysmin they are farther down Enterprise Way, was wondering what those Amazon buildings there support
05:58 ericsysmin ah, damn, was like this is a small ass world
05:58 pwalsh joined #salt
05:59 ericsysmin so, is there a way i can own the https://github.com/saltstack-formulas/zabbix-formula i have about 3000 lines i can push in to support all versions of zabbix including 3.0, as well as all possible options in the config files
06:00 cyborg-one joined #salt
06:01 iggy there aren't owners of formulas
06:01 iggy send pull requests and they'll get looked at
06:01 drawsmcgraw iggy: Do you sleep at all?
06:01 iggy if you have 3000 lines of diff, please break up the individual features
06:02 ericsysmin iggy: can i commit a test/ folder so that we can verify that it works, and give it travis-ci tests?
06:02 iggy drawsmcgraw: I can sleep when I'm dead
06:02 drawsmcgraw Noted, and respected.
06:02 kshlm joined #salt
06:02 iggy ericsysmin: sure, try to make it match what's in (some of) the other formulas for testing
06:03 ericsysmin iggy, can you give an example, i still haven't seen one that uses any type of circleci or travisci
06:03 ericsysmin https://github.com/saltstack-formulas/jenkins-formula/blob/master/.travis.yml only supports testing 1 os
06:04 ericsysmin ahahaha
06:05 ericsysmin i was like wait, why is it cloning nginx formula
06:05 ericsysmin nvm, but still it only tests ubuntu
06:05 sauvin joined #salt
06:06 Zsh joined #salt
06:06 iggy I thought the salt formula had tests, but just see what you can find and try to match
06:07 iggy you are probably right, there's probably not a lot of testing in general, or multiple minions specifically
06:07 ericsysmin hey, maybe i can change the world of salt lol
06:07 iggy I think most people add support for what they need, and rely on others to add support for the rest
06:07 ericsysmin http://bertvv.github.io/notes-to-self/2015/12/11/testing-ansible-roles-with-travis-ci-part-1-centos/ , it can also be applied to others, found this sweet gift the other day
06:08 ericsysmin same principle works for puppet too
06:08 wendall911 joined #salt
06:08 Puckel_ joined #salt
06:08 xenoxaos joined #salt
06:08 mrbobbytables joined #salt
06:08 ancients joined #salt
06:08 ericsysmin hilarious that you can use docker on travis-ci to test multiple versions and multiple operating systems
06:08 ericsysmin essentially being able to guarantee to your users that it works
06:09 iggy one problem is a lot of formulas don't even support more than 1 distro
06:10 ericsysmin yea, but i bet a lot of people may solve it in their forks
06:10 iggy doubtful
06:10 ericsysmin isn't that like painful to the salt community?
06:10 iggy I've never worked at a place that did unit testing of formulas
06:11 ericsysmin oh, yea, i haven't until i had a ops guy make a change and literally bring down 60 servers
06:11 beardedeagle we do
06:11 beardedeagle well
06:11 beardedeagle I do
06:11 ericsysmin that was at angie's list
06:11 ericsysmin rofl
06:11 ericsysmin now everything i write i test
06:12 iggy that's what dev/qa/prod is for
06:12 ericsysmin https://travis-ci.org/ericsysmin/ansible-role-chrony
06:12 beardedeagle Test all of the things!
06:12 beardedeagle or
06:12 ericsysmin yea, but you know dev/qa are used by qa/ and devs
06:12 beardedeagle test in prod, you're choice
06:12 beardedeagle your* even
06:12 ericsysmin if that env goes down, they can't develop on the environment
06:12 ericsysmin again, it breaks continuous deployment and integration tests
06:13 iggy hey, I like living in a perfect world too, but some other people don't get to live there
06:13 ericsysmin hence stopping a teams sprint (that is if you work in an Agile environment)
06:13 ericsysmin beardedeagle: you have any forks on how you do your build tests?
06:14 sauvin joined #salt
06:15 euidzero joined #salt
06:15 ericsysmin https://travis-ci.org/ericsysmin/ansible-role-mysqlbix lol failed build, thank god it doesn't get deployed like that rofl
06:15 beardedeagle Unfortunately nothing public (all internal GHE), could work on generalizing it though.
06:16 ericsysmin beardedeagle: that's what i did for my old modules, that's what i am thinking about doing to many of the salt-formulas
06:16 ericsysmin then we can also test when people do a pull request
06:16 favadi joined #salt
06:17 ericsysmin one thing i realized that blew my mind away, is a Idempotence test
06:17 ericsysmin i was like, wait a minute, why has everyone been writing expect based checks, when if you run a state twice, then it shouldn't change anything!
06:17 chrismoos joined #salt
06:17 N-Mi joined #salt
06:18 iggy the hard part about formulas is a lot of times it's not something that easily tested on one minion
06:19 beardedeagle They want us to use serverspec here for server testing, I use state.highstate test=True . Eff ruby.
06:19 ericsysmin yea, but you could mount and test in docker
06:19 ericsysmin then you can test on as many as you want
06:20 iggy travis will let you spin up multiple docker instances?
06:20 beardedeagle yes
06:20 ericsysmin iggy: http://bertvv.github.io/notes-to-self/2015/12/13/testing-ansible-roles-with-travis-ci-part-2-multi-platform-tests/
06:20 iggy I was not aware
06:20 ericsysmin and best part, that test you can copy and paste to all your repositories
06:20 iggy (I mean at the same time)
06:20 ericsysmin yep
06:20 beardedeagle I do something similar with jenkins here
06:21 ericsysmin https://travis-ci.org/ericsysmin/ansible-role-cfnbootstrap
06:21 ericsysmin i run 4 tests
06:21 ericsysmin centos 6/7 ubuntu 14.04/12.04
06:21 ericsysmin no one does it like that with Salt
06:21 ericsysmin if I can bring that to salt, maybe i could easily get into SaltConf  lol
06:23 chrismoos joined #salt
06:24 iggy depends if your company is throwing wads of cash at SSE
06:24 chrismoos joined #salt
06:24 ericsysmin actually we are talking to them
06:25 beardedeagle STILL trying to get my director to foot the bill for saltconf. do wants. bad.
06:25 ericsysmin we have been salt enterprise customers since the early days
06:25 cberndt joined #salt
06:25 iggy oh crap, this isn't slack, I can't erase that
06:25 ericsysmin then my boss forgot to pay our bill
06:25 antpa joined #salt
06:25 ericsysmin so we were looking to renew
06:25 ericsysmin we were on the old licensing model
06:25 iggy sadly, we don't have 1/4 mill laying around
06:25 ericsysmin support license for 500 servers is around 30k
06:25 ericsysmin but that doesn't get you SSE
06:26 ericsysmin which doesn't give you much outside of the new reporting server and enterprise support
06:26 ericsysmin but foreman-salt already can do reporting
06:26 evle joined #salt
06:26 iggy 30k * 40 = 1200000
06:26 ericsysmin iggy, why * 40?
06:26 iggy 20000 servers
06:26 ericsysmin do you have 20,000 servers
06:27 ericsysmin ah, ya, see that problem frol
06:27 ericsysmin no one is running a master in that env lol
06:27 iggy 70 or so masters
06:27 ericsysmin how do you manage all your salt states?
06:28 iggy how do you mean?
06:28 ericsysmin how do you distribute and manage your salt states to all of those masters
06:28 iggy .deb's
06:28 beardedeagle forman + saltstack, how did I not know about this. I wouldn't have wrote my own dashboard if I knew about this lol.
06:28 ericsysmin ah, what about your top.sls
06:28 iggy it's in the .deb?
06:28 ericsysmin beardedeagle: you're welcome
06:29 ericsysmin how many lines is it?
06:29 beardedeagle why not spa's?
06:29 flowstate joined #salt
06:29 iggy ~20
06:29 ericsysmin how?
06:29 iggy we don't use formulas
06:29 ericsysmin how only 20 lines in your top.sls
06:29 ericsysmin you must have a lot of the same exact servers then
06:29 iggy 20 lines of archaic jinja
06:29 beardedeagle sorry, spm*
06:30 anthpa joined #salt
06:31 sauvin joined #salt
06:31 ericsysmin beardedeagle: i've even tried to come up with an alternative to using pillars and states, and use a ENC to combine them
06:32 iggy we have about 50 server types
06:32 beardedeagle well I am going the route of salt -> vault -> consul for pillar data
06:32 ericsysmin iggy: oh, wow that's not many at all, we have over 100 server types
06:33 ericsysmin actually one second
06:33 ericsysmin we have 84 total states
06:33 ericsysmin of course some states have many states in them but they are close
06:34 ericsysmin (people before me didn't use pillars in states)
06:34 chrismoos_123 joined #salt
06:34 honestly What do you need 20000 servers for?
06:34 ericsysmin our top file is 835 lines
06:35 ericsysmin thats state/top.sls
06:35 ericsysmin not pillars/top.sls
06:36 ericsysmin i have a feeling iggy works in big data
06:36 atmosx_ joined #salt
06:36 ericsysmin iggy: am i right or wrong?
06:36 iggy CDN
06:36 ericsysmin damn, soooo close!
06:36 ericsysmin that was the only other option rofl
06:38 iggy I think linkedin is ~20k
06:38 honestly ah
06:38 ericsysmin iggy linkedin doesn't use one install though
06:42 bhosmer joined #salt
06:43 digitalhero joined #salt
06:47 hasues joined #salt
06:48 av_ joined #salt
06:49 hasues left #salt
06:52 felskrone joined #salt
06:57 nZac joined #salt
06:58 NightMonkey joined #salt
06:58 ericsysmin wow, doing a archive_url = 'https://github.com/%s/%s/archive/%s.tar.gz' grabbing a repo that way would be so much faster for some things
07:00 akhter joined #salt
07:00 euidzero joined #salt
07:01 jimklo joined #salt
07:01 s_kunk joined #salt
07:03 hojgaard joined #salt
07:08 iceyao_ joined #salt
07:15 shiriru joined #salt
07:18 jimklo joined #salt
07:21 ericsysmin http://saltstarters.org/
07:21 ericsysmin best idea ever
07:21 iggy in theory
07:22 jimklo joined #salt
07:23 ericsysmin iggy: why not? i like hearing both sides
07:24 ericsysmin this is the closest you can really get to the others, combine that with https://docs.saltstack.com/en/latest/topics/development/conventions/formulas.html
07:24 ericsysmin and you got yourself a highly scalable way of doing things
07:24 jimklo joined #salt
07:24 ericsysmin of course, i'd never use someone else state without reading through it
07:24 ericsysmin and testing it
07:26 colegatron joined #salt
07:27 iggy that site just doesn't have a lot of stuff aside from bechtoldt's stuff, and his style of formula is only one unique style... and the site doesn't work a lot
07:28 cberndt joined #salt
07:28 iggy http://saltstarters.org/example/bechtoldt/saltstack-salt-formula f.ex.
07:28 ericsysmin http://saltstarters.org/example/bechtoldt/saltstack-elasticsearch-formula
07:29 hemebond Was there an explanation for his structure? I thought there was but I couldn't find it.
07:29 ericsysmin i think he has some issues still to fix, but i think it's an idea in the right direction
07:29 ericsysmin https://travis-ci.org/bechtoldt/saltstack-elasticsearch-formula
07:29 ericsysmin he's doing tests like you should too
07:29 jimklo joined #salt
07:29 AndreasLutro I don't see why you wouldn't just look through saltstack-formulas
07:29 ericsysmin heavy testing, look at that so many repos
07:29 iggy all that look nothing like the formulas that everybody else uses
07:29 ericsysmin 12 different OS tests and multiple salt versions
07:30 flowstate joined #salt
07:30 iggy get a room
07:30 ericsysmin ha! he's using docker to do the tests
07:31 danemacmillan joined #salt
07:31 ericsysmin his states are much more complex, reminds me of some ansible scripts and puppet scripts
07:31 iggy I await your PRs
07:31 * iggy heads to sleep
07:31 ericsysmin iggy: good night
07:33 AndreasLutro ericsysmin: you can't even tell what his tests are actually doing >_>
07:33 AndreasLutro for all I know he's just running state.highstate without even checking if it's successful
07:33 hemebond Oh I found it https://github.com/bechtoldt/formula-docs
07:33 AndreasLutro if https://github.com/bechtoldt/salt-formula-docker-test/blob/36cdb275c64f6c36ecffeff8241de85b056dae40/test_common/Dockerfile is the one being used he's not even doing that
07:34 Nicky joined #salt
07:34 ericsysmin the problem is no one reads his documentation
07:39 jimklo joined #salt
07:40 hemebond I haven't yet used his formulas because he has dependencies on his other formulas and the structure is different.
07:41 fracklen joined #salt
07:41 hemebond Maybe I need to revisit them. He's quite active on the formulas.
07:43 ericsysmin thats the only thing i don't like, is how much dependency he has linked in each formula
07:43 fooma joined #salt
07:43 ericsysmin you do have to know python, and salt to read and understand his formulas though
07:47 denys joined #salt
07:49 jimklo joined #salt
07:51 jimklo_ joined #salt
07:52 impi joined #salt
07:52 fracklen joined #salt
07:54 antpa joined #salt
07:56 atmosx joined #salt
07:57 antpa joined #salt
07:57 digitalhero joined #salt
08:03 favadi joined #salt
08:04 calculon joined #salt
08:07 fracklen joined #salt
08:15 slav0nic joined #salt
08:15 antpa joined #salt
08:16 ericsysmin does salt have a  float() operation?
08:16 hemebond In what context?
08:18 ericsysmin from first line {% from "zabbix/map.jinja" import zabbix with context -%} that map contains zabbix.version_repo i want to do
08:18 hemebond Ah okay so in Jinja.
08:19 hemebond Jinja does seem to have a float filter.
08:19 ericsysmin {% if float(zabbix.version_repo) >= 3.0 %}blahlbah{% endif %}
08:19 AndreasLutro just do zabbix.version_repo >= '3.0'
08:20 AndreasLutro python does string version comparison well
08:20 ericsysmin ah, never tried it, again, i went from php -> ruby -> python  so im my world i always had to force it to be what i wanted
08:23 KermitTheFragger joined #salt
08:23 fracklen joined #salt
08:27 babilen ericsysmin: fwiw, you were looking for http://jinja.pocoo.org/docs/dev/templates/#float
08:27 ericsysmin yea, i found it
08:28 ericsysmin im prolly going to do that instead of trusting python to do string version comparison
08:30 AndreasLutro have fun with the errors when your version contains a string
08:30 ericsysmin version should never contain a string
08:30 AndreasLutro s/string/alphabetical characters/
08:30 AndreasLutro 2.3.0-beta1?
08:30 ericsysmin nope
08:30 ericsysmin zabbix never does that
08:30 AndreasLutro my zabbix-agent is at version 1:2.2.5+dfsg-1~bpo70+1
08:30 ericsysmin not in ansible, or puppet
08:30 bhosmer joined #salt
08:30 cberndt joined #salt
08:30 ericsysmin yes, but your configuration doesn't differ on that level
08:31 flowstate joined #salt
08:31 ericsysmin zabbix repositories only use 2.0, 2.2, 2.4, 2.5, and 3.0
08:31 ericsysmin configuration files don't differ from 2.0.1 to 2.0.3
08:31 babilen Python doesn't implement Debian version comparison rules for string comparisons anyway
08:31 AndreasLutro {% set file = 'phpunit.phar' if salt['pkg.version']('php5-cli') >= '5.6' else 'phpunit-old.phar' %}
08:32 AndreasLutro not to mention with floats you risk running into floating point imprecision... but sure, distrust python's string comparison
08:32 josuebrunel joined #salt
08:32 babilen +1
08:32 ericsysmin if python can't properly float 2.2, i'd complain to someone cause that's ridiculous
08:34 ericsysmin AndreasLutro: i bet you 20 dollars your repo for your zabbix version (if using official zabbix repo) is using 2.2 lol http://repo.zabbix.com/zabbix/
08:35 ericsysmin i don't see a 2.2.5 there lol
08:35 permalac joined #salt
08:37 AndreasLutro I'm not saying converting to a float in this one specific case wouldn't work. I'm saying that using python's string comparisons for versions is a far better practice that you should use everywhere
08:38 Nazca__ joined #salt
08:39 aljosa joined #salt
08:39 wiqd joined #salt
08:39 gazarsgo joined #salt
08:39 xenoxaos joined #salt
08:40 bbhoss joined #salt
08:40 simonmcc joined #salt
08:40 lkannan joined #salt
08:40 djural joined #salt
08:41 permalac joined #salt
08:41 tpaul joined #salt
08:41 hillna joined #salt
08:41 mikepea joined #salt
08:41 trave joined #salt
08:42 dariusjs joined #salt
08:42 shawnbutts joined #salt
08:43 copelco joined #salt
08:43 fracklen joined #salt
08:43 akoumjian joined #salt
08:43 logandg joined #salt
08:43 johtso joined #salt
08:44 dariusjs joined #salt
08:44 clouddale joined #salt
08:44 JamieH joined #salt
08:45 Guest32104 which command can I write in top.sls inorder that I ping to all the computers (windows and nix)?
08:45 mattl joined #salt
08:45 ashb joined #salt
08:45 tcolvin joined #salt
08:45 hemebond Ping all the minions in top.sls?
08:46 Guest32104 yes
08:46 ecerulm__ joined #salt
08:46 Talkless joined #salt
08:46 hemebond Well, you don't put commands in top.sls, commands go into state files.
08:46 Guest32104 amm I see
08:47 Guest32104 How can I write, the command in the state file?
08:47 Talkless Hi, is there a way in Jinja to report error, and stop state/highgstate, if some pillar is no set, in state like this: http://pastebin.com/F7hMETcE (if nagiosadmin_password is not set) ?
08:47 hemebond Talkless: There are master options to stop on errors.
08:47 hemebond Guest32104: You just want to literally ping minions?
08:48 Guest32104 yes
08:48 Guest32104 I know from the command line I can use: salt * test.ping
08:48 jhauser joined #salt
08:48 Guest32104 but How can I write it in the state file
08:48 hemebond So you want one of your minions to ping all your other minions?
08:48 mrbobbytables joined #salt
08:49 Guest32104 yes
08:49 ecerulm joined #salt
08:49 hemebond cmd.run can run any command, e.g., ping.
08:50 Guest32104 can you please write me how the sls looks like? in http://paste.debian.net/
08:50 hemebond You'll need to feed the minion the list of minions. I can't think of the method off the top of my head.
08:51 hemebond https://docs.saltstack.com/en/latest/ref/states/all/salt.states.cmd.html#salt.states.cmd.run
08:51 dunz0r Guest32104: Why do you want to do that? Sounds like a strange thing to do, really.
08:52 Guest32104 I am using foreman, The only way to get a list of hostname is to run : salt '*' state.highstate
08:53 Guest32104 based on it, the foreman will build the connection
08:53 dunz0r Aah.
08:53 babilen Guest32104: You could keep information about your minions in the salt mine
08:53 fracklen joined #salt
08:53 dunz0r Guest32104: Or use salt-key -l acc
08:53 dunz0r But that will show ALL minions, not just the ones connected
08:53 babilen manage.up might come in handy also
08:53 Guest32104 Yes I want to see all
08:53 Guest32104 How can I do it?
08:55 Guest32104 Or I am missing something here
08:55 dariusjs joined #salt
08:55 Rumbles joined #salt
08:55 hemebond I can't figure out what you're trying to achieve. But I don't know what Foreman is.
08:55 Talkless I guess you culd write a runner, a custom python function, taht wouth gather grains from all minons, and send cmd.run to some specific minion..?
08:55 Guest32104 I want a map of all my minions to see if they connected or disconnected
08:55 hemebond Connected to what?
08:55 iceyao joined #salt
08:56 dunz0r Guest32104: salt manage.status will show you the status of all your minions
08:56 Talkless salt-run dunz0r ?
08:56 abele joined #salt
08:57 Talkless So, how could I stop state compilation if some pillar (and so yaml variable) is not set/None?
08:57 krymzon joined #salt
08:58 freeaks joined #salt
08:58 nZac joined #salt
08:58 Guest32104 Thank, but I want to see all in the Foreman Gui
08:59 Guest32104 Can I run this command In a state files?
08:59 hemebond It sounds like what you want is Salt to give Foreman a list of minions, correct?
09:00 digitalhero joined #salt
09:00 permalac_ joined #salt
09:01 supermike___ joined #salt
09:01 Guest32104 yes
09:01 Guest32104 :)
09:02 dgutu joined #salt
09:04 hemebond Okay, I think you can use Salt Mine to get a list of minion names.
09:04 hemebond If you want the list to be updated every time the Foreman minion gets updated.
09:04 hemebond So your Foreman server is managed by Salt?
09:05 Guest32104 yes
09:05 elsmo joined #salt
09:05 dariusjs joined #salt
09:05 Guest32104 How can I use Salt Mine?
09:05 hemebond Salt Mine lets minions share information with all other minions.
09:06 hemebond http://stackoverflow.com/questions/17158665/how-to-get-a-list-of-all-salt-minions-in-a-template
09:07 Guest32104 Thank you
09:07 Guest32104 How the data will transfer to foreman?
09:07 fracklen joined #salt
09:07 hemebond You have a top.sls entry for the Foreman server minion that applies a state. In that state you will write a file or something, containing the list of minions, that Foreman can read.
09:08 hemebond It sounds like you need to go through the Salt tutorial.
09:08 babilen Talkless: https://docs.saltstack.com/en/latest/ref/states/all/salt.states.test.html#salt.states.test.fail_with_changes might come in handy, but I'd simply make sure that the default behaviour is well defined.
09:10 brianfeister joined #salt
09:10 Talkless I could {% if-out .. whole state file contenst, but I do not whant to happen in silentley. If I forget to set some key pilalr, I would like to get sort o exception...
09:11 Talkless If I use fail_wich_changes, I will have to add require to all states that needs that must-have pillar variable..?
09:13 hemebond Does it not just fail if you try and fetch a value that doesn't exist?
09:13 atmosx joined #salt
09:14 hemebond (maybe it just puts nothing in)
09:17 Guest32104 Can foreman list me all the clients automatically?
09:18 geomacy joined #salt
09:18 hemebond I don't know Foreman.
09:18 babilen Guest32104: Just like yesterday: ask in #theforeman
09:18 hemebond ^
09:19 Talkless homebond http://pastebin.com/F7hMETcE I simplygent empty string basically
09:19 Guest32104 I asked
09:21 Hydrosine joined #salt
09:21 bmac2 joined #salt
09:22 GreatSnoopy joined #salt
09:24 fracklen_ joined #salt
09:26 Hydrosine joined #salt
09:30 flowstate joined #salt
09:30 Nazzy joined #salt
09:34 s_kunk joined #salt
09:38 ronnix joined #salt
09:38 drico joined #salt
09:43 cberndt joined #salt
09:48 hemebond joined #salt
09:48 freeaks joined #salt
09:48 NightMonkey joined #salt
09:52 Talkless babilen here's my implementation with your hint: http://pastebin.com/z5H8nABp , I guess it's sufficient... requre'ments will stop all other states.
09:53 babilen Talkless: Yeah, that's more or less what I had in mind there. Another option would be to skip the states that require that information (so that it is a no-op)
09:54 Talkless Yeah, but I wanted explicit notice that my brain is damage or smth.. :)
09:55 Talkless I still would like to trhow exception of sort so none other states should be executed, even without require:...
09:55 dmaiocchi joined #salt
09:56 babilen failhard would fail everything when a single state fails, but that might be a bit harsh
09:56 Rumbles joined #salt
09:56 jamesp9 joined #salt
09:57 babilen But you could set the order to 1 for that state and use it .. It would be nice if one could set it on a per-state basis or if there were an easier way to define requisites for collection of states (e.g. using globbing against the state id)
10:01 Talkless babilen: oh, I didnt' knew failhard, thanks.
10:01 rogst joined #salt
10:01 * Talkless launch!
10:01 ninkotech joined #salt
10:02 Talkless left #salt
10:02 ronnix joined #salt
10:05 babilen ... or lunch?
10:07 mavhq joined #salt
10:08 keimlink joined #salt
10:09 digitalhero joined #salt
10:09 beardedeagle joined #salt
10:09 kshlm joined #salt
10:19 bhosmer joined #salt
10:26 marnom joined #salt
10:27 morissette joined #salt
10:28 flowstate joined #salt
10:31 hojgaard joined #salt
10:33 MadHatter42 joined #salt
10:33 jhauser joined #salt
10:37 ronnix joined #salt
10:50 Nazca__ joined #salt
10:52 abednarik joined #salt
10:53 ronnix joined #salt
10:55 khorben joined #salt
11:01 inad922 joined #salt
11:01 Nazca__ joined #salt
11:02 BlackBishop joined #salt
11:03 BlackBishop hmm, I can see my pillars at a salt '*' pillar.items, how would I call just one ? tried pillar.item name with no luck
11:05 malinoff joined #salt
11:07 _JZ_ joined #salt
11:07 favadi joined #salt
11:08 ronnix joined #salt
11:11 Nazzy joined #salt
11:14 geomacy joined #salt
11:16 bluenemo joined #salt
11:18 marnom BlackBishop, salt-call pillar.item name maybe?
11:18 AndreasLutro pillar.get my_pillar
11:21 antpa joined #salt
11:22 fracklen joined #salt
11:23 favadi joined #salt
11:25 Bill__ joined #salt
11:28 Netwizard joined #salt
11:30 flowstate joined #salt
11:30 ronnix joined #salt
11:32 impi joined #salt
11:36 fredvd joined #salt
11:36 JohnnyRun hi all. I'm using salt-cloud with vmware provider. I can't figure why after the clone (salt-cloud -p profile hostname) the network is not attached.
11:36 JohnnyRun https://gist.github.com/GCarabelli/13d77e234927875f5464
11:36 JohnnyRun what should be?
11:39 marnom is it under a devices: section?
11:39 bebehei joined #salt
11:39 JohnnyRun marnom,  yes, the ip is ok after the book
11:40 JohnnyRun s/book/boot/
11:42 amcorreia joined #salt
11:48 kshlm joined #salt
11:51 akhter joined #salt
11:55 jhauser joined #salt
12:05 akhter joined #salt
12:07 t0m0 joined #salt
12:08 bhosmer joined #salt
12:11 ronnix joined #salt
12:12 fracklen joined #salt
12:21 impi joined #salt
12:25 fracklen joined #salt
12:29 flowstate joined #salt
12:30 C_ joined #salt
12:37 ronnix joined #salt
12:38 pcdummy joined #salt
12:38 ronnix joined #salt
12:39 bill1 joined #salt
12:39 tampakrap joined #salt
12:39 euidzero joined #salt
12:40 digitalhero joined #salt
12:41 Jarus joined #salt
12:41 mdasilva joined #salt
12:42 ronnix_ joined #salt
12:45 brianfeister joined #salt
12:47 impi joined #salt
12:55 atmosx joined #salt
12:55 nkuttler joined #salt
12:59 bill1 When I used puppet agent --test I getting in foreman the hostname what is the command in Salt to do the same?
12:59 euidzero joined #salt
13:00 BlackBishop altough I see something at salt '*' pillar.items I can't access it individually by using salt '*' pillar.items sysadmin for example
13:00 drico salt 'minion-name' grains.get host
13:00 drico or fqdn
13:06 teryx510 joined #salt
13:06 marnom BlackBishop, when you want to access a single pillar, user pillar.item (not .itemS<)
13:07 teryx5101 joined #salt
13:09 BlackBishop ok
13:09 akhter joined #salt
13:09 BlackBishop marnom: same thing .. shows up in the .items list but not in the .item
13:11 euidzero joined #salt
13:11 marnom joined #salt
13:11 anmol joined #salt
13:11 akhter_1 joined #salt
13:12 marnom_ joined #salt
13:12 marnom joined #salt
13:12 BlackBishop something's weird .. I did a sync_all
13:13 marnom joined #salt
13:13 ronnix joined #salt
13:13 akhter_ joined #salt
13:14 marnom BlackBishop, well that's strange, it works for me... salt-call pillar.item perconasql for example to grab our perconasql pillar data...
13:14 BlackBishop yeah, that's why I say it's weird, I can see all the pillars but not an individual one
13:15 flowstate joined #salt
13:15 BlackBishop hmm, lemme try and see what salt-call has to say on the minion
13:15 BlackBishop so .. I have one master and 2 minions ( one being the master itself )
13:15 iceyao joined #salt
13:15 akhter joined #salt
13:16 BlackBishop if I do on the master: salt '*' pillar.item sysadmin .. nothing shows up
13:16 BlackBishop if I do salt-call pillar.item sysadmin .. the information shows up ( on the master and on the other minion )
13:16 marnom wel, do all minions have access to that pillar?
13:16 geomacy joined #salt
13:17 marnom I'm not sure how salt '*' would handle that if it doesn't exist for all minions... does salt 'some minion with access' pillar.item sysadmin work on the master?
13:17 teryx510 joined #salt
13:17 BlackBishop restarting the minion fixed it.
13:17 akhter joined #salt
13:18 scoates joined #salt
13:20 AndreasLutro salturil.sync_all doesn't refresh pillars. saltutil.refresh_pillars
13:20 marnom alright nice that it's working now
13:22 BlackBishop AndreasLutro: thanks :) noted now for further use
13:22 antpa joined #salt
13:22 BlackBishop now, step 2 of the problem is using gitfs ( already have it up and running it seems )
13:22 BlackBishop but I'm trying to have a master ( production ) and a branch in which I can do anything I think of
13:23 BlackBishop but I think I'm hitting an issue where I have the same top file in both branches ( for pillars )
13:23 BlackBishop any way I can separate the envs completely ?
13:23 west575 joined #salt
13:24 BlackBishop top_file_merging_strategy: same
13:24 BlackBishop hmmm
13:25 favadi joined #salt
13:25 akhter joined #salt
13:28 metalseargolid joined #salt
13:30 deus_ex joined #salt
13:32 catpig joined #salt
13:36 tkharju joined #salt
13:36 flowstate joined #salt
13:37 teryx510 joined #salt
13:37 gh34 joined #salt
13:39 bill1 joined #salt
13:40 bill1 I want to run the highstate only on windows computer without ubuntu computers, I try to run salt 'win*' state.highstate. here is my top.sls file: http://paste.debian.net/413889/
13:40 bill1 Why it runs also all the ubuntu computer?
13:41 dunz0r bill1: Because you've told it to run remove_user on the ubuntu machine?
13:41 dunz0r '*' matches everything
13:41 dunz0r So it'll run the state vim and the state add_new_user
13:41 dunz0r Then if the machine runs ubuntu, it'll run the remove_user state as well
13:42 bill1 Can I remove '*' or it mandatory?
13:42 dunz0r bill1: First; what are you trying to accomplish?
13:44 ronnix joined #salt
13:45 bill1 I want to use salt '*' state.highstate command, and I will get in the output all the minions (windows and nix)
13:45 dunz0r Yes. * matches all nodes.
13:45 bill1 I don't know how to build a sls file, which I can use in all machine
13:48 dendazen joined #salt
13:49 t0m0 joined #salt
13:50 antpa joined #salt
13:51 favadi joined #salt
13:52 BlackBishop for some reason, it takes as the mybranch as the defaultbranch
13:52 BlackBishop :|
13:52 numkem joined #salt
13:53 XenophonF bill1: if you want to see example configs, take a look at mine - https://github.com/irtnog/salt-states and https://github.com/irtnog/salt-pillar-example
13:54 XenophonF bill1: take a look at https://github.com/irtnog/salt-states/tree/development/nis/ for an example of something written to work across different operating systems
13:55 DammitJim joined #salt
13:55 XenophonF bill1: and if you look at the top.sls file in the master branch, you'll see how i target different states to different operating systems (debian/redhat/freebsd/solaris/windows)
13:56 toastedpenguin joined #salt
13:56 bill1 I don't familiar with github How can I working with?
13:56 XenophonF bill1: but if you haven't already, i really encourage you to go through the tutorial https://docs.saltstack.com/en/latest/topics/tutorials/walkthrough.html
13:56 iceyao joined #salt
13:57 bhosmer joined #salt
13:57 toastedpenguin joined #salt
13:57 kshlm joined #salt
13:57 bill1 thank you XenophonF I already read it
13:58 bill1 How can I use github to see your top files?
13:59 quix joined #salt
14:00 akhter joined #salt
14:02 XenophonF bill1: take a look at http://readwrite.com/2013/09/30/understanding-github-a-journey-for-beginners-part-1
14:02 MadHatter42 joined #salt
14:04 kshlm joined #salt
14:06 euidzero joined #salt
14:06 edrocks joined #salt
14:06 toastedpenguin joined #salt
14:07 ronnix joined #salt
14:08 dmaiocchi joined #salt
14:08 bill1 thank you XenophonF
14:09 ekristen joined #salt
14:09 jdwilly2001 joined #salt
14:11 mdasilva joined #salt
14:13 XenophonF bill1: no problem - just be patient with yourself as you learn this stuff
14:17 oajara joined #salt
14:18 pwalsh joined #salt
14:18 oajara Hi folks! Need some help setting up ec2-autoscale-reactor formula!
14:20 oajara I have salt 2015.5.3 (Lithium) running. First question is: will it work with that version? In the formula readme file says it depends on "- Salt (develop branch)" :(
14:20 dyasny joined #salt
14:20 spiette joined #salt
14:21 oajara My purpose is to provision new AWS EC2 autoscaled instances with our current salt master
14:22 TooLmaN joined #salt
14:23 euidzero joined #salt
14:23 bill1 Anyone know why when I get the list of host in foreman salt, I don't see the IP of the minion of windows
14:24 subsignal joined #salt
14:25 racooper joined #salt
14:26 jdwilly2001 @oajara you can invoke boto_ modules from an orchestration state
14:26 jdwilly2001 bootstrap salt with userdata EC2. or...
14:27 jdwilly2001 use salt.cloud from within reactor to spin up instances... leveraging states boto_elb to join elb
14:28 subsignal joined #salt
14:28 jankmcjanker joined #salt
14:34 brianfeister joined #salt
14:34 ronnix joined #salt
14:36 oajara @jdwilly2001 Thanks. So a2-autoscale-reactor is not an option?
14:36 artemz joined #salt
14:42 akhter joined #salt
14:43 ggoZ joined #salt
14:47 fracklen joined #salt
14:48 davisj Hi all. I want to render a file.managed template by inserting multi-line text from pillar. Like so: https://gist.github.com/davisj/28bc00f533ac89563763
14:48 davisj I can use the literal yaml syntax in pillar "key: | ..." but then every line under "key: |" and, therefore, every line in the included text file has to be indented just the right amount. Proper yaml indentation is not something I can assume in that text file. Any ideas?
14:52 XenophonF joined #salt
14:53 akhter_1 joined #salt
14:53 kawa2014 joined #salt
14:54 ronnix joined #salt
14:54 flowstate joined #salt
14:54 honestly Does jinja have an indent filter? Check that
14:55 q1x joined #salt
14:56 honestly But why don't you just put the file path in the pillar instead?
14:57 brianfeister joined #salt
14:57 q1x joined #salt
14:57 davisj honestly: then the file would need to exist on the minion. May be worth considering but not ideal. I'll look at jinja filters, thanks!
14:58 honestly No it wouldn't
14:59 q1x joined #salt
15:00 honestly Set a proper file_root and use salt:// addressing
15:02 kshlm joined #salt
15:03 iceyao joined #salt
15:05 davisj honestly: Maybe I'm misunderstanding... If I put "key: salt://path" in a pillar, then the value of key is literally "salt://path"
15:05 honestly Yep
15:05 davisj And the minion would need to have salt://path in it's filesystem.
15:05 honestly And then you use the source parameter in file.managed
15:05 drawsmcgraw left #salt
15:05 mdasilva joined #salt
15:06 honestly The minion pulls that from the master
15:06 honestly Or from something else if you configure a different file root system
15:06 honestly (like gitfs)
15:07 nZac joined #salt
15:07 andrew_v joined #salt
15:07 davisj Right, but wouldn't all minions will then see salt://path which contains sensitive data. Which is why I want it in pillar to begin with.
15:08 Tanta joined #salt
15:09 akhter joined #salt
15:09 honestly That's true
15:10 dfinn joined #salt
15:11 drawsmcgraw joined #salt
15:11 euidzero joined #salt
15:12 marnom davisj, I've not read all of the discussion, so sorry if this isn't a useful suggestion; but you could perhaps use a python ext_pillar to handle the documents/indent issues?
15:13 quasiben joined #salt
15:14 flowstate joined #salt
15:14 impi joined #salt
15:14 honestly You could put just the sensitive parts of the file in pillar is that makes senset(if it's, say, passwords)
15:14 XenophonF davisj: i too haven't seen the previous discusion, but i usually use the contents_pillar argument to a file.managed state
15:15 XenophonF davisj: or the jinja equivalent
15:15 XenophonF davisj: and that goes for binary files, too, using the !!binary YAML type
15:17 kahiru joined #salt
15:18 zmalone joined #salt
15:19 davisj honestly: marnom: XenophonF: All excellent suggestions.. Time for more testing!
15:20 davisj Also, file_tree looks interesting.
15:21 ronnix joined #salt
15:23 bhosmer joined #salt
15:25 atmosx joined #salt
15:26 josue1 joined #salt
15:26 econnell joined #salt
15:27 mrwboilers1 joined #salt
15:27 atmosx joined #salt
15:28 mrwboilers1 In an sls file, how do I pass an argument to a module? For example...
15:28 mrwboilers1 I'm trying to use mysql.db_exists and store the results as a variable.
15:28 mrwboilers1 Yesterday it was suggested to me to try:
15:29 kaptk2 joined #salt
15:29 mrwboilers1 {% set isDB = salt['mysql.db_exists'] %}
15:29 mrwboilers1 However, mysql.db_exists needs to be passed a database name.
15:29 fracklen joined #salt
15:30 mrwboilers1 I've tried {% isDB = salt ['mysql.db_exists', 'DBName'] %} but that doesn't work.
15:30 mrwboilers1 can this be done?
15:30 akhter joined #salt
15:30 honestly salt['module.function'](arg1, arg2, arg3,)
15:31 honestly that's how you call execution modules
15:31 unthar joined #salt
15:32 mrwboilers1 honestly: THANKS!!
15:32 mrwboilers1 another question. This isn't returning the correct results.
15:32 mpanetta joined #salt
15:32 mrwboilers1 I have this in a pillar. When it renders, is it running mysql.db_exists on the master, or on the minion?
15:33 mrwboilers1 In my test environment, the database exists only on 1 minion.
15:33 mrwboilers1 After applying this pillar via state.highstate, both minions return False.
15:33 ntropy pillar is rendered on the master
15:33 akhter_1 joined #salt
15:33 mrwboilers1 damn.
15:33 ntropy not sure what you mean by 'applying this pillar' - pillar is only a place to keep data
15:34 mrwboilers1 Any way to get this to run on the minions? Or can salt not do this?
15:34 ntropy it sounds like you are confusing things a bit
15:34 mrwboilers1 by 'applying this pillar' I just mean running state.highstate, then pillar.items to see what data it has for each minion.
15:34 mrwboilers1 Seems like a pillar isn't the way to go.
15:35 mrwboilers1 Basically I'm just trying to find out on which minions a specific database exists, and be able to use that for targeting.
15:35 honestly pillar is for static data.
15:35 freeaks joined #salt
15:35 honestly you'll need custom grains or something like that for that
15:35 mrwboilers1 I thought grains were for static data and pillar could be more dynamic?
15:36 honestly or a custom targetting module
15:36 AndreasLutro everything is relative
15:36 ntropy maybe you could get salt mine to do that for you
15:37 mrwboilers1 Yesterday, someone on here said salt mine can't be used for targeting.
15:39 AndreasLutro you cannot target based on whether a mysql database exists
15:39 AndreasLutro what is the end goal you're trying to achieve?
15:39 davisj honestly: marnom: XenophonF: I think this will be easier than I thought, now that I've remembered that my pillar can be "#!py".
15:40 honestly davisj: that sounds like a big hammer, consider writing an execution module and calling that from jinja instead
15:41 honestly davisj: https://docs.saltstack.com/en/latest/ref/modules/#modules-are-easy-to-write
15:41 kevinquinnyo hey this is probably a pretty common question, but what's the best way to generate public/private keypairs, and have the public key available to another minion
15:41 kevinquinnyo i'd prefer not to pre-generate the keys and store them statically in the pillar
15:41 mrwboilers1 AndreasLutro: I was hoping to be able to target based on the existence of a db. Something like "salt -G 'dbname:True' mysql.query "ALTER TABLE..."
15:42 mrwboilers1 Maybe I'm trying to cram a square peg into a round hole, and Salt won't be able to do this.
15:42 kevinquinnyo would it make sense to generate the keypair, then store the public key as a grain
15:42 marnom kevinquinnyo, we're using an ext_pillar to handle CA stuff and distribute keys
15:42 honestly davisj: also, indent is indeed one of the default jinja filters - http://jinja.pocoo.org/docs/dev/templates/#indent
15:42 kevinquinnyo marmon is it a trade secret or could i take a peek
15:42 marnom I cannot share our exact implementation, but I used a sample found online... let me google
15:42 AndreasLutro mrwboilers1: your options are to generate an intermediate file with a list of minions where mysql.db_exists is True, or write a custom runner
15:42 syngularity joined #salt
15:43 kevinquinnyo marnom i plan on eventually writing an api client class as ext_pillar to talk to a remote service for pillar data later
15:43 jnials joined #salt
15:43 ronnix joined #salt
15:43 mrwboilers1 AndreasLutro: Thanks. I'll investigate those options.
15:43 syngularity What version of python are you running the saltstack 'develop' against?
15:43 XenophonF mrwboilers1: do you know about the Jinja documentation? http://jinja.pocoo.org/docs/dev/templates/
15:44 kevinquinnyo another question, i really want to use the ACME / letsencrypt implementation in develop branch, does anyone know the release schedule, or where i could view it so i know when it will be stable/packaged?
15:44 AndreasLutro kevinquinnyo: probably sometime this fall
15:45 mrwboilers1 XenophonF: Thanks, I've referenced that here and there. I'm still not real good with jinja, as I haven't used it a whole lot yet.
15:45 darvon joined #salt
15:45 pfallenop joined #salt
15:46 kevinquinnyo AndreasLutro: oh that's too bad.  well i guess i could try to run the develop branch and see if it works
15:46 davisj honestly: many thanks!
15:46 AndreasLutro kevinquinnyo: just copy the modules/states into your _states/_modules directory
15:47 AndreasLutro kevinquinnyo: though, you say develop, but the source says versionadded: 2016.3
15:47 kevinquinnyo ohh i see
15:48 AndreasLutro then again it's not in the 2016.3 branch so could just be wrong info
15:48 marnom kevinquinnyo, I was unable to find the post where I found the base ca.py. I've uploaded an anonymized version here; https://gist.github.com/anonymous/80aea9eb5a69208015b0 it works very well for us
15:48 kevinquinnyo AndreasLutro: yeah i wasnt sure if there were any core changes related to the state and execution modules that go along with it.  If that's all I need to do, awesome
15:48 kevinquinnyo thanks marnom
15:49 flowstat_ joined #salt
15:49 marnom kevinquinnyo, this may also help: https://github.com/saltstack/salt/issues/1543 though it wasn't the sample ca.py I found at the time..
15:49 saltstackbot [#1543]title: Populate entire files via Pillar | If I want to populate a file (say, /etc/ssl/cert.pem) that not every minion should be able to see, Pillar is ideal for this; however right now I don't have that option.
15:50 mrwboilers1 left #salt
15:52 flowstate joined #salt
15:54 debian112 joined #salt
15:54 __number5__ joined #salt
15:55 teryx5101 joined #salt
15:56 euidzero joined #salt
15:58 quasiben joined #salt
15:58 hasues joined #salt
15:58 hasues left #salt
16:02 CheKoLyN joined #salt
16:03 akhter joined #salt
16:03 fyb3r joined #salt
16:03 NeckBeardPrince joined #salt
16:05 ronnix joined #salt
16:08 rm_jorge joined #salt
16:11 digitalhero joined #salt
16:11 mavhq joined #salt
16:12 dyasny joined #salt
16:12 nethershaw joined #salt
16:13 mavhq joined #salt
16:14 tpaul Anyone know how the windows package manager determines if a package is already installed? Or can point me to the code that handles this?
16:15 mavhq joined #salt
16:16 beardedeagle joined #salt
16:17 AndreasLutro tpaul: https://github.com/saltstack/salt/blob/develop/salt/modules/win_pkg.py probably
16:18 tpaul AndreasLutro: ahh thank you, I was trying to find it in the states directory!
16:18 tpaul this looks more promising
16:19 akhter joined #salt
16:19 tpaul Dumb question, is r''' a python thing that I don't know about or a typo https://github.com/saltstack/salt/blob/develop/salt/modules/win_pkg.py#L541
16:20 AndreasLutro it's a "raw string"
16:20 tpaul thanks!
16:21 fracklen joined #salt
16:22 toastedpenguin joined #salt
16:23 josuebrunel joined #salt
16:26 digitalh_ joined #salt
16:27 ronnix joined #salt
16:29 hasues joined #salt
16:29 kevinquinnyo Rendering SLS 'saltmine' failed. Please see master log for details.
16:29 teryx510 joined #salt
16:30 kevinquinnyo i have restarted the salt-master, run, salt \* mine.flush, salt \* mine.update True
16:30 kevinquinnyo i have rm -rf /srv/salt/pillar/saltmine
16:30 kevinquinnyo i still get that error
16:30 kevinquinnyo any ideas?
16:30 flowstate joined #salt
16:31 kevinquinnyo the only thing in the master log is a message telling me to check the master log for more details
16:31 kevinquinnyo which is real cute
16:32 kshlm joined #salt
16:32 akhter_1 joined #salt
16:33 marnom kevinquinnyo, it complains about an SLS, so I don't expect either a mine flush/update or salt-master restart to fix it... check the 'saltmine' sls
16:33 hasues left #salt
16:33 marnom or run a highstate with -l debug (or the master..) to get more info
16:33 kevinquinnyo there is no sls called saltmine
16:33 kevinquinnyo there was a pillar called saltmine/init.sls which i've deleted
16:33 fyb3r remove the cache?
16:34 fyb3r /var/cache/salt/*
16:34 kevinquinnyo well
16:34 kevinquinnyo yeah let me try that, but i hope that's not the solution
16:35 kevinquinnyo i mean i hope that isnt the correct solution
16:35 fyb3r probably isnt lol. you dont have to get rid of all of it
16:35 fyb3r try going down into the folders and see whats in there. i know jobs get cached but im not sure if the mines do
16:35 kevinquinnyo fyb3r: sure
16:36 kevinquinnyo but i mean, manually deleting cache files is also not a solution is what i mean
16:36 kevinquinnyo not an acceptable one
16:36 fyb3r i cant remember the command to get salt to do it off the top of my head
16:37 mavhq joined #salt
16:37 Eugene pillar.refresh?
16:37 fyb3r salt '*' saltutil.clear_cache
16:37 Eugene That sounds closer
16:38 fyb3r then salt-run cache.clear_all
16:38 digitalhero joined #salt
16:39 digitalhero joined #salt
16:39 richerVE joined #salt
16:40 kevinquinnyo salt '*' saltutil.refresh_pillar
16:40 kevinquinnyo did the trick
16:40 fyb3r damn lol
16:40 kevinquinnyo thanks
16:40 fyb3r cheers
16:41 richerVE Hello, is there a way to run 'mine.update' inside a sls file, for example between states
16:41 mavhq joined #salt
16:41 richerVE I am using {% do salt.mine.update %} but is doing nothing
16:41 kevinquinnyo __salt__['mine.update']('*')
16:42 kevinquinnyo not sure if that would work or not
16:43 ronp_usa joined #salt
16:45 richerVE maybe with "salt.states.saltmod.function" using it as a state module?
16:48 Aleks3Y joined #salt
16:49 ronnix joined #salt
16:52 nZac joined #salt
16:53 mavhq joined #salt
16:53 nZac joined #salt
16:54 flowstate joined #salt
16:58 shaggy_surfer joined #salt
16:58 mavhq joined #salt
17:02 akhter joined #salt
17:02 sjmh joined #salt
17:03 shaggy_surfer joined #salt
17:04 writtenoff joined #salt
17:10 akhter_1 joined #salt
17:11 dlam joined #salt
17:11 flowstat_ joined #salt
17:15 flowstate joined #salt
17:16 mavhq joined #salt
17:18 s_kunk joined #salt
17:18 s_kunk joined #salt
17:22 flowstate joined #salt
17:23 flowstate joined #salt
17:25 amcorreia joined #salt
17:28 flowstate joined #salt
17:29 t0rrant joined #salt
17:30 digitalhero joined #salt
17:30 flowstate joined #salt
17:33 t0rrant hi guys, I was hoping someone could help me with a state.sls issue I'm having. The situation is I'm calling an sls with `salt node\* state.sls env.soft.master.config` and it returns and error stating that the sls `soft.master` cannot be found, although if I run it with `salt node\* env.soft.master` it runs successfuly. I have both an `init.sls` file and a `config.sls` within the tree `.../env/soft/master/`. Any ideas? thanks
17:33 fracklen joined #salt
17:34 t0rrant what bugs me is it seems to not consider the `env` directive...
17:34 t0rrant directive = part of the command
17:36 rihannon joined #salt
17:38 rihannon Hey everyone!  I'm having serious reliability issues with salt due to "The master is not responding." error.  I've changed worker threads six ways from sunday.  Has anyone else fixed this problem?
17:40 digitalh_ joined #salt
17:42 CeBe joined #salt
17:43 t0m0 joined #salt
17:43 ageorgop joined #salt
17:44 terratoma the master is not pleased
17:45 t0rrant btw I'm using salt version 2015.8.3
17:45 impi joined #salt
17:45 Lionel_Debroux joined #salt
17:49 mdasilva joined #salt
17:52 denys joined #salt
17:52 t0rrant nevermind
17:52 t0rrant thanks anyway
17:53 t0rrant I was including a formula and forgot to change one or more paths
18:00 bhosmer joined #salt
18:03 CeBe joined #salt
18:08 unthar joined #salt
18:14 digitalhero joined #salt
18:15 fracklen joined #salt
18:16 dfinn joined #salt
18:16 ecdhe So I can't have two formulas that BOTH install the same package.  But I CAN install two formulas that do both include the same .sls file, which installs that package?
18:16 lero joined #salt
18:16 rio203 joined #salt
18:17 AndreasLutro ecdhe: you can do the former, but the latter is best practice
18:18 ecdhe I thought the sls wouldn't compile if two pkg.installed states had the same name.
18:18 lero hey.. is it possible to have something like this to work? http://dpaste.com/1JJ91H7.txt
18:18 ecdhe Does having a different label help then?
18:18 AndreasLutro ecdhe: it would compile fine, as long as they have different state ids
18:18 AndreasLutro lero: no
18:21 kahiru joined #salt
18:21 mrwboilers Can runners be used to in states or pillars?
18:22 gtmanfred yes
18:22 mohae joined #salt
18:22 gtmanfred there is a runner function in the saltutil module
18:23 whytewolf it should be noted that the minion that is targetted for runners should be the master
18:23 gtmanfred ^^ that
18:23 gtmanfred but you can always do it in pillars
18:23 gtmanfred cause those get rendered on the master
18:23 whytewolf true [in fact that is how mine.get works in pillar]
18:24 gtmanfred you can use salt-run mine.get as well
18:24 ajw0100 joined #salt
18:24 lero AndreasLutro: ok.. is there a way to get around it? like, I need package X before adding a user to a group Y, because the group is created by this package..
18:24 AndreasLutro lero: split your multi-pkg state into individual states
18:24 mrwboilers So runners can't gather info from minions?
18:25 AndreasLutro or require all of them
18:25 mrwboilers Or am I misunderstanding?
18:25 fyb3r runners are ran on the local machine, be it a minion or master. they are not executed remotely.
18:26 mrwboilers What would be executed remotely?
18:26 fyb3r execution modules
18:26 whytewolf Salt runners work similarly to Salt execution modules however they execute on the Salt master itself instead of remote Salt minions.
18:26 whytewolf second line of https://docs.saltstack.com/en/latest/ref/runners/index.html
18:28 mavhq joined #salt
18:31 lero AndreasLutro: ok, I see
18:31 mrwboilers Here's something that I'm confused about. The grains doc says that grains should be static data. If the data is going to change, use a pillar instead.
18:31 lero AndreasLutro: thanks
18:31 mrwboilers However, any execution module in a pillar is executed on the master, not the minion.
18:32 AndreasLutro execution module in a pillar?
18:33 whytewolf mrwboilers: yes. pillar jinja is rendered on the master.
18:33 fyb3r mrwboilers, fair warning, I attempted for about 2 months to get dynamic pillars working only to finally give it up
18:33 CeBe joined #salt
18:33 whytewolf mrwboilers: it might be easier to just ask what you are really attempting to do
18:34 mrwboilers I want some type of targetable (probably not a word) data that is populated from an execution module run on the minions. This seems like an obvious feature that should be pretty basic. Am I the only one who would use this?
18:34 whytewolf anything that is targetable based on information from the minion is considered unsecure
18:34 mrwboilers I've asked on here a couple of times now. I'm sorry to keep bugging everyone.
18:35 mrwboilers I want to determine if a mysql database exists on a minion and actually be able to use that info.
18:35 AndreasLutro so are you trying to write a custom salt runner now or what
18:35 robawt mrwboilers: would the mysql database be assigned by a salt state only?  that'd be an easy way
18:35 mrwboilers I thought I could create a pillar that used mysql.db_exists, but it just runs that module on the master which isn't useful at all.
18:35 mrwboilers no, the database isn't created by a state.
18:35 kahiru joined #salt
18:36 whytewolf why not use mysql.db_exists in your state
18:36 fyb3r mrwboilers, the only way i could get such things to work was by passing cmd.run to the master and having the salt command that you want to execute on the minion as the arg
18:36 gtmanfred mrwboilers: that is what the state is supposed to do
18:36 gtmanfred mrwboilers: that is why they are idempotent
18:37 gtmanfred so they don't make a change if it is already setup the way you want them
18:37 mrwboilers So now I'm thinking about using a custom grain. But while which database(s) exist on a particular minion won't change often, it could change. Therefore it's not technically static data.
18:37 gtmanfred you could do that, but it goes against the way that everything is structured to work together
18:37 gtmanfred that is really just a state, does the database exist, yes, don't do anything
18:38 gtmanfred no reason to build custom grains around it
18:38 mrwboilers Ideally, I'd like to be able to use this information in targeting though.
18:38 fyb3r i guess the confusion here is why do you need the pillar
18:38 fyb3r ah
18:38 gtmanfred why?
18:38 gtmanfred why not use node groups?
18:38 mrwboilers I'd like to be able to do something like "salt -G 'dbname:True' mysql.query "ALTER TABLE..."
18:39 gtmanfred or just something else, and that group is setup the way you want
18:39 gtmanfred or once the minion has been setup and that database create
18:39 gtmanfred d
18:39 mrwboilers Node groups are too static. I would prefer something that doesn't need manual intervention to be up to date.
18:39 gtmanfred you could do a grians.setval
18:39 gtmanfred i mean, i get what you are trying to do, but i think there are better solutions than the way you are trying to do it
18:39 gtmanfred without having to have dynamic grains
18:40 whytewolf could even use something in _grains.
18:40 mrwboilers I'm starting to think that salt just won't work for this.
18:40 AndreasLutro it would, you just have to explore alternate ways than targetting like that.
18:40 gtmanfred you can absolutely do a custom grain, no one can stop you
18:40 fyb3r or just write your own module like ive been doing lol
18:40 gtmanfred it will work that way, and you will get your targeting
18:40 gtmanfred but, i am just saying there are alternatives that are better IMO
18:41 lumtnman joined #salt
18:41 AndreasLutro either create a custom runner, write a custom script that wraps two salt calls, or write a module that does what you want only if the database exists
18:41 AndreasLutro a custom grain would probably be buggy because grains are cached, so you could end up doing whatever you want to do more than once
18:41 fyb3r as are pillars arent they?
18:41 lumtnman joined #salt
18:42 whytewolf or, write a custom ext_pillar. something based on the mysql ext_pillar
18:42 mrwboilers maybe a custom module is the way to go. A runner wouldn't work because they are executed on the master, not the minions.
18:42 AndreasLutro yeah but at least pillars get refreshed at the start of every state run
18:42 gtmanfred mrwboilers: a runner could work
18:42 danemacmillan left #salt
18:42 gtmanfred you could even do it with an orchestrate script
18:42 AndreasLutro mrwboilers: a runner can be used to call module functions on minions...
18:42 gtmanfred where orchestrate goes and looks up the minions that have that thing
18:42 gtmanfred and then dumps them into the target minion list
18:42 Karunamon Hi folks - does anyone know what the purpose of the 'dist' property is in states.pkgrepo?
18:42 AndreasLutro that's why it runs on the master, so it can do stuff with multiple minions
18:43 Karunamon It's used in the examples https://docs.saltstack.com/en/latest/ref/states/all/salt.states.pkgrepo.html but not explained
18:43 gtmanfred Karunamon: it is the ubuntu or debian name
18:43 gtmanfred wheezy, precise, trusty,jessie, etc
18:43 AndreasLutro Karunamon: I think it's deprecated - you can see the dist is also named in the "name" arg
18:43 whytewolf dist
18:43 Karunamon AndreasLutro: Yeah, that's what was confusin gme.
18:43 whytewolf This dictates the release of the distro the packages should be built for. (e.g. unstable). This option is rarely needed.
18:43 gtmanfred it is also in the doc
18:43 gtmanfred like whytewolf just copied
18:44 Karunamon Oh for..
18:44 Karunamon Apparently i'm blind today. Thanks :P
18:44 gtmanfred ctrl+f ftw
18:44 whytewolf ctrl+f is your friend ;)
18:44 rmnuvg joined #salt
18:48 akhter joined #salt
18:52 akhter joined #salt
18:52 bhosmer joined #salt
18:54 Karunamon Actually while I'm thinking about it - can you pass an array to pkgrepo.managed.name? I've got about 12 different deb repos on my machines and that's a hell of a lot of retyping the same stuff over again
18:56 nZac joined #salt
18:57 fracklen joined #salt
18:59 mrwboilers Another question: Can a state (or something else) be used to manage just a segment of a file? I was just asked to add a line to an xml file on a bunch of servers. However, this xml file is far from identical from box to box. Templating all the differences would be more trouble than it's worth.
18:59 mrwboilers I suppose cmd.run with a sed command might be best?
18:59 Karunamon Augeas is great for that kind of stuff if it's a config file
19:00 MadHatter42 joined #salt
19:00 Karunamon there's also file.blockreplace if the position you're adding to is similar across all the files
19:01 keimlink joined #salt
19:01 mrwboilers Karunamon: Thanks. I'll check those out.
19:02 lero joined #salt
19:03 bastiandg joined #salt
19:05 quix_ joined #salt
19:07 quix_ joined #salt
19:13 dmaiocchi joined #salt
19:13 josuebrunel joined #salt
19:15 baweaver joined #salt
19:16 digitalhero joined #salt
19:17 doriftoshoes_ joined #salt
19:18 nZac joined #salt
19:22 Fiber^ joined #salt
19:23 bmac2 joined #salt
19:33 CeBe joined #salt
19:33 baweaver joined #salt
19:35 heaje joined #salt
19:35 teryx510 joined #salt
19:37 heaje joined #salt
19:39 evle joined #salt
19:39 fracklen joined #salt
19:42 TooLmaN joined #salt
19:43 akhter_1 joined #salt
19:43 TooLmaN joined #salt
19:44 TooLmaN joined #salt
19:45 TooLmaN joined #salt
19:46 TooLmaN joined #salt
19:47 TooLmaN joined #salt
19:51 akhter joined #salt
19:53 norii ugh augeas is so slow
19:53 GreatSnoopy joined #salt
19:54 norii just stick to jinga (but i admitedly have not read the backlog and am out of context here)
19:56 akhter_1 joined #salt
19:56 norii jinja can add lines based on context no? if they are not ever going to change tho you could just drop them as a file
19:58 norii that was  one of the first things i noticed and like about jinja vs erb -- jinja can be much smarter about slipping things in vs not at all in erb
19:58 ThomasJ joined #salt
20:02 akhter joined #salt
20:04 evidence so file.replace can't replace a symlink?  with the default of follow_symlinks true it properly edits the sym desitination.  with that set to false you get "Unable to manage file: 'NoneType' object has no attribute 'startswith'"
20:04 evidence so do you just have to do a file.absent with an onlyif test -L as a require or something?
20:04 forrest joined #salt
20:08 evidence that require w file.absent seems to work as a hack.. file.replace should probably just replace the symlink if follow_symlinks: false is set though
20:08 evidence file.managed rather, sorry
20:09 norii evidence: file.recurse can do it appar
20:13 evidence ah, can you give recurse a single file?
20:14 evidence i'm just using 'contents' in the state directly though also.. the file.absent should work until file.manage has some more logic
20:14 zenlot joined #salt
20:21 fracklen joined #salt
20:21 Karunamon Okay, if I've got an SLS that's doing multiple things (say multiple file.managed lines), what's the best practice for avoiding the "conflicting name" error?
20:21 donmichelangelo joined #salt
20:22 AndreasLutro Karunamon: use different ids :p
20:22 AndreasLutro for file states, specify the path with the "name" arg
20:22 Karunamon AndreasLutro: I thought that was the name of the function, though
20:22 Karunamon file.managed -name: blah
20:23 Karunamon https://gist.github.com/Karunamon/5de56f9143dfa089f795
20:24 AndreasLutro https://gist.github.com/anlutro/cd0c16d1d23d55ded19b
20:25 mavhq joined #salt
20:25 evidence yeah, move package_repos: down into the for loop, and change it to package_repos_{{repo}}:
20:26 evidence i'm assuming you have other OSes in there (othweise that package_repo outside of the conditionals would cause errors on other OSes), so you'll have to make sure to use the state name in those loops also
20:26 Karunamon Okay.. okay that makes sense.
20:26 Karunamon (I think this is another Puppet habit I'm trying to unlearn)
20:29 bfrog_ joined #salt
20:29 bfrog_ left #salt
20:29 akhter joined #salt
20:29 mavhq joined #salt
20:31 ThomasJ joined #salt
20:33 Karunamon that was remarkably simple, neat! thank you
20:35 toastedpenguin salt cloud, Windows, when launching an AWS instance I know using volumes:- { size:, device: , type: } adds a volume is there a way to increase the size of the root volume /dev/sda1 via salt cloud?
20:36 toastedpenguin and then have salt extend the NTFS on the EBS to use the additional space?
20:40 lemur joined #salt
20:41 jtylers joined #salt
20:42 flowstate joined #salt
20:42 DammitJim joined #salt
20:48 krymzon joined #salt
20:50 scarcry joined #salt
20:53 dmaiocchi joined #salt
20:53 digitalhero joined #salt
20:54 flowstate joined #salt
20:56 shoemonkey joined #salt
20:58 brianfeister joined #salt
20:59 bhosmer__ joined #salt
21:02 akhter_1 joined #salt
21:03 anthpa joined #salt
21:03 fracklen joined #salt
21:03 kahiru_ joined #salt
21:07 akhter joined #salt
21:08 antpa joined #salt
21:08 antpa joined #salt
21:09 antpa joined #salt
21:10 antpa joined #salt
21:10 antpa joined #salt
21:11 antpa joined #salt
21:12 akhter joined #salt
21:12 antpa joined #salt
21:13 CeBe joined #salt
21:14 TyrfingMjolnir joined #salt
21:14 akhter joined #salt
21:17 baweaver joined #salt
21:17 antpa joined #salt
21:18 antpa joined #salt
21:19 antpa joined #salt
21:19 antpa joined #salt
21:20 antpa joined #salt
21:20 digitalhero joined #salt
21:20 antpa joined #salt
21:21 antpa joined #salt
21:22 antpa joined #salt
21:22 antpa joined #salt
21:26 akhter joined #salt
21:26 mpanetta_ joined #salt
21:26 zahna joined #salt
21:27 zahna does anyone else's pip crash when running "pip search salt"?
21:27 geomacy joined #salt
21:28 zahna actually pypi gives a "something went wrong" page when searching for salt
21:29 renaissancedev joined #salt
21:29 renaissancedev So, looking at the docs and the code it doesn't appear as though the boto_route53 module supports record sets. Am I missing something?
21:30 renaissancedev Having this working seems like it would be incredibly beneficial...
21:30 Eugene zahna - yes, with a pypi_hidden. I'm guessing that's "works as intended"
21:31 DammitJim joined #salt
21:31 Freek joined #salt
21:31 Eugene I can't be arsed to read the whole chain, but skimming this is interesting http://comments.gmane.org/gmane.comp.sysutils.salt.user/17196
21:32 CeBe joined #salt
21:32 zahna so pypi hides salt?
21:33 akhter_1 joined #salt
21:33 Eugene I think that it's marked as Hidden on PyPi because the version there is Dev; pip defaults to trying to install hidden packages, and fails miserably at it.
21:33 Eugene http://salt-users.narkive.com/APG6ljVk/request-for-pypi-releases
21:35 renaissancedev So, looks like recordsets aren't supported, likely due to the fact that Salt is requiring v2.35.0 of Boto which doesn't have that functionality.
21:35 zahna ah, interesting
21:36 Eugene I've always just used EPEL, no problems. The official salt package repo can be newer, but I prefer to minimize the number of yum repos(and find EPEL's conservative approach to be a Feature)
21:38 chrismoos joined #salt
21:42 anthpa joined #salt
21:43 Karunamon Speaking of EPEL and such - is there a clever way with pkgrepo to toss any repos that aren't declared?
21:43 Karunamon I used to manage repos with file.present and a truckload of jinja, but i'm now doing it with pkgrepo
21:44 Karunamon writing a state that wipes the directory and then doing a prerequired_in: just gives me a "following prerequisites were not found"
21:45 Karunamon I can't use an 'onchanges' in the cleanup state, since then it just blows away all the files that were just added
21:47 yidhra_ joined #salt
21:48 akhter joined #salt
21:48 teryx510 joined #salt
21:48 mpanetta joined #salt
21:48 teryx510 joined #salt
21:53 teryx510 joined #salt
21:54 CeBe joined #salt
21:58 flowstate joined #salt
22:02 teryx510 Hey guys, trying to use cmd.script to execute a python script on Windows anyone have experience with this. I've tried setting - shell: c:\salt\bin\python.exe but no dice.
22:04 euidzero joined #salt
22:05 fracklen joined #salt
22:11 oajara joined #salt
22:11 fyb3r left #salt
22:14 oajara Hey people! I have https://github.com/saltstack-formulas/ec2-autoscale-reactor working fine. AWS notifies the salt master about the new instance, the key is accepted and salt is bootstraped in the instance. The problem is the instance is registered with the instanceId as name which is not that good for targeting with the salt states. Anyone has an idea to prepend a string to the name or something similar?
22:15 sauvin joined #salt
22:16 zmalone joined #salt
22:18 mdasilva joined #salt
22:21 Karunamon teryx510: The last few times I did this, I had to do cmd.run 'c:\path\to\python\python.exe scriptname.py'
22:23 teryx510 karunamon: Yeah, I was just changing my sls to use cmd.run. Doesn't feel as clean, but it works. Thanks.
22:23 CeBe joined #salt
22:23 bmac2 joined #salt
22:31 HappySlappy joined #salt
22:35 subsignal joined #salt
22:38 digitalhero joined #salt
22:41 west575 joined #salt
22:42 zenlot6 joined #salt
22:47 Karunamon left #salt
22:47 Karunamon joined #salt
22:47 Karunamon agh.. okay, clearly i'm doing something wrong here
22:47 fracklen joined #salt
22:47 Karunamon my goal is to have a bunch of repos set up, right? IF those changes have to be done, I want another state to wipe out the existing repos folder
22:48 Karunamon https://gist.github.com/Karunamon/5de56f9143dfa089f795 - my state looks like this
22:48 Karunamon as written, the repo files get put into place, and then the cleanup state immediately blows them all away again
22:49 Karunamon onchanges seems to be the way to do this (if the targeted state returns a change, run the calling state), but apparently not.
23:04 Karunamon changing it to a listen_in causes a crash :D
23:07 antpa joined #salt
23:10 baweaver joined #salt
23:15 tpaul Is there a way to tell a minion to reload its environment variables in a state? For example I have a state that installs nodejs but I can't use npm until the minion refreshes PATH (this is a windows-ism)
23:16 Rumbles joined #salt
23:21 Muchoz joined #salt
23:25 bhosmer_ joined #salt
23:28 mikelodder joined #salt
23:31 mikelodder I created an EC2 instance in AWS ubuntu 14.04. I'm installing salt using sh install_salt.sh -P -M. The salt master also has the salt-minion installed on it so it can configure itself with states on start up.  When I start the salt-minion I don't see any keys generated, What I could be doing wrong?
23:32 mikelodder I was going to just move the key generated by the minion to the accepted minions folder since its the same VM
23:36 sauvin joined #salt
23:42 sauvin joined #salt
23:43 brianfeister joined #salt
23:43 west575 joined #salt
23:49 fracklen joined #salt
23:50 kliquori joined #salt
23:52 mikelodder any help with this would be greatly appreciated
23:59 brianfeister joined #salt
23:59 west575 joined #salt

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary