Perl 6 - the future is here, just unevenly distributed

IRC log for #salt, 2016-03-15

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:01 akhter joined #salt
00:04 mianos aha, my minions that have been created are using an ubuntu ppa, maxed out at 2015.5
00:04 mianos I'll maybe have to update the sources to point to repo.saltstack
00:04 hemebond Ah. If you change to the saltstack repo you should be able to upgrade.
00:05 mianos I never looked, the master was obviously created by me  but all the minions just salt-cloud
00:08 lungaro i'm getting a weird error while trying to call __salt__['file.managed'](**kwargs) in my own custom module. I'm not doing anything crazy but am lost in decorator land
00:08 lungaro is that the right way to call built in modules ?
00:10 lungaro typo'd that -- my bad. meant to say __states__ instead of __salt__
00:12 aw110f joined #salt
00:14 nZac joined #salt
00:16 XenophonF mianos: i'm in the same boat as you
00:16 XenophonF mianos: in my case i'm going to use salt-formula's salt.pkgrepo state to push the new official repo config to my minions (ubuntu+centos)
00:17 XenophonF mianos: plus a custom state to remove references to the old PPA/COPR repos
00:22 kermit joined #salt
00:29 fracklen joined #salt
00:31 rem5 joined #salt
00:36 rem5 joined #salt
00:38 hoonetorg joined #salt
00:38 mianos I am thinking I'll just rebuild them all
00:40 shoemonkey joined #salt
00:40 mianos if I update salt-cloud on the master that is running 2015.8 hopefully the minions should be created with the same version
00:40 djgerm1 left #salt
00:41 XenophonF good luck
00:43 shaggy_surfer joined #salt
00:44 mianos ah, "] Invalid keyword 'standard' for variable 'master_type'"
00:44 mianos seen that before
00:45 virtualguy joined #salt
00:45 mianos salt-minion 2015.8.7 (Beryllium)
00:45 mianos 1) Don't deploy Ubuntu 14.04 nodes using salt-cloud :)
00:45 mianos bumma
00:48 mianos damn, looks like ubuntu 14.04 is totally unsupported
00:52 mianos https://github.com/saltstack/salt/issues/25335
00:53 iceyao joined #salt
00:53 mianos salt-minion --version gives me: salt-minion 2015.8.7 (Beryllium)
00:53 mianos salt-minion -l debug [ERROR   ] Invalid keyword 'standard' for variable 'master_type'
00:53 mianos damn
00:55 digitalhero joined #salt
00:57 mianos ok master_type: str in the master profile works
00:57 mianos that bug report is wrong
00:58 mianos closed and wrong I should add
01:00 racooper joined #salt
01:02 XenophonF joined #salt
01:06 baweaver joined #salt
01:06 devtea joined #salt
01:08 rem5_ joined #salt
01:08 euidzero joined #salt
01:10 RobertChen117 joined #salt
01:11 fracklen joined #salt
01:12 digitalhero joined #salt
01:13 digitalhero joined #salt
01:25 subsignal joined #salt
01:25 euidzero joined #salt
01:31 teryx510 joined #salt
01:32 k_sze[work] joined #salt
01:33 bhosmer_ joined #salt
01:41 alvinstarr joined #salt
01:47 quasiben joined #salt
01:53 fracklen joined #salt
01:58 kliquori joined #salt
01:58 jeddi joined #salt
01:59 nZac joined #salt
02:10 euidzero joined #salt
02:12 favadi joined #salt
02:14 aqua^c joined #salt
02:16 michelangelo joined #salt
02:19 kermit joined #salt
02:24 joe_n joined #salt
02:25 RobertChen117 joined #salt
02:27 bhosmer joined #salt
02:27 jeddi joined #salt
02:32 malinoff joined #salt
02:34 jfred joined #salt
02:35 jeddi joined #salt
02:35 fracklen joined #salt
02:46 catpigger joined #salt
02:47 ilbot3 joined #salt
02:47 Topic for #salt is now Welcome to #salt! | Latest Version: 2015.8.7 | Register for SaltConf16: http://saltconf.com/register/ | Paid support available for open source Salt! https://www.saltstack.com/support/ | Logs: http://irclog.perlgeek.de/salt/ | Paste: https://gist.github.com/ (please don't multiline paste into channel) | Ask with patience as we are volunteers and may not have immediate answers
02:49 jeddi joined #salt
02:54 tpaul joined #salt
02:55 RobertChen117 joined #salt
02:57 onlyanegg joined #salt
02:58 brianfeister joined #salt
03:06 writtenoff joined #salt
03:08 writtenoff joined #salt
03:09 quix joined #salt
03:10 aw110f joined #salt
03:17 fracklen joined #salt
03:21 bhosmer joined #salt
03:22 beardedeagle joined #salt
03:26 bhosmer joined #salt
03:29 shoemonkey joined #salt
03:31 digitalhero joined #salt
03:57 malinoff joined #salt
03:59 beardedeagle So say I wrote a much improved version of salt-pepper, a complete rewrite, would it be best to pass that off to saltstack or just publish it myself?
03:59 fracklen joined #salt
04:03 aw110f joined #salt
04:05 euidzero joined #salt
04:13 anmol joined #salt
04:13 chamunks Are there any functions in salt that can potentially check for FS changes like Tripwire does?  https://www.digitalocean.com/community/tutorials/how-to-use-tripwire-to-detect-server-intrusions-on-an-ubuntu-vps
04:20 bhosmer joined #salt
04:28 rdas joined #salt
04:29 orion left #salt
04:31 ntropy chamunks: inotify beacon might be what you need
04:32 digitalhero joined #salt
04:32 chamunks ntropy I'll look it up shortly ty.
04:34 tkharju joined #salt
04:39 jeddi joined #salt
04:41 fracklen joined #salt
04:42 digitalhero joined #salt
04:46 aqua^c joined #salt
04:46 digitalhero joined #salt
04:47 kliquori joined #salt
04:49 impi joined #salt
04:51 digitalhero joined #salt
04:54 digitalhero joined #salt
04:57 digitalhero joined #salt
04:58 antpa joined #salt
04:58 antpa joined #salt
05:00 digitalhero joined #salt
05:03 digitalhero joined #salt
05:06 digitalhero joined #salt
05:06 ageorgop joined #salt
05:06 RobertChen117 joined #salt
05:09 digitalhero joined #salt
05:11 josue joined #salt
05:19 josue hi guys, why doesn't salt-ssh transport pillars to minion ?
05:23 jeffspeff joined #salt
05:24 fracklen joined #salt
05:25 ashmckenzie joined #salt
05:26 RobertChen117 joined #salt
05:27 ageorgop joined #salt
05:35 kliquori joined #salt
05:36 ntropy because its not supposed to; please explain what you're trying to do and why you expect that to happen
05:44 favadi joined #salt
05:46 josuebrunel ntropy: hi sorry just saw your message
05:47 josuebrunel ntropy: i have my pillar. When i'm using salt with an agent (master/minion through zmq), jinja is able to render my pillar because because it finds it
05:48 josuebrunel but when using salt-ssh jinja can't render it because it doesn't find the pillar data
05:48 josuebrunel my pillar is a simple list of user
05:48 josuebrunel it seems there's an issue with salt-ssh https://github.com/saltstack/salt/issues/28503
05:49 sauvin joined #salt
05:49 josuebrunel ntropy: are you there ?
05:50 brianfeister joined #salt
06:04 shoemonkey joined #salt
06:06 fracklen joined #salt
06:26 bhosmer joined #salt
06:58 brianvdawson joined #salt
07:04 av_ joined #salt
07:05 mavhq joined #salt
07:07 euidzero joined #salt
07:11 honestly there's plenty of issues with salt-ssh
07:11 honestly pillar calls should be wrapped though if you use states with just jinja
07:16 josuebrunel joined #salt
07:17 antpa joined #salt
07:19 hightekvagabond joined #salt
07:21 bhosmer joined #salt
07:23 pwalsh joined #salt
07:25 josuebrunel joined #salt
07:28 linjan_ joined #salt
07:37 kliquori joined #salt
07:39 brianfeister joined #salt
07:40 mavhq joined #salt
07:41 RobertChen117 joined #salt
07:44 djgerm1 joined #salt
07:46 krymzon joined #salt
07:51 KermitTheFragger joined #salt
07:54 djgerm1 Does anybody have a good vmware cloud profile that specifies updating the template IP? The syntax on https://docs.saltstack.com/en/latest/topics/cloud/vmware.html#vmware-cloud-profile
07:54 djgerm1 doesnt seem to work
07:55 josuebrunel joined #salt
07:55 iceyao joined #salt
07:56 freeaks joined #salt
07:58 fracklen joined #salt
08:02 brianfeister joined #salt
08:05 shoemonkey joined #salt
08:11 atmosx joined #salt
08:15 kshlm joined #salt
08:15 bhosmer joined #salt
08:15 dmaiocchi joined #salt
08:24 kliquori joined #salt
08:26 fracklen joined #salt
08:27 dmaiocchi joined #salt
08:29 lero joined #salt
08:30 jhauser joined #salt
08:30 ggoZ joined #salt
08:34 ronnix joined #salt
08:35 malinoff1 joined #salt
08:36 kliquori joined #salt
08:36 malinoff joined #salt
08:42 GreatSnoopy joined #salt
08:49 losh joined #salt
08:53 fredvd joined #salt
08:54 dgutu joined #salt
08:57 JohnnyRun joined #salt
08:59 slav0nic joined #salt
09:01 digitalhero joined #salt
09:05 ronnix joined #salt
09:08 josuebrunel joined #salt
09:08 josuebrunel hi guys, is there an alternative to pillar ?
09:08 josuebrunel another way to store data, when using salt-ssh ?
09:09 bhosmer joined #salt
09:14 geomacy joined #salt
09:14 babilen You can hardcode it in the states or, presumably, set it in grains. Why don't you want to use pillars though?
09:16 dmaiocchi joined #salt
09:18 sab3r Im trying to get my elasticsearch formula to install elasticsearch from rpm repo and my pkgrepo.managed function returns all green so I assume it correctly downloads the packages from the repo I want. pkg.installed, though, returns The following package(s) were not found, and no possible matches were found in the package db: elasticsearch-2.2.0. Yes I also tried it withouth the "-2.2.0" ending..
09:18 sab3r any ideas?
09:19 sab3r http://hastebin.com/raw/ijiyihokoh here is a paste from the top of my init.sls
09:20 ronnix joined #salt
09:20 JohnnyRun joined #salt
09:21 hemebond sab3r: Aren't you getting the pkgrepo name wrong?
09:21 hemebond Maybe the name attribute behaves differently for pkgrepo.
09:21 hemebond But my first thought is "it says pkgrepo: elasticsearch_repo but there is name: elasticsearch-2.2.0"
09:24 hemebond It doesn't look like name is used for YUM repos at all.
09:24 LondonAppDev joined #salt
09:26 joe_n joined #salt
09:26 bollullera joined #salt
09:26 flughafen joined #salt
09:27 s_kunk joined #salt
09:27 s_kunk joined #salt
09:28 sab3r hmm okay.. prolly should take that off.. another thing I think that maybe gpgkey doesnt support "salt://" so Im now trying with "file://"
09:28 hemebond Yeah saw that but thought maybe it was just something I wasn't aware of :-)
09:29 LostSoul_ Hello
09:29 LostSoul_ It's me again :P
09:29 hemebond Would be handy if it did work.
09:29 hemebond Hi LostSoul_ :-)
09:29 LostSoul_ 'match':"'.*IO::Socket::SSL->new(PeerAddr=>.*'"     - and I get CommandExecutionError: unbalanced parenthesis, I tried to get it in " " and \ but nothing worked out
09:30 mongoose joined #salt
09:31 keimlink joined #salt
09:33 hemebond LostSoul_: If that's a regex you need to escape the (
09:33 LostSoul_ I tried with \
09:33 hemebond In fact you'll possibly have to escape the \ too, e.g., \\(
09:39 flughafen can i make a sls file that has the contents of a file all in one?  not a "source: salt://..." but where I put the contents/state in one file?
09:39 hemebond flughafen: Yes.
09:40 hemebond Use the (I think) contents attribute.
09:42 LostSoul_ Ok what's now hemebond: 'repl':'IO::Socket::SSL->new(PeerAddr=>\"$imap_server:$imap_port\", SSL_version=>\"SSLv3\", %ssl_args)'
09:43 hemebond LostSoul_: Is there an error with that?
09:43 tweakism I think the only escape that exists inside '' is \'
09:43 tweakism so are those escapes for the next level (not for YAML)?
09:44 watersoul joined #salt
09:44 Netwizard joined #salt
09:44 jwinters1 joined #salt
09:46 tweakism no, actually I'm sorry not even \' is valid
09:46 tweakism the only escape is '' for '
09:47 flughafen hemebond: how? or what should I search for?
09:47 LostSoul_ LOL hemebond
09:47 tweakism flughafen: file.managed has a contents: parameter.
09:47 LostSoul_ \\( worked
09:47 LostSoul_ Damn, those regexp
09:48 LostSoul_ Thanks man, you are true star :P
09:48 tweakism LostSoul_: do you have to have the '' nested inside ""?
09:48 tweakism LostSoul_: '' is nice for regexes because you don't have to escape \'s
09:55 zyio Morning. Wondering if someone can help point me in the right direction.
09:55 flughafen tweakism: found it, thanks
09:55 cyteen_ joined #salt
09:55 LostSoul_ I have "" inside ''
09:55 LostSoul_ And I needed to escale (
09:55 LostSoul_ Like \\(
09:55 zyio Looking to transfer a file from one minion to another after it's been created by a previous step
09:55 zyio Is the mine the correct way to go about this?
09:55 tweakism LostSoul_: I was asking about your match you posted.
09:56 hemebond zyio: That sounds more like a reactor thing.
09:58 josuebrunel babilen: i want to use pillar, but when using salt-ssh, the pillar aren't found
09:58 josuebrunel but if i use salt/salt-call, jinja does find the pillar
09:58 josuebrunel babilen: maybe this issue https://github.com/saltstack/salt/issues/28503
09:59 hemebond zyio: Your minion would send an event saying the file has been created and your master would then transfer the file somehow.
09:59 hemebond I'm not that familiar with reactor.
09:59 hemebond Of course, if it's just a value or two that doesn't need to be secure then mine would be fine.
10:02 LostSoul_ tweakism: ?
10:02 zyio Cheers hemebond, I'll have a look into it, much appreciated
10:02 hemebond Good luck :-)
10:02 tweakism LostSoul_: you gave the example of 'match':"'.*IO::Socket::SSL->new(PeerAddr=>.*'"
10:02 hemebond Be sure to write a blog post about it so I can use it later :-D
10:02 tweakism LostSoul_:
10:03 LostSoul_ Yeah
10:03 LostSoul_ And?
10:03 zyio Hah, if I get there then I will, no worries
10:03 ronnix joined #salt
10:03 LostSoul_ I want to know if I can try to replace regexp after certain line?
10:03 tweakism LostSoul_: "\\(" is the same as '\(' was all I was saying, for your future reference; '' is often nice like this for regexes
10:03 josuebrunel Could someone tell me how to write a custom pillar module
10:03 LostSoul_ As I have 3-5 similar lines and I want to replace just one
10:03 josuebrunel should the ext_pillar function be in a simple __init__.py in a dir ?
10:04 LostSoul_ tweakism: I tried \(
10:04 tweakism LostSoul_: you're not listening
10:04 LostSoul_ But salt didn't parse it
10:04 josuebrunel or there's a specific file name to give to the file containing the ext_pillar
10:04 LostSoul_ I guess I'm not getting it :(
10:04 tweakism LostSoul_: "\\(" is the same as '\('  (in YAML)
10:04 tweakism note the first has double quotes and the latter has single quotes
10:05 tweakism that's all I was attempting to communicate.
10:06 shoemonkey joined #salt
10:06 LostSoul_ I still don't understand ->
10:07 hemebond tweakism: I think LostSoul_ is using two sets of quotes because of the way the outer set were being stripped, but it's possibly not necessary when the regex doesn't start with a # character
10:07 LostSoul_ Ou damn
10:07 LostSoul_ I got it now
10:07 LostSoul_ LOL, ok I will try it tweakism
10:07 Rumbles joined #salt
10:07 LostSoul_ Sorry!
10:07 averell joined #salt
10:08 tweakism josuebrunel: let me give you an example from my config.  I have in /etc/salt/master: 'extension_modules: /srv/salt/modules', then I make an ext pillar named adv_tree by creating the file /srv/salt/modules/pillar/adv_tree.py containing an ext_pillar()
10:08 bhosmer joined #salt
10:08 josuebrunel tweakism: thanks buddy
10:09 josuebrunel tweakism: do you use salt-ssh by any chance ?
10:10 garphy joined #salt
10:11 LostSoul_ hemebond: LOL
10:11 LostSoul_ What blog post? :)
10:12 hemebond LostSoul_: zyio is going to write a blog post on how to use reactor to copy files between minions once they figure it out :-)
10:13 Hetman guys is that looks like bug or something I screw up: http://pastebin.com/n44p2TEq this used to work ...
10:14 geomacy joined #salt
10:17 LostSoul_ Aaaa, damn
10:17 LostSoul_ Thanks hemebond for your help
10:17 hemebond You're welcome :-)
10:28 joe_n joined #salt
10:29 ronnix joined #salt
10:29 sfxandy joined #salt
10:29 sfxandy hi everyone
10:30 _Cyclone_ joined #salt
10:33 dendazen joined #salt
10:36 hemebond Hi sfxandy
10:39 CeBe joined #salt
10:40 RobertChen117 joined #salt
10:41 yomilk joined #salt
10:49 sfxandy hi hemebond
10:51 amcorreia joined #salt
10:52 N-Mi joined #salt
10:53 fredvd joined #salt
10:57 kawa2014 joined #salt
11:01 fracklen joined #salt
11:06 flughafen_ joined #salt
11:07 ravenx joined #salt
11:07 cyborg-one joined #salt
11:08 bhosmer joined #salt
11:08 flughafen joined #salt
11:08 kliquori joined #salt
11:08 ravenx with this top.sls file: http://ix.io/soz/#n-LINENO   how can i run highstate (or just any state update) on the 'vagrant' group servers one,two
11:09 hemebond ravenx: Are the minions called 'one' and 'two'?
11:09 ravenx yup
11:09 ravenx i'm using those on vagrant right now
11:09 ravenx as little test dummies.
11:09 ravenx so their host name is one and two, and i am able to do:   salt '*' test.ping
11:09 ravenx and see a reply from them
11:09 ravenx :)
11:09 hemebond You can target a list of minions.
11:10 ravenx hemebond: yes, and i am trying to do that/understand that right now
11:10 hemebond I'm trying to find the page in the docs now.
11:11 hemebond https://docs.saltstack.com/en/latest/ref/states/top.html
11:11 hemebond Search for 'match: list'
11:11 hemebond You will see an example of using a list of minion names.
11:13 josuebrunel hi guys, me again
11:14 ravenx hemebond: ah, so i need to have the 'match: list' line under my 'vagrant' group?
11:15 ravenx or i am just running commands all wrong, cuz i got this:  http://i.imgur.com/x2l9RS8.png
11:16 geomacy joined #salt
11:17 babilen ravenx: You probably neither want nor can pass the saltenv argument to test.ping there (doesn't really make sense anyway)
11:18 ravenx babilen: so i can only do highstates to certain environments?
11:20 ravenx still not too sure what the `match:list` directive does. cuz i noticed that example in the docs, those 'foo bar baz' servers aren't under a common grouping
11:20 ravenx like 'testing' or something
11:21 babilen ravenx: test.ping does not run a highstate. Also the minion <-> environment mapping is typically defined in the top.sls
11:21 ravenx babilen: yup, that is true, i have it defined there as well.
11:22 tweakism ravenx: for the command line, see https://docs.saltstack.com/en/latest/ref/cli/index.html
11:22 tweakism the example is: salt -L foo.bar.baz,quo.qux cmd.run 'ps aux | grep foo'
11:23 ravenx tweakism: aaah
11:23 fracklen joined #salt
11:23 babilen Or "salt -L foo.bar.baz,quo.qux test.ping" in that case
11:24 ravenx much clearer now
11:26 ravenx is the 'base' mandatory?
11:26 ravenx i removed that from my top.sls and have been getting this: Comment: No Top file or external nodes data matches found
11:26 babilen Yes, you have to define the environment
11:26 ravenx ah fuck.
11:27 ravenx this is not good then
11:27 ravenx cuz right now, my top.sls looks like this:  http://ix.io/soJ/#n-LINENO
11:27 ravenx :/ that's wrong, i take it?
11:27 babilen Yes, add "base:" in the first line and adjust indentation
11:27 ravenx babilen: thank you :)
11:27 ravenx so even if i don't have anything for base, i NEED it there.
11:29 babilen You do have states in an environment. 'base' is simply a name that gets some special treatment (mostly relating to GitFS), but you could call that 'frankenstein' if you want to.
11:30 babilen This mimics your file_roots configuration
11:30 ravenx hm..
11:30 ravenx how coem this one can have no base:  https://docs.saltstack.com/en/latest/ref/states/top.html#multiple-environments
11:31 babilen It doesn't use the "base" name, but other names.
11:31 ravenx right, but how come my top.sls file of a single vagrant environment with two hosts won't work?
11:31 ravenx cuz if they can simply have dev, qa, and prod, i should be able to just have my 'vagrant' environment, no?
11:32 keimlink joined #salt
11:32 babilen Ah! Sorry .. I misread your file, you have a 'vagrant' environment there.
11:32 ravenx no worries.
11:32 babilen Yes, sure ..
11:32 ravenx i'm starting small, and here is i how it l;ooks :  http://ix.io/soJ/#n-LINENO
11:32 ronnix joined #salt
11:33 ravenx this is my /srv/salt: http://i.imgur.com/Rbxyzh7.png
11:34 ravenx but when i run: salt '*' state.highstate saltenv=vagrant    i get this:    http://ix.io/soZ/#n-LINENO
11:34 ravenx something so simple, i dont get how this could mess up
11:34 kbaikov joined #salt
11:39 AndreasLutro ravenx: if you're just starting - don't use environments
11:39 AndreasLutro just use "base"
11:40 ravenx i kinda have to >_<  i need to demo this for a boss real soon
11:40 ravenx i did use base when i was following the tutorial
11:40 ravenx last week
11:40 ravenx and now i want to introduce some environments
11:40 ravenx and something as simple as what i did blew up
11:41 babilen What do you want to use them for?
11:42 tweakism environments definitely seem worth avoiding, from browsing the open issues...
11:42 babilen And they are also often misunderstood ..
11:43 hemebond I wish you could use a top file to put minions into an environment and then use a top file within the environment to apply states.
11:43 babilen Well, the top file does both things at once.
11:43 josuebrunel i have two states in the same folder : /srv/salt/sate/init.sls and /srv/salt/sate/whatever.sls, but when in init.sls i do somthing like
11:43 josuebrunel {% from 'whatever.sls' import my_var %} Jinja raises a TemplateNotFound. Could someone tell me why ?
11:44 hemebond As it is, you have to be really careful when targeting to make sure there is no overlap with other environments.
11:44 AndreasLutro josuebrunel: you need the full path relative to /srv/salt
11:44 babilen ravenx: fwiw, looks as if you don't use different roots for base and vagrant (i.e. you did not configure the vagrant environment in file_roots in your master config)
11:44 babilen hemebond: Absolutely
11:45 josuebrunel AndreasLutro: still doesn't work weirdly
11:46 AndreasLutro josuebrunel: show us what you changed it to
11:46 josuebrunel AndreasLutro: {%from 'state.users.data.sls' import users %}
11:47 AndreasLutro you don't use . when referring to jinja templates or files, you use /
11:47 josuebrunel AndreasLutro: salt-ssh can't use my pillar, so i'm obliged to do something a lil bit ugly
11:47 AndreasLutro "can't use your pillar" why/
11:47 AndreasLutro ?
11:47 josuebrunel AndreasLutro: but it's no where in the doc https://docs.saltstack.com/en/latest/ref/renderers/all/salt.renderers.jinja.html
11:47 morissette joined #salt
11:48 josuebrunel AndreasLutro: when using salt-ssh, i don't find my pillars on the minion
11:48 ronnix joined #salt
11:48 alvinstarr joined #salt
11:48 AndreasLutro such is life josuebrunel. make a pull request to improve it
11:48 AndreasLutro okay, then you probably set up your pillars wrong
11:48 josuebrunel AndreasLutro: i'm stuck on that since yesterday, and there seems to be a regretion
11:49 josuebrunel AndreasLutro: but it works when i use salt/salt-call
11:49 AndreasLutro you know you're not supposed to store pillars on the minion when using salt-ssh right?
11:49 josuebrunel AndreasLutro: yeah that's the point. But those data should be available to the minion right ?
11:50 sab3r hemebond: Yeah thanks for pointing out the repo name, that and changing the protocol used to get gpg key solved my problems I asked about earlier!
11:50 AndreasLutro yes josuebrunel, pillar data is available to the minion
11:50 josuebrunel AndreasLutro: i only one pillar, where i have a list of users. When i use salt agentless (salt-ssh) the jinja doesn't find pillar['users'] so he can't create the users
11:51 josuebrunel AndreasLutro: the weird thing is that it works well when using salt or salt-call
11:51 AndreasLutro then you didn't assign the pillar to the minion properly
11:51 josuebrunel base:
11:51 josuebrunel - '*':
11:51 josuebrunel - users
11:52 josuebrunel AndreasLutro: that's what i did
11:52 denys joined #salt
11:52 AndreasLutro try running salt-ssh with -l trace, see if you get anything useful out of it
11:52 pwalsh joined #salt
11:53 AndreasLutro I use pillar data with salt-ssh all the time, there are almost definitely no bugs unless you're doing something very weird
11:53 josuebrunel AndreasLutro: ok thanks
11:54 goal joined #salt
11:54 josuebrunel AndreasLutro: what version do u use ?
11:55 AndreasLutro 2015.8 and 2016.3
11:55 goal if there are excludes in a yum.conf, then the pkg.installed state cannot find the excluded packages, and neither does there seem any way to override excluded packages from pkg.installed
11:55 josuebrunel AndreasLutro: there's that bug though https://github.com/saltstack/salt/issues/28503
11:55 goal anyone know of a way around this?
11:55 josuebrunel AndreasLutro: i use this one 2015.8.7
11:57 AndreasLutro that's from the develop branch
11:57 AndreasLutro which is not 2015.8
11:58 josuebrunel weird it's on debian repos though
12:01 AndreasLutro oh nevermind, the submitter stated the wrong information
12:01 AndreasLutro well I dunno what to tell you. salt-ssh with pillars has always worked fine for me. either it's some weird ubuntu-specific bug or you're leaving some information out
12:02 josuebrunel AndreasLutro: i'm on debian. And you might be right about it https://packages.debian.org/jessie/salt-master
12:03 AndreasLutro err
12:03 AndreasLutro that's ancient
12:04 AndreasLutro you said you were using 2015.8.7
12:04 impi joined #salt
12:06 fracklen joined #salt
12:07 shoemonkey joined #salt
12:07 babilen josuebrunel: Could you paste the output of "salt-ssh --versions-report" ?
12:08 josuebrunel babilen: here it is
12:08 josuebrunel Salt Version:
12:08 josuebrunel Salt: 2015.8.7
12:08 josuebrunel
12:08 josuebrunel Dependency Versions:
12:08 josuebrunel joined #salt
12:09 babilen That is, however, not the package you installed from the jessie repositories. This must come from repo.saltstack.com (or a different third-party repo) if you installed with the package managed.
12:10 seedx joined #salt
12:10 babilen Pillars work with that version, so it must be your configuration. If you could paste *all* relevant configuration for a minimal usecase that shows that you can't use a pillar to one of http://refheap.com, http://paste.debian.net, https://gist.github.com, http://sprunge.us, … we will probably be able to spot the problem soon.
12:11 quasiben joined #salt
12:12 evle joined #salt
12:15 vilitux joined #salt
12:17 iceyao joined #salt
12:18 josuebrunel babilen: thanks i will do so then
12:21 Fiber^ joined #salt
12:22 sfxandy ok, have a question regarding orchestration....
12:23 rem5 joined #salt
12:24 sfxandy how can I execute, for example, a file.managed state via salt orchestration?  i specify 'salt.function' but then struggle to see how to use - arg to pass in the relevant parameters...?
12:24 euidzero joined #salt
12:25 sfxandy or to put it another way, how can I represent https://gist.github.com/anonymous/24bc56e89119b8a847fc as an orchestration step?
12:28 geomacy joined #salt
12:32 Pinchiukas God I hate this about Salt... It tells me that it can't find the state I'm asking to apply but it doesn't tell me where it's looking. How am I supposed to know what to fix?
12:33 sfxandy what error are you getting Pinchiukas?
12:34 Pinchiukas " No matching sls found for 'unattended-upgrades' in env 'base'"
12:34 ntropy Pinchiukas: this is exactly how we feel - you've not really given us any info beyond that you have a problem, how are we supposed to help you to fix this?
12:34 Pinchiukas ntropy: well I'm not given any. :)
12:35 ntropy that error message is helpful, so would your config snippet, explanation if you're running local or master or salt-ssh
12:36 Pinchiukas I'm running "salt-ssh myhost state.apply unattended-upgrades".
12:36 Pinchiukas And there is a unattended-upgrades.sls in cwd.
12:36 ntropy what does your salt-ssh config look like?
12:38 Pinchiukas This is my Saltfile in cwd: http://pastebin.com/raw/dFik60Sa
12:39 babilen And your master file?
12:39 XenophonF Pinchiukas: you keep using "cwd"
12:40 Pinchiukas XenophonF: current working dir. A directory under my user, non-root.
12:40 XenophonF Pinchiukas: do you mean that "unattended-upgrades.sls" lives in one of the directories listed in file_roots in the salt-master config?
12:40 XenophonF there's your problem
12:41 Pinchiukas My "master" config file: http://pastebin.com/raw/rX8zxqA7
12:41 XenophonF SLS files are served by Salt's built-in file server - hang on i'll find you the docs
12:41 XenophonF "." means the current working directory of the process
12:42 XenophonF i'll bet you money that salt-master's current working directory is different from your shell's
12:42 XenophonF don't do that
12:42 XenophonF use full paths
12:43 Pinchiukas I'm putting my salt stuff in a git repo and don't really want to put full paths in there.
12:43 XenophonF that's not how it works, my friend
12:43 anmol joined #salt
12:43 Pinchiukas How does it work?
12:44 pwalsh joined #salt
12:44 dendazen joined #salt
12:45 mapu joined #salt
12:46 XenophonF on at least my CentOS 7 and FreeBSD salt-masters, the process's cwd is /
12:46 XenophonF so you might as well use full paths
12:46 XenophonF another suggestion: take a look at https://github.com/saltstack-formulas/salt-formula
12:47 XenophonF i use that to configure my salt master ("Salt, configure thyself!")
12:47 dkrae joined #salt
12:47 XenophonF my configs are all in Git
12:47 mapu joined #salt
12:48 XenophonF e.g., https://github.com/irtnog/salt-pillar-example/blob/master/salt/example/com/init.sls#L297
12:48 XenophonF i'd posted my salt-master bootstrap script yesterday
12:48 XenophonF here it is again
12:48 XenophonF https://gist.github.com/xenophonf/d8da7f47ea29d9ad46e7
12:49 bhosmer joined #salt
12:49 bhosmer_ joined #salt
12:49 XenophonF maybe that will give you an idea of how to keep the salt-master config in git while at the same time using salt to configure itself
12:49 XenophonF but i wouldn't depend on the salt-master's process always having a cwd of /
12:50 sfxandy interesting XenophonF, I have a similar script that uses a reactor to auto-accept the minion key ... avoids things like "sleep 60" etc.
12:50 shoemonkey joined #salt
12:50 XenophonF sfxandy: would you consider sharing that?
12:51 Pinchiukas XenophonF: do you know what cwd is? Do you always "cd /" and execute everything by typing in the full paths?
12:51 josuebrunel Hello guys, does this talk to you http://pastie.org/10760653
12:52 tweakism Pinchiukas: are you confusing cwd and PATH or something?
12:52 Pinchiukas Haha, does it... :D
12:52 * XenophonF sighs audibly.
12:52 west575 joined #salt
12:52 Pinchiukas tweakism: no but you might be. :)
12:53 XenophonF tweakism: he's using relative paths in his salt-master config and then wondering why salt can't find a SLS file
12:53 XenophonF Pinchiukas: run "salt-call cp.list_master" to see what the salt-master has in its base environment
12:53 tweakism isn't there an option for the base path for those kinds of things?
12:53 tweakism although I haven't ever needed it, I just use absolute paths
12:53 XenophonF Pinchiukas: you might alway want to check the salt-master log file
12:53 XenophonF Pinchiukas: good luck
12:54 sfxandy Pinchiukas, if you want help ... might I suggest listening?
12:54 XenophonF s/alway/also/
12:54 kliquori joined #salt
12:54 tweakism I guess I should have read more scroll-back
12:54 sfxandy Xenophonf, happy to share the script ... give me a moment
12:54 XenophonF awesome, thanks sfxandy
12:54 linjan joined #salt
12:54 Pinchiukas I'm trying but suggestions to put full paths everywhere are beyond me...
12:54 XenophonF i've been wanting to dive into reactor for some time now
12:55 * XenophonF recalls the aphorism about leading horses to water.
12:55 Pinchiukas Yeah, insults go a long way too.
12:56 XenophonF OMG can i rant for a moment about Jinja whitespace controls?
12:57 XenophonF i've RTFMed but i still can't wrap my head around them
12:57 gh34 joined #salt
12:57 Pinchiukas Be my guest, this has not proven useful anyhow...
12:58 CeBe joined #salt
12:58 tweakism I think the disconnect between you guys is
12:58 tweakism XenophonF is assuming a salt-master
12:58 Pinchiukas If anyone has a "portable" salt-ssh configuration I'd love to see how you make it work.
12:58 tweakism and Pinchiukas is running salt-ssh as his user
12:58 Pinchiukas I've got to admit I do not have a good grasp on what is done on 'salt-ssh's or 'master's behalf.
12:58 XenophonF oh
13:01 tweakism also, XenophonF, I see you still haven't added RFC 6919 to your header.
13:02 tweakism ;)
13:03 ntropy maybe its because rfc6919 is in the Experimental category :)
13:03 sfxandy whats wrong with Jinja whitespace controls XenophonF?
13:03 _JZ_ joined #salt
13:04 tweakism ntropy: it's clearly worth adopting as an internet standard, if you ask me.
13:07 Pinchiukas So maybe somebody can suggest how I can reconfigure my salt-ssh to work? :) And not use full paths.
13:08 ronnix joined #salt
13:09 bhosmer joined #salt
13:09 XenophonF tweakism: thanks for making my day!
13:10 XenophonF I'm totally adding that to the header
13:10 metalseargolid joined #salt
13:11 tweakism lol was it not you I mentioned it to previously?
13:11 tweakism there must be two people w/ that header
13:11 XenophonF maybe? i've slept since then so...
13:11 tweakism lol
13:11 dmaiocchi joined #salt
13:13 Pinchiukas Can anybody give me an idea on where salt-ssh ends ant salt-master begins?
13:13 mdasilva joined #salt
13:15 shoemonkey joined #salt
13:16 ronnix joined #salt
13:18 losh Pinchiukas, isn't salt-ssh masterless?
13:18 Pinchiukas Apparently it uses a big part of salt-master.
13:19 nZac joined #salt
13:19 babilen Some of the code might be similar, but that holds true for everything in salt.
13:20 Pinchiukas No I mean literally, when you use salt-ssh, you have to configure a lot of stuff in the master config.
13:20 babilen Pinchiukas: What kind of answer are you expecting here? salt-ssh is completely different from the salt-master service and does *not* require a running salt-master. That's the point.
13:21 Pinchiukas It's not *running* it, but a lot of the functionality that salt-ssh provides comes from salt-master.
13:21 babilen Pinchiukas: So your issue is that the configuration file is named "master" rather than "settings" or something along those lines?
13:21 tweakism babilen: it does behave like / encapsulate a lot of the behavior of salt master, and expect a /etc/salt/master config or equivalent
13:21 Pinchiukas Yeah, what tweakism said.
13:22 Pinchiukas I'm actually having a hard time figuring out whether I'm dealing with salt-ssh or salt-master.
13:22 babilen The configuration file is used for historic reasons as people probably decided that it doesn't make sense to duplicate all of that for salt-ssh again.
13:22 tweakism if you already had a salt-master operational, and wanted to start using salt-ssh, it would be more logical for you.
13:23 babilen Maybe it would have been better to force users to use separate configuration directories, users and Saltfiles from the beginning, but that's not how it developed.
13:23 tweakism the main thing you are probably missing is file_roots
13:24 Pinchiukas And the debug log often doesn't make this much easier. :(
13:24 Pinchiukas I'll look into that tweakism, thanks.
13:24 babilen Pinchiukas: Your "master" file should be complete with file_roots and pillar_roots set to whatever you use and cacheddir, pki_dir and log_file ..
13:24 babilen Didn't we discuss this recently?
13:25 Pinchiukas I'm trying to come up with a nice directory structure for a standalone salt-ssh configuration.
13:26 babilen /path/to/foo/{Saltfile,log,pki,cached} should work. Then your states and pillars somewhere (if you don't like /srv/salt) where you can read them and you should be good to go.
13:27 akhter joined #salt
13:28 nZac joined #salt
13:28 euidzero joined #salt
13:29 ilbot3 joined #salt
13:29 Topic for #salt is now Welcome to #salt! | Latest Version: 2015.8.7 | Register for SaltConf16: http://saltconf.com/register/ | Paid support available for open source Salt! https://www.saltstack.com/support/ | Logs: http://irclog.perlgeek.de/salt/ | Paste: https://gist.github.com/ (please don't multiline paste into channel) | Ask with patience as we are volunteers and may not have immediate answers
13:30 ntropy actually someone shared a non-root salt-ssh setup a few days ago https://bpaste.net/show/3f2e5c256ff8 Pinchiukas
13:31 Pinchiukas ntropy: yeah I was using that as a starting point. :)
13:31 Pinchiukas Doesn't look like I've gone far...
13:32 babilen So it was you!
13:32 ntropy heh :)
13:32 Pinchiukas Yes, thank you again for sharing that. :)
13:32 ronnix joined #salt
13:33 mavhq joined #salt
13:35 ntropy that example is using relative paths
13:35 relidy joined #salt
13:36 perfectsine joined #salt
13:36 Pinchiukas That's what I like about it.
13:37 Pinchiukas Line 22 onwards are still part of config/master?
13:38 ntropy yes they are
13:40 mapu joined #salt
13:40 Pinchiukas Ah so file_roots was what I have been missing!
13:40 babilen That's essentially overriding the /srv/{salt,pillar} default
13:40 scoates joined #salt
13:41 babilen (in case you do not use that)
13:41 subsignal joined #salt
13:41 Pinchiukas Is there a way to get a dump of all the config variables or something? Would be good for debugging.
13:42 babilen Haven't come across one.
13:45 Tanta joined #salt
13:45 penguin_dan joined #salt
13:46 akhter joined #salt
13:46 racooper joined #salt
13:47 tpaul joined #salt
13:48 kbaikov joined #salt
13:49 dyasny joined #salt
13:49 hasues joined #salt
13:49 hasues left #salt
13:57 akhter joined #salt
13:59 dgutu joined #salt
14:00 subsigna_ joined #salt
14:00 ageorgop joined #salt
14:02 shoemonkey joined #salt
14:03 zmalone joined #salt
14:03 ronnix joined #salt
14:03 krymzon Hi, how can I access pillar from file.managed jinja templates? Should I e.g. use salt['pillar.get']?
14:06 perfectsine joined #salt
14:14 akhter joined #salt
14:14 andrew_v joined #salt
14:17 nobrak joined #salt
14:21 denys joined #salt
14:22 Muchoz joined #salt
14:22 babilen krymzon: That would work, yeah
14:23 krymzon babilen: thanks, I'll keep trying to get the syntax right :)
14:24 babilen If you need help you could paste what you have so far to one of http://refheap.com, http://paste.debian.net, https://gist.github.com, http://sprunge.us, … and give us the URL
14:25 perfectsine joined #salt
14:26 krymzon Thank you. So far I've just tried to access them directly with dot syntax, I'll try a few things and let you know if I get stuck
14:26 krymzon Is it common to use pillar for config file templates, or should I better pass the variables inside the file.managed?
14:27 kbaikov joined #salt
14:28 RabidCicada joined #salt
14:28 babilen Oh, it is quite normal
14:29 cliffstah joined #salt
14:30 babilen You can see many examples of this in formulas on https://github.com/saltstack-formulas. Some formulas use a slightly more state of the art approach that allows for the easy definition of defaults in one place. For that you might want to refer to https://github.com/saltstack-formulas/template-formula
14:30 krymzon Thanks a lot
14:31 babilen That might be overkill for your usecase though. It really depends ..
14:33 krymzon could I perhaps use the 'import with context' inside the template file and then use dot syntax?
14:34 TyrfingMjolnir joined #salt
14:34 Hetman Anyone got idea howto ran away with include and storing data in pillar ? My host sls file doing include something.common <- this are my defualt setting, then in host.sls I'm adding some extra settings to pillar , and modifying some that are already in common ... bit of adding settings works fine, but as sonn as I'm trying to modify something that it's already in common (included on the top of file) this does
14:34 Hetman not work and I can only see settings from common
14:35 rem5_ joined #salt
14:35 quasiben joined #salt
14:36 ronp_usa joined #salt
14:37 Tanta if you assign one pillar dict from top.sls, and then include another with the same name from pillar or state files with the same dict name, it will replace the original pillars
14:37 krymzon e.g. can I import a large subtree of pillar into the template with pillar.get('tree:subtree') and then use {{ subtree.module.paramX }} ?
14:37 Tanta you need to assign them both from top.sls to have them merge
14:40 tkharju joined #salt
14:40 Hetman Tanta: I'm assigning one dict from top.sls for example top.sls -> dev.sls -> then in dev i'm doing include common.sls ... what are in dev and common, common always got prioirity ...
14:40 ronnix joined #salt
14:41 Tanta I personally only include state files into other state files, or in an empty pillar file that includes an entire set of other pillars with no specific data of its own
14:41 Tanta i.e., /srv/pillar/common/init.sls which includes all the common pillars in /srv/pillar/common/
14:43 Hetman Tanta: i'm doing * hosts.hostsconfig, so every of my host got and hosts/fqdn.sls file ... then i'm include specific for this hosts variables and common one ... problem is to merge them . Ok i think I found something on github will try it
14:43 quix joined #salt
14:44 aw110f joined #salt
14:45 Hetman no does not work ... why pillar does not support extend . it should be simple merge like in states ... but does not work for pillar
14:45 Tanta why not assign one pillar file for each host in top.sls, i.e.: web01: - hosts.web01, and define the FQDN in a common value like FQDN: 'web01.whatever.'
14:45 Tanta then use {{ salt['pillar.get']('FQDN') }} for every host
14:46 Tanta or use a convention where there is a common host name prefix, like webXXX, where XXX gets replaced by the last octet of the server IP
14:47 Tanta it seems like you're trying to do it in an unnecessarily complicated way here
14:48 LondonAppDev joined #salt
14:49 kawa2014 joined #salt
14:52 ronnix joined #salt
14:53 spiette joined #salt
14:54 nZac joined #salt
14:55 noraatepernos joined #salt
14:57 bhosmer joined #salt
15:00 SunPowered joined #salt
15:00 euidzero joined #salt
15:00 toastedpenguin joined #salt
15:00 drawsmcgraw joined #salt
15:01 euidzero joined #salt
15:02 impi joined #salt
15:02 toastedpenguin joined #salt
15:02 krymzon babilen: Thanks again for your help, I now got it to work. The syntax I was looking for was {% set subtree = salt['pillar.get']('tree:subtree') %}
15:02 VSpike joined #salt
15:02 akhter joined #salt
15:02 VSpike What to make of this one ? https://bpaste.net/show/dbea5549da07
15:02 krymzon I'm still quite new to Salt, so I was missing some basics
15:03 VSpike Master and minion both 2015.8.7
15:04 shaggy_surfer joined #salt
15:04 babilen krymzon: You might want to pass an empty dictionary as default value (like: {% set subtree = salt['pillar.get']('tree:subtree', {}) %} -- and explicitly check for values.
15:04 krymzon I will, thank you
15:05 XenophonF joined #salt
15:05 VSpike Googling returns a lot of hits, but many of them dont look at all related
15:05 ronnix joined #salt
15:06 Pinchiukas Ok, how do I tell salt-ssh/salt-master where salt:// files are stored? Can't find the docs for this.
15:07 VSpike wow, running salt-call as non-root on the minion produces interesting output :)
15:07 VSpike An exception followed by an endless stream of lines "Exception ValueError: 'I/O operation on closed file' in <bound method SyncWrapper.__del__ of <salt.utils.async.SyncWrapper object at 0x7fee5b33c590>> ignore"
15:10 XenophonF doesn't salt-ssh use the salt-master configuration file?
15:10 toastedpenguin joined #salt
15:10 gtmanfred by default it should
15:10 gtmanfred just /etc/salt/master
15:10 Pinchiukas ...for some things and not others. :)
15:11 Pinchiukas I mean, I want to have my files elsewhere, not the default location. How do I change that?
15:11 gtmanfred it /should/ use the same defaults as the regular salt master
15:11 gtmanfred oh
15:11 krymzon Pinchiukas: file_roots in master config, https://docs.saltstack.com/en/latest/ref/file_server/file_roots.html
15:11 gtmanfred you can change it all in the /etc/salt/master, or the master file wherever you tell salt-ssh to look
15:11 XenophonF Pinchiukas: you're reading https://docs.saltstack.com/en/latest/topics/ssh/, yes?
15:11 gtmanfred (I think you might be able to configure that in ~/.saltrc)
15:12 Pinchiukas XenophonF: I'm reading lots of things to be honest. :)
15:12 XenophonF Pinchiukas: https://docs.saltstack.com/en/latest/topics/ssh/#configuring-salt-ssh
15:12 Pinchiukas So if I have file_roots set as https://bpaste.net/show/3f2e5c256ff8, the "salt://" root will be in the
15:12 XenophonF Pinchiukas: https://docs.saltstack.com/en/latest/topics/ssh/#running-salt-ssh-as-non-root-user
15:12 Pinchiukas "states" dir?
15:15 krymzon yes, though you may want to use absolute path, like e.g. /srv/states
15:15 akhter joined #salt
15:16 Pinchiukas Not to flame but don't you guys find the need to constantly define absolute paths and run everything as root (not talking about minions) smell of... I don't know... Bad design?
15:16 mowntan joined #salt
15:17 mowntan joined #salt
15:18 krymzon where would you expect the relative path to be based in?
15:19 Pinchiukas The top directory where all the configuration/states are. As in, you could "cd salt" and then "salt-ssh whatever".
15:19 ronnix joined #salt
15:20 gtmanfred salt-ssh was kind of an after thought, and was really meant to just fit in with the rest of salt.
15:20 gtmanfred When I run it, I chown /srv/{salt,pillar} to my user
15:20 gtmanfred but i rarely use salt-ssh
15:20 gtmanfred take that for what it's worth :/
15:20 Pinchiukas It certainly does have a whiff of that. :)
15:21 gtmanfred salt-ssh is basically salts answer to... FINE! YOU WANT SOMETHING AGENTLESS... HERE!
15:21 Pinchiukas "No refunds" :)
15:21 gtmanfred in the same way that ansible fireball is kind of thrown in
15:22 gtmanfred they even deprecated fireball mode http://docs.ansible.com/ansible/fireball_module.html#deprecated
15:23 gtmanfred https://groups.google.com/forum/#!topic/ansible-project/FRKMlsLQpNM
15:23 Pinchiukas In comparison, I could say that I had a very easy time creating 'ansible-playbooks' whereever, putting that into git, cloning whereever and starting executing the stuff.
15:24 gtmanfred Pinchiukas: you aren't changing the playbooks once you clone them yeah?
15:24 Pinchiukas gtmanfred: what do you mean? I can change them and push them back into the repo.
15:24 gtmanfred yeah, but if you are modifying them from your workstation, and just pushing to a git server
15:25 honestly I've set up things so that using salt-ssh doesn't require anything rooted
15:25 gtmanfred you could use gitfs
15:25 teryx510 joined #salt
15:25 honestly everything is group-writeable and people are in the right group
15:25 gtmanfred then you don't need any file_roots or absolute paths
15:25 Pinchiukas honestly: exactly, I see no reason whatsoever to run salt-ssh or salt-master as root.
15:26 honestly /var/cache/salt is ACL'd to have all subdirs group-writeable
15:26 Pinchiukas gtmanfred: but that'd require some pre-configuration which I'd guess wold be more than just doing 'git clone'.
15:26 honestly there is a Saltfile in /srv/salt that defines all patsh
15:27 honestly paths*
15:27 Pinchiukas Even more, what would happen if I didn't have root at all? And I'd like to just pip install Salt and work from my homedir.
15:28 AndreasLutro just... set up a saltfile?
15:28 Pinchiukas ...which should be in a git repo ideally. :)
15:28 AndreasLutro right, problem being?
15:28 VSpike wow, that was nasty. It was just an indentation error in the yaml
15:28 dfinn joined #salt
15:29 VSpike Would that count as a bug worth raising?
15:29 Muchoz joined #salt
15:29 gtmanfred VSpike: yeah, looking at the error
15:29 AndreasLutro possibly, depends on how easy the typo is to make
15:29 gtmanfred just know, i am not sure there is much that can be done about it
15:30 AndreasLutro s/typo/indentation error/
15:30 Pinchiukas AndreasLutro: somebody suggested using gitfs.
15:30 akhter joined #salt
15:30 AndreasLutro don't do that... certainly not with salt-ssh
15:31 gtmanfred can you not do that?
15:31 cliffstah I run salt-ssh with a Saltfile in the current dir specifying a local config dir, which in turn references my states in current dir
15:31 Pinchiukas It just sounds like an awkward setup...
15:31 Pinchiukas That's all.
15:31 AndreasLutro afaik gitfs relies on doing a periodic git pull in the salt master daemon
15:31 cliffstah not really, actually, it works quite well
15:32 cliffstah I actually use salt-ssh and salt together, using ssh to provision my master to give itself just enough configuration to pull everything from gitfs
15:32 gtmanfred AndreasLutro: only periodic, for the salt-master daemon
15:32 cliffstah from that point onward the master can provision itself
15:32 AndreasLutro and I've had a horrible experience with gitfs, especially when requiring ssh key authentication
15:32 gtmanfred AndreasLutro: the salt-ssh, should refresh the file server cache before running
15:32 gtmanfred AndreasLutro:which version?
15:32 Pinchiukas cliffstah: so you have some sort of more complex multi-tier setup. My goal is to be able to git clone anywhere and use it right away.
15:32 gtmanfred cause terminalmage rewrote the whole thing in 2015.8
15:32 gtmanfred and it is way better
15:33 gtmanfred pygit2 is supported
15:33 cliffstah Pinchiukas i'll be honest with you I have difficultly using salt in that kind of setup, there are too many weirdies
15:33 cliffstah like grains, for example, they get stored separately from the master's main grains, so if I set any through ssh they aren't visible on the host itself - haven't fgured that one out, but thankfully dont need to
15:34 cliffstah if I'm managing a local host, or just a single host, I tend to use ansible
15:34 cliffstah (FWIW I'm only using a "multi tiered" setup because I'm leveraging the reactor system for a bunch of automation)
15:34 Pinchiukas Ansible worked really nice for me up until the point where I had to run some script to obtain information and then use the result in the next task. That wasy very awkward.
15:35 cliffstah Pinchiukas I can save you some time and headache by telling you that I've tried to achieve what you're trying with every CM tool I can find, and Ansible comes out on top for this use case
15:35 Pinchiukas That's depressing. :/
15:36 cliffstah as awkward as using registers is, it's still easier and less complex than most other tools
15:36 cliffstah yup, yup it is
15:36 cliffstah noone cares about us little guys :P
15:36 Pinchiukas I mean, this should be a fairly common use case.
15:36 cliffstah yeah, but if you take a step back and look at the use cases that most of these tools are aimed at, this use case is on the verge
15:37 cliffstah they all (with the exception of Ansible) seem to be geared toward having lots of machines, and lots of similar machines, rather than individual provisioning
15:37 AndreasLutro gtmanfred: latest stable. not in my experience. https://github.com/saltstack/salt/issues/30500
15:37 TyrfingMjolnir joined #salt
15:38 gtmanfred oh, weird
15:38 Pinchiukas cliffstah: I guess maybe the official answer would be to wrap everything in a script that should be put on the target server before the task.
15:38 cliffstah it's a real chicken and egg
15:38 cknoxrun joined #salt
15:39 om joined #salt
15:39 om2 joined #salt
15:39 cliffstah but you could use salt-ssh to set up your remote so that it's using a custom config, rather than transfer and execute a script
15:39 cliffstah in my experience, it seems to be the path of least resistance
15:39 Brew joined #salt
15:40 cliffstah I like the fact that my ssh bootstrap and the actual runtime environment share the same states and pillar
15:40 Pinchiukas I don't follow. How would that work?
15:40 cliffstah hm, best way to explain - I guess I could gist a few files
15:41 AndreasLutro it's not difficult setting up a salt repo that works both as states/pillars for a salt master and for salt-ssh
15:41 cliffstah well my ssh setup is inside my repo too
15:41 cliffstah everything is (currently) in 1 repo, though later I will likely move pillar out - it's only me at the moment so its easiest
15:42 cliffstah my Saltfile in the root looks like this https://gist.github.com/cliffrowley/b13ec5cf2f1e5ba52a03 (the ignore_host_keys is only there because I'm also testing in a vm)
15:42 cliffstah then the ssh dir has a 'master' file and a 'roster' file
15:43 cliffstah the master file looks like this https://gist.github.com/cliffrowley/b6dca8f1dce5f9bdc151
15:43 cliffstah the roster is just a salt-ssh roster file
15:43 cliffstah then in root dir I have a pillar dir and a states dir
15:44 quasiben joined #salt
15:44 popfrogg joined #salt
15:44 popfrogg left #salt
15:44 cliffstah I also .gitignore ssh/etc and ssh/var so they dont end up in scm
15:45 ronnix_ joined #salt
15:45 Pinchiukas Pretty much like mine.
15:45 cliffstah well then you can use your states and pillar to provision the initial setup on the remote host - I have a 'bootstrap' state for this purpose
15:45 cliffstah in my case, it installs salt master and minion, sets up the config, git dir, etc
15:46 kermit joined #salt
15:46 cliffstah yours could check out your repo, run whatever script etc
15:46 cliffstah FWIW I also, in the end, found it easier to use gitfs via a local git repo and push to the host, rather than push to a remote git repo and have the machine fetch it
15:47 cliffstah I create a bare repo in /home/salt/repo.git and push to that
15:48 cliffstah it does go a little deeper than that, not sure whether its any use to you - e.g. my bootstrap sets up salt master without the reactors etc, so by default it does nothing until I push the repo and then run an 'update-salt-master- script for the first time, which in turn creates the rest of the salt master configuration, which means from that point forward pushing to the git repo updates the salt master (if necessary) and runs highstate
15:49 mavhq joined #salt
15:49 cliffstah if I screw something up, running the bootstrap via salt-ssh resets the configuration back to its basic so I can go in manually and run update-salt-master by hand again
15:49 kshlm joined #salt
15:50 cliffstah usually thats only required if I screw something up in the master config and it stops working
15:51 Pinchiukas Well you're using a multi-tier setup. Since I only have a handful of servers and don't expect to be running a lot of jobs often, I try to minimize the setup and make it as simple as possible.
15:52 cliffstah I reckon you might find ansible less abrasive for this overall
15:52 cliffstah I managed to take ansible pretty far before it started to buckle
15:52 Pinchiukas Well I guess since I've started this, I'll let it go on for at least a while. :)
15:52 cliffstah it was only because I want to start provisioning virtual machines on demand when they boot up that I decided to switch
15:53 cliffstah salt modules are also a lot less finicky to write than ansible modules :P
15:54 edrocks joined #salt
15:54 ronnix joined #salt
15:54 cliffstah Pinchiukas: one last thing - I found that with ansible most of the time if something was getting complex with registers and the like, it's often easier just to create a module
15:55 colegatron joined #salt
15:55 cliffstah the only annoying thing about that is there is literally no reuse in ansible modules - they can't share library code, nor can they call each other :/
15:56 Pinchiukas Well you can put tasks that use different modules in sequence.
15:56 cliffstah yep, that's basically the only way to orchestrate that
15:56 cliffstah though you can ditch the registers by setting facts in your modules
15:57 cliffstah and re-using those facts in following modules
15:57 cliffstah so you can simplify the yaml quite a bit
15:57 Pinchiukas That's kind of the same isn't it?
15:58 Pinchiukas As using registers I mean.
15:58 cliffstah its the same sort of mechanism, but by using facts to share status between your modules you dont need to add that to the yaml
15:58 Pinchiukas Oh...
15:59 cliffstah it does move some of the burden of responsibility into the modules, you would need to ensure they are run in the correct order etc, since that woudln't be evident from the yaml itself (unlike with registers, where it's right there in the yaml)
15:59 cliffstah but its an acceptable compromise sometimes
16:00 cliffstah brb, gotta run for 5
16:00 Pinchiukas So why have you moved to Salt again? :)
16:11 ronnix joined #salt
16:11 heaje joined #salt
16:11 noraatepernos joined #salt
16:12 fracklen joined #salt
16:13 rglen joined #salt
16:14 rglen is there a rough number of minions a single mater can take on ?
16:14 rglen trying to get an idea if that number is a few hundred, or a few thousand, or 10s of thousands
16:18 cliffstah Pinchiukas: the current system I'm working on has a test/staging/production, where each environment (not salt environment) is comprised of a couple of virtual machines - the staging environment I need to be able to tear down and rebuild at will (the test environment takes care of itself)
16:18 cliffstah it turns out it's an awful lot easier to orchestrate this with salt
16:18 Pinchiukas Oh...
16:18 cliffstah simply because of the reactor system - when the minion starts up and phones home, it can be automatically provisioned
16:18 onlyanegg joined #salt
16:19 cliffstah that's why the switch to salt - I tried orchestrating via ansible, but it was just too troublesome starting vm, waiting for vm, provisioning vm - much easier to start vm and have it call back
16:20 nZac joined #salt
16:20 cliffstah with my current setup with salt, we could feasibly have a catastrophic hardware failure in any of the systems and I can rebuild it within minutes
16:22 cliffstah disclaimer: I'm not an 'expert' in either of these tools by any stretch, but I have spent the last 3-6 months doing almost nothing but experimenting and building this architecture with either salt or ansible
16:22 permalac joined #salt
16:22 racooper joined #salt
16:22 Pinchiukas Cool, thanks for the insight. :)
16:23 permalac joined #salt
16:24 cliffstah hey no worries, it's a shame it's not a bit more clear cut than that, there's definitely a point where the tools are indistinguishable - seems like you might be sitting near that point
16:25 ronnix_ joined #salt
16:26 akhter joined #salt
16:26 Nazzy joined #salt
16:26 cliffstah also, by the by, I've finally got some time off work and I've been working on resurrecting my blog - you've just helped decide what my first topic will be ;-)
16:27 akhter joined #salt
16:28 onlyaneg1 joined #salt
16:31 permalac_ joined #salt
16:32 Pinchiukas :)
16:38 wendall911 joined #salt
16:38 tiadobatima joined #salt
16:39 ronnix joined #salt
16:39 tiadobatima joined #salt
16:41 akhter joined #salt
16:42 akhter joined #salt
16:43 hightekvagabond joined #salt
16:45 popfrogg joined #salt
16:45 bhosmer__ joined #salt
16:45 pmcg joined #salt
16:46 popfrogg left #salt
16:51 UtahDave joined #salt
16:53 ronnix joined #salt
16:55 digitalhero joined #salt
16:55 brianvdawson joined #salt
16:59 tiadobatima joined #salt
16:59 uictamale joined #salt
17:00 VR-Jack joined #salt
17:00 impi joined #salt
17:04 digitalhero joined #salt
17:04 ageorgop joined #salt
17:07 ronnix joined #salt
17:10 sfxandy how can I orchestrate a file.managed state?  i don't necessarily want to use  'salt.state' to orchestrate an SLS file but wanted to use salt.function to call file.managed somehow.  any ideas?
17:10 dmaiocchi joined #salt
17:11 XenophonF sfxandy: you could just use the salt or salt-call commands to run file.managed
17:11 XenophonF sfxandy: like, `salt-call file.managed /tmp/foo.txt content="Hello, world!"`
17:11 XenophonF or is it contents=?
17:12 XenophonF i can never remember
17:12 sfxandy think its the latter, but yeah i could do that ....
17:12 sfxandy just had my "orchestration" hat on
17:12 XenophonF and i wish the salt devs would just add aliases for kwargs like content/contets
17:12 XenophonF contents
17:12 sfxandy indeed!!
17:13 XenophonF i speek english reel gud and i have trouble remembering which kwargs are plural and which ain't
17:13 west575 joined #salt
17:13 sfxandy i ususally end up referring to the source code!
17:15 noraatepernos joined #salt
17:16 aw110f joined #salt
17:17 sfxandy the only issue using salt-call etc. is that I can't use Jinja etc. for templating and iterating over my Pillar structure
17:17 XenophonF um, tbh i'm not as familiar with the orchestrate stuff, sorry :(
17:17 sfxandy dunno who is really!!  all the examples seem to either use state.highstate or cmd.run .......
17:17 sfxandy babilen, are you around?
17:18 XenophonF sfxandy: wouldn't this work for you, only with file.managed instead of cmd.run as in the example? https://docs.saltstack.com/en/latest/topics/tutorials/states_pt5.html#function
17:19 XenophonF or you could put that file.managed state into an SLS file, template it or whatever, then call that as in the following example
17:20 XenophonF an SLS file doesn't have to be referenced in top.sls in order to be used by other salt components
17:20 sfxandy does it not?
17:20 XenophonF nope!
17:20 sfxandy hmmmm
17:20 Tanta just slap a .sls file on the server and use salt-call with that
17:20 Tanta I do it in a much more complicated way to do masterless
17:21 sfxandy ok Tanta, so put an SLS somewhere accessible as per file_roots...... and then salt-call it from each minion in question?
17:22 XenophonF if you want the SLS to be pulled from a specific environment, you probably can do `my-special-orchestrate-only-env: something-special.sls`
17:22 XenophonF or outside of the orchestrate runner via salt-call, you'd do `salt-call state.sls something-special saltenv=my-special-orchestrate-only-env`
17:22 shaggy_surfer joined #salt
17:22 XenophonF or something along those lines
17:22 linjan joined #salt
17:23 shaggy_surfer joined #salt
17:23 sfxandy hmmm
17:23 sfxandy ok
17:24 teryx5101 joined #salt
17:25 XenophonF people jump in here if i'm steering sfxandy the wrong way
17:26 sfxandy jsut puzzles me why the only real examples of orchestration I come across are using salt.state to do a highstate or salt.function to perform a cmd.run....
17:27 DammitJim joined #salt
17:28 baweaver joined #salt
17:28 whytewolf sfxandy: this is why. https://docs.saltstack.com/en/latest/ref/states/all/salt.states.saltmod.html this is what really is used for those functions
17:30 sfxandy whytewolf, ok so for salt.function .... if I specified file.managed as the function, how do I pass name, source etc. via kwarg?
17:30 akhter joined #salt
17:30 sfxandy if you can answer that i'll be very happy!!!
17:30 cliffstah joined #salt
17:30 whytewolf salt.function works on exacution modules not state modules.
17:31 sfxandy ok but we still have a file execution module...
17:31 whytewolf sfxandy: yes, but it doens't have a managed function
17:32 sfxandy which doesnt appear to have a managed function
17:32 sfxandy ^ ^ ^
17:32 whytewolf salt.function is for things that you would do on the command line. salt.state is for running a state file
17:32 sfxandy right
17:33 sfxandy the file module has a manage_file function though...
17:33 whytewolf so?
17:34 whytewolf what are you trying to do?
17:34 mavhq joined #salt
17:34 bhosmer_ joined #salt
17:34 sfxandy fair question....
17:34 lero joined #salt
17:35 sjmh joined #salt
17:36 sfxandy basically its an attempt, as part of a salt minion bootstrap process, to orchestrate the installation of a handful of Python modules (psutil, pyinotify etc.) so support some particular functionality within Salt
17:38 whytewolf okay,
17:38 whytewolf well here is a couple of examples for things i used to do with orch
17:38 whytewolf https://gist.github.com/whytewolf/b0887ceb472f92550df6
17:39 whytewolf https://gist.github.com/whytewolf/67ec9b4175cfb6570d2b
17:40 sfxandy ok, i've learnt more in the last 30 seconds looking at your example whytewolf, than I have perusing documents all day today
17:41 whytewolf yay! I'm useful
17:41 sfxandy so the kwargs are simply the same parameters as you would pass to your execution module on the command line....?
17:42 whytewolf yeap. for salt.function
17:44 bhosmer__ joined #salt
17:47 mavhq joined #salt
17:48 dyasny joined #salt
17:49 zer0def joined #salt
17:50 linjan joined #salt
17:53 sfxandy so time to find out if the execution function manage_file does the same as file.managed state ?!!
17:54 whytewolf sfxandy: or write a state file and use salt.state to call it ...........
17:55 ashirogl joined #salt
17:56 ashirogl joined #salt
17:57 akhter joined #salt
17:57 sfxandy and to confirm what was said by someone earlier, a .sls file __does not need__ to be referenced in the top file for it to work?
17:57 ajw0100 joined #salt
17:57 obranco joined #salt
17:57 whytewolf correct. you are referencing it in orchestration. it is rather like calling it wil state.sls
17:58 sfxandy ok.  will give that approach a bash
17:58 whytewolf for the longest time i didn't even have a top.sls file
17:58 TyrfingMjolnir joined #salt
17:58 akhter joined #salt
18:01 sfxandy hmmm, i get the usual blah blah no matchinf sls found for 'foo.bar' in environment base
18:01 sfxandy matching*
18:02 digitalhero joined #salt
18:02 whytewolf how are you calling the orchestration?
18:02 sfxandy salt-run state.orchestrate provisioning.install_python_module
18:03 sfxandy i have a directoty called "provisioning" and an SLS file called install_python_module accessible from file_roots
18:03 whytewolf humm. doesn't sound like it is
18:03 sfxandy :-/
18:04 ronnix joined #salt
18:04 obranco hello guys, anybody can help with some pillar templating? I am trying to have default values for pillars
18:05 mavhq joined #salt
18:05 whytewolf sfxandy: does it show up with salt-run fileserver.file_list
18:05 sfxandy ahem, checking...
18:05 obranco Right now I am trying to do this:
18:06 obranco {% if bash is not defined %}   bash:     prompt_color1: white     prompt_color2: yellow     prompt_color3: blue {% endif %}
18:06 * sfxandy didn;'t know that existed
18:06 obranco but it gives a duplicate key for "bash" variable :(
18:07 whytewolf okay. will brb day job meetings
18:07 sfxandy whytewolf. yes it does!!!!!  which atgubaly poses more questions than answers.....
18:07 sfxandy arguably*
18:07 mavhq joined #salt
18:09 whytewolf okay, meeting is slow. what do you have in your orch file?
18:09 baweaver joined #salt
18:12 whytewolf sfxandy: i know this is a silly question. but the file is provisioning/install_python_module.sls right?
18:12 whytewolf for provisioning.install_python_module
18:12 denys joined #salt
18:12 sfxandy yes whytewolf.  and there is no such thing as a silly question :)
18:12 whytewolf there are when you deal with clowns ;)
18:12 Nazca__ joined #salt
18:13 whytewolf okay. is what is being complaend about the orch file or something in the orch file?
18:14 whytewolf the "foo.bar"
18:14 sfxandy https://gist.github.com/anonymous/dfa357def8ea518688ae
18:14 sfxandy the orch file
18:15 mTeK joined #salt
18:15 krymzon joined #salt
18:15 nZac joined #salt
18:15 whytewolf interesting
18:15 sfxandy ahem .... :-/
18:15 sfxandy back in 2 mins
18:16 whytewolf btw. orch is 100% master side {{grains['id']}} might not make much sense to it
18:23 teryx5101 joined #salt
18:29 amcorreia joined #salt
18:30 nZac joined #salt
18:39 fracklen joined #salt
18:42 danlsgiga joined #salt
18:42 danlsgiga hey guys... is there any way of the event sent on salt-cloud destroy to also send the IP of the machine being destroyed?
18:43 danlsgiga I have a reverse zone set on AWS and I want to delete the PTR record when the instance is destroyed, but the event only sends the minion name on the event data
18:43 danlsgiga I need the IP to be able to remove the correct PTR record
18:44 quix joined #salt
18:45 danlsgiga Or does anyone have any suggestion on how to do this?
18:45 mapu joined #salt
18:45 tweakism I don't suppose you're lucky enough that the minion name is what the PTR points to?
18:45 tweakism 'cause surely you can look it up by that too
18:45 Shirkdog joined #salt
18:46 danlsgiga tweakism: Yup, but the boto_route53 module can't remove a record based on its value, but on its name
18:47 danlsgiga the hostname is the value of the record, not the name
18:47 tweakism can you not either lookup based on value, or enumerate all PTRs and search for the one with the right value, and then use its name to make the call to remove it/
18:47 danlsgiga so... 66.40.31.172.in-addr.arpa is the name and int-es1.mycloud.com is the value
18:48 danlsgiga I can't do a lookup in a reverse zone value
18:49 mavhq joined #salt
18:49 tweakism not a DNS lookup (although really, you could do a zone xfer :), but via boto_route53
18:49 tweakism sorry, I don't actually know the answer to your question, was just brainstorming.
18:50 danlsgiga tweakism: no worries!
18:50 danlsgiga tweakism: just trying to figure this out
18:50 tweakism ahh, that's a salt state?  makes more sense.
18:52 tweakism danlsgiga: do you have a forward zone also?  you could do a DNS lookup to get the IP :)
18:52 PsionTheory joined #salt
18:53 GreatSnoopy joined #salt
18:53 danlsgiga tweakism: I do have, but how do I get that value inside a reactor? AFAIK, reactors don't allow to call something like salt['cmd.run']('dig myhost')
18:55 sfxandy are you around whytewolf?
18:55 tweakism it definitely appears you can, but the more I think about it the more it seems like you can probably do what you originally asked and it'd be easier/better.
18:58 pileofrogs joined #salt
18:58 danlsgiga tweakism: Would be awesome to have the IP in the event data as well
18:58 danlsgiga tweakism: If that is possible it would solve my problem easily
18:58 DammitJim joined #salt
18:59 pileofrogs Hi all
18:59 hightekvagabond joined #salt
18:59 danlsgiga tweakism: But I'm almost sure we can't call salt['...']('...') inside a reactor
18:59 * sfxandy smiles are pileofrogs nickname
18:59 sfxandy at*
19:00 pileofrogs I'm trying to get data from a cmd.run in a mine function into a list.  The data is currenty a string with newlines in it.
19:00 pileofrogs Oh, I want one line per list item
19:01 pileofrogs I'll just keep adding detail, unless that's obnoxious...
19:01 digitalhero joined #salt
19:03 pileofrogs I tried accessing the data as an array, but that broke it into characters
19:03 AndreasLutro pileofrogs: easiest to write your own custom module for that
19:03 pileofrogs Ack...
19:04 pileofrogs I thought for sure there would be a simple answer and I was just being dumb not finding it.
19:04 AndreasLutro there is: write a custom module for it
19:05 pileofrogs Haw!
19:05 digitalhero joined #salt
19:05 forrest joined #salt
19:06 pileofrogs Okay then!
19:06 akhter joined #salt
19:07 pileofrogs I'm gonna go do that.  Thanks for saving me searching for the thing that doesn't exist.
19:07 Rumbles joined #salt
19:08 linovia Does anyone has an example of state using the dickering module ?
19:08 linovia I'm trying to write a state for gitlab / docker to deploy with salt
19:08 linovia and I have no idea how I could do the equivalent of a docker pull image
19:09 linovia image_present might be the option but I have no idea how / what the official docker repository url should be
19:10 linovia not to mention running state has already pull the image but won't update it
19:10 forrest linovia, https://github.com/gravyboat/docka-docka-docka/blob/master/docka-salt/srv/salt/docker/docka.sls
19:10 forrest That project is a full dev -> test -> prod setup with docker.
19:11 forrest the dockerng.image_present was commented out at the time because it was broken. I believe it has been fixed, though not sure if that is in the release regarding passing creds to the docker servers, which I do not require. If you do it will work fine.
19:11 om joined #salt
19:12 linovia forrest: thanks, will go with the command line to pull the image then
19:12 forrest linovia, np, keep in mind you should only have to do that if you don't use credentials, otherwise you can use image_present.
19:12 linovia sure thing
19:14 nZac joined #salt
19:15 nZac joined #salt
19:19 fracklen joined #salt
19:19 jhauser joined #salt
19:21 linovia forrest: worked, thanks. I'll prob tune the commande so it doesn't say it changed when it doesn't
19:21 forrest linovia, for sure. That wasn't an issue for me as the deployment will only occur if a change is noticed.
19:21 jfindlay forrest: did you see the pull request from gtmanfred, https://github.com/saltstack/salt/pull/31807?
19:22 forrest jfindlay, Yes I did. I +1'd it
19:22 aw110f joined #salt
19:22 forrest Will deploy to my blog and update my blog post about it once the next stable release is up :)
19:22 linovia forrest: \o/
19:22 gtmanfred when 2016.3 is released, you could put it in _engines <3
19:23 forrest Hah, I like to wait till it's in by default, the blog tutorial I have is already pretty log
19:23 forrest *long
19:23 forrest so copying stuff over just adds way too many steps.
19:25 hightekvagabond joined #salt
19:28 foundatron joined #salt
19:28 gtmanfred fair
19:30 baweaver joined #salt
19:35 Rumbles joined #salt
19:36 baweaver joined #salt
19:42 jhauser joined #salt
19:45 dyasny joined #salt
19:45 bhosmer_ joined #salt
19:48 rhodgin joined #salt
19:51 grumm_servire joined #salt
19:56 antpa Quick question, does cmd.run source the .bashrc file when it runs?
19:56 NaPs joined #salt
19:59 dyasny joined #salt
20:03 zmalone1 joined #salt
20:04 ZiLi0n joined #salt
20:05 jeffspeff joined #salt
20:05 XenophonF antpa: there are no explicit references to .bashrc in salt/modules/cmdmod.py
20:06 XenophonF so however bash handles dotfiles on startup...?
20:06 hemebond I don't think it uses any sort of environment file.
20:06 hemebond But would be quick and easy to test.\
20:06 XenophonF well technically it's running as root?
20:06 hemebond Yeah but I don't think it sources any file.
20:07 hemebond Though I'm not entirely sure about .bashrc
20:07 hemebond I know it doesn't source /etc/environment
20:07 XenophonF bash has a --norc flag, but that isn't mentioned in salt/modules/cmdmod.py, either
20:07 josuebrunel joined #salt
20:07 XenophonF i can't recall the rules for non-interactive shells
20:09 tweakism it does not
20:09 tweakism the default shell it uses is /bin/sh
20:09 tweakism sh does not source any files for non-interactive shells unless ENV is set
20:09 tweakism bash does not source any files for non-interactive shells unless BASH_ENV or ENV is set
20:09 DammitJim are your minions names usually an FQDN?
20:10 XenophonF and according to bash(1) the same goes for bash if invoked as bash non-interactively and BASH_ENV isn't set
20:10 XenophonF DammitJim: yes
20:10 DammitJim thanks
20:11 XenophonF DammitJim: i also use minion ids in targeting, https://github.com/irtnog/salt-pillar-example/blob/master/top.sls
20:12 ajw0100 joined #salt
20:14 baweaver joined #salt
20:15 DammitJim XenophonF, what?
20:15 DammitJim which one is the minion id in your link?
20:16 hemebond DammitJim: '???dev*.example.net'
20:16 hemebond I didn't know you could use ??? in blobs.
20:17 DammitJim what?
20:17 DammitJim you are confusing me
20:17 tweakism I think it's python fnmatch
20:17 tweakism so you have * ? [] and [!] but not {}
20:20 shaggy_surfer joined #salt
20:20 drawsmcgraw joined #salt
20:27 patarr joined #salt
20:31 ashirogl joined #salt
20:33 shoemonkey joined #salt
20:37 quix joined #salt
20:40 brianfeister joined #salt
20:41 arif-ali hi all, I am trying to grab various stuff from git for salt, is it possible to have your extension_modules from git as well. I have been looking around, but unable to find it?
20:43 toastedpenguin joined #salt
20:44 toastedpenguin joined #salt
20:44 drawsmcgraw joined #salt
20:45 bhosmer_ joined #salt
20:46 digitalhero joined #salt
20:47 toastedpenguin joined #salt
20:48 fracklen joined #salt
20:48 toastedpenguin joined #salt
20:48 toastedpenguin left #salt
20:48 nZac joined #salt
20:53 digitalhero joined #salt
20:58 hemebond Whyyyyy is the repo.saltstack.com cert untrusted?
20:58 Gibzon joined #salt
20:59 zmalone1 Maybe your OS doesn't include the Comodo in their list of trusted CAs
20:59 quix_ joined #salt
20:59 zmalone1 The repo.saltstack.com chain is all valid though, outside of them using a CA that many people don't trust
20:59 racooper joined #salt
20:59 forrest Should just switch over to let's encrypt ;P
21:00 Gibzon anyone knows when 2016.3 is going to be released? estimatively speaking...
21:00 hemebond "estimatively" that's an interesting word.
21:01 Gibzon it exist? hehe
21:01 hemebond I doubt it :-D
21:01 Gibzon well sh*t
21:01 colegatron_origi joined #salt
21:01 hemebond ew, estimatedly is a real word though apparently.
21:02 Gibzon i ask because i need a windows build of 2016.3 and i cant make it myself
21:03 hemebond https://www.ssllabs.com/ssltest/analyze.html?d=repo.saltstack.com F grade
21:03 zmalone1 Yeah, but the cert chain is valid and current
21:03 hemebond Yeah
21:03 hemebond Never heard of DROWN attack before.
21:04 zmalone1 and comodo is a big CA, even if they've publicly issued bad certs before
21:04 Rumbles joined #salt
21:04 zmalone1 It looks like saltstack might want to tweak their Apache config, it's reporting versions
21:04 zmalone1 Apache 2.4.6 and OpenSSL 1.0.1e, which suggests the underlying host is CentOS 7
21:05 sjmh Gibzon : it's supposed to be out sometime in April.
21:05 sjmh from what I've heard
21:05 zmalone1 I guess it won't be 2016.3 then
21:05 ashirogl1 joined #salt
21:06 sjmh maybe they'll release it 3/31 :)
21:06 Gibzon cool then
21:06 brianfeister joined #salt
21:07 qman__ "One final thing: if you’re manually checking the SSL Labs results, please don’t get confused if you’re unable to connect to a host using SSL v2. If SSL Labs is still showing the host as vulnerable, chances are it’s using a version of OpenSSL that can complete a handshake even when no cipher suites are configured (CVE-2015-3197). SSL Labs checks for this variant as part of its testing."
21:07 ashirogl1 joined #salt
21:07 Gibzon anyone knows about building for windows?
21:07 Gibzon im getting this error...
21:11 rem5 joined #salt
21:12 qman__ after reading a bit, it looks like if you have the same key on ANY SSLv2 server anywhere, it leaves ALL servers using that key vulnerable, regardless if those servers accept SSLv2
21:13 edrocks joined #salt
21:13 zmalone1 I'm a little sketched out about repo.saltstack.com accepting ssh connections from anywhere in the world
21:13 zmalone1 I think I may need to rethink whether I use those packages
21:14 forrest zmalone1, Fair, make a note to jfindlay about that and he can hopefully get it into the right hands.
21:14 Gibzon im getting this error when trying to build for windows http://pastebin.com/6U6AnRc5 anyone knows why?
21:17 jfindlay thanks forrest, zmalone1
21:20 Brew joined #salt
21:21 jeddi joined #salt
21:25 lero hello.. is  there a way to do this in a more sane way? http://dpaste.com/0KMDDY5.txt
21:25 lero instead of repeating everything?
21:25 lero like a for list
21:28 forrest lero, http://jinja.pocoo.org/docs/dev/templates/#loop-filtering
21:28 wmp left #salt
21:29 nZac joined #salt
21:29 lero hmm let me try
21:29 lero thanks forrest
21:29 forrest np
21:30 UtahDave hemebond: thanks for that link to ssllabs.  I'm working on that now.
21:30 hemebond Oh, okay. Good luck. It was just a link I found in an old issue about the repo certs.
21:30 hemebond It seems Debian Jessie doesn't have the root cert or something.
21:32 nidr0x joined #salt
21:32 UtahDave interesting
21:33 baweaver joined #salt
21:45 APLU joined #salt
21:45 akhter joined #salt
21:47 shoemonkey joined #salt
21:48 onlyanegg joined #salt
21:49 nidr0x joined #salt
21:52 digitalhero joined #salt
21:54 cliffstah joined #salt
21:55 lero forrest: if i'm using something like {% for package in 'lala','lele' %}, how can break a line in the midle of the list? :D
21:55 forrest lero, I don't understand what you mean.
21:56 forrest Like this you mean? http://stackoverflow.com/questions/15168831/how-to-write-a-multiline-jinja-statement
21:57 lero forrest: like, if I have more than 20 items instead of just two.. I want to split the line because if not, it will be too big :)
21:57 forrest lero, I would suggest to move that content to some sort of yaml file where it's managed, or into the pillar.
21:57 forrest Then you can just reference from there.
21:58 onlyanegg joined #salt
21:58 forrest something similar to: https://github.com/saltstack-formulas/salt-formula/blob/master/salt/defaults.yaml
21:58 forrest but you can name it whatever you want.
21:58 lero forrest: I was thinking to put in something like this and use the pillar.get: http://dpaste.com/09SEP0H.txt
21:58 lero but i'm still checking how :)
21:58 forrest Yep that's what I would probably do
22:00 forrest lero, check out the user's formula: https://github.com/saltstack-formulas/users-formula/blob/master/users/init.sls#L7 it has some good examples on doing referencing like that from the pillar.
22:01 shoemonkey joined #salt
22:03 lero ohh nice, let me see
22:05 quix joined #salt
22:07 baweaver joined #salt
22:11 onlyanegg joined #salt
22:12 shaggy_surfer joined #salt
22:17 bhosmer_ joined #salt
22:17 N-Mi joined #salt
22:19 euidzero joined #salt
22:19 lero forrest: http://dpaste.com/2E644C7 I still didn't get :/
22:20 hemebond lero: Tried salt['pillar.get']('aur')? also, does 'salt minionname pillar.items' show the aur?
22:21 hemebond Oh, also aur is a list, not a dict.
22:22 lero hemebond: tried now, it says it's not a dict :)
22:23 lero hemebond: not sure about the salt minionname, because i'm running it local
22:23 lero with salt-call
22:23 hemebond Ah. Well it's a list so {% for p in salt['pillar.get']('aur', []) %} should work
22:24 lero hmm, pillar.items work with it, let me see
22:24 lero let me try
22:26 lero the same with ,[]
22:26 lero ID aur in SLS packages is not a dictionary hehe
22:26 hemebond Can you paste your state and pillar?
22:27 aw110f joined #salt
22:28 lero http://dpaste.com/34JK04V
22:29 kliquori joined #salt
22:29 hemebond Are you putting the "aur" stuff into the SLS?
22:29 hemebond I can't tell from your paste if it's in a separate file or not.
22:29 lero let me paste all of it :)
22:29 lero yeah, the aur stuff is inside the sls
22:29 hemebond Ah, that's incorrect.
22:30 hemebond You can't just paste random YAML into your SLS.
22:30 hemebond Pillars are a separate system.
22:30 hemebond I don't know how pillars are used with salt-call as I've never used salt-call.
22:30 lero ohh I see
22:31 hemebond Do you have a master?
22:31 lero no, it's just to configure my own laptop :)
22:31 hemebond Okay have a look at https://docs.saltstack.com/en/latest/ref/cli/salt-call.html
22:31 forrest he's running masterless, if you look at how the users formula works you can see how the pillar works, or that default yaml file I linked.
22:32 hemebond You can pass a directory where the pillar data is.
22:34 Rumbles joined #salt
22:34 lero hmm my pillar_roots are /srv/pillar and /srv/spm/pillar
22:34 lero so I should pass --pillar-root to salt-call
22:35 lero and put aur: inside a yaml file right:
22:35 lero ?
22:35 hemebond That sounds about right, yes.
22:36 hemebond You can only provide one pillar root though.
22:36 lero that should be fine
22:36 lero it read all .yaml files right
22:36 lero ?
22:39 sfxandy joined #salt
22:40 zenlot6 joined #salt
22:40 hemebond Normally pillar files use the .sls extension.
22:41 hemebond Hmm, without a top.sls I wonder if it does just read them all. I guess it would.
22:41 hemebond Fairly easy to test by creating a test.sls in the pillar root and then doing salt-call pillar.items
22:42 darkhalo joined #salt
22:42 lero I do have a top.sls
22:42 lero https://github.com/lero/salt-arch-mac
22:42 hemebond For the pillar? I see.
22:43 baweaver joined #salt
22:44 lero no, the pillar I didn't commit yet
22:44 hemebond Oh, that top.sls is for applying the states.
22:44 hemebond Oh this is your repo :-D
22:44 lero and I was trying to add that thing to packages.sls :D
22:44 lero but not inside packages:
22:46 bhosmer joined #salt
22:46 lero made that to simplify my life and learn salt too
22:48 lero hemebond: do I do need to import the file or something?
22:49 hemebond Nope. I'm not really sure how pillars work with salt-call. Lemme try and test now.
22:49 UtahDave pillars work fine with salt-call
22:50 hemebond UtahDave: Yeah, but how?
22:50 hemebond Do you still need a top.sls?
22:50 gtmanfred they go ask the master for them
22:50 UtahDave it pulls the pillar data from th master just like usual
22:50 UtahDave Yes, you always need a top  file for your pillar
22:50 gtmanfred if you are using a local minion, you need a top.sls file just like if it was attached to a master
22:51 Gareth o/
22:51 UtahDave your pillar top.sls   is separate from your regular file_roots top.sls  and is found at   /srv/pillar/top.sls   by default
22:53 hemebond Ah got it
22:53 hemebond lero: salt-call --local pillar.items --pillar-root=./pillars
22:53 hemebond I created a pillars directory and put a regular top.sls in it (using '*')
22:54 lero hmm
22:54 hemebond And got it to apply a test.sls pillar
22:54 lero can you show me this top.sls?
22:54 lero didn't get the *
22:54 hemebond Sure.
22:55 hemebond lero: http://dpaste.com/2ZNM5E5
22:55 lero I tried with --piler-root=/srv/salt/pillar
22:55 digitalhero joined #salt
22:55 lero but named the file first as packages.yaml and then aur.sls hehe
22:55 lero let me see
22:55 hemebond Your spelling is wrong :-)
22:55 lero ops, sorry
22:56 lero but was right in the cli haha
22:56 hemebond salt-call --local pillar.item mypill --pillar-root=./pillars
22:56 lero sudo salt-call --local state.highstate --pillar-root=/srv/salt/pillar
22:56 hemebond Try just doing a pillar.item aur first
22:57 hemebond salt-call --local pillar.item aur --pillar-root=/srv/salt/pillar
22:57 lero let me see
22:57 hemebond Once that returns properly you know your states should be able to find it.
22:58 lero http://dpaste.com/2ATBMTH
22:58 lero hmm
22:58 lero but the values are not there
22:58 euidzero joined #salt
22:58 hemebond That means it hasn't found the aur pillar at all.
22:58 lero http://dpaste.com/0DQ1VZP
22:58 lero this is the file
22:58 hemebond For some reason pillar.item doesn't return an error if the item doesn't exist.
22:59 hemebond And have you created a top.sls to apply the aur.sls?
22:59 lero nop :)
22:59 hemebond You need that :-)
22:59 lero hmm
22:59 lero for the pillar as well?
22:59 lero ohh yeah
22:59 lero I saw your paste
23:00 lero let met see
23:00 lero uhul, it worked \o/
23:02 hemebond Cool. if you haven't already i recommend going through the tutorial. most of it will work with minor changes for salt-call.
23:03 lero hemebond: yeah, I still need to read a lot :)
23:04 hemebond I found the tutorials to be good.
23:04 lero gonna bookmark it
23:04 pileofrogs AndreasLutro: You were right!  I made a working module in just a few hours and it was mostly me eating lunch.
23:05 lero hemebond: that's nice
23:06 NeckBeardPrince joined #salt
23:08 malware_ joined #salt
23:08 lero thanks for the help hemebond, forrest, UtahDave
23:09 forrest NP
23:12 preludedrew joined #salt
23:15 digitalhero joined #salt
23:16 rem5 joined #salt
23:19 user_ joined #salt
23:24 jeddi joined #salt
23:28 nZac joined #salt
23:36 rhodgin joined #salt
23:36 zmalone joined #salt
23:38 brianfeister joined #salt
23:39 UtahDave left #salt
23:41 nZac joined #salt
23:54 brianfeister joined #salt
23:57 KingJ joined #salt
23:59 mavhq joined #salt

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary