Perl 6 - the future is here, just unevenly distributed

IRC log for #salt, 2016-04-06

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:00 nidr0x joined #salt
00:00 antpa joined #salt
00:00 ninjada joined #salt
00:00 djgerm I figured a reactor on   - 'salt/cloud/*/created': and something like     - 'local.state.highstate'
00:00 iggy if you are using salt-cloud, yeah
00:01 djgerm will that target the newly created minion? or the local salt master?
00:01 djgerm or everything :)
00:01 iggy there's also start_action in salt-cloud
00:01 djgerm i had not seen that
00:02 Tyrm joined #salt
00:06 djgerm so for now, everything will be started by salt-cloud. So will local.state.highstate do the trick? I guess I could just try and find out :)
00:07 djgerm oh… hmm how do I specify a saltenv for that…
00:09 sc250024 joined #salt
00:10 sc250024 Is it possible to run a for loop in a pillar definition?
00:12 sc250024 {% for server, addr in salt['mine.get']('role:web', 'network.ip_addrs', expr_form='pillar').items() %}
00:12 sc250024 Something like that?
00:14 brianfeister joined #salt
00:17 stanchan joined #salt
00:21 grumm_servire joined #salt
00:23 mavhq joined #salt
00:26 iggy sc250024: you mean you want to use the mine in a pillar?
00:28 quix joined #salt
00:28 cberndt joined #salt
00:29 sagerdearia joined #salt
00:43 rem5_ joined #salt
00:50 flowstate joined #salt
00:56 hasues joined #salt
00:56 iceyao joined #salt
00:57 childc2 joined #salt
00:58 kevinquinnyo joined #salt
01:00 childc2 Hello, I'm having some trouble getting a salt-minion 2015.8.8 to start on Debian stretch. I've run the minion in the foreground with as much debugging as I can get and it looks like it's just stuck looping through the startup. I've got a sample of the loop it's stuck in here: http://pastebin.com/iGPKf7UA Any suggestions on what I can do to debug this a bit further?
01:00 murrdoc joined #salt
01:01 iggy pastebin.com complains about adblocker
01:03 childc2 iggy: it loads for me in an incognito tab, I suspect it's complaining about one you might have enabled
01:04 barajasfab joined #salt
01:05 iggy whta's the command you used to start the minion?
01:05 sc250024 iggy: yes
01:06 sc250024 It's for use with the haproxy formula here: https://github.com/saltstack-formulas/haproxy-formula
01:08 iggy https://github.com/saltstack/salt/issues/11509
01:08 saltstackbot [#11509]title: Exception when using Salt mine from pillar | ```...
01:09 iggy look for the part about using the mine runner (as pillars are generated in the master context
01:09 childc2 iggy: That came from "salt-minion -l all"
01:11 pfallenop joined #salt
01:11 darvon joined #salt
01:11 flowstate joined #salt
01:14 hasues left #salt
01:18 flowstate joined #salt
01:19 sagerdearia joined #salt
01:22 mavhq joined #salt
01:24 GnuLxUsr joined #salt
01:28 mavhq joined #salt
01:29 whatevsz_ joined #salt
01:30 beardedeagle joined #salt
01:31 iggy childc2: move your config out of the way, and try to start? Then slowly add things back until it breaks?
01:34 childc2 iggy: it's not making it far enough to actually touch the master (I think). The minion file on this minion is just blank. Is there anything else to look at?
01:34 rem5 joined #salt
01:37 iggy not that I can think of, burn it down and reprovision
01:40 djgerm nuke it from orbit, it's the only way to be sure.
01:41 childc2 that's easy enough to do, I'll give it a shot
01:42 djgerm (I was just taking advantage of the opportunity to say that… I don't have any insight for you, sorry)
01:47 kevinquinnyo I'm thinking about changing my minion_id's to something similar, but slightly different than the hostname so that each minion's role is more clear, but so that the fqdn can utilize a ssl certificate.  Are there any headaches in maintaining a different minion_id than the server's hostname?
01:47 ageorgop joined #salt
01:47 kevinquinnyo and is it generally considered good practice to keep the minion_id as the hostname for any specific reasons I can't forsee right now?
01:47 iggy whatever makes the most sense to you
01:47 grumm_servire joined #salt
01:48 ilbot3 joined #salt
01:48 Topic for #salt is now Welcome to #salt! | Latest Versions: 2015.8.8, 2016.3.0rc2 | SaltConf16: http://saltconf.com/register/ | Support: https://www.saltstack.com/support/ | Logs: http://irclog.perlgeek.de/salt/ | Paste: https://gist.github.com/ (please don't multiline paste into channel) | See also: #salt-devel, #salt-offtopic | Ask with patience as we are volunteers and may not have immediate answers
01:49 nyx_ joined #salt
01:49 kevinquinnyo yeah i ran into an issue with a single-level wildcard certificate *.myplatform.com, so i had to start changing some of the hostnames to say, cache1-atl-uniqueidhere.myplatform.com and i just hate the dashes with the minion_id for some reason.  I'd like each section to be dot-delimited consistently, but allow the hostname itself to be ugly to utilize my wildcard certificate.
01:50 mavhq joined #salt
01:50 kevinquinnyo then again it might be time for me to just look into that letsencrypt/acme support and generate certificates as i please
01:50 nZac joined #salt
01:51 jankmcjanker joined #salt
01:51 iceyao joined #salt
01:52 childc2 iggy: I deleted /etc/salt and re-installed salt and it errors out at the same place. I haven't missed any config have I?
01:52 mapu joined #salt
02:01 antpa joined #salt
02:05 murrdoc joined #salt
02:11 GnuLxUsr joined #salt
02:14 iggy childc2: I've never seen an issue like that, and that's all I can think to try for now
02:18 hightekvagabond joined #salt
02:20 antpa joined #salt
02:25 childc2 iggy: no dice, I even tried rebooting to clear the systemd cgroups
02:25 mavhq joined #salt
02:25 iggy time for a new machine
02:26 childc2 yeah, I'm not too sure what to try next here
02:26 childc2 pdb maybe....
02:27 mavhq joined #salt
02:33 XenophonF joined #salt
02:34 djgerm Hey so, I am still trying to figure out how to make a minion execute a specific state upon creation, and still confused about it. Can anybody point me in the right direction?
02:36 childc2 djgerm: I suppose you could have the state add a grain to the minion and skip the rest of the state if that grain exists
02:36 GnuLxUsr joined #salt
02:37 djgerm I mean, when minion is created or reports in I suppose, that this specific state be run against it.
02:37 djgerm 99.9999% of the minions will be bootstrapped with salt-cloud
02:38 kawa2014 joined #salt
02:38 djgerm so i figured a reactor based on salt cloud creation… but I can't seem to find the documentation that would trigger that
02:38 djgerm i am SO close
02:39 hemebond djgerm: Isn't there a thing in salt-cloud itself that can trigger a highstate when the minion comes up?
02:40 djgerm actually… I think I just realized… I can just do 'salt/cloud/*/created' in the reactor and then "salt://reactor/mycustom.sls" … I think
02:41 hemebond That was the first hit in my Google search too :-) http://salt-cloud.readthedocs.org/en/latest/topics/deploy.html
02:42 djgerm can a reactor state be basically any old state file?
02:42 antpa joined #salt
02:42 djgerm oooh! start_action: state.highstate
02:42 djgerm I wonder if that can be state.sls mycustom.state
02:42 djgerm no reason why not right?
02:42 childc2 so, salt-minion appears to wander off into another module pretty early on in executing
02:43 childc2 that makes pdb way less useful than I was hoping
02:43 childc2 I suppose there probably isn't any more logging to enable beyond 'all'
02:49 flowstate joined #salt
02:49 akhter joined #salt
02:51 rem5 joined #salt
02:51 nZac joined #salt
02:52 quasiben joined #salt
02:54 spuder joined #salt
02:57 iceyao_ joined #salt
02:58 antpa joined #salt
03:00 spuder_ joined #salt
03:01 sagerdearia joined #salt
03:13 writtenoff joined #salt
03:15 mavhq joined #salt
03:17 hightekvagabond joined #salt
03:19 ninjada joined #salt
03:19 hightekvagabond joined #salt
03:21 cberndt joined #salt
03:25 GnuLxUsr joined #salt
03:28 murrdoc joined #salt
03:30 antpa joined #salt
03:35 racooper joined #salt
03:40 murrdoc joined #salt
03:50 flowstate joined #salt
03:50 antpa joined #salt
03:54 minesskylinegtr joined #salt
03:58 evle joined #salt
04:00 mavhq joined #salt
04:05 SirLagz joined #salt
04:06 fooma joined #salt
04:07 kshlm joined #salt
04:10 antpa joined #salt
04:18 mavhq joined #salt
04:22 antpa joined #salt
04:24 favadi joined #salt
04:28 ajw0100 joined #salt
04:33 antpa joined #salt
04:50 flowstate joined #salt
04:56 qu9 joined #salt
04:56 Tyrm joined #salt
04:58 pwalsh joined #salt
05:03 fooma joined #salt
05:11 antpa joined #salt
05:22 mavhq joined #salt
05:23 impi joined #salt
05:24 mavhq joined #salt
05:30 favadi joined #salt
05:31 antpa joined #salt
05:34 iceyao joined #salt
05:36 antpa joined #salt
05:39 paydro joined #salt
05:41 jnials joined #salt
05:42 sfxandy joined #salt
05:42 sfxandy hi all, anyone around?
05:43 felskrone joined #salt
05:50 flowstate joined #salt
05:50 jnials joined #salt
05:52 djgerm joined #salt
05:52 antpa joined #salt
05:56 iceyao joined #salt
06:01 colttt joined #salt
06:02 jnials joined #salt
06:08 truescot joined #salt
06:11 slav0nic joined #salt
06:12 ravenx joined #salt
06:14 antpa joined #salt
06:16 ravenx any one have an idea of this error:  http://paste.debian.net/424693/
06:17 jnials joined #salt
06:19 Rumbles joined #salt
06:20 felskrone1 joined #salt
06:22 sfxandy only appears to be a warning ravenx
06:23 ravenx it does
06:23 ravenx sfxandy: but my minion can never stay up, it does not start at all
06:23 ravenx it is stuck in a restart loop
06:25 sfxandy no real experience on Debian I have to say...
06:26 akhter joined #salt
06:26 liskl joined #salt
06:26 sfxandy have you tried running it in the foreground with a -l trace switch?
06:28 sunbx joined #salt
06:30 ravenx absoutely
06:30 ravenx spent 5 hours on that yesterday
06:30 djgerm anything from dmesg or syslog?
06:32 kshlm joined #salt
06:33 antpa joined #salt
06:34 AndreasLutro ravenx: debian?
06:34 AndreasLutro 7, 8?
06:38 ivanjaros joined #salt
06:38 dgutu_ joined #salt
06:39 ravenx AndreasLutro: master is 12.04 ubuntu and so is minion
06:39 ravenx AndreasLutro: i am using the latest 8.8, version major
06:39 ravenx major version*
06:39 ravenx djgerm: i haven't looked, but i will go look at it now
06:40 AndreasLutro aha...
06:40 AndreasLutro when you run `salt-minion -l debug` in the foreground, have you stopped the existing service first?
06:41 ravenx nothign in dmesg and nothing in syslog perttaining to salt
06:41 ravenx AndreasLutro: when i run that, i have made sure it is stopped by doign:  ps aux | grep salt-minion
06:41 ravenx so it starts fresh everytime.
06:42 djgerm joined #salt
06:42 AndreasLutro time to strace it then
06:44 ravenx jesus
06:44 ravenx this strace looks like i just opened a binary in vim
06:47 AndreasLutro that's normal
06:47 AndreasLutro you probably want to pipe stderr to a file or less if your terminal history isn't 10k+ lines long
06:48 yuhlw joined #salt
06:48 ravenx right now, i have a lot of these lines:  open("/usr/local/lib/python2.7/dist-packages/Momoko-1.0.0b2-py2.7.egg/tty.so", O_RDONLY) = -1 ENOENT (No such file or directory)
06:48 ravenx open("/usr/local/lib/python2.7/dist-packages/txmongo-0.4-py2.7.egg/pty.py", O_RDONLY) = -1 ENOENT (No such file or directory)
06:48 ravenx open("/usr/lib/python2.7/multiprocessing/tempfile.so", O_RDONLY) = -1 ENOENT (No such file or directory)
06:48 ravenx etc
06:49 flowstate joined #salt
06:50 AndreasLutro I don't have those files either and my salt is working fine
06:51 ravenx gah.
06:51 antpa joined #salt
06:51 phx joined #salt
06:52 dmaiocchi joined #salt
06:53 ravenx i even spun up an instance of the same distro on vagrant
06:53 ravenx and somehow that runs
06:53 ravenx however, the key difference is that vagrant as a minion talks to the master which is local to it (my laptop)
06:53 AndreasLutro doesn't matter
06:53 ravenx but on salt minion it is on a remote server, and the master is also ar emote server.
06:54 AndreasLutro your minion doesn't reach the point of talking to a master anyway
06:54 ravenx that is true
06:54 ravenx it doesn't even start up properly
06:55 TyrfingMjolnir joined #salt
06:55 ravenx and minion is running as root
06:55 ravenx master is runnig as a non-root user.
06:55 ravenx i have made an account for master just for running salt commands called 'salt-user'
06:55 freeaks joined #salt
06:56 nZac joined #salt
06:58 AndreasLutro ravenx: put in "import pdb; pdb.set_trace()" after this: https://github.com/saltstack/salt/blob/v2015.8.8/salt/cli/daemons.py#L276-L280
06:59 ravenx o_O
06:59 ravenx where can i find the source code?
06:59 AndreasLutro in /usr/lib/python2.7/dist-packages/salt probably
07:02 Ron11 joined #salt
07:02 Ron11 HI, How can I install nagios via salt-ssh?
07:04 cyborg-one joined #salt
07:04 AndreasLutro "pkg.install nagios" I guess?
07:05 elsmo joined #salt
07:05 KermitTheFragger joined #salt
07:06 Ron11 salt-ssh testme1 state.apply nagios.nrpe,nagios.plugins
07:06 Ron11 I`m using this command and get these error
07:07 Ron11 http://paste.debian.net/424733/
07:08 AndreasLutro you'll have to ssh into the host and fix whatever problems there are with apt
07:09 AndreasLutro missing parent directory means you'll have to either add a state for creating the parent directory, or add the arg "makedirs: true" to your file states
07:09 Ron11 apt-get does not work because I don't have a connection to internet
07:10 Ron11 I have only access to ssh
07:10 AndreasLutro how do you expect pkg.installed to work then?
07:11 Ron11 I asked, How can install nagios via salt-ssh
07:11 AndreasLutro how would you install nagios on a machine with no internet without salt?
07:13 Ron11 I thought I can install it via salt-ssh via the server
07:13 Ron11 I have all the packages in the server,
07:13 Ron11 server-master
07:14 antpa joined #salt
07:14 AndreasLutro okay, so if you were to ssh in and `apt-get install nagios-npre-plugins` that would just work?
07:16 Ron11 Why is it doesn't work?
07:16 Ron11 salt-ssh testme1 state.apply nagios.nrpe,nagios.plugins
07:17 Ron11 I don't understand.
07:17 AndreasLutro if you won't answer my questions I can't answer yours :)
07:17 * AndreasLutro meeting
07:17 Ron11 If I try it in the master
07:17 Ron11 it works
07:18 Ron11 in the client computer (with except only ssh) it does not work
07:18 Ron11 because I don't have any connection to internet
07:18 fredvd joined #salt
07:19 Ron11 Do you mean to invoke : salt-ssh testme1 cmd.run 'apt-get install nagios-npre-plugins'?
07:20 Trauma joined #salt
07:21 impi joined #salt
07:23 Ron11 joined #salt
07:24 Ron11 The computer disconnected
07:24 Ron11 AndreasLutro, did you answer me?
07:26 jhauser joined #salt
07:33 ninjada_ joined #salt
07:35 Ron11 AndreasLutro
07:36 josuebrunel joined #salt
07:39 kshlm joined #salt
07:41 dezertol joined #salt
07:42 ravenx yeah he said:  "You're a wizard, Ron11 .....and Harry"
07:43 losh joined #salt
07:43 Ron11 I just asked a question.
07:44 Ron11 I run salt-ssh on master. I need to install nagios on the minion, which does not have any connection to internet. How can I do it?
07:45 djgerm You would need to put the software either source or package on the server (or a repository that it can reach) and install from there.
07:45 lero joined #salt
07:45 Ron11 I think it is fair question
07:46 Ron11 thank you djgerm
07:46 Ron11 How can I do it?
07:46 rubenb_ With salt, is there an easy way to disable all assigned states by the top file?
07:47 lpl joined #salt
07:47 djgerm if I were you Ron11, I would build a local repository that mirrors all the repos you need, and then point my internal servers that don't have access to the internet to that.
07:47 rubenb_ ( I assign default settings and such by '*':-matching)
07:48 irctc436 joined #salt
07:49 Ron11 I see
07:49 Ron11 I can either use git clone
07:49 Ron11 and copy all the file to the minions, will it work?
07:50 flowstate joined #salt
07:50 djgerm otherwise, you would just copy files around using any method you like I guess (so if you have a package, you could do something with cp.push or something (https://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.cp.html#salt.modules.cp.push)
07:50 djgerm If you can do it by hand, you can do it with salt :)
07:50 djgerm only faster and with fewer errors and no inconsistencies.
07:51 Ron11 joined #salt
07:53 NightMonkey joined #salt
07:55 fredvd joined #salt
07:58 Tyrm joined #salt
07:59 mavhq joined #salt
08:03 Rumbles joined #salt
08:04 NightMonkey joined #salt
08:05 josue joined #salt
08:10 ronnix joined #salt
08:15 s_kunk joined #salt
08:15 linjan__ joined #salt
08:16 akhter joined #salt
08:16 irctc212 joined #salt
08:17 irctc212 Good morning
08:22 dyasny joined #salt
08:23 kbaikov joined #salt
08:24 antpa joined #salt
08:30 irctc212 When running minion as non-root, those commands which are granted in sudoers does execute properly but, when trying to do something else... i get non-zero exit code from minion.
08:30 irctc212 That's great
08:30 irctc212 It's exactly what i want
08:30 irctc212 only issue is .... it takes 5 minutes to timeout
08:30 irctc212 and the minion keeps logging '[INFO    ] Determining pillar cache'
08:31 irctc212 where can I set that timeout?
08:32 irctc212 what is the master-minion doing during the 'Determining pillar cache' task?
08:33 irctc212 some explanation about it would be great, thanks in advance
08:35 mavhq joined #salt
08:36 ron1 joined #salt
08:36 cberndt joined #salt
08:36 ron1 I run salt-ssh on master. I need to install nagios on the minion, which does not have any connection to internet. How can I do it?
08:38 iggy put the package in file_roots and install from there?
08:39 iggy I'm not sure if that'll work
08:40 kawa2014 joined #salt
08:42 keimlink joined #salt
08:43 catpig joined #salt
08:44 Rumbles joined #salt
08:45 elsmo joined #salt
08:51 flowstate joined #salt
08:53 truescot joined #salt
08:55 truescot hi all, does anyone know why jinja templates would stop working on a specific minion despite the minion software (2015.8.3) being completely removed and re-installed ? i opened a ticket on github with all the information including logs
08:55 truescot https://github.com/saltstack/salt/issues/32375
08:55 saltstackbot [#32375]title: jinja template copying file but not replacing tags | Hi, I was hoping someone could help me out,  I have been struggling with getting a jinja template to work in my environment.  I started off with a config file with some jinja variables in it which didnt work so pared it all back to the simplest configuration that i could but still no luck, I have tried restarting minion and master, re-installing the minion and everything else
08:56 source47 joined #salt
08:57 source47 hi guys, i am trying to run a group-install from a tls file but getting problems. can you let me know what i might be doing wrong here? https://gist.github.com/developerinlondon/b5c3b0e01b3d4e620038faa30fa36b96
08:57 Phil-Work joined #salt
08:58 source47 State 'pkg.group_install' was not found in SLS 'common.packages'
08:59 Phil-Work we have a users directory in states which has a number of SLS files for groups of users (NOC, Dev Team, Etc.) - servers are assigned the relevant states in the top.sls such that the right groups of users have access to the right servers. We want to give certain users access to certain servers which their group would not normally have access to. What's the best logic for this?
09:00 AndreasLutro Phil-Work: are your users defined in pillars?
09:00 Phil-Work yes
09:01 AndreasLutro then you'd probably need some sort of complicated matcher in top.sls
09:01 AndreasLutro pillar top.sls that is
09:02 AndreasLutro or use a node group
09:02 antpa joined #salt
09:02 Phil-Work sorry, I mis-described this - every server has the users state. It's the group-name.sls that's in the pillars and it is the pillar top.sls file that we define assignments in
09:02 Phil-Work what's the node group concept you mention?
09:03 AndreasLutro no, you didn't mis-describe, my advice still applies
09:06 mavhq joined #salt
09:07 Rumbles joined #salt
09:09 remyd1 Hi, I have a salt states which creates my users. Everything is ok, except that /etc/skell folder is not copy while creating the home. When you specify the home, it creates successfully that directory, but even if the right are ok, it is empty by default, although it should contain .bashrc, .bash_profile...
09:10 babilen Phil-Work: You could split your groups so that you use one SLS for each user and then simply create "groups" that include suitable user states. That way you can target both groups and users.
09:11 Phil-Work babilen, my collegue just suggested exactly the same
09:11 babilen If you want more control over that look into pillarstack or external pillars and include "group" information in the pillar data and use that for targeting.
09:11 Phil-Work that seems like the easiest course of action
09:12 babilen It would be. And, given that user pillar data is trivially merged, quite a suitable approach. It simply gets tricky if you have to tinker with groups often.
09:12 Phil-Work how would you merge? JINJA includes?
09:13 babilen Just target two pillars to the minion, they are being merged according to https://docs.saltstack.com/en/latest/ref/configuration/master.html#pillar-source-merging-strategy
09:13 Phil-Work right, ok
09:13 goal joined #salt
09:13 babilen (or rather: Two SLS each with similar keys (to a certain level))
09:14 babilen Say, two SLS that share the "users:" key in this case.
09:14 goal If there's an issue on github which has been closed, but the where the change implemented has broken even more things, is it best to update the original issue or create a new one?
09:14 babilen Alternatively look into the reverse-users-formula and base decisions based on information about the minion (i.e. assign groups to minions)
09:15 dmaiocchi joined #salt
09:15 babilen goal: I'd create a new one and mention it in the old one.
09:20 antpa joined #salt
09:20 goal thanks
09:22 AndreasLutro babilen: thoughts on whether this can replace your suggestion for static pillars? https://github.com/saltstack/salt/issues/32383
09:22 saltstackbot [#32383]title: Allow custom grains/grain modules to be executed on the Salt master | If it was possible to define custom grains/grain modules that should be executed on the master instead of the minion, and those grains are always added to the minion grains last, that would give us a way to securely use grains in pillar top files....
09:24 babilen Wouldn't that be static pillars in all but name?
09:24 AndreasLutro pretty much
09:25 babilen Basically a datastructure that is specific to minions, but is rendered on the master and available everywhere grains are.
09:28 AndreasLutro this might be easier to implement than adding another layer of pillar code though
09:28 AndreasLutro but on second thought it might complicate caching of grains on the minion
09:30 josue joined #salt
09:31 ron1 joined #salt
09:31 ron1 I run salt-ssh on master. I need to install nagios on the minion, which does not have any connection to internet. How can I do it?
09:35 antpa joined #salt
09:39 truescot ron1 theres a number of ways, you can have your own internal repositories using something like mrepo, then you dont fall fould of dependancies, or you can scp over the rpm file(or deb file etc depending on flavour) and install it using that
09:40 yuhlw joined #salt
09:40 ron1 thank you truescot, I try to use salt-ssh -i testme1 state.apply nagios.nrpe,nagios.plugins
09:41 djgerm joined #salt
09:41 ron1 in regular command ( salt '*' state.apply nagios.nrpe,nagios.plugins) it works, but in salt-ssh it doesn't
09:44 Miouge joined #salt
09:49 flowstate joined #salt
09:56 Rumbles joined #salt
10:01 ron1 Can I tell salt-ssh to take the packges from my computer and not from the internet?
10:01 MadHatter42 joined #salt
10:04 antpa joined #salt
10:05 Trauma joined #salt
10:09 babilen ron1: Which packages?
10:13 ron1 Hi babilen
10:13 ron1 Thank you
10:13 ron1 I try to install nagios agent on minion
10:13 ron1 salt '*' state.apply nagios.nrpe,nagios.plugins
10:13 ron1 this command works because I have an internet connection
10:14 antpa joined #salt
10:14 ron1 I have another computer, with have only ssh access
10:14 ron1 I try to use salt-ssh -i testme1 state.apply nagios.nrpe,nagios.plugins
10:15 babilen You can place packages somehwere in salt:// and reference it in the sources: bit of pkg.installed
10:15 ron1 and it does not work, I think because
10:15 ron1 the connection to the internet
10:15 ron1 Therefor I look for a way to install nagios agent via the master with salt-ssh
10:17 babilen https://docs.saltstack.com/en/latest/ref/states/all/salt.states.pkg.html
10:21 freeaks left #salt
10:21 ron1 thank you babilen
10:21 ron1 If I understand correctly, I need to save the packages of nagios agent
10:21 ron1 offline
10:21 ron1 then to create a custom package?
10:23 babilen No
10:24 ron1 then, What I need to di
10:24 ron1 do
10:24 ron1 I don't understand
10:24 babilen You could just place whatever packages you want to "upload" somewhere in salt:// (i.e. /srv/salt or file_roots). I'd recommend to use, say, something like salt://debs or similar. You can then change the pkg.installed state to include a reference to that package in salt://debs.
10:25 babilen (in pkg.installed's sources: list
10:25 babilen )
10:26 ron1 I already define the formula
10:26 ron1 and it works
10:26 ron1 in computer which have connection to the internet
10:26 antpa joined #salt
10:27 babilen Yes .. you want to upload packages from your local host though, don't you? (as the remote one can't download them itself)
10:27 ron1 How can I change existing package to works like I want?
10:27 kawa2014 joined #salt
10:27 babilen Could you maybe rephrase "Therefor I look for a way to install nagios agent via the master with salt-ssh" ?
10:27 ron1 yes exactly
10:28 babilen So, what's the problem with the approach I mentioned?
10:28 ron1 No problem at all
10:28 ron1 Thank you
10:28 babilen You might not want to include that bit (or write a different state) for the "normal" minions as they can download the package themselves
10:28 ron1 I need just help
10:28 ujjain joined #salt
10:28 ujjain joined #salt
10:29 babilen Otherwise you'd have to upload to all of them
10:30 ron1 What is the first step I need?
10:33 Rumbles joined #salt
10:33 antpa joined #salt
10:49 tinyhippo joined #salt
10:49 flowstate joined #salt
10:50 cberndt joined #salt
10:57 punkoivan joined #salt
10:57 antpa joined #salt
10:57 punkoivan joined #salt
10:58 punkoivan left #salt
11:05 opdude joined #salt
11:06 rem5 joined #salt
11:09 mavhq joined #salt
11:10 zerthimon joined #salt
11:12 ron1 babilen, What I need to do?
11:12 babilen Use sources: as detailed earlier
11:15 ron1 Do you mean https://docs.saltstack.com/en/latest/ref/states/all/salt.states.pkg.html ?
11:18 whatevsz joined #salt
11:18 illern joined #salt
11:19 ron1 You could just place whatever packages you want to "upload" somewhere in salt:// (i.e. /srv/salt or file_roots). I'd recommend to use, say, something like salt://debs or similar. You can then change the pkg.installed state to include a reference to that package in salt://debs.
11:19 ron1 (in pkg.installed's sources: list
11:19 ron1 You wrote me this line
11:19 ron1 I don't understand from where to begin
11:22 ron1 cat plugin.sls
11:22 ron1 http://paste.debian.net/424940/
11:23 Rumbles joined #salt
11:23 ron1 I see the in the file there is a line with - source: salt://nagios/nrpe/files/plugins/
11:23 favadi joined #salt
11:23 ron1 as far as I understand it should take it from the locally salt, right?
11:25 ron1 babilen
11:26 antpa joined #salt
11:26 babilen No, you edit the pkg.installed state (line 4-6) to include the sources: argument -- https://docs.saltstack.com/en/latest/ref/states/all/salt.states.pkg.html#salt.states.pkg.installed has examples
11:27 xmj is there a way to turn an entire state into its opposite?
11:27 teatime no
11:27 xmj think foo/init.sls which does a bunch of stuff, sets up files, installs packages . . . and undo everything it does // do the opposite (file.absent, pkg.removed, etc)
11:28 impi joined #salt
11:28 babilen no no
11:28 babilen Nice idea, but no
11:28 xmj someone(tm) should write it ;-)
11:29 ron1 thank babilen
11:29 ron1 now, the only problem I have how can I download the source to my local master
11:29 AndreasLutro good luck with that xmj
11:29 babilen Well, it would require every state to also provide an antogonistic one. That might be a lot of work to get right or impossible (thing cmd.run)
11:30 teatime and the opposite of file.managed is not automatically file.absent
11:30 xmj oh, i understand
11:31 AndreasLutro the norm is to include a "remove.sls" or whatever inside your states directory which does whatever's necessary
11:31 teatime but yes, good luck, I applaud your efforts xmj :)
11:31 AndreasLutro I think that's the best you can do honestly
11:31 teatime when can we get a prelim pull req? :)
11:31 xmj AndreasLutro: status quo :-)
11:31 AndreasLutro then again I prefer just to remove the entire VM and start from scratch if I want to remove things :D
11:32 mavhq joined #salt
11:32 xmj not everything is done in VMs
11:32 xmj and removing a HA cluster because you want to disapply one small state . . . might be overkill :p
11:33 ron1 babilen, can you give me example?
11:33 ron1 I read the document, but I don't know how to implement it in my case?
11:33 xmj why do you need the source package on the master?
11:33 xmj +think you
11:34 ron1 xmj, I don't have an access to internet in the remote computer.
11:34 ron1 I need to install nagios agent
11:34 ron1 I try to use salt-ssh
11:34 ron1 in regular salt command it works
11:34 teatime ron1: you just need binary packages though
11:35 xmj copy the deb, add a local repository to sources.list.d
11:35 xmj then proceed with installing from that local "repository"
11:35 babilen ron1: You copy the .deb packages to salt://debs (e.g. /srv/salt/debs) and reference them in the sources: bit in the pkg.installed state
11:35 xmj nice, even eleganter ;-)
11:36 * babilen detected the German
11:36 akhter joined #salt
11:36 ron1 But, the remote computer is centos and the master is ubuntu
11:36 ron1 I need to download yum rpm?
11:36 babilen ron1: Well, then you obviously don't want a .deb, but a .rpm (adjust as necessary)
11:37 xmj ron1: well, it works analogously with .rpm
11:37 xmj i just gave a .deb example because the thing i talked about (pkg.absent) above involved ubuntu
11:37 xmj babilen: your shibboleth detection is well developed
11:39 ron1 Ok thank you
11:40 babilen Feel free to ask again, but short of implementing it for you I can't quite think of any additional information to give
11:40 ron1 Now, I just need to check how can I download rpm packages
11:40 ron1 thank you babilen
11:40 antpa joined #salt
11:40 babilen All the best!
11:40 ron1 thank you xmj
11:41 ron1 and teatime
11:41 xmj you could either put them into the git repo that powers /srv/salt (e.g.)
11:41 xmj or use some wget/curl/fetch fu during master turnup to get them there
11:41 dmaiocchi joined #salt
11:41 xmj could be done with a Makefile! :X
11:43 AndreasLutro anyone know of a way to refresh grains in the middle of a state run?
11:46 adrienr joined #salt
11:47 babilen AndreasLutro: reload_grains ?
11:47 babilen (global state arg)
11:48 babilen https://github.com/saltstack/salt/blob/develop/salt/state.py#L894
11:49 flowstate joined #salt
11:49 AndreasLutro hmm, looks like that runs before the state, not after
11:50 AndreasLutro or maybe both?
11:50 babilen You would use it with the state that introduces the change
11:50 AndreasLutro oh well doesn't matter, the state has an "onchanges" so it doesn't matter if it runs 1 extra time
11:50 AndreasLutro cheers
11:51 babilen Think of a grains.set state, not the state that requires it
12:00 rem5 joined #salt
12:02 teryx510 joined #salt
12:04 antpa joined #salt
12:04 favadi joined #salt
12:06 antpa joined #salt
12:06 punkoivan joined #salt
12:06 mavhq joined #salt
12:06 teryx5101 joined #salt
12:08 mavhq joined #salt
12:11 source47 joined #salt
12:11 source47 hi guys, does anyone know why i might get 'Service iptables has been enabled, and is dead'
12:11 source47 but it runs fine next time i run the salt state.apply
12:15 mavhq joined #salt
12:18 GeoPlace-Tom joined #salt
12:20 GeoPlace-Tom Hello, what's the right way to check if a system has a certain provider available? For example I want to do something different on a host depending on whether it supports systemd or not.
12:20 AndreasLutro GeoPlace-Tom: salt name-of-minions grains.items
12:21 AndreasLutro I think there's a systemd grain you can check
12:21 GeoPlace-Tom Ah, of course it's a grain. Can you guess I'm just starting out? Thanks AndreasLutro
12:22 GeoPlace-Tom It's 'init' which makes sense
12:22 evle1 joined #salt
12:23 _Cyclone_ joined #salt
12:23 djgerm joined #salt
12:26 bluenemo joined #salt
12:27 mavhq joined #salt
12:28 kevinquinnyo joined #salt
12:33 mapu joined #salt
12:33 teryx5101 source47: pretty sure the error occurs because iptables isn't a real service with a running process. As for the second run, are you sure the service state is executing and not watching the config file for changes? I ran into the same thing a few months ago.
12:34 danemacmillan joined #salt
12:34 antpa joined #salt
12:37 amcorreia joined #salt
12:40 Tyrm joined #salt
12:41 josuebrunel joined #salt
12:42 mavhq joined #salt
12:43 ninjada joined #salt
12:45 ktosiek joined #salt
12:45 Azid joined #salt
12:47 quasiben joined #salt
12:49 N-Mi joined #salt
12:49 N-Mi joined #salt
12:51 martoss joined #salt
12:51 martoss left #salt
12:52 nZac joined #salt
12:58 TooLmaN joined #salt
13:00 quasiben joined #salt
13:02 edrocks joined #salt
13:02 ronnix joined #salt
13:04 barajasfab joined #salt
13:07 quix joined #salt
13:07 mavhq joined #salt
13:09 atmosx left #salt
13:10 gh34 joined #salt
13:10 edrocks joined #salt
13:12 Muchoz joined #salt
13:13 crashmag joined #salt
13:15 flowstate joined #salt
13:15 NightMonkey joined #salt
13:19 subsignal joined #salt
13:22 mavhq joined #salt
13:22 nZac joined #salt
13:25 flowstate joined #salt
13:26 ronnix joined #salt
13:27 gmoro joined #salt
13:27 MadHatter42 joined #salt
13:43 antpa joined #salt
13:43 iceyao joined #salt
13:44 mavhq joined #salt
13:46 mavhq joined #salt
13:51 flowstate joined #salt
13:51 Tanta joined #salt
13:52 illern joined #salt
13:56 berserk joined #salt
13:56 ninjada joined #salt
13:58 jerredbell joined #salt
13:58 kaptk2 joined #salt
14:01 garphy joined #salt
14:02 racooper joined #salt
14:04 mavhq joined #salt
14:06 mavhq joined #salt
14:06 andrew_v joined #salt
14:12 djgerm joined #salt
14:12 mavhq joined #salt
14:13 Tyrm joined #salt
14:14 mavhq joined #salt
14:14 Tyrm joined #salt
14:15 _JZ_ joined #salt
14:15 Nash_ joined #salt
14:18 Nash_ hi everyone. I've got a problem with ssl and salt-cloud. When I try to create a virtual machie with vwmare; i have this message error: There was a profile error: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:581). I don't know why. Someone can help me?
14:20 dmaiocchi joined #salt
14:20 morissette joined #salt
14:23 morissette joined #salt
14:26 overyander joined #salt
14:28 mpanetta joined #salt
14:28 overyander joined #salt
14:35 antpa joined #salt
14:35 berserk joined #salt
14:38 Brew joined #salt
14:38 nZac joined #salt
14:42 kawa2014 joined #salt
14:42 XenophonF Nash_: I vaguely recall running into a similar problem.
14:42 XenophonF I don't remember if adding vCenter's self-signed certificate to the salt-master's trusted CA list fixed the problem.
14:43 XenophonF For a list of typical CA certificate database locations by operating system, see http://bradconte.com/using-load_verify_locations.
14:43 teryx5101 joined #salt
14:45 flowstate anyone here using salt for orchestration and config in AWS?
14:45 XenophonF I am.
14:46 XenophonF Nash_: You could also try getting a valid certificate for vCenter.
14:46 flowstate how are you handling orchestration?
14:46 flowstate salt-cloud, or the boto stuff?
14:46 XenophonF badly? i dunno, both
14:46 flowstate hahahaha
14:46 flowstate fair enough
14:46 XenophonF i was using salt-cloud stuff before
14:46 XenophonF i'm starting to use boto stuff now
14:47 XenophonF esp. to create VPCs and security groups and RDS instances and the like
14:47 XenophonF i still do instance creation using salt-cloud
14:47 flowstate Im trying to wrap my head around what types of changes to the boto orchestration pieces that can happen inline and those that will replace
14:47 AndreasLutro I'm using terraform but would only recommend it if you have highly disposable and redundant servers
14:47 flowstate k, I'm all in on the boto stuff
14:47 AndreasLutro because terraform wants you to respawn instances every time you make any change
14:48 flowstate yeah, Andreas, that's why I didn't go that way, because we have too many pets
14:48 XenophonF brb
14:49 flowstate Im about to do a lunch and learn to teach my coworkers about our salt setup, and I know theyre going to ask about infrastructure changes as opposed to builds
14:49 flowstate in terms of workflow
14:49 ronnix joined #salt
14:50 flowstate deploys are super easy now, just a jenkins job that ssh's into master and runs highstate on the correct nodes
14:51 AndreasLutro our plan is to have jenkins/gocd/whatever send a salt event which the master triggers on
14:51 flowstate oooh
14:51 AndreasLutro it'll be interesting if I can find a way to make it run the highstate on only relevant hosts/states
14:51 flowstate that's cleaner!
14:51 flowstate that's a clever idea
14:51 antpa joined #salt
14:51 flowstate then you can just version control your reactors,
14:51 AndreasLutro yeah the less ssh hackery the better
14:51 flowstate agreed
14:52 flowstate I'm just trying to get the simplest thing working solidly asap
14:52 flowstate perils of being the only ops guy, i suppose
14:53 AndreasLutro some advice off the top of my head, pre-generate minion keys and use a master signing key
14:53 AndreasLutro if you use salt-cloud you won't have to worry about the distribution of minion keys
14:54 ivanjaros3916 joined #salt
14:56 flowstate k, thanks. I've been letting future me deal with the keys thing, but I'll have to tackle it soon, so that's good to know
14:59 AndreasLutro as long as you want full automation I think it should be high priority
14:59 AndreasLutro oh and another tip, event returners can be used to do stuff like slack notifications when things happen in salt
14:59 AndreasLutro anyway time to go home
15:00 jnials joined #salt
15:01 spuder joined #salt
15:10 onlyanegg joined #salt
15:11 jnials joined #salt
15:12 patarr joined #salt
15:12 flowstate joined #salt
15:13 teryx5101 Hey guys, maybe I'm just being a bit dense, but if I'm using salt.network.ip_addrs() inside a pillar file for a minion, that should return the IPs for the minion and not the master right?
15:17 jnials joined #salt
15:17 onlyanegg joined #salt
15:23 jnials joined #salt
15:25 ronnix joined #salt
15:25 berserk joined #salt
15:25 dfinn joined #salt
15:27 Eugene teryx5101 - you probably want grains['ipv4'] or similar
15:27 cscf joined #salt
15:29 DammitJim joined #salt
15:30 cscf maas.io says that MaaS integrates with Salt, but I don't see a Provider config for MaaS anywhere in Salt docs.  Anyone know if MaaS can be used as a salt-cloud provider?
15:30 berserk joined #salt
15:33 RedundancyD joined #salt
15:35 teryx5101 Eugene: thanks. I looked at using grains originally but network ip_addrs by default leaves out the loopback. So I thought it would be easier to use.
15:35 Eugene I'm curious what you need loopback for
15:35 Eugene Or, under what circumstances is `localhost` not good enough?
15:38 jnials joined #salt
15:40 flowstate joined #salt
15:40 mavhq joined #salt
15:42 babilen teryx5101: Pillars are rendered on the master
15:42 teryx5101 no, it leaves out the loopback, so you only get the actual ip.
15:43 babilen teryx5101: I would recommend to use the salt-mine with suitable mine function aliases for your networks (buy defining multiple network.ip_addrs calls with different cidr masks) and to use https://docs.saltstack.com/en/develop/ref/modules/all/salt.modules.mine.html#salt.modules.mine.get in the pillar
15:44 teryx5101 babilen: right, I can see how I would be getting back the master's ips.
15:44 babilen teryx5101: That would mean hardcoding the interface though
15:45 RedundancyD Has anyone used salt to setup a graylog cluster? They have some Chef cookbooks but blah it looks like RPN.
15:45 babilen RPN?
15:45 viq joined #salt
15:45 teryx5101 babilen: Hmm…okay. Thanks for the suggestion, I'll have to think through this again.
15:46 dmaiocchi joined #salt
15:46 babilen teryx5101: I've been happy with the network.ip_addrs + mine approach so far
15:48 RedundancyD babilen: Reverse Polish Notation. An evil construct.
15:48 * babilen subscribes some lisp
15:49 rem5 joined #salt
15:50 babilen RedundancyD: Sure .. I was simply not familiar with something "RPN" in the context of graylog or chef. I see that you simply meant to express "unreadable".
15:51 djgerm joined #salt
15:54 tr33m4n joined #salt
15:55 dkrae joined #salt
15:55 mavhq joined #salt
15:55 punkoivan joined #salt
15:57 tr33m4n Hey. Having a strange issue where reloading nginx config normally works, using the salt command from bash works, however "__salt__['nginx.signal'](reload)" in my .py file does not invoke a reload
15:57 stooj joined #salt
15:57 buenaventura joined #salt
15:58 buenaventura hello o/
15:58 punkoivan left #salt
15:59 grumm_servire joined #salt
15:59 wise0wl joined #salt
15:59 GeoPlace-Tom Is there an opposite of 'watch'? I have a tomcat, and webapp within it which has a config file. When that file changes what's the proper way to tell tomcat it may want to do a restart? I don't want to overly clutter the statements for the tomcat itself.
16:00 mavhq joined #salt
16:00 wise0wl GeoPlace-Tom: That is watches behavior
16:01 buenaventura I'm trying  to configure firewalld via the state, but it does not support add-sources
16:01 subsignal joined #salt
16:02 buenaventura so, I am unable to define a new zone with rules for specifics ip addresses
16:02 GeoPlace-Tom wise0wl: Yes, but wouldn't I have to put in a watch for any possible config file for any possible webapp? I know I'm missing something simple.
16:04 GeoPlace-Tom Ah, I think I see. I'd put a 'service.running' for the tomcat inside my webapp sls, as well as in my main tomcat sls. After all it will only restart once even if I change everything
16:04 buenaventura has anyone had the same problem?
16:04 antpa joined #salt
16:05 buenaventura or how can i request to add support to sources with firewalld?
16:08 hackel joined #salt
16:08 iggy GeoPlace-Tom: watch_in (or better yet listen_in)
16:09 GeoPlace-Tom iggy: A-ha, I knew there'd be an inverse somewhere, thanks
16:10 hackel If I need to include another state to satisfy a requisite, is salt smart enough not to include it twice when I run the highstate?
16:10 zer0def joined #salt
16:11 iggy hackel: yes (but it really shouldn't matter as your states should be idempotent)
16:11 jnials joined #salt
16:11 hackel iggy: Sure, I just want to be sure they aren't getting run twice to save time.
16:13 hackel I know I shoould probably just refactor my states, but it seems somewhat silly to have a whole separate sls file just to check if one file exists.
16:14 UtahDave joined #salt
16:14 jab416171 I have this pillar conf in my salt master https://gist.github.com/jab416171/e6ac91b254e9a5ced24f78c4fee03116#file-git_pillar-conf and I have a top.sls that has dev/qa/base: and then a hostname and then "- test" (similar to UtahDave's comment). Only the host under base has any pillar data. What am I doing wrong?
16:16 danlsgiga joined #salt
16:16 Fiber^ joined #salt
16:16 UtahDave jab416171: well, the first problem you're having is that each top.sls is matching on '*'  That means every single minion is going to match in all environments.
16:16 numkem joined #salt
16:17 overyander joined #salt
16:17 jab416171 UtahDave, I only have one top.sls
16:17 jab416171 on master
16:18 jab416171 and it looks similar to your comment
16:18 UtahDave jab416171: the gist you pasted seems to have a top.sls in each environment
16:19 jab416171 yes, most of the files in the gist are out of date
16:19 jab416171 sorry if that's confusing
16:19 colegatron joined #salt
16:20 gtmanfred that makes it difficult to troubleshoot then
16:20 UtahDave could you provide a gist that accurately shows your current setup?  That would help a lot
16:21 grumm_servire joined #salt
16:23 jab416171 ok, here you go https://gist.github.com/jab416171/399737ddfa6f3d1e7935eec4cef77041
16:24 jab416171 only node3 gets any pillar data, node 1 and 2 have none
16:25 UtahDave ok, just a moment
16:25 slav0nic joined #salt
16:26 UtahDave what version of salt is your master on?       salt-master --version
16:26 jab416171 salt-2015.8.7-1.el7.noarch
16:26 jab416171 salt-master 2015.8.7 (Beryllium)
16:27 UtahDave perfect, thanks
16:27 antpa joined #salt
16:27 jab416171 minions are on the same version
16:28 GeoPlace-Tom left #salt
16:28 danlsgiga hey folks... Does anyone know how can I grab the job id from inside a runner that is being called through salt-api?
16:28 UtahDave so looking through the docs I'm not seeing a 'name' paramenter mentioned anywhere.
16:29 UtahDave jab416171: do you have a url to the doc you're following to configure this?
16:29 hasues joined #salt
16:29 jab416171 https://docs.saltstack.com/en/latest/ref/pillar/all/salt.pillar.git_pillar.html#git-pillar-2015-8-0-and-later
16:29 hasues left #salt
16:30 UtahDave jab416171: I'm still not seeing a 'name' option anywhere.    maybe you want 'env: dev' instead?
16:31 jab416171 this is what the logs spit out before I put in name
16:31 jab416171 /var/log/salt/master-20160404.gz:2016-03-29 11:25:57,050 [salt.utils.gitfs ][CRITICAL][19978] The following git_pillar remotes have conflicting cachedirs: dev ssh://salt@git.example.com/srv/git/salt_pillar_test, qa ssh://salt@git.example.com/srv/git/salt_pillar_test, ssh://salt@git.example.com/srv/git/salt_pillar_test. Resolve this using a per-remote parameter called 'name'.
16:32 jab416171 env is the same as the branch by default
16:32 racooper is it possible to batch reboot servers from the salt master, and make sure one is up before rebooting the next?
16:33 jab416171 I mean, I can try explicitly specifying env if you think it would help
16:33 dmaiocchi joined #salt
16:33 UtahDave racooper: you might try using the orchestrate runner
16:35 gtmanfred racooper: the orchstrate runner can do batch calls now, and also check for vms to come back online before moving on to the next
16:36 flowstate joined #salt
16:38 racooper salt.states.saltmod.wait_for_event looks promising....
16:38 gtmanfred yar
16:39 UtahDave jab416171: try stopping the salt-master daemon, running the master in the foreground in your cli with   salt-master -l debug      then run salt '*' saltutil.refresh_pillar
16:39 UtahDave jab416171: let me know if you see any errors or stacktraces on the master
16:40 coldelectron joined #salt
16:41 danlsgiga is there anyway to catch the job_id from inside a custom runner running a sync call to be able to give it in the salt-api response? I'd like to give devs a return with the job_id along with the responses from the runner
16:43 jab416171 UtahDave, no stack traces
16:43 akhter joined #salt
16:43 UtahDave jab416171: what os are you using?
16:43 jab416171 cent 7 for the master, cent 6 for the minion
16:44 UtahDave ok, let me finish something else up here and then I'll spin some vms up to try to reproduce this.
16:44 hackel I need to run a state only if a file doesn't exist, so I have it require a file.missing state, and that works fine, but the file.missing state generates a failure.  How can I make this state not fail, but just report the information?
16:44 djgerm joined #salt
16:44 jab416171 thanks!
16:46 UtahDave hackel: you might try using the 'onlyif' requisite instead:  https://docs.saltstack.com/en/latest/ref/states/requisites.html#onlyif
16:46 coldelectron what's the deal with modules/slack_notify.call_hook ? docs are quriously quiet about it, but that function is the only place with the correct webhook url.
16:47 KajiMaster joined #salt
16:47 beardedeagle joined #salt
16:47 hackel UtahDave: I was looking at that, but it (and unless, which seems more appropriate) execute actual commands instead of testing other states like require, and that seemed clunky.  I'd have to, what, parse the return code of ls?
16:48 coldelectron or is there a way to get slack_notify.post_message working with hooks.slakc.com/services url that's given when one signs up for it ?
16:50 impi joined #salt
16:51 JohnnRun joined #salt
16:53 amcorreia joined #salt
16:54 UtahDave hackel: 'unless' might be the better option here.      add - unless: \n    - ls /path/to/your/file
16:54 UtahDave https://docs.saltstack.com/en/latest/ref/states/requisites.html#unless
16:55 UtahDave coldelectron: Hm. Let me find someone who has used the slack module
16:56 kerosene joined #salt
16:57 mavhq joined #salt
16:57 Guest35691 nooo
16:57 Guest35691 why?
16:58 hackel UtahDave: Thanks, that's what I'm experimenting with now.  It works in one state, but causes another to fail to compile: https://gist.github.com/hackel/4b91bfc7f297ec30e7964d6eb5b76f1c
16:58 coldelectron UtahDave: i think i'm on a trail, git log shows commit on it on feb 26th. and it does not come up with grep on my stable salt install. unreleased feature.
16:59 Guest35691 Should I use Salt or nothing at all with a wordpress + forum setup?
16:59 XenophonF back
16:59 XenophonF Guest35691: i used salt to deploy wordpress
16:59 coldelectron that still leaves me with no obvious way to use slack's webhook. apart from manual http post.
16:59 XenophonF i didn't use wordpress-formula though
17:00 Guest35691 Any way to test salt without installing it?
17:01 XenophonF Guest35691: https://docs.saltstack.com/en/latest/topics/tutorials/quickstart.html
17:01 hackel Guest35691: Isn't that like trying to read a book without opening it?
17:01 pfallenop joined #salt
17:01 pfallenop joined #salt
17:01 XenophonF you can install salt-minion and set it up as 'masterless' if you follow that quick start guide
17:01 Tyrm_ joined #salt
17:01 Guest35691 @hackel No, just a demo to see what it can do
17:02 Guest35691 Thanks Xenophon
17:02 Tyrm__ joined #salt
17:02 Tyrm__ joined #salt
17:03 XenophonF no problem
17:03 XenophonF lots of people use the masterless mode for real deployments
17:03 paydro joined #salt
17:05 Guest35691 The plan was to run two servers but I don't know if I will be able to setup rsync succesfully, probably more issues than benefits
17:05 XenophonF two wordpress servers?
17:05 Guest35691 Two vps
17:05 Guest35691 For redundancy
17:05 XenophonF ah well with wordpress what really matters is backend database redundancy
17:08 Guest35691 Do you know a better way to do this instead of rsync? Something like load balancing instead of having a master and when it goes down the backup kicks in
17:08 overyander joined #salt
17:10 XenophonF well i would use salt to push wp-config, themes, plugins, apache configs, modsecurity configs, etc. to both servers
17:10 lero joined #salt
17:10 XenophonF and to set up the databases and configure some kind of replication between the two
17:10 AndreasLutro do you really need redundancy for a wordpress site?
17:10 XenophonF and to configure carp or ucarp or something to set up the load balancing
17:10 XenophonF all of that can be done with salt
17:11 XenophonF some of it has to be done by pushing a shell script to the minions using salt
17:13 Guest35691 Thanks but I don't think I'm capable of doing all that, way too hard for me
17:14 Guest35691 well Andreas a disc could die and I would be fucked without the site, but I may setup some sort of automatic backup to another server and do the redundancy thing in the future
17:15 AndreasLutro yes, a regular backup is a far simpler solution
17:15 XenophonF Guest35691: whether you do those things by hand or use salt to automate the process, that's how you'd set up a redundant wordpress site
17:16 XenophonF note that simply using rsync to copy it won't work like you expect if your backend database runs on the wordpress servers themselves
17:16 XenophonF you'd have to either shut down the database during the rsync operation, or you'd have to dump the database prior to running rsync (and exclude the database's backing store from the transfer)
17:17 XenophonF you might be better off asking in a wordpress- or mysql-specific forum if you need help doing those things
17:17 Guest35691 Yea that's a lot harder than expected
17:17 XenophonF it really isn't, but it will take a little research on your part
17:17 Guest35691 Noob question, setting another A record on the DNS for a second server would send visitors to the second server automatically if the first one is offine?
17:18 Guest35691 I would set a TTL of 2 minutes, DNS are on Cloudflare. In theory it should move to the next IP right?
17:20 XenophonF this isn't the right forum for these questsions
17:20 XenophonF just sent you a PM
17:21 Guest35691 ok thanks
17:25 ninjada joined #salt
17:27 anthpa joined #salt
17:31 Tyrm joined #salt
17:36 antpa joined #salt
17:38 writtenoff joined #salt
17:46 Tyrm joined #salt
17:48 josue joined #salt
17:51 Tyrm joined #salt
17:52 berserk joined #salt
17:52 felskrone joined #salt
17:53 Tyrm joined #salt
17:55 DammitJim joined #salt
17:58 Rumbles joined #salt
18:01 Tyrm joined #salt
18:04 Trauma joined #salt
18:06 overyander joined #salt
18:07 beardedeagle So I don't see why this wouldn't work, but is it possible to set up a masterless minion *ON* a master?
18:07 foundatron joined #salt
18:08 wendall911 joined #salt
18:08 rmnuvg joined #salt
18:09 AndreasLutro that'd be an odd thing to do
18:09 beardedeagle would it though
18:09 beardedeagle would it really?
18:09 beardedeagle kidding, yeah it would be odd, but I have a use case
18:10 AndreasLutro the masterless minion would try to read from /etc/salt/master as well... at the very least you'd need to specify a different config path
18:11 beardedeagle hrm, alright
18:13 paydro_ joined #salt
18:14 baweaver joined #salt
18:15 babilen What's the usecase?
18:15 baweaver joined #salt
18:21 akhter joined #salt
18:22 tharkun joined #salt
18:22 Trauma joined #salt
18:22 broadSword joined #salt
18:23 XenophonF pwd
18:23 XenophonF whoops not at a shell prompt in this window ;)
18:24 akhter joined #salt
18:25 mavhq joined #salt
18:26 babilen XenophonF: Now, wouldn't it be nice to be able to install a proxy minion on each of us?
18:27 XenophonF heh
18:28 XenophonF i could post my github account's ssh key again
18:28 aw110f joined #salt
18:28 babilen salt-irc 'babilen' lunch.get tacos
18:28 djgerm I chortled out loud at that :)
18:29 AndreasLutro I once witnessed someone paste a base64 encoded image into irc
18:29 mpanetta I've seen that all too often :(
18:30 babilen I guess this is the right time to mention #salt-offtopic and invite you over
18:30 flowstate joined #salt
18:32 DammitJim joined #salt
18:32 om2 joined #salt
18:33 overyander joined #salt
18:35 cberndt joined #salt
18:35 tercenya joined #salt
18:36 Trauma joined #salt
18:37 ajw0100 joined #salt
18:41 flowstate joined #salt
18:44 s_kunk joined #salt
18:46 jab416171 UtahDave, have you been able to get a test environment set up?
18:46 flowstate joined #salt
18:46 UtahDave jab416171: just getting the git stuff configured and about to test.
18:46 jab416171 sweet, thanks
18:50 Trauma joined #salt
18:52 djgerm joined #salt
18:58 overyander joined #salt
18:59 Rumbles joined #salt
19:04 aharvey joined #salt
19:05 UtahDave jab416171: Hm. I'm still debugging, but I'm only getting the base environment, too
19:05 UtahDave [DEBUG   ] Specified SLS 'test' in environment 'qa' was not found. This could be because SLS 'test' is in an environment other than 'qa', but 'qa' is included in that environment's Pillar top file. It could also be due to environment 'qa' not being defined in "pillar_roots"
19:06 jab416171 yeah, I got that same message
19:06 jab416171 well
19:06 jab416171 [DEBUG   ] Specified SLS 'test' in environment 'qa' is not found, which might be due to environment 'qa' not being present in "pillar_roots" yet!
19:09 jab416171 "However, since git_pillar does not have an equivalent to the pillar_roots parameter, configuration is slightly different."
19:11 UtahDave ok, I'm going to reach out to the lead dev on git_pillar
19:11 rem5 joined #salt
19:11 jab416171 why is your message slightly different? are you on 2015.8.7?
19:12 UtahDave I'm on 2015.8.8.2
19:13 jab416171 I see
19:13 UtahDave I'm getting another message that says it's using a certain directory for the environment and the sls file is indeed there.
19:14 jab416171 [DEBUG   ] git_pillar is processing pillar SLS from /var/cache/salt/master/git_pillar/qa for pillar env 'qa'
19:14 jab416171 like that?
19:14 UtahDave yep.  the sls file is there, but it's not finding it for some reason.
19:14 jab416171 yeah, there's a test.sls in that folder
19:16 jab416171 that logs 3 times for me, is that because it processes it once per minion?
19:22 UtahDave yeah.
19:22 UtahDave I'm getting the dev access to my test vm.  I'll let you know what we figure out
19:23 paydro joined #salt
19:25 baweaver joined #salt
19:25 jab416171 glad you were able to dupe it
19:25 antpa joined #salt
19:25 UtahDave yeah, It's a pain when I can't
19:26 ninjada joined #salt
19:32 UtahDave jab416171: OK, it's going to be a little while before he can get to this.  I'll let you know what we figure out.
19:33 mavhq joined #salt
19:33 overyander joined #salt
19:38 jab416171 UtahDave, thanks, keep me updated
19:39 overyander joined #salt
19:40 Muchoz joined #salt
19:41 UtahDave will do
19:42 Derek_ joined #salt
19:43 Trauma joined #salt
19:43 slav0nic joined #salt
19:44 cberndt joined #salt
19:51 UtahDave jab416171: likely related: https://github.com/saltstack/salt/issues/30402
19:51 saltstackbot [#30402]title: git_pillar mapping problem with multiple branches on single repo | I've got a single Git repo that has two branches for pillar data, one for master and one named staging. I've attempted to configure the Salt master to use master for base env and staging for staging env but staging env minions always get base pillar data. On version 2015.8.3...
19:52 forrest joined #salt
19:54 jab416171 UtahDave, have you tried multiple repos?
19:55 wendall911 joined #salt
19:56 gtmanfred i had that problem at one point, but i forget what we did to the master git_pillar to make ti all work
19:56 gtmanfred but we got it to work
20:01 gtmanfred jab416171: http://ix.io/vCh that is how we did it
20:01 dboyer joined #salt
20:01 dboyer left #salt
20:01 gtmanfred master tied to base
20:01 gtmanfred then preprod to preprod
20:01 gtmanfred and develop to develop
20:01 gtmanfred all in the same repo
20:02 jab416171 gtmanfred, https://gist.github.com/jab416171/399737ddfa6f3d1e7935eec4cef77041#file-pillar-conf
20:02 gtmanfred looks like you don't have a name on the last one
20:02 jab416171 its name is main
20:03 jab416171 but there's no branch
20:03 gtmanfred yeah no branch
20:03 gtmanfred sorry
20:03 jab416171 I just specified master and set the name to base, restarting now to see if it makes a difference
20:03 jab416171 did you do anything on the minions?
20:03 gtmanfred yeah, if that doesn't work then I don't know, cause I just asked the guys at my old work to check, and it is all still working for them
20:03 gtmanfred we did not
20:03 jab416171 do you know what the pillar top look like?
20:03 gtmanfred just made sure they got matched correctly in the pillar top.sls
20:03 gtmanfred each minion had the environment set in /etc/salt/grians manually
20:04 gtmanfred so we matched on the role and the grain in the pillar top file
20:04 keimlink joined #salt
20:04 jab416171 oh
20:04 gtmanfred but if you match on the name, it should work the same
20:04 djgerm left #salt
20:04 jab416171 well, I updated the conf and get the same results
20:04 gtmanfred i don't know then, but their salt stuff is all working and are on the latest release of 2015.8
20:05 gtmanfred sorry
20:06 jab416171 if it makes a difference, we're using multimaster
20:06 UtahDave I'm seeing the same error as jab416171. waiting for erik to get back to me to look at my setup.
20:08 orion XenophonF: Hey there. What is the exact command you use to move code from staging to production?
20:09 orion You said 'state.sls' with 'saltenv' set to 'staging', but what states are you actually running?
20:11 mavhq joined #salt
20:12 freelock joined #salt
20:13 subsignal joined #salt
20:14 baweaver joined #salt
20:18 shpoont joined #salt
20:19 overyander joined #salt
20:19 kevinqui1nyo i'm using an ext_pillar that pulls from a remote rest api to get it's data, but i need to manipulate it / reindex the dictionary in some cases, should i do that in the ext_pillar itself, or is there a way i can write my own "pillar function" or something like that
20:23 UtahDave kevinqui1nyo: I'd probably do that within the ext_pillar itself
20:24 shpoont joined #salt
20:26 shpoont joined #salt
20:27 kevinqui1nyo thanks UtahDave
20:27 kevinqui1nyo i think i'm actually just going to modify the API to return it exactly how i want it
20:27 kevinqui1nyo makes more sense to fix upstream than manipulate downstream
20:28 shpoont joined #salt
20:29 barajasfab joined #salt
20:29 shpoont joined #salt
20:31 AndreasLutro add compatibility for both "versions" of data structure before changing upstream if you ask me
20:33 kevinqui1nyo AndreasLutro: i was thinking the same
20:33 shpoont joined #salt
20:34 kevinqui1nyo the upstream api is outputting a pretty standard nested object structure based on the framework it's built on, so i'll probably add a ?pillar_format=true query option
20:34 kevinqui1nyo or something
20:34 cyborg-one joined #salt
20:35 freelock joined #salt
20:36 fredvd joined #salt
20:37 source47 joined #salt
20:38 source47 hi guys, how can i make it so that salt master would automatically update the minions if it finds some changes in the salt code?
20:39 kevinqui1nyo that sounds dangerous
20:40 kevinqui1nyo but also i'm not sure if there's a supported way to do that
20:40 kevinqui1nyo at least with saltstack
20:41 shpoont joined #salt
20:41 paydro joined #salt
20:41 source47 well i am spinning a vagrant box with a salt-configured lxc cluster inside, so if salt doesnt update the minions all my machines will be sitting there without being updated
20:42 source47 maybe i should make a checksum of the salt folder and run salt update if there are changes on the checksum, but it would have been better if there was a native way to do this
20:42 source47 puppet has ways to automatically update
20:42 mTeK What is the best way to install salt to master and minions that are on private network with out internet access (ubunut)
20:43 mTeK Pointer to the .debs for current would be helpful
20:44 beardedeagle @source47: what exactly do you mean by salt code? do you mean /srv/salt? or do you mean salt the application itself?
20:44 source47 yes /srv/salt
20:44 beardedeagle reactors
20:44 beardedeagle https://docs.saltstack.com/en/latest/topics/reactor/
20:45 source47 thanks! i will check this out
20:48 beardedeagle or beacons I guess
20:48 beardedeagle that would work too
20:48 flowstate joined #salt
20:48 Val_ joined #salt
20:49 beardedeagle @source47: https://docs.saltstack.com/en/latest/topics/beacons/
20:49 Val_ hi
20:49 Val_ Someone use salt on IPv6 ?
20:49 beardedeagle the two together make what you are asking possible
20:51 Val_ I try to apply an IPv6 to an interface on a State, without ipv4
20:51 Val_ and it fail
20:51 buenaventura left #salt
20:52 source47 beardedagle: i think i need to get the salt master to run salt 'minion_id' state.apply when a new key is added
20:53 source47 and then again when any file from within the filesystem for the sls files are modified
20:53 gtmanfred source47: you will want to use beacons then
20:53 garphy joined #salt
20:54 gtmanfred to send events back to the salt master, to trigger the state.apply to run
20:54 ageorgop joined #salt
20:54 source47 ah i see
20:54 source47 i thought it would be the salt master doing the drigger
20:54 source47 the files are updated in the salt master
20:54 source47 and so is the key added in the salt master
20:58 Val_ My IPV6 State : http://pastebin.com/AdebyJWM
20:59 Val_ have you an idea of the problem ?
20:59 beardedeagle @source47: you would install salt-minion on the master
20:59 beardedeagle beacon the minion on the master
20:59 beardedeagle have it trigger the reactor on the master side of the host
21:00 iggy someone should write this up
21:00 iggy it comes up often enough
21:00 beardedeagle which part iggy?
21:00 iggy "how to run highstate when files change"
21:00 beardedeagle ah
21:01 DammitJim joined #salt
21:01 DammitJim simple question
21:01 overyander joined #salt
21:02 beardedeagle a lot of people don't even know about beacons unfortunately
21:02 DammitJim if I define a pillar like this: http://paste.debian.net/425281/
21:03 DammitJim how do I put scheduler in a variable when I am in my state file
21:03 beardedeagle easy
21:03 DammitJim and how do I grab everything under it and put it in a variable (classpath, parameter, etc)
21:03 DammitJim beardedeagle, yes?
21:03 DammitJim I know how to do it in a for ... iteritems
21:03 DammitJim but not when it's just defined like this for a single instance
21:04 beardedeagle {% set var = salt['pillar.get']('quartz:scheduler:classpath', {}) %}
21:04 beardedeagle or you can just gran scheduler
21:04 beardedeagle then var['classpath']
21:04 beardedeagle grab* even
21:04 Val_ no idea for IPv6 ?
21:05 DammitJim beardedeagle, just know that scheduler can be defined differently
21:05 DammitJim like myscheduler, johnscheduler, etc
21:05 beardedeagle then just grab scheduler
21:05 beardedeagle {% set var = salt['pillar.get']('quartz:scheduler', {}) %}
21:05 beardedeagle it's just a dict
21:05 DammitJim no, the word scheduler could be: johnscheduler or jimscheduler
21:05 beardedeagle pretty easy to work with
21:05 beardedeagle then you will have to just grab quartz
21:06 DammitJim and I want my state file to be dynamic
21:06 DammitJim ok, if I grab quartz
21:06 DammitJim how do I grab jimscheduler?
21:06 hackel joined #salt
21:06 beardedeagle var['jimscheduler']
21:06 UtahDave mTeK: debs for ubuntu:  https://repo.saltstack.com/apt/ubuntu/
21:07 beardedeagle like I said, the way you structured your pillars is a dict
21:08 DammitJim I think I get it
21:08 DammitJim thanks
21:08 beardedeagle np
21:08 flowstate joined #salt
21:16 rem5 joined #salt
21:17 linjan__ joined #salt
21:19 source47 joined #salt
21:20 ajw0100 joined #salt
21:22 ahammond I run sudo salt --out=yaml \* pkg.version salt | sort > salt_versions_2016-04-06.txt  on my master and look at the resulting file. I see several instances where the same minion has two response entries. I'd expect there to be only one response per minion.
21:23 source47 joined #salt
21:23 overyander joined #salt
21:23 hemebond joined #salt
21:24 Edgan ahammond: When there are duplicates, are they always different versions?
21:24 ahammond Edgan exact duplicates. Same minion id, same version info
21:25 Edgan ahammond: so it isn't foo: 2015.5.5 and foo: 2015.8.8? it is foo: 2015.5.5 and foo: 2015.5.5?
21:26 ahammond foo: 2015.8.8-2.el6
21:26 ahammond but appears on more than one line.
21:26 Edgan ahammond: and no duplicates if you do a cmd.run 'rpm -qa | ^salt-'
21:26 Edgan ?
21:27 Edgan I mean
21:27 Edgan cmd.run 'rpm -qa | grep ^salt-'
21:27 ahammond Edgan let me check
21:27 ahammond single duplicate. same as the last run of pkg.version
21:27 bantone joined #salt
21:28 Bico_Fino joined #salt
21:28 jab416171 ahammond, what happens if you do salt <duplicate minion> test.ping
21:28 bantone if inotify isn't working for me to use salt beacons is it safe to assume I'm using the wrong version of python-inotify?
21:28 bantone on ubuntu trusty the default is inotifyx but I decided to install python-inotify through pip when that wasn't working
21:29 ahammond I checked that minion and it had two minions running on it. But there were a bunch of others that I know didn't have multiple minions
21:29 Bico_Fino Hello, it’s possible to use file.replace for the same file in the same .sls? I need change N patterns in the same file.
21:29 Edgan ahammond: if rpm -qa | grep ^salt-  gives the same results, it is your rpm database and not a salt issue
21:29 UtahDave bantone: have you tried running the minion in debug mode in a terminal?  Often that will show you what errors are occurring
21:30 bantone I only have the master in debug but I will try that now
21:30 UtahDave Bico_Fino: yes, but they have to each be under their own ID declaration.  Also, I'd recommend just using file.managed on the whole file, if possible. Less chance of breakage
21:31 UtahDave bantone: yeah, you'll see the beacon errors in the minion debug output
21:31 ahammond hmm, looks like I can't repro it anymore. Straaaaaaaaange.
21:32 ahammond Bico_Fino you're probably better off going to a file.managed or file.patch approach if you need to modify the file in multiple places.
21:32 bantone ah
21:32 bantone UtahDave:
21:32 bantone [DEBUG   ] Unable to process beacon inotify
21:32 bantone [DEBUG   ] LazyLoaded inotify.beacon
21:32 bantone that's all
21:32 Bico_Fino UtahDave:  I got that ID error declaration.
21:32 nswinton joined #salt
21:32 ahammond Bico_Fino you'll have to do something like this:
21:33 UtahDave bantone: can you pastebin your santized beacon config?
21:33 Bico_Fino ahammond: I was thinking about create a dict and do a single for
21:33 ahammond Bico_Fino https://gist.github.com/ahammond/eb9c094c2832c3cd0282a9762fe0edaa
21:33 bantone UtahDave: http://pastebin.com/PUw5NdsX
21:33 bantone only thing I'm doing I'm just testing out beacons
21:34 Bico_Fino ahammond: that will do it, but doesn’t look pretty if you have to change 20-30 lines. :P
21:34 nswinton` joined #salt
21:34 Bico_Fino ahammond: In the end a template would be better.
21:34 ahammond Bico_Fino for sure
21:34 bantone really just experimenting
21:34 Bico_Fino ahammond, UtahDave thanks for the ideas guys!
21:35 gtmanfred bantone: hey buddy <3
21:36 bantone lol sup man
21:36 bantone just playing/testing some salt stuff for saltconf haha
21:36 gtmanfred nice
21:37 gtmanfred wanna do lunch tomorrow? over at Cured
21:37 UtahDave bantone: I think you need a forward slash before 'home/vagrant/importantfile:'
21:38 bantone yeah that's not it
21:38 tharkun joined #salt
21:38 bantone gtmanfred: sure
21:38 bantone did not know they serve lunch
21:38 bantone i thought so too UtahDave but no
21:39 gtmanfred it probably runs with the current directory as /, so you wouldn't necessarily need it
21:39 UtahDave bantone: do you get any errors if you open a terminal on that minion, start up python, and then  run   import pyinotify    ?
21:39 rem5 joined #salt
21:39 gtmanfred python -m pyinotify
21:40 bantone well..besides it not being there heh
21:40 gtmanfred lol
21:41 gtmanfred that would do it
21:41 bantone well i did a pip install of python-inotify
21:41 bantone not sure if the version needed is different on 14.04
21:42 gtmanfred i got it as just pyinotify if installed with pip
21:43 bantone ah
21:43 bantone well that started, there's many versions of inotify
21:44 bantone docs say use python-inotify
21:44 gtmanfred probably from a package manager?
21:44 gtmanfred the docs i just looked at said
21:44 gtmanfred pyinotify Python module >= 0.9.5
21:44 gtmanfred https://docs.saltstack.com/en/latest/ref/beacons/all/salt.beacons.inotify.html
21:45 truescot joined #salt
21:46 bantone https://docs.saltstack.com/en/latest/topics/beacons/index.html
21:46 bantone was looking there
21:46 bantone no matter
21:46 truescot Hi, am hoping someone can help, I have created a jinja template that deploys an xml file, unfortunately the file requires to be in "UCS-2 Little endian encoding" for my application to work but saltstack seams unable to process a jinja template in this encoding instead preferring utf8, is there any way round this ?
21:47 rem5 joined #salt
21:47 gtmanfred bantone:technically that uses the package manager to install it, i don't know if it works on ubuntu/debian, but i think it works on centos 7
21:51 bantone ah
21:51 gtmanfred i bet ubuntu called the package something different
21:52 bantone I should see how suse calls it which is what I am using more in production
21:52 gtmanfred ahh yeah, that could be your problem, pkg.install would install for suse too, but again, idk what the package name is :)
21:52 gtmanfred rpm -q python-inotify
21:52 gtmanfred or whatever suse uses :/
21:52 bantone zypper heh
21:52 bantone but yea rpm too
21:53 gtmanfred yeah that
21:53 bantone but default zypper
21:53 qman__ the functionality works on debian and ubuntu but yes, the package names are often different
21:53 gtmanfred proabbly can still check the package version and see if it is installed on suse :P
21:53 qman__ there are ways to work around that
21:53 gtmanfred qman__: yar, just was a problem in the notes of the docs
21:55 iggy truescot: probably not without hacking... python2 has rubbish !ascii support
21:55 gtmanfred ^^
21:56 truescot :( i guess my best bet is to run the jinja template and then run a powershell command to convert it then, not very elegant unfortunately but should work
22:05 rem5 joined #salt
22:08 truescot fyi guys the powershell command to do convert from utf-8 to ucs little endian is
22:08 truescot (Get-Content -Encoding UTF8 IptsConfig.xml ) | Out-File -Encoding Unicode IptsConfig.xml
22:08 gtmanfred neat
22:09 gtmanfred i really like powershell, but haven't spent enough time with it yet
22:09 gtmanfred waiting for ssh to be available on windows, then maybe I will be able to figure out how to connect in and execute powershell as my shell and try it out more
22:09 gtmanfred i love that Azure provides all the scripts for azure as powershell libraries available on all their images
22:10 truescot yea, its got a lot of good things in it, especially since you can call something from any .net library
22:11 truescot which more or less means it can do anything c# can do, just a lot uglier :)
22:11 baweaver joined #salt
22:13 gtmanfred yeah, it reminds me of bash, but if bash was more object oriented like python
22:14 onlyaneg1 joined #salt
22:20 linjan_ joined #salt
22:21 ninjada joined #salt
22:21 freelock joined #salt
22:21 ioya joined #salt
22:22 amcorreia joined #salt
22:25 Longyear joined #salt
22:25 Longyear left #salt
22:26 UtahDave jab416171: you still around?
22:32 baweaver joined #salt
22:33 jab416171 yeah UtahDave
22:34 nikogonzo if i had this: salt['mine.get']('*', 'network.ip_addrs') and wanted to get a len() of that, how can I do it in jinja? e.g. i want to count the number of hosts reporting their ip address to the saltmine
22:34 nikogonzo thanks in advance
22:36 nikogonzo nvm, i worked it out. {{foo|length}}
22:37 truescot :) was literally just about to write that :)
22:38 jab416171 UtahDave, what did you find out?
22:38 nikogonzo truescot: you did, and i thanked you in another timeline
22:38 zenlot joined #salt
22:39 akhter joined #salt
22:43 truescot :D
22:46 UtahDave jab416171: OK, so top files in git_pillar work a little differently than regular file_roots top files and that wasn't documented very clearly
22:46 UtahDave You do need a top file in each branch
22:47 jab416171 :(
22:47 UtahDave jab416171: https://github.com/UtahDave/test_pillar
22:48 UtahDave that works.   see how the top.sls is different in the master branch vs the qa branch
22:48 UtahDave that worked for me
22:48 jab416171 yeah
22:48 jab416171 I put one in each branch (with the same contents) and it worked
22:48 UtahDave we're working on updating the docs to make them clearer and also to make that error we were seeing make more sense.
22:49 jab416171 how would you recommend securing branches so other teams can't target servers that they don't control?
22:49 jab416171 like, what's to stop qa from targeting dev
22:49 flowstate joined #salt
22:49 kevinquinnyo joined #salt
22:50 jab416171 the idea with one top was we secure the master branch, and maybe even add a hook that prevents them from even committing a top.sls file, thus they can't target other servers
22:50 jab416171 but that doesn't really work when each branch has to have a top
22:50 UtahDave yeah, true.
22:51 truescot why does each branch need a top? we have got a single top file or dev , test , acceptance and production
22:51 truescot both in pillar and state
22:51 UtahDave are you using github or github enterprise? Then you could have them make pull requests
22:51 UtahDave truescot: when you're using git_pillar.  Not regular pillar top files.
22:51 UtahDave that's part of what was confusing to me because that's not how regular pillar top files work.
22:51 jab416171 UtahDave, the idea is autonomous teams, it shouldn't take any work from my team for them to add pillar or state data
22:52 truescot ahh , got you
23:00 N-Mi joined #salt
23:02 nZac joined #salt
23:02 derek_s joined #salt
23:05 ashmckenzie joined #salt
23:05 derek_s Hello, I was wondering if someone could help answer a question for me. I'm trying to use listen requisite on a pkg.installed state but it would appear that the state which defines a requisite is always being run. Any pointers around common mistakes I could be making?
23:07 jab416171 thanks for the insight UtahDave
23:07 UtahDave jab416171: you're welcome.
23:07 jab416171 pull requests aren't an option, we don't want the pillar repo to be publicly accessible, since the idea with pillars is you can store passwords and sensitive d ata
23:09 hemebond jab416171: External pillars?
23:10 jab416171 hemebond, isn't git_pillar an external pillar?
23:10 hemebond Sure, but you could have another external pillar for passwords and sensitive info.
23:10 hemebond (sorry, haven't actually read the entire discussion)
23:21 hemebond How long does it normally take for the "Go Go Jenkins" to trigger the tests?
23:21 thejrose1984 joined #salt
23:22 jacksontj joined #salt
23:24 UtahDave hemebond: usually it's pretty quick
23:24 hemebond Few hours?
23:27 UtahDave no, just a few seconds, unless things are queued up
23:27 ahammond anyone ever seen an issue where there's a top command running that eats _enormous_ amounts of cpu, executed by root running sudo -i   ???
23:27 ahammond seems really strange to me.
23:28 hemebond UtahDave: Looks pretty busy.
23:30 om2 how do you target specific sls states in top.sls to minions without targeting the full state directory?
23:31 hemebond om2: Targeting the full state directory?
23:31 UtahDave om2: can you provide an example of what you're trying to do?
23:31 om2 so if I have multiple sls files in a state directory, but only want specific sls targeted and not the full directory?
23:31 UtahDave - mydir.my1state
23:31 om2 oh ok
23:32 om2 perfect
23:32 om2 just what I was looking for!
23:32 mosen joined #salt
23:32 om2 thanks
23:32 om2 in puppet it's done with nagios::nrpe
23:32 om2 so in salt it's done with nagios.nrpe
23:32 UtahDave yep!
23:33 om2 awesome!
23:33 om2 thanks again!
23:33 UtahDave the dot will traverse down a directory
23:33 mosen hiya salties
23:33 UtahDave hey mosen
23:34 hemebond om2: Works just like Python modules.
23:34 om2 good to know!
23:34 om2 thanks
23:40 rem5 joined #salt
23:45 njg joined #salt
23:50 flowstate joined #salt
23:59 baweaver joined #salt

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary