Perl 6 - the future is here, just unevenly distributed

IRC log for #salt, 2016-06-22

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:05 ajw0100_ joined #salt
00:14 zero_shane joined #salt
00:15 netcho joined #salt
00:21 mpanetta joined #salt
00:26 dyasny joined #salt
00:30 haaj joined #salt
00:35 scooby2 does salt jinja let you use any kind of wildcards for hostnames?
00:41 ajw0100 joined #salt
01:00 mapu joined #salt
01:09 Nahual joined #salt
01:09 iceyao joined #salt
01:14 isntall joined #salt
01:14 isntall joined #salt
01:15 racooper joined #salt
01:15 ajw0100 joined #salt
01:19 rem5 joined #salt
01:20 iggy scooby2: the answer is probably no
01:21 iggy but describe what you're trying to do a little better, there might be a way to do what you need
01:21 radhac joined #salt
01:21 scooby2 i have some templated config files and for db* hosts it needs to have a different setting.
01:21 iggy {% if 'db' in grains.id %}
01:22 iggy or something like that
01:22 scooby2 thanks. let me try that.
01:22 iggy {% if grains.id.startswith('db') %}
01:22 iggy etc
01:23 scooby2 thanks much
01:23 iggy I generally split stuff like that out and target everything in my top file
01:23 iggy but yeah, that's not always possible
01:26 k_sze[work] joined #salt
01:48 ilbot3 joined #salt
01:48 Topic for #salt is now Welcome to #salt! | Latest Versions: 2015.5.10, 2015.8.10, 2016.3.1 | Support: https://www.saltstack.com/support/ | Logs: http://irclog.perlgeek.de/salt/ | Paste: https://gist.github.com/ (please don't multiline paste into channel) | See also: #salt-devel, #salt-offtopic | Ask with patience as we are volunteers and may not have immediate answers
01:48 dendazen joined #salt
01:50 toddnni_ joined #salt
01:50 test134 joined #salt
01:53 KajiMaster joined #salt
01:54 KajiMaster joined #salt
01:55 edrocks joined #salt
02:04 mapu joined #salt
02:07 test132 joined #salt
02:13 ageorgop joined #salt
02:14 test132 joined #salt
02:14 test132 left #salt
02:17 sagerdearia joined #salt
02:23 Lye383r7 joined #salt
02:35 fannet_ joined #salt
02:44 ramteid joined #salt
02:45 writtenoff joined #salt
02:49 Lye383r7 left #salt
02:57 tuxx joined #salt
02:59 _JZ_ joined #salt
03:15 netcho joined #salt
03:21 radhac joined #salt
03:28 flowstate joined #salt
03:33 mikecmpbll joined #salt
03:43 mohae joined #salt
03:45 patrickancillott joined #salt
03:45 bfig joined #salt
03:50 rem5 joined #salt
03:53 anmol joined #salt
03:59 edrocks joined #salt
04:01 bfig__ joined #salt
04:01 bfig___ joined #salt
04:15 iggy tristianc: all renderers run at the same time
04:21 guardianJ joined #salt
04:22 mpanetta joined #salt
04:27 keldwud joined #salt
04:27 flowstate joined #salt
04:36 kawa2014 joined #salt
04:37 mikecmpbll joined #salt
04:49 Zhen joined #salt
04:56 keldwud joined #salt
04:57 keldwud joined #salt
05:00 lompik joined #salt
05:07 DEger joined #salt
05:07 hamsham joined #salt
05:11 eseyman joined #salt
05:16 netcho joined #salt
05:22 radhac joined #salt
05:26 sauvin joined #salt
05:26 flowstate joined #salt
05:30 onlyanegg joined #salt
05:35 eliasp joined #salt
05:37 fracklen joined #salt
05:47 anmol joined #salt
05:53 patrickancillott joined #salt
06:00 patrickancillott joined #salt
06:01 edrocks joined #salt
06:09 felskrone joined #salt
06:13 rdas joined #salt
06:17 tooth joined #salt
06:17 nikogonzo joined #salt
06:18 pcn joined #salt
06:18 rhand joined #salt
06:27 flowstate joined #salt
06:31 om joined #salt
06:35 yuhlw joined #salt
06:39 fracklen joined #salt
06:45 Eureka70_ joined #salt
06:45 dh_ joined #salt
06:46 dh joined #salt
06:46 RandyT_ joined #salt
06:46 M-liberdiko1 joined #salt
06:47 mrMute_ joined #salt
06:47 Number6_ joined #salt
06:47 tvinson_ joined #salt
06:47 Bloodshot_ joined #salt
06:47 ashmckenzie_ joined #salt
06:47 bfig joined #salt
06:49 chmod6661rg joined #salt
06:49 MikaT_ joined #salt
06:49 eliasp joined #salt
06:50 mandarin1 joined #salt
06:50 the_ktosiek joined #salt
06:50 my50p joined #salt
06:50 mortis joined #salt
06:51 kevc joined #salt
06:51 drags1 joined #salt
06:52 cmek joined #salt
06:52 tuxx__ joined #salt
06:54 emid_ joined #salt
06:54 fracklen joined #salt
06:55 InAnimaTe|whosto joined #salt
06:55 intr1nsic_ joined #salt
06:56 Deliants joined #salt
06:56 Ayo joined #salt
06:58 evle joined #salt
06:59 toanju joined #salt
06:59 garthk_ joined #salt
07:00 MTecknology joined #salt
07:01 alexlist` joined #salt
07:01 jerryc joined #salt
07:01 cwyse_ joined #salt
07:04 tyler-ba- joined #salt
07:05 eightyeight joined #salt
07:05 freelock joined #salt
07:05 cliluw joined #salt
07:06 deniszh joined #salt
07:07 mikecmpbll joined #salt
07:10 lilvim joined #salt
07:14 ronrib joined #salt
07:14 jab416171 joined #salt
07:17 netcho joined #salt
07:21 ravenx joined #salt
07:21 ravenx hey guys, i have two servers and a salt-master account on another server
07:21 ronnix joined #salt
07:21 ravenx how come i make it so that devs are allowed to state.sls on one of the servers
07:21 ravenx and only me, can state.sls the other one?
07:22 ravenx i've looked into the acl thing, but that seems like it works with different accoutns?  cuz right now, in order to use salt, we 'sudo -iu salt-user'
07:22 ravenx and go from there
07:23 radhac joined #salt
07:24 manji joined #salt
07:26 AndreasLutro if you want to use the acl thing you'd have to stop using sudo
07:27 flowstate joined #salt
07:28 pppingme joined #salt
07:35 slav0nic joined #salt
07:37 Electron^- joined #salt
07:39 ravenx so in otherwords:
07:39 ravenx i run salt-master as root
07:39 ravenx and let any user be able to run the salt command AND imcorporate the ACL?
07:40 dano5 joined #salt
07:40 AndreasLutro I don't think you need to run the salt-master as root
07:41 AndreasLutro but yes
07:41 ravenx ah, i can run it as another user, yet still run the salt command as my OWN user. aka 'ravenx'
07:41 ravenx quick qwuestion, can acl control access with linux user groups
07:41 ravenx instead of linux users.
07:42 ravenx or even ldap
07:43 AndreasLutro not sure, I've only made it work with linux users
07:43 AndreasLutro but I think it uses pam for authentication so I guess everything is possible
07:45 kshlm joined #salt
07:45 ravenx alrighty
07:52 linjan_ joined #salt
07:58 lompik joined #salt
08:04 edrocks joined #salt
08:08 dmaiocchi joined #salt
08:10 keimlink joined #salt
08:11 mikecmpbll joined #salt
08:11 cableninja__ joined #salt
08:15 tawm04 joined #salt
08:16 patrickancillott joined #salt
08:20 jellyfrog joined #salt
08:24 mpanetta joined #salt
08:26 s_kunk joined #salt
08:26 s_kunk joined #salt
08:27 flowstate joined #salt
08:32 onlyanegg joined #salt
08:33 cableninja_ joined #salt
08:38 fannet_ joined #salt
08:40 haaj joined #salt
08:44 mikecmpbll joined #salt
08:52 om joined #salt
08:53 monokrome joined #salt
08:55 fannet joined #salt
08:57 patrickancillott joined #salt
08:59 lero joined #salt
09:00 yuhlw_ joined #salt
09:02 yuhlw joined #salt
09:04 yuhlw__ joined #salt
09:06 yuhlw_ joined #salt
09:10 GreatSnoopy joined #salt
09:18 netcho joined #salt
09:23 inad922 joined #salt
09:24 radhac joined #salt
09:26 flowstate joined #salt
09:27 fracklen joined #salt
09:30 cableninja joined #salt
09:32 mikecmpbll joined #salt
09:33 ajw0100 joined #salt
09:37 kshlm joined #salt
09:37 fannet_ joined #salt
09:46 colegatron multiple git ext_pillars and multiple gitfs states are now available in my master. slowly but I am finally getting it working.
09:47 colegatron now I wonder if it is possible to have files stored in the salt master and only let some minions to get them from the master
09:48 dmaiocchi joined #salt
09:48 colegatron I could write a pillar with the file contents because some are short text files (ssl certs), but I've some other binary files that the pillar approach does not fit
09:50 colegatron any idea? I have all that files in the same repo I store the states and pillars
09:53 lompik joined #salt
09:59 ajw0100 joined #salt
10:00 kshlm joined #salt
10:01 manji colegatron, I am going in a limb here, is it possible to base64 the binary files?
10:01 manji that is the best I can think of
10:02 colegatron manji they are pretty big, so pillar is going to be yet bigger.
10:02 colegatron I was only wondering how people send assets to their minions
10:03 manji there is not an one size fits all solution here
10:04 manji personaly, I don't like storing large data in pillars
10:04 manji and specifically for assets
10:04 colegatron yep, me neither :) the idea is fine for ssl certs because in the end they should remain private
10:04 manji it would be a good idea to have a seperate repo and use salt's git module
10:05 colegatron manji yes, that's the way to go if there is no a better idea
10:05 manji or use git to clone specifi parts of the repo
10:06 edrocks joined #salt
10:06 manji the fact that you have your state/pillar stuff in the same repo, means nothing to your minions
10:06 ajw0100 joined #salt
10:07 manji if have the same salt master for multiple inhouse projects/applications
10:07 fracklen joined #salt
10:07 manji you can consider having different states/pillars for each one
10:07 manji and include them in your top files accordingly
10:10 colegatron I am going to use gitfs and separate repos. that way I have it automatically refreshed. sure it is not a best practice, but it is going to do nicely the job :)
10:12 irctc962 joined #salt
10:12 manji instead of that, you could have your minions running specific states every x minutes
10:12 manji eg
10:12 manji your repo is example.com/images.gr
10:12 manji git*
10:13 manji your state is something like
10:13 manji pullimages:
10:13 manji git.latest
10:13 manji <snip>
10:13 manji and use salt's scheduling to run teh state every 5mins
10:14 haaj joined #salt
10:14 irctc962 hey everyone! When I restart my salt master, the salt-api that uses cherrypy to listen for HTTP calls, will consistently throw a 500 just for the first time I send a request. After that it will always work! So does anyone either have a suggestion on how to fix that root cause, or to get an event that the salt master has started and sent it a warmer HTTP call?
10:14 irctc962 many thanks in advance!
10:15 manji you should check your logs and figure out why you get a 500
10:15 manji could be a bug
10:16 netcho joined #salt
10:16 garphy joined #salt
10:16 irctc962 manji: it doesn't seem to be something that shows in the logs :( so I'm looking for a workaround at least
10:17 manji if you have an init script for that, include a dummy request in it
10:18 om joined #salt
10:18 DarkKnightCZ joined #salt
10:18 colegatron manji; why do manually something that salt does automatically. I only have to take care to have a nice folder structure to do not mess :)
10:19 manji I don't trust gitfs much :p
10:19 onlyanegg joined #salt
10:25 garphy joined #salt
10:26 fracklen joined #salt
10:28 fracklen joined #salt
10:28 kshlm joined #salt
10:40 kawa2014 joined #salt
10:43 barmaley joined #salt
10:47 impi joined #salt
11:00 cableninja_ joined #salt
11:05 Guest49069 joined #salt
11:09 pid1 joined #salt
11:10 pid1 joined #salt
11:12 teryx510 joined #salt
11:25 radhac joined #salt
11:45 abednarik joined #salt
11:47 west575 joined #salt
11:47 barmaley joined #salt
11:50 lilvim joined #salt
11:53 amcorreia joined #salt
12:02 evle1 joined #salt
12:04 garphy joined #salt
12:04 Eureka703 joined #salt
12:08 garphy joined #salt
12:08 edrocks joined #salt
12:10 TyrfingMjolnir joined #salt
12:12 abednarik joined #salt
12:15 pfallenop joined #salt
12:17 west575_ joined #salt
12:18 TooLmaN joined #salt
12:19 onlyanegg joined #salt
12:20 babilen manji: Why not?
12:21 manji trauma back from when it was not very stable
12:21 manji I am sure it works now
12:21 manji :)
12:21 babilen aye
12:22 babilen ta
12:31 ezi0_ joined #salt
12:31 jhauser joined #salt
12:33 radhac joined #salt
12:38 pfallenop joined #salt
12:39 edrocks joined #salt
12:39 ravenx joined #salt
12:39 ravenx so someone sudo pip installed an ancient version of tornado on my machine
12:39 ravenx but dpkg -l | grep tornado show the latest.
12:39 dendazen joined #salt
12:39 ravenx how can i instruct salt-minion to start with the tornado from my package repository and not pip.
12:40 mpanetta joined #salt
12:41 mpanetta joined #salt
12:41 AndreasLutro you can't
12:42 AndreasLutro this is why you never sudo pip install
12:42 ravenx fuuuu
12:43 ravenx btw do you know the minimum version of tornado required then
12:43 ravenx cuz it looks like i need to sudo pip update .
12:44 AndreasLutro no clue
12:47 perfectsine joined #salt
12:51 fredvd joined #salt
12:52 alias joined #salt
12:52 ujjain joined #salt
12:52 ujjain joined #salt
12:54 Satyajit joined #salt
12:56 gh34 joined #salt
12:58 rylnd joined #salt
12:58 garphy joined #salt
13:00 salty_ joined #salt
13:01 salty_ Hey guys, getting this error while using reactor to autoscale at aws- "Failed to create VM i-0d4***. Configuration value 'id' needs to be set"
13:02 salty_ Most of the time its ok, when i scale for more then 1 machine 2/3 machines gets this error
13:02 salty_ anyone know what could cause it?
13:02 amcorreia joined #salt
13:04 perfectsine joined #salt
13:07 permalac joined #salt
13:08 jartsu joined #salt
13:11 fracklen joined #salt
13:13 garphy joined #salt
13:13 __hugs joined #salt
13:14 __hugs hello boys
13:14 __hugs I have a question about the state mounted
13:15 __hugs why if I set "mkmnt: True" it doesn't create the mount-point?
13:18 edrocks joined #salt
13:22 lilvim joined #salt
13:22 mapu joined #salt
13:22 alvinstarr joined #salt
13:24 flowstate joined #salt
13:26 iceyao_ joined #salt
13:27 alvinstarr joined #salt
13:31 lilvim joined #salt
13:35 RealMurphy joined #salt
13:36 salty_ guys, anyone knows what "Failed to create VM i-0d4***. Configuration value 'id' needs to be set" means?
13:36 Guest49069 joined #salt
13:37 corichar joined #salt
13:39 RealMurphy Hi, in theory a brief question: In a init.sls or actually any state file, can I somehow match a grain value against a regular expression? Underlying problem: I have multiple potential source files for a single target file and I wish to transfer the "correct" one based on say, the minion id or hostname. I could define a host group via PCRE, but if at all possible I'd like to do this in an included state file
13:39 RealMurphy Is that possible?
13:40 racooper joined #salt
13:42 ronnix joined #salt
13:42 p3rror joined #salt
13:43 flowstate joined #salt
13:43 rem5 joined #salt
13:44 mikecmpb_ joined #salt
13:45 edrocks joined #salt
13:46 perfectsine joined #salt
13:48 flowstate joined #salt
13:48 Trauma joined #salt
13:49 ravenx is it advisible to install salt-minion in a virtualenv, if so, how?
13:49 ravenx cuz i can't seem to find it via pip
13:50 rylnd is salt-cloud able to create a tag in vmware during deploying workloads?
13:52 netcho joined #salt
13:56 lorengordon joined #salt
13:58 west575 joined #salt
13:59 netcho joined #salt
14:01 tuxx__ hey guys
14:01 tuxx__ https://docs.saltstack.com/en/latest/ref/states/all/salt.states.apache_module.html
14:02 tuxx__ this apache_module.enable seems to have been disabled but i see what it was replaced with :(
14:02 tuxx__ ah with enable*d* i guess
14:04 keltim joined #salt
14:05 ajv joined #salt
14:06 Ayo joined #salt
14:10 edrocks joined #salt
14:12 hasues joined #salt
14:12 hasues left #salt
14:14 DarkKnightCZ joined #salt
14:15 garphy joined #salt
14:16 west575_ joined #salt
14:17 toastedpenguin joined #salt
14:19 netcho joined #salt
14:21 tyler-baker joined #salt
14:24 patrickancillott joined #salt
14:24 DEger joined #salt
14:25 fracklen joined #salt
14:26 Tanta joined #salt
14:34 garphy joined #salt
14:37 tuxx__ Comment: State 'apache.configfile' was not found in SLS 'vmhost'
14:37 tuxx__ Reason: 'apache' __virtual__ returned False
14:37 tuxx__ Comment: State 'apache_module.enabled' was not found in SLS 'vmhost'
14:37 tuxx__ Reason: 'apache_module' __virtual__ returned False
14:37 tuxx__ can anyone tell me why i am getting these errors?
14:37 tuxx__ vagrant@vagrant:~$ salt-minion --version
14:37 tuxx__ salt-minion 2016.3.1 (Boron)
14:37 tuxx__ according to the documentation i would expect this to be supported
14:37 tuxx__ https://docs.saltstack.com/en/latest/ref/states/all/salt.states.apache.html
14:39 west575 joined #salt
14:42 flowstate joined #salt
14:43 edrocks joined #salt
14:44 west575_ joined #salt
14:49 west575 joined #salt
14:50 netcho joined #salt
14:50 ronp_usa joined #salt
14:59 edrocks joined #salt
15:06 west575 joined #salt
15:09 Hazelesque_ joined #salt
15:10 Karunamon|2 joined #salt
15:10 toabi_ joined #salt
15:10 numkem joined #salt
15:10 TooLmaN joined #salt
15:10 izibi_ joined #salt
15:11 fleaz joined #salt
15:11 dabb joined #salt
15:11 sauvin joined #salt
15:11 amcorreia joined #salt
15:14 kevinquinnyo Warnings: 'name' is an invalid keyword argument for 'mymodule.some_func'
15:14 kevinquinnyo but mymodule.some_func isn't being passed a name keyword...  What does this mean exactly
15:15 ageorgop joined #salt
15:15 roock joined #salt
15:15 bastiandg joined #salt
15:16 kevinquinnyo tuxx__: it means that the __virtual__ function in that module has some sanity checks to make sure the remote server fulfills the requirements to use it, and it failed to meet those requirements
15:16 eichiro joined #salt
15:16 kevinquinnyo tuxx__: check the __virtual__ function to see what it does to ensure the module will be usable
15:17 tuxx__ kevinquinnyo: yup, i solved it aparently , i hadnt installed apache so the module was not willing to worki
15:17 kevinquinnyo boom
15:17 tuxx__ kevinquinnyo: thanks mate
15:17 kevinquinnyo np
15:19 beardedeagle joined #salt
15:31 Brew joined #salt
15:31 kevinquinnyo does every state module function have to have a name argument, even if it's not used?
15:31 mib_0ye joined #salt
15:31 kevinquinnyo to avoid a warning?
15:38 flowstate joined #salt
15:42 flowstate joined #salt
15:43 amcorreia joined #salt
15:46 eliasp joined #salt
15:46 flowstate joined #salt
15:51 flowstate joined #salt
15:55 flowstate joined #salt
15:57 Muchoz joined #salt
16:00 flowstate joined #salt
16:02 jfindlay kevinquinnyo: I think it is required
16:03 west575_ joined #salt
16:03 jfindlay it is at least required for the return data: https://docs.saltstack.com/en/latest/ref/states/writing.html#return-data
16:04 jfindlay https://docs.saltstack.com/en/latest/ref/states/highstate.html#name-declaration
16:04 jfindlay unless you are using `names`
16:04 kaptk2 joined #salt
16:04 om joined #salt
16:05 om2 joined #salt
16:05 flowstate joined #salt
16:05 perfectsine joined #salt
16:05 sjorge joined #salt
16:09 flowstate joined #salt
16:09 rem5 joined #salt
16:15 bltmiller joined #salt
16:17 onlyanegg joined #salt
16:18 flowstate joined #salt
16:19 woodtablet joined #salt
16:19 zer0def joined #salt
16:20 lero joined #salt
16:21 DammitJim joined #salt
16:22 DammitJim is there an easy way to manipulate strings? I don't know if this is a jinja thing
16:22 DammitJim basically I want to strip out the .com from domain.com
16:23 DammitJim that way I can specify a file in /home/<domain> (i.e. /home/DOMAIN)
16:23 DammitJim and not /home/DOMAIN.COM
16:23 nidr0x joined #salt
16:24 mohae joined #salt
16:25 om2 left #salt
16:26 babilen http://jinja.pocoo.org/docs/dev/templates/#replace
16:26 babilen (you might want to read the entire document)
16:27 flowstate joined #salt
16:32 rem5 joined #salt
16:32 _JZ_ joined #salt
16:33 flowstate joined #salt
16:33 ecdhe joined #salt
16:34 NightMonkey joined #salt
16:35 west575 joined #salt
16:36 amcorreia joined #salt
16:37 flowstate joined #salt
16:39 impi joined #salt
16:41 writtenoff joined #salt
16:45 zer0def joined #salt
16:47 Guest78488 joined #salt
16:48 Edgan joined #salt
16:48 Edgan joined #salt
16:49 abednarik joined #salt
16:50 west575_ joined #salt
16:50 flowstate joined #salt
17:00 ageorgop joined #salt
17:00 flowstate joined #salt
17:01 DarkKnightCZ joined #salt
17:03 tehsu anyone seen issues with salt-cloud to rackspace using the public IP even though the private IP is set for the ssh interface. It was working with 2015.8 broken with 2016.3
17:10 impi joined #salt
17:15 linjan joined #salt
17:15 ajw0100 joined #salt
17:19 west575 joined #salt
17:21 sroegner joined #salt
17:21 jfindlay tehsu: I'm not sure what you mean.  How is salt-cloud using the IP addrs?
17:23 jimklo joined #salt
17:23 lilvim joined #salt
17:24 flowstate joined #salt
17:24 s_kunk joined #salt
17:26 patrickancillott joined #salt
17:27 bfig joined #salt
17:27 bfig_ joined #salt
17:28 numkem joined #salt
17:28 MTecknology YAAAHH BOOOIEEEE!!!!
17:30 MTecknology Dunno how to express excitement like this. The next contract I get to work on is for a startup in san jose working with salt and python. Woohooo!!!!
17:31 jfindlay nice
17:31 edrocks joined #salt
17:32 MTecknology I /really/ hope they also chose Debian... oooh, I so hope they chose debian
17:33 zero_shane joined #salt
17:35 patrickancillott joined #salt
17:36 Muchoz joined #salt
17:38 fracklen joined #salt
17:43 netcho joined #salt
17:45 tehsu jfindlay when it bootstraps
17:45 tehsu the providers configuration,   ssh_interface: private_ips
17:45 Brew joined #salt
17:47 flowstate joined #salt
17:48 netcho joined #salt
17:49 fredvd joined #salt
17:50 jfindlay hmm
17:51 DammitJim what is the proper way to make comments on a state file?
17:51 jfindlay tehsu: what driver are you using with rackspace: openstack or nova?
17:51 tehsu nova
17:51 jfindlay thanks.  I'll see what's going on there
17:52 tehsu ok thanks
17:52 jfindlay DammitJim: yaml comments begin with # and jinja comments begin with {# and end with #}
17:52 autofsckk joined #salt
17:54 DammitJim and states are yaml, right?
17:55 jfindlay by default, they are jinja|yaml
17:57 flowstate joined #salt
18:03 west575_ joined #salt
18:04 ageorgop joined #salt
18:08 west575 joined #salt
18:13 west575 joined #salt
18:15 netcho joined #salt
18:21 Satyajit joined #salt
18:21 patrickancillott joined #salt
18:25 mapu joined #salt
18:27 west575_ joined #salt
18:33 felskrone joined #salt
18:39 amcorreia joined #salt
18:39 toanju joined #salt
18:41 Eureka703 Quick question. Anyone have a good reference in how they are using gitfs for their backends? I get the general idea but I really would like to see how some people are arranging things. Mainly because I think of an "environment" as Dev/Test/Prd/Etc.. Not "Webserver/firewall/etc".
18:42 Eureka703 I.E. Do you all just serve "prod" out of your "base" and then just build duplicate structure out of each branch?
18:42 Tanta joined #salt
18:43 Edgan Eureka703: The default setup assumes that base == master. So is prod the master branch for you?
18:44 Eureka703 Not in the way I currently have it setup. This is a very old setup though.. Basically. I treat Base as a set of "base states all systems can get". Rather than the Prod branch.
18:44 Eureka703 This is an attempt to convert everything to the gitfs backend from using rootfs
18:44 Edgan Eureka703: I just converted myself, but haven't setup environments yet
18:45 Eureka703 So you are currently just using the Base/Master for everything at the moment?
18:45 Edgan yes
18:45 Edgan Eureka703: My plan is to setup an alternative branch just for salt development
18:45 Edgan Eureka703: I may setup dev/staging/prod branches later, but I really just need to get development separate from everything else
18:45 Eureka703 That makes sense.. So how are you structuring things under your master? Do you have a directory structure to separate things out?
18:46 Edgan Eureka703: different directories for different branches, or formulas?
18:46 Eureka703 Like "MASTER" then several sub directories like "windows", "Linux", etc..
18:46 Eureka703 Just a logical separation of your formulas/states.
18:47 Edgan Eureka703: No Windows here. I have mostly Ubuntu with a mix of 14.04 and 16.04. For now one CentOS 6 box. May add Amazon Linux soon.
18:47 Eureka703 At the moment I have something like "root" then sups like "Apps". Apps can contain many different things, including subs like "system_tools" or "webservers".
18:47 Edgan Eureka703: I use formulas/map.jinja to deal with most of the distro differences
18:48 Edgan Eureka703: Apps are in the same tree and are used via salt-ssh
18:48 felskrone joined #salt
18:48 Eureka703 ah
18:48 Eureka703 I may have to change a lot more about this structure than I was thinking.
18:49 Edgan Eureka703: yeah, gitfs doesn'
18:49 Edgan t
18:49 Edgan let you pull some of the same tricks
18:49 Edgan I had some pillars in the formulas repo(non-secret), but that doesn't really work with gitfs
18:50 Edgan Eureka703: So I moved everything to the pillars repo when I switched
18:50 Eureka703 Right. Im planning on doing that with pillars as well.
18:51 Eureka703 I guess the annoying part in my head is thinking about base as prod rather than the base set like I thought made sense.. 2 years ago ;)
18:51 Edgan Eureka703: I have found it just works so far, but mine is a simple setup
18:52 Eureka703 Thanks for the input Edgan. I appreciate it.
18:52 Edgan Eureka703: There is no reason you can't have a prod branch
18:52 Edgan Eureka703: As long as you have a way to match prod machines
18:52 Eureka703 Yeah, I do get that. i just want to try to make it as clean as possible.
18:53 Eureka703 Someone else might have to take this thing over one day. I dont want to make it too confusing for them ;)
18:53 flowstate joined #salt
18:56 Edgan Eureka703: Sadly in my experience the next guy just reinvents the wheel. You use Salt, he uses Puppet. The next guy uses Chef. The next guy tries to do it all with Docker.
18:56 Eureka703 haha. Isnt that the truth ;)
18:56 flowstate joined #salt
18:57 Edgan Eureka703: I recently replaced a guy who left, and I replaced his home grown configuration management written in bash with Salt.
18:57 Eureka703 Yeah.. Thats basically what I did a couple year ago at another place.
18:59 Eureka703 ok so this looks different than I remember. It claims in the docs that the top.sls from all branches in a given repo will be merged into one at runtime and the suggestion is to actually use multiple repos?
19:01 Edgan Eureka703: My understanding is that formulas are an overwrite model. Where are pillars are a merge unless there is conflict, then it is overwrite.
19:01 west575 joined #salt
19:01 Eureka703 hum. Guess ive got a lot more reading to do ;)
19:02 Edgan Eureka703: If you have two branches and both have a foo formula, then based on the order, one completely wins
19:02 Eureka703 makes sense
19:04 Edgan Eureka703: and pillars work like this, https://paste.fedoraproject.org/383439/66622251/
19:05 Edgan Eureka703: Though there is work on an idea called PillarStack that is something different.
19:06 Eureka703 interesting
19:06 west575_ joined #salt
19:06 tehsu jfindlay, found that the private ips during a build has the public ips in it
19:06 Edgan Eureka703: Be sure to use pygit2 with gitfs
19:08 dh__ joined #salt
19:08 Eureka703 Got ya. Think im going to go grab coffee and start breaking stuff ;)
19:08 GreatSnoopy joined #salt
19:09 dh__ Can someone tell me if possible to order server creation with salt-cloud in the cloud.maps.d?
19:09 west575__ joined #salt
19:09 dh__ It seems to process them in alphabetical order and not sequentially, which is kinda a pain for dependencies
19:09 felskrone joined #salt
19:13 jfindlay dh__: I'm not sure how much of an effort it would be, but you could use the orchestrate runner with the cloud state run by a dedicated cloud minion, possibly located on the master itself
19:13 flowstate joined #salt
19:13 west575 joined #salt
19:14 jfindlay dh__: also see https://github.com/saltstack/salt/issues/25555
19:14 saltstackbot [#25555][OPEN] Salt Could should have a way to define an entire infrastructure | At present the map file is pretty limited in what it can do in the fact it will only spin up instances not other resources (unless I'm missing something) and overstate seems to be dead, ideally you should be able to define an entire infrastructure (cross provider) through a mapfile/overstate style system....
19:14 dh__ awesome, thanks
19:17 netcho joined #salt
19:18 bltmiller joined #salt
19:19 adelcast left #salt
19:20 adelcast joined #salt
19:22 flowstate joined #salt
19:22 ajw0100 joined #salt
19:31 cyborg-one joined #salt
19:31 abednarik joined #salt
19:33 druonysus joined #salt
19:35 tehsu I fixed it jfindlay
19:35 hasues joined #salt
19:35 tehsu I removed a block of code from nova.py
19:36 hasues left #salt
19:39 jfindlay tehsu: nice
19:39 tehsu I'm submitting a issue on git
19:42 deniszh joined #salt
19:43 sauvin joined #salt
19:43 jfindlay tehsu: thanks.  Be sure to reference that in your zendesk issue
19:43 tehsu ok, will do
19:44 jfindlay thanks for working on it
19:44 tehsu np, thanks
19:47 Muchoz joined #salt
19:47 Trauma joined #salt
19:48 brent_ joined #salt
19:50 brent_ joined #salt
19:51 patrickancillott joined #salt
19:53 netcho joined #salt
19:55 flowstate joined #salt
19:55 keimlink joined #salt
19:58 Ayo joined #salt
20:07 brent_ joined #salt
20:07 netcho joined #salt
20:08 patrickancillott joined #salt
20:09 dh__ Does anyone know of a way to escape some jinja in a file?
20:09 netcho joined #salt
20:09 flowstate joined #salt
20:09 dh__ I have a file being managed by salt using Jinja templates, but its a confd file that uses go templates that have {{syntax}}
20:09 dh__ which is throwing jinja errors
20:10 Edgan dh__: yes, one sec
20:10 Edgan {%- raw %} {% endraw -%}
20:10 dh__ awesome
20:10 dh__ thanks!
20:11 Tanta or {{ '{{ text }}' }}
20:11 Edgan dh__: I ran into it when trying to write a salt reactor file as a template, and it has {{ }} syntax
20:14 radhac Hey all, is there a way to log reactor events in a separate log file?  log_file: underneath the reactor: stanza doesn't seem to populate anything.  Any suggestions?
20:17 garphy joined #salt
20:18 edrocks joined #salt
20:18 netcho joined #salt
20:18 druonysus_ joined #salt
20:23 debian112 joined #salt
20:26 eliasp joined #salt
20:27 Shylock_ joined #salt
20:34 netcho what is the best way to append ssh keys to auth_keys? i wanna add single user with multiple ssh keys
20:36 noraatepernos joined #salt
20:38 edrocks joined #salt
20:38 netcho is it goot practice to use ssh_auth.present with multiple sources?
20:39 flowstate joined #salt
20:40 lorengordon joined #salt
20:40 ajw0100 joined #salt
20:42 jfindlay I don't see why that would be a problem
20:42 deniszh joined #salt
20:43 jfindlay radhac: not that I know of, but you can watch reactor events with: `salt-run state.event pretty=True`
20:44 netcho jfindlay: is it better to have them in pillar?
20:45 jfindlay netcho: well, pillar is designed to hold more secret stuff, so yes, that would be better
20:45 jfindlay care is taken to keep pillar data more private
20:45 Edgan jfindlay: public keys aren't secrets
20:46 jfindlay only supposed to be revealed when authorized
20:46 rylnd is salt-cloud able to create a tag in vmware during deploying workloads? or any idea how i could do that -- if its not possible directly?
20:46 netcho i going for least changes to be done when adding a new key
20:46 jfindlay Edgan: well, duh.  I must be doing too much at once
20:47 keimlink joined #salt
20:47 jfindlay netcho: regarding Edgan's comment, if you're stating in public ssh keys, it shouldn't matter since the keys are not secret
20:48 netcho yeah i know that, but i wanna be able to add key only on one pleace]
20:48 netcho *in*
20:48 gimpy2938 joined #salt
20:49 jfindlay I am unsure what you mean
20:50 gimpy2938 So salt-call exits 0 even when it fails with "Data failed to compile" ... any way to change that so, you know, it follows normal conventions of error==nonzero that nearly everything else on earth does on *nix?
20:50 netcho we are using single admin user for our infra. so when we want to allow someone to ssh to our machines we add his key to auth_keys. it is done now with chef
20:50 jfindlay gimpy2938: see https://github.com/saltstack/salt/issues/18510
20:50 saltstackbot [#18510][OPEN] salt exit codes | is there a reason why test.* returns False and exits with bash exit code 0 instead of 1 ? ...
20:51 netcho now i would like to have a pillar file where can i add new keys and apply them via state
20:51 mage_ joined #salt
20:52 jfindlay netcho: that makes sense
20:52 netcho so i need to add that key only in one place
20:54 jfindlay either looping over pillar data or the source file with multiple keys should work
20:55 gimpy2938 @jfindlay: looks like --retcode-passthrough makes it to what it sould ... quite dumb to exit 0 on *any* error IMO
20:56 Muchoz joined #salt
20:56 aharvey joined #salt
21:00 netcho joined #salt
21:04 netcho joined #salt
21:06 SWA joined #salt
21:07 Ahlee indeed.
21:10 whaity joined #salt
21:13 west575 joined #salt
21:16 SWA joined #salt
21:18 gimpy2938 left #salt
21:26 flowstate joined #salt
21:27 Muchoz joined #salt
21:30 mage_ joined #salt
21:37 Edgan That is just the half of it. salt-ssh are only partially fixed with --retcode-passthrough. I have https://github.com/saltstack/salt/issues/33674
21:37 saltstackbot [#33674][OPEN] salt-ssh doesn't returns a zero code on jinja template failure. | Description of Issue/Question...
21:39 cableninja_ joined #salt
21:52 edrocks joined #salt
21:55 rem5 joined #salt
21:56 aharvey joined #salt
22:16 jimklo joined #salt
22:18 JPT joined #salt
22:24 ajw0100 joined #salt
22:24 flowstate joined #salt
22:27 sjmh is there a way to run grains via salt-call w/out a master and w/out a running salt-minion?
22:28 sjmh sorta like ohai or facter?
22:29 noraatepernos joined #salt
22:33 aharvey joined #salt
22:34 zenlot6 joined #salt
22:36 sauvin joined #salt
22:39 jimklo joined #salt
22:40 jwarren_ joined #salt
22:45 druonysus joined #salt
22:46 jwarren_ Hey folks, I have a question about using Salt and with Packer. I'm having issues getting my environment to match, and so my Pillar ends up empty. (I would ask the Packer channel, but it's a ghost town) It's like Packer doesn't set the grain role or environment that's in my minion file. Any ideas, or anyone have any similar experience?
22:47 brent_ joined #salt
22:56 MindDrive Let's see if I can explain this without sounding like a fool... I have a custom module (tds) that I use to do software updates via Salt.  My last attempt to upgrade from 2015.5 to 2015.8 failed miserably due to the 'tds' module not being able to be found when the master tried to call it on one of the given minions.
22:56 MindDrive I'm taking smaller steps and have just created an upgraded master; I'm trying to figure out what command I can run from the master to see if one of the (unupgraded) minions is able to access the module properly.
22:57 MindDrive I did this once long ago, but I'll be damned if I can remember what I did and of course I didn't write it down. :(
22:58 dtsar joined #salt
23:00 patrickancillott joined #salt
23:08 teryx510 joined #salt
23:09 teryx510 joined #salt
23:09 sjmh MindDrive : you can issue a 'cp.list_master' to get a minion's view of the master's fileserver
23:09 sjmh You should be able to see the module there somewhere.  It's supposed to be in /srv/salt/_modules
23:10 MindDrive sjmh: Ahh, that's it!  Thank you.
23:10 sjmh and then you run a saltutil.sync_modules ( I think ), to sync those modules down
23:16 cyborg-one joined #salt
23:18 SWA joined #salt
23:20 jimklo joined #salt
23:21 SteveB joined #salt
23:21 p3rror joined #salt
23:33 om joined #salt
23:37 Derailed hey guys, just a quick question: When is the file '/etc/salt/minion_id' used? Is it used ONLY if you don't have an 'id:' setting in your configuration files?
23:41 sauvin joined #salt
23:44 DEger joined #salt
23:55 sjmh Derailed - it's used when you have minion_id caching turned on.  https://docs.saltstack.com/en/latest/ref/configuration/minion.html#minion-id-caching
23:55 sjmh see the issues linked there about why it helps
23:56 Derailed Thanks. based on a quick read I think I want to turn that off and rely entirely on manually setting the 'id' in the configuration -- for my usecase I don't want salt trying to guess what the id should be, it's being assigned by a different tool

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary