Perl 6 - the future is here, just unevenly distributed

IRC log for #salt, 2016-07-18

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:06 debian112 joined #salt
00:11 DEger joined #salt
00:26 ronrib joined #salt
00:33 yourname2 joined #salt
00:34 yourname2 3
00:36 M-liberdiko joined #salt
00:50 flowstate joined #salt
00:54 WKNiGHT joined #salt
00:55 aarontc joined #salt
00:55 neilf__ joined #salt
01:05 M-cpt joined #salt
01:05 necronian joined #salt
01:05 M-MadsRC joined #salt
01:15 hasues joined #salt
01:15 hasues left #salt
01:18 amcorreia joined #salt
01:18 catpigger joined #salt
01:25 iceyao joined #salt
01:31 hrumph joined #salt
01:31 hrumph hi
01:31 hemebond hi
01:32 hrumph can someone take a look at https://github.com/saltstack/salt/blob/develop/salt/states/pkg.py and explain the usage of "namespaced_function". I don't understand what it's doing
01:33 hrumph what is the purpose of cloning the functions?
01:33 hemebond hrumph: "Redefine (clone) a function under a different globals() namespace scope"
01:33 hemebond It might be something to do with the virtual function thing.
01:34 hemebond Where pkg.installed works the same for Apt and YUM.
01:34 hrumph hemebond i don't see how that comes into it
01:34 hemebond You can see, in the link you posted, it checks for Windows and gets namespaced functions for repo functions.
01:35 hemebond I'm not familiar with it, sorry.
01:35 hrumph ok i see that
01:35 hrumph i see that it copies the functions but i don't see why
01:36 hrumph oh i think i may have a glimmer of understanding
01:36 hrumph my problem stems from my lack of knowledge of python
01:37 hemebond Oh I see.
01:38 hemebond I'm guessing, but it looks like it's putting the functions at the top level.
01:38 hemebond Dunno. Someone else might pop in and be able to help.
01:47 ilbot3 joined #salt
01:47 Topic for #salt is now Welcome to #salt! | Latest Versions: 2015.5.10, 2015.8.10, 2016.3.1 | Support: https://www.saltstack.com/support/ | Logs: http://irclog.perlgeek.de/salt/ | Paste: https://gist.github.com/ (please don't multiline paste into channel) | See also: #salt-devel, #salt-offtopic | Ask with patience as we are volunteers and may not have immediate answers
01:50 flowstate joined #salt
02:07 DEger joined #salt
02:13 amcorreia joined #salt
02:17 kevinquinnyo1 joined #salt
02:23 hrumph my problem stems from my lack of knowledge of python
02:24 hrumph oops
02:24 aphor hrumph: do you know how scoped variables work?
02:25 emaninpa joined #salt
02:26 hrumph aphor no
02:26 hrumph aphor if i did would i understand the issue?
02:26 aphor https://www.safaribooksonline.com/library/view/learning-python/1565924649/ch04s03.html <-- here's a good primer
02:28 hrumph i think i know all of that stuff
02:28 hrumph aphor i need to know why cloning the function was necessicated
02:30 aphor It's so you can swap different functions dynamically into a module at runtime.
02:31 hrumph but they're not doing taht
02:33 aphor I guess it's more like simulating hierarchical namespaces ... it's IMHO, a hack.
02:36 aphor The function can see external variables like they are globals, but in reality namespaced_function() has pulled a switcheroo and those aren't plain Python globals any more: it's regular globals plus some overrides that you choose, to give the function an extra layer of context.
02:37 hrumph what an example of an extra global that one of those functions can see?
02:38 aphor I can't find an example... this is my first time throgh this code.
02:39 aphor What pkg is doing is just scoping the side effects so that they aren't truly global.
02:40 hrumph still do you have a specific example?
02:42 hrumph maybe its just standard procedure to do this
02:43 hrumph when importing a private function
02:43 flowstate joined #salt
02:43 aphor Man.. this is old stuff.
02:43 bastiand1 joined #salt
02:44 hrumph perhaps it's simulating what happens when you call a function from the __salt__ dictionary
02:48 aphor https://github.com/saltstack/salt/commit/54201c9fa9f8dd40d9bbf8be4f8bb6368bd59498 <-- digging for the story in gitHub
02:49 evle joined #salt
02:50 aphor So.. salt cloud loads stuff from multiple cloud providers/drivers and may need to execute different functions with the same name in different contexts, to provision VMs on Azure and AWS in the same salt-cloud map file.
02:51 aphor It's really nice to give those drivers each a sandbox instead of letting them mangle each other's globals.
02:51 hrumph ok but in the example i showed you i don't see how globals would get mangled if you didn't bother to rescope
02:52 aphor I am not really sure how this became necessary in states running on the minion..
02:52 hrumph ok i'm posting an issue
02:52 hrumph i want to get to the bottom of this
02:53 aphor I'm digging, and it's pretty muddy.
02:53 aphor .. for ugly quantities of pretty
02:55 iggy also keep in mind the old module loader was wildly different
02:56 iggy it could be some leftover cruft
02:56 aphor that's my guess
03:04 hrumph https://github.com/saltstack/salt/issues/34732
03:04 saltstackbot [#34732][OPEN] Question about usage of namespaced_function in pkg.py | Would like to understand the usage of namespaced_function in pkg.py...
03:09 aphor whoa this made my head hurt
03:10 aphor ... right down the rabbit hole I went.
03:11 justanot1eruser joined #salt
03:12 armyriad joined #salt
03:24 treaki_ joined #salt
03:30 sagerdearia joined #salt
03:33 Derailed hey everyone, can anyone tell me how the '/etc/salt/pki/master/minions_autosign' directory is used? I can't find it mentioned in the docs anywhere
03:36 armguy joined #salt
03:40 flowstate joined #salt
03:46 aw110f joined #salt
03:50 kshlm joined #salt
03:51 colegatron joined #salt
03:53 kaushal_ joined #salt
03:55 brotatochip joined #salt
03:58 hemebond Derailed: If you enable autosigning on the master does it put those minion keys in there?
03:59 Derailed hemebond, it doesn't seem to, no.
04:00 iceyao_ joined #salt
04:08 rem5 joined #salt
04:14 nLogik joined #salt
04:23 mosen joined #salt
04:26 mosen_ joined #salt
04:28 mosen joined #salt
04:37 om joined #salt
04:41 racooper joined #salt
04:41 flowstate joined #salt
04:49 kshlm joined #salt
04:51 POJO joined #salt
04:55 babilen Derailed: Do you have anything in there?
04:59 nLogik left #salt
05:04 Derailed babilen, no. I want to find out if I can use it for a single minion that I'm expecting to connect
05:10 babilen Derailed: You mean you want to place the minion's key in a directory so that it is already accepted when it connects for the first time?
05:11 Derailed Yes, and I want it to be a one-off operation. The other mechanism for autosigning (specifing a list of Ids in a file) seems like it stays present even after the initial one
05:11 babilen /etc/salt/pki/master/minions should work for that
05:12 mohae joined #salt
05:12 kawa2014 joined #salt
05:17 armyriad joined #salt
05:28 jtang joined #salt
05:37 rdas joined #salt
05:40 flowstate joined #salt
05:40 ageorgop joined #salt
05:40 mariusv joined #salt
05:40 mariusv joined #salt
05:43 iceyao joined #salt
05:46 kshlm joined #salt
05:51 kaushal_ joined #salt
05:55 bilal80 joined #salt
05:55 edrocks joined #salt
05:59 colttt joined #salt
06:00 SpX joined #salt
06:02 xenoxaos joined #salt
06:04 intr1nsic joined #salt
06:07 kaushal_ joined #salt
06:12 felskrone joined #salt
06:19 jtang joined #salt
06:21 intr1nsic joined #salt
06:27 KingJ joined #salt
06:28 rdas joined #salt
06:31 _JZ_ joined #salt
06:41 flowstate joined #salt
06:41 goldielox joined #salt
07:00 ribx joined #salt
07:06 Rumbles joined #salt
07:07 kshlm joined #salt
07:08 guedressel joined #salt
07:22 jhauser joined #salt
07:26 infrmnt joined #salt
07:27 AirOnSkin joined #salt
07:28 dariusjs joined #salt
07:32 fracklen joined #salt
07:41 flowstate joined #salt
07:42 infrmnt joined #salt
07:43 fracklen_ joined #salt
07:45 impi joined #salt
07:46 Rafael joined #salt
07:46 Rafael hello all
07:46 Guest82455 I just installed salt to test. Is it normal to minions not to response to salt "*" test.ping. At different time different minions responding.
07:46 hemebond Guest82455: Try with a longer timeout.
07:47 hemebond By default I think they have 5 seconds to respond or you have to go into the job cache to find its response.
07:48 Guest82455 increased it to 30 sec. but problem not gone
07:48 hemebond Sounds like a networking issue of some sort.
07:48 hemebond The minions are all connected?
07:49 arminius joined #salt
07:49 Guest82455 all connected
07:49 Guest82455 keys accepted
07:49 arminius wheeee
07:49 hemebond No minions with the same minion ID?
07:50 hemebond Only the one master?
07:50 hemebond Any customisation to the master or minion configs?
07:50 Guest82455 only one master
07:50 Guest82455 no customisation. only time out changed
07:51 hemebond Latest version? All running the same version? Linux or Windows?
07:51 Guest82455 No minions with the same minion ID? how to check?
07:51 Guest82455 the same version  Linux
07:52 fracklen joined #salt
07:52 hemebond Check /etc/salt/minion_id on each minion.
07:53 Guest82455 minion id not same
07:54 hemebond Only thing I can think of is to run the master and minions in debug mode and watch the output.
07:54 hemebond The failures are different each time? Sure about that?
07:56 Guest82455 problem like that. when i test 1 time every thing was good. after 2-3 hour some minions lost connection
07:56 hemebond Ah
07:57 hemebond Then you'll need to watch the minion debug output at the time of the disconnect.
07:57 hemebond And maybe look at minion settings for reconnect.
07:57 Guest82455 restarting minion service minion returning
07:57 hemebond Sounds like a network issue.
07:58 hemebond No firewalls or switches between master and minions?
07:58 hemebond The minion is connected on both ports 4505 and 4506?
07:58 Guest82455 minions on kimsufy   master on azure
07:58 hemebond oh
07:58 Guest82455 no firewalls
07:59 hemebond All I can think of is to enable debug logging and grab the logs after the connection fails.
07:59 hemebond Well, there will possibly be firewalls in the way if the master is on Azure.
08:00 hemebond You'd have to be running them all in the same local virtual environment to avoid all real switching and firewalls.
08:00 Guest82455 yes there are fire wall but ports are open
08:00 hemebond Yes, but firewalls do other things, like throttle throughput and monitor packets and such.
08:01 hemebond It's a long-lived connection.
08:01 Guest82455 ok I'll try. thank you very much
08:01 hemebond Try creating a minion in the same subnet as the master on Azure and see if that also suffers.
08:02 Guest82455 one more Q. is it possible to configure minion to connect get job and disconnect. to be most of time without master.
08:03 Guest82455 connect to master only to verify state
08:07 vilitux joined #salt
08:12 bdrung_work joined #salt
08:15 lero joined #salt
08:20 hereiam_ joined #salt
08:20 hereiam_ left #salt
08:20 hereiam_ joined #salt
08:23 ronnix joined #salt
08:25 Rumbles joined #salt
08:29 manji joined #salt
08:33 Qlawy I have one salt job stuck, I cannot kill it, I even tried to reboot minion and its still stuck for about month :X
08:33 Qlawy I mean, I still see it in jobs.active
08:33 Qlawy how can I "terminate" it?
08:33 s_kunk joined #salt
08:33 JohnnyRun joined #salt
08:34 AirOnSkin Qlawy: Have you tried restarting the salt-master?
08:37 GreatSnoopy joined #salt
08:37 Qlawy AirOnSkin: yep (AFAIR)
08:37 Qlawy http://wklej.org/hash/817df1f0f7f/
08:38 hereiam_ Does anyone have experience using https://github.com/saltstack-formulas/jenkins-formula to install jenkins plugins? I defined the pillar on salt-master but somehow the plugins don't get installed.
08:39 impi joined #salt
08:40 yuhlw_ joined #salt
08:41 flowstate joined #salt
08:44 dyasny joined #salt
08:56 keimlink joined #salt
09:01 fracklen joined #salt
09:02 fracklen joined #salt
09:05 hereiam_ joined #salt
09:11 ribx Hi there! I am using a gitfs backend for my pillars and I would like to have an include structure similar to what the file_tree backend offers
09:12 ribx Is there a way to combine the two?
09:12 ribx is there a way to access the minion id in the top.sls file of the pillars?
09:13 fracklen joined #salt
09:13 toanju joined #salt
09:16 hemebond Guest82455: You could use salt-call or something on the cron job perhaps.
09:17 hemebond ribx: By default, targeting in the top.sls (pillar and state) matches against the minion ID.
09:17 whaity joined #salt
09:18 ribx hemebond: yes, but I would like to include a file based on the minion_id, otherwise i have to insert on line for every minion I add
09:18 hemebond ribx: There is a Grain for the minion ID.
09:18 hemebond You can access it with Jinja.
09:19 ribx hemebond: as I said, I would like to have the file_tree behaviour
09:19 ribx hemebond: and can I check, whether a file exists with jinja? I cannot find anything
09:19 hemebond You can't check that a file exists, no.
09:21 viq joined #salt
09:22 hemebond But you can fail silently.
09:22 hemebond I don't know anything about gitfs and file_tree.
09:23 fracklen joined #salt
09:25 fracklen joined #salt
09:36 alrayyes joined #salt
09:36 alrayyes Hi there, newbie here. I know this is probably a dumb question but i can't find this in the documentation
09:36 alrayyes i'm using the nginx formula
09:36 alrayyes but i can't figure out how to echo a variable
09:36 Electron^- joined #salt
09:37 alrayyes conf_dir to be specific: {% set conf_dir = salt['pillar.get']('nginx:conf_dir', '/etc/nginx') %}
09:37 alrayyes cant figure out which path to save the files in
09:38 impi joined #salt
09:39 flowstate joined #salt
09:41 Lionel_Debroux_ joined #salt
09:42 av_ joined #salt
09:43 viq alrayyes: "echo a variable" ?
09:43 alrayyes i want to know where conf_dir refers to
09:43 viq alrayyes: "save the files in" ?
09:44 hemebond alrayyes: What is it you are trying to do at a higher level?
09:44 hemebond I used that formula recently.
09:44 viq alrayyes: 'salt <minion> pillar.item nginx:conf_dir' - if it's empty, it'll use the provided default of "/etc/nginx"
09:44 alrayyes use the nginx formula: https://github.com/saltstack-formulas/nginx-formula/blob/master/nginx/package.sls
09:44 hemebond You should use the ng stuff.
09:45 hemebond https://github.com/saltstack-formulas/nginx-formula/tree/master/nginx/ng
09:45 alrayyes what's the difference between ng and the normal one?
09:45 hemebond ng is the new version. Other stuff is old, broken and isn't supported as far as I know.
09:45 viq alrayyes: read https://docs.saltstack.com/en/latest/topics/tutorials/pillar.html#parameterizing-states-with-pillar
09:45 alrayyes aha, ok thanks. i'll try that
09:45 alrayyes thanks for the tip
09:45 viq (regarding the pillar stuff)
09:46 alrayyes but is there a way to just echo variables to the terminal in sls templates?
09:46 alrayyes or log them somewhere
09:46 alrayyes for debugging purporses
09:48 alrayyes what do you know, ng just works
09:48 viq alrayyes: pillar.get or pillar.item or cmd.run or on host 'salt-call -l debug' would be my approaches
09:48 alrayyes cool, thanks
09:58 kawa2014 joined #salt
10:01 keimlink joined #salt
10:03 irctc508 joined #salt
10:03 irctc508 Hi, I'm trying to use file.managed to deploy a file into /root/ and while it is creating it, the created file is blank while my local one has stuff in it. Any ideas of what I should check?
10:07 irctc508 Just an update on the above question - doesn't made what target directory I use, /tmp has the same issue for example.
10:16 DEger joined #salt
10:16 ivanjaros joined #salt
10:16 iceyao joined #salt
10:17 viq joined #salt
10:21 jtang joined #salt
10:25 armyriad joined #salt
10:25 fredvd joined #salt
10:28 Hybrid joined #salt
10:29 mjimenez joined #salt
10:29 colegatron left #salt
10:30 mjimenez hello, is there any way to run a state and just print on screen the output of a var inside a bucle?
10:33 jhauser joined #salt
10:35 kaushal_ joined #salt
10:40 flowstate joined #salt
10:41 kshlm joined #salt
10:41 fredvd joined #salt
10:49 XenophonF mjimenez: you probably want to switch to something like json output, and then extract the variable you want programatically, e.g., pipe it to jshon
11:07 armyriad joined #salt
11:10 krymzon joined #salt
11:12 amcorreia joined #salt
11:25 teryx510 joined #salt
11:36 ryan8403 joined #salt
11:39 mjimenez is another way to do?
11:42 kaushal_ joined #salt
11:45 teryx5101 joined #salt
11:50 teryx510 joined #salt
11:54 kbaikov joined #salt
11:56 jhauser joined #salt
11:57 edrocks joined #salt
12:00 tho joined #salt
12:00 jgelens joined #salt
12:02 kbaikov joined #salt
12:03 ravenx joined #salt
12:05 TyrfingMjolnir joined #salt
12:08 impi joined #salt
12:10 permalac joined #salt
12:20 TooLmaN joined #salt
12:22 netcho joined #salt
12:25 edrocks joined #salt
12:26 Brijesh2 joined #salt
12:35 numkem joined #salt
12:43 kshlm joined #salt
12:43 impi joined #salt
12:46 netcho is it possible to add instance into aws autoscaling group via salt-cloud
12:48 armyriad joined #salt
12:49 Garo_ joined #salt
12:53 gh34 joined #salt
12:53 subsignal joined #salt
12:58 emaninpa joined #salt
12:59 rem5 joined #salt
12:59 catpig joined #salt
13:00 kawa2014 joined #salt
13:01 subsignal joined #salt
13:03 iceyao joined #salt
13:03 scoates joined #salt
13:04 whaity joined #salt
13:07 ewd84 joined #salt
13:08 Electron^- joined #salt
13:09 subsigna_ joined #salt
13:16 rem5 joined #salt
13:18 XenophonF dunno about salt-cloud, but there's this reactor formula that you might find useful - https://github.com/saltstack-formulas/ec2-autoscale-reactor
13:20 darix joined #salt
13:23 edrocks joined #salt
13:23 protoz joined #salt
13:23 rem5 joined #salt
13:26 pid1 joined #salt
13:26 mjimenez joined #salt
13:27 mjimenez Hello! Someone could help me with this basic loop? http://pastebin.com/AwaC33jJ
13:28 gtmanfred is en_GB.UFT-8 correct? should be UTF-8, and it is one space off?
13:28 gtmanfred otherwise, it looks good
13:28 mjimenez well, yes but the file isn't created
13:28 gtmanfred make sure the pillar is assigned to that minion, and that you run a saltutil.pillar_refresh
13:29 mjimenez i have the pillar asigned to '*'
13:29 gtmanfred then try a saltutil.pillar_refresh
13:29 mjimenez and I have done that pillar_refresh
13:29 gtmanfred also you will want to change test1 to be something based on the pillar, cause you can't have multiple things with the same state id
13:29 gtmanfred try `test1_{{locale}}
13:29 gtmanfred also, file.touch is a state module, so you don't have to use cmd.run
13:30 gtmanfred but that should work if the pillar is assigned
13:30 gtmanfred and refreshed
13:30 gtmanfred what does pillar.items return for that minion?
13:30 mjimenez I have changed to test1_{{ locale }} and the same: Succeeded: 0
13:30 mjimenez If I run pillar.items I don't see this pillars
13:31 gtmanfred then it isn't getting assigned to the minion for some reason, but your loop is good
13:31 mjimenez but I have this below '*'
13:31 mjimenez I have complex salts like for mysql, but I've spent 3 hours with this basic loop
13:35 sroegner joined #salt
13:35 mjimenez This is frustrating...
13:36 racooper joined #salt
13:37 mjimenez there is any way to dump a variable on screen?
13:37 mjimenez any dump module?
13:37 AndreasLutro mjimenez: your indentation is wrong - you need an extra space before en_GB.UTF-8
13:37 AndreasLutro the pillar probably fails to render
13:37 AndreasLutro details may be in the master log
13:38 mjimenez AndreaLustro: the identation is correct in pillar, just wrong on pastebin
13:38 nyx joined #salt
13:39 mjimenez no error on master log or minion log
13:40 mjimenez If i remove the loop, this salt creates a file, but with the loop doesn't do anything
13:41 AndreasLutro salt '*' pillar.get locales:country
13:41 AndreasLutro does that return what you expect?
13:41 perfectsine joined #salt
13:42 AndreasLutro I'd suspect you just haven't matched the pillar file in your top.sls but hard to say for sure without all the information
13:42 mjimenez this pillar.get is empty for all servers
13:43 mjimenez but I have -locales in '*' in top.sls
13:45 ekristen joined #salt
13:46 mapu joined #salt
13:47 impi joined #salt
13:48 mjimenez basically, doesn't load the pillar and I don't know why
13:52 AndreasLutro well you can increase the salt master log level to debug, restart it and check it for more clues
13:53 mpanetta joined #salt
13:54 mpanetta joined #salt
13:54 mjimenez done, and the same, doesn't load this pillar
13:59 ilbot3 joined #salt
13:59 Topic for #salt is now Welcome to #salt! | Latest Versions: 2015.5.10, 2015.8.10, 2016.3.1 | Support: https://www.saltstack.com/support/ | Logs: http://irclog.perlgeek.de/salt/ | Paste: https://gist.github.com/ (please don't multiline paste into channel) | See also: #salt-devel, #salt-offtopic | Ask with patience as we are volunteers and may not have immediate answers
14:06 kaptk2 joined #salt
14:08 Tanta joined #salt
14:11 patrek joined #salt
14:16 johnkeates joined #salt
14:17 DEger joined #salt
14:18 patrek joined #salt
14:18 nyx_ joined #salt
14:22 ivanjaros joined #salt
14:22 ronnix joined #salt
14:28 mapu joined #salt
14:28 impi joined #salt
14:29 kawa2014 joined #salt
14:29 ravenx pillar refresh?
14:30 quup Is there any up-to-date fedora repository? (i.e. that has 2016.3.1)
14:30 jhauser joined #salt
14:30 quup (or even just 2015.8.*)
14:31 aphor Anyone want to help me clean up salt.cloud.clouds loader error code? https://github.com/saltstack/salt/issues/34669
14:31 saltstackbot [#34669][OPEN] sad error detection/logging/handling in salt.cloud when driver does not implement fun | Description of Issue/Question...
14:32 aphor https://github.com/saltstack/salt/issues/34669
14:32 saltstackbot [#34669][OPEN] sad error detection/logging/handling in salt.cloud when driver does not implement fun | salt.cloud emits ambiguous errors when salt.states.cloud.* needs a function that has not been implemented in the cloud driver. The salt/cloud/__init__.py has a lot of if blocks all over the place checking for driver implementation of any particular function. Each has different error messages, few explaining what actually went wrong....
14:32 POJO joined #salt
14:33 Heartsbane joined #salt
14:36 POJO joined #salt
14:36 tapoxi joined #salt
14:38 anotherZero joined #salt
14:44 jeddi joined #salt
14:45 pcdummy I'll hold a talk about Saltstack here in Austria/Vorarlberg. :)
14:49 tapoxi anyone going to devopsdays boston?
14:49 johnkeates i would, but I don't have an airplane
14:49 johnkeates and I live in europe
14:49 tapoxi hah
14:51 s_kunk joined #salt
14:51 kshlm joined #salt
14:55 felskrone joined #salt
15:00 ravenx pcdummy: come closer to munich so i can join :P
15:06 Slimmons joined #salt
15:07 Slimmons Anybody use salt's reactor system much?
15:08 Slimmons I've gotten it working with local.cmd.run, but I can't find how to just run a normal state
15:10 babilen What did you try and what happend?
15:12 corichar joined #salt
15:13 Slimmons if in the /srv/reactor/ directory, I change my sls from local.cmd.run, to something like a normal file.managed, it returns that file isn't valid syntax
15:14 Slimmons the reactor docs say you can use anything in the localclient.cmd in there
15:14 Slimmons but that's almost nothing other than local.cmd.run
15:14 Slimmons and I'd imagine there's a way to use just any regular state.sls
15:14 Slimmons I could be wrong, but it seems like there would be
15:15 Slimmons it's not file.managed specific, if I point my reactor to any sls file that has anything in it other than local.cmd.run, it gives me an invalid syntax on whatever I try
15:15 rrei joined #salt
15:15 Slimmons and the only example in the reactor docs is a local.cmd.run, and something about runner.cloud, which I'll probably never use
15:15 babilen You are running execution functions .. so "local.state.sls" for "state.sls" or "local.state.highstate" for "state.highstate"
15:16 babilen Or "local.state.apply" with suitable arguments
15:17 Slimmons that's fantastic, I'll try that now
15:17 Slimmons thanks
15:18 ruxu joined #salt
15:19 babilen There's also "salt.state:" as exemplified in the docs
15:20 Slimmons yeah, I saw that but didn't understand
15:20 Slimmons for example
15:21 Slimmons I see the salt.state, but it never points to a state file
15:21 Slimmons am I missing something there?
15:21 Slimmons I mean, I know the answer, is yes, and I am missing something, but not sure what
15:22 babilen It points to the state file in the "sls: - do_thing_on_minion" bit
15:22 Slimmons so, on that example machine, there would be a do_thing_on_minion.sls file somewher elike /srv/salt
15:22 babilen indeed
15:23 Slimmons beast mode.  Thanks again babilen
15:23 Heartsbane joined #salt
15:24 babilen Essentially "local.EXECUTION_MODULE.FUNCTION" (sometimes 'cmd' in lieu of 'local') or "salt.state" or "salt.runner" -- not sure if there are more.
15:25 DammitJim joined #salt
15:28 monrad joined #salt
15:28 brotatochip joined #salt
15:30 lompik joined #salt
15:30 Brew joined #salt
15:33 TyrfingMjolnir joined #salt
15:35 hasues joined #salt
15:35 throwawayj joined #salt
15:39 aw110f joined #salt
15:41 Slimmons babilen: The example config works, but it runs the state.sls on the master, instead of the minion.  Here's my setup.  https://gist.github.com/Slimmons/b52d768f52033c86890666759d4836e0
15:41 Slimmons I imagine I needed local.* there somewhere, but I'm wanting to know why this failed
15:42 viq What's the difference between 'watch' and 'onchanges' requisites?
15:42 Slimmons also, I'm guessing that I should put something besides runner.state.orchestrate
15:43 johnkeates watch always acts, on change only if there is a change
15:43 babilen Slimmons: Why orchestrate?
15:44 Slimmons just testing the example, I don't need orchestrate
15:44 babilen So .. you are also not passing "tgt"
15:44 viq johnkeates: ah, ok, thank you.
15:45 babilen Slimmons: You have to tell salt *where* you want to run things, it won't be able to figure it out for you, so you have to define "tgt"
15:45 babilen Slimmons: Why don't you get a simple state running before tackling orchestration? ;)
15:45 babilen But it should work also
15:45 netcho joined #salt
15:48 amcorreia joined #salt
15:50 twork_ here's a fun one.  i have a pillar where a bunch of entries got listed twice by mistake, bu with a space at the end.  so one is "bla:", the other is "bla: ".  'grep -E' catches them,, but for the life of me i can't make vi pick out a single trainling space.  two spaces, yes; just one, like "/: $/", it doesn't distinguish between plain "/:$/".
15:52 twork_ salt... normally i'd expect it to error on a duplicate pillar entry but in this case it seems to be either ignoring those entries, or using one or the other and i'm not sure which.
15:52 hasues joined #salt
15:52 pcdummy twork_: the second one
15:53 hasues left #salt
15:53 pcdummy twork_: well it will merge the second one with the first one.
15:54 twork_ so... "foo: blah" will become "blahblah"?
15:54 pcdummy no "foo: blah\n foo: blah2"  will become foo: blah2
15:54 pcdummy twork_: test it with "pillar.items foo"
15:54 twork_ pcdummy: ok, that sort of meerge
15:55 twork_ aha
15:56 pcdummy twork_: but take care {foo: {bar: 1, zoo: 2}} merged with {foo: {bla: 3}} will become all 3
15:56 pcdummy twork_: it merges keys
15:57 Slimmons babilen: I swear I'm not trying to be dense.  Instead of runner.state.orchestrate, would I just use local.state.apply, for a simple state?
15:59 babilen Slimmons: Yeah, but you need to define "tgt" !
16:00 babilen (that is the target expression that defines the minion(s) the state will be run on)
16:01 babilen (glob, but you can use other matchers with "expr_form")
16:04 spuder joined #salt
16:10 kevinquinnyo1 joined #salt
16:13 krymzon joined #salt
16:14 tapoxi joined #salt
16:17 keys joined #salt
16:19 woodtablet joined #salt
16:22 Slimmons babilen: once again, thanks for the help.  WHen I use local.state.apply, with a tgt, it doesn't appear to do anything.  It successfully renders, including the target, but I'm getting some debugging, but I don't see any problems.  I've posted the output from salt-master -l debug here https://gist.github.com/Slimmons/b52d768f52033c86890666759d4836e0
16:22 Slimmons with the new config
16:23 Slimmons that's why I asked if I could use local.state.apply.  I was hoping I was wrong there.
16:23 debian112 joined #salt
16:23 Slimmons also, when I add the tgt, and kept the orchestration, it worked, but still ran on the master
16:23 Slimmons but, you're right, i definitely don't need orchestration
16:24 armyriad joined #salt
16:25 tapoxi joined #salt
16:26 edrocks joined #salt
16:27 wendall911 joined #salt
16:27 ronnix joined #salt
16:27 ageorgop joined #salt
16:30 traph joined #salt
16:30 traph joined #salt
16:30 babilen Slimmons: Use salt.state .. the "local.*" bits run on the minion
16:30 babilen afk
16:43 impi joined #salt
16:44 tapoxi joined #salt
16:45 kaushal_ joined #salt
16:47 roXet joined #salt
16:49 krymzon joined #salt
16:50 roXet hey guys, having some trouble with 'grains.get host' on an aws instance. the hostname appears to be set correctly from the cli, but i'm still getting the AWS 'ec2-ip-ad-dr-ess.compute-1.amazon.com' hostname reported back for this box
16:50 writtenoff joined #salt
16:51 roXet was looking at the source, and testing using 'socket.getaddrinfo' and it's getting the right hostname there, but when calling grains.get host from my master i always get the cd2 addresss, any dieas
16:51 roXet ideas*?
16:55 brotatochip joined #salt
16:57 roXet joined #salt
16:59 Sketch so, we had some scripts that used salt to launch and provision ec2 instances that worked fine last week, but this week they just fail silently.  attempts to manaully launch an instance fail with "the minion did not return"
16:59 Sketch anyone know of anything which might cause this to suddenly stop working?
17:00 Sketch we can manually create images in ec2 via the aws console, so amazon is not completely broken
17:00 WKNiGHT joined #salt
17:03 babilen Slimmons: So, did you check with salt.state ?
17:04 rburkholder joined #salt
17:05 Slimmons yeah, if you use salt.state, without the local, I get a "ReactWrap' obgject has no attribute 'salt'
17:07 darix joined #salt
17:07 jcristau joined #salt
17:07 godlike joined #salt
17:08 smakar joined #salt
17:10 czchen joined #salt
17:10 doriftoshoes joined #salt
17:10 rodr1c joined #salt
17:10 rodr1c joined #salt
17:11 seblu joined #salt
17:11 daks joined #salt
17:11 ToeSnacks joined #salt
17:11 brd joined #salt
17:12 lkannan joined #salt
17:12 vodik joined #salt
17:12 cyrus_mc joined #salt
17:13 nahkiss joined #salt
17:13 akoumjian joined #salt
17:13 al joined #salt
17:14 cyrus_mc Coming from a mcollective environment / background. With mcollective there were auth plugins that allowed you to control what systems certain users had access to (used SSL certs). Is there something similar in salt open?
17:14 Slimmons babilen: in the example of salt.state in the reactor page, it appears to be a little different htan what I was doing.  The salt.state has the -sls tag, where mine doesn't
17:15 Slimmons but I'm not sure why it would make sense to have an sls file in the reactor, call another sls file "do_complex_thing.sls", that calls another sls file
17:15 gadams joined #salt
17:16 edrocks joined #salt
17:16 bVector joined #salt
17:18 hexa- joined #salt
17:18 coldbrewedbrew joined #salt
17:18 babilen cyrus_mc: https://docs.saltstack.com/en/latest/topics/eauth/access_control.html ?
17:18 workthrick joined #salt
17:18 cingeyedog joined #salt
17:19 andi- joined #salt
17:19 skrobul joined #salt
17:19 lompik joined #salt
17:19 packeteer joined #salt
17:20 hillna joined #salt
17:20 tongpu joined #salt
17:21 shawnbutts joined #salt
17:21 adeschamps joined #salt
17:21 Ryan_Lane joined #salt
17:22 cyrus_mc what is Salt Open? So attempting to install and online docs show installing packages available in EPEL. Goign to the Salt homepage wants me to register and it will send me an email with the repo links for Salt Open
17:23 bstaz joined #salt
17:23 berto- joined #salt
17:26 Slimmons babilen: so far the only things I've gotten to work in the reactor directory is runner.state.orchestrate, and local.cmd.run, anything else, and I get the "ReactWrap" object has no attribute 'x'.
17:27 llua cyrus_mc: https://repo.saltstack.com/yum/redhat/
17:29 aphor Slimmons: you should blog it.
17:31 johnkeates joined #salt
17:31 Slimmons Like, I should write a blog about my attempts to use the reactor?
17:32 Slimmons if somethings drives me to write a blog, it will probably be my love of weimareiners even though they're probably the worst dog I could buy.  I'd call it...."Do I sound Weimy?"....like, whiney, but with weim
17:33 Slimmons we'll call that a working title
17:42 Slimmons I've read through the reactors section in the book "Mastering Saltstack" and it also doesn't have an example of basically using the reactor to run state.sls
17:42 Slimmons of course, I can't use ctrl+f, so it's possible I missed something.
17:43 onlyanegg joined #salt
17:44 tapoxi joined #salt
17:45 aw110f joined #salt
17:47 whaity joined #salt
17:48 nate_c joined #salt
17:49 s_kunk joined #salt
17:50 abele joined #salt
17:51 fracklen joined #salt
17:52 brotatochip joined #salt
17:54 Armadillo joined #salt
17:54 ivanjaros joined #salt
17:56 krymzon joined #salt
17:59 pcdummy Slimmons: i would defenitly read it, as i soon want to use the reactor subsystem.
18:00 Slimmons thanks :)
18:01 Slimmons The reactor has been really simple for me to use so far, as long as the only thing I want to do is cmd.run.  Anything more, and it's not so friendly (to me).  I am a super noob at this point though, so I'm not saying it's salts fault, it's definitely user error.  I just don't fully undersand how it works yet
18:04 brotatochip joined #salt
18:06 joshin joined #salt
18:06 joshin joined #salt
18:09 cyrus_mc is there a way to use puppet facts as salt grains
18:11 whytewolf cyrus_mc: there is a facter _grain in salt-contrib
18:11 whytewolf cyrus_mc: https://github.com/saltstack/salt-contrib
18:11 Brew joined #salt
18:12 tawm04 joined #salt
18:13 amcorreia joined #salt
18:21 scottcrooks joined #salt
18:22 ajw0100 joined #salt
18:23 ageorgop joined #salt
18:23 sc250024 Is anyone having trouble running `cmd.run` states with salt minion 2016.3.1 ?
18:24 Edgan sc250024: I haven't
18:24 my10c nope: works : just wante do tbe sure the `s ar enot part of your command right ?
18:25 babilen Works fine
18:26 sc250024 No, but a $() is
18:26 sc250024 No backticks
18:26 sc250024 It's running a BASH command, but the part in $() is calling a bash script from a web URL
18:27 my10c can  you show the line(s) in your bash script ?
18:27 sc250024 Yup, it's a one liner, one sec
18:27 babilen sc250024: Does something simple like "id" work for you?
18:27 my10c i run salt/salt-cp in bash not a single issue ...
18:28 sc250024 - name: 'bash -c "$(curl -L https://raw.githubusercontent.com/DataDog/dd-agent/master/packaging/datadog-agent/source/install_agent.sh)"'
18:28 sc250024 It's to install the Datadog agent
18:29 lero joined #salt
18:29 tapoxi joined #salt
18:29 my10c ?? why complicated ? just salt '*' cmd.run 'curl -L https://raw.githubusercontent.com/DataDog/dd-agent/master/packaging/datadog-agent/source/install_agent.sh'?
18:30 sc250024 well the agent gets installed from the 'bash -c' part
18:30 sc250024 Curling that script would just place it on the file system, not actually run it
18:30 mohae joined #salt
18:31 my10c how about https://github.com/DataDog/datadog-formula ?
18:31 tapoxi anyone configuring ldap/pam on centos? only formula I could find only supported ubuntu/debian
18:31 my10c can you not curl | bash ?
18:31 sc250024 @my10c: Ah
18:31 sc250024 Well if they have a formula, there ya go
18:32 my10c :-)
18:32 sc250024 I can always count on this channel to feel like a fool, thank you! :)
18:32 my10c u bet! spread the word :)
18:32 edrocks joined #salt
18:33 autofsckk joined #salt
18:35 GreatSnoopy joined #salt
18:35 Electron^- joined #salt
18:35 babilen curl | bash  :(
18:38 brd babilen: seeing those makes me want to stab or cry .. not sure which.
18:39 CeBe joined #salt
18:41 Tanta use: source < <( curl ... )
18:43 my10c @brb: bash pipe is prone to security issue : so yeah agree...
18:44 krymzon joined #salt
18:44 krymzon joined #salt
18:46 ralaws joined #salt
18:48 ralaws I'm trying to get salt to mount a cifs share with me using --options. I can mount the share manually using sudo mount -t cifs or I can also mount it by adding it to fstab. But salt complains with mount: only root can use "--options" option. I have tried searching for this error but have not found useful results.
18:56 whaity joined #salt
18:58 keldwud I'm looking up sudo options maybe as a potential solution but don't feel that sudo might be the right solution
19:03 whytewolf Slimmons: I added a comment to your gist
19:05 fracklen joined #salt
19:08 whytewolf keldwud: can you post what you have in your state. as well as any data as to how the minion is running?
19:09 flowstate joined #salt
19:09 tapoxi how are you guys setting grains? in the topfile or in a sls underneath?
19:12 keldwud http://pastie.org/10911088
19:12 whytewolf I have gotten to the point i don't set grains ... I might use a _grains script to auto fill in some. but if i need something to be set i use pillar instead.
19:14 Electron^- joined #salt
19:15 ajw0100 joined #salt
19:17 ruxu joined #salt
19:18 whytewolf keldwud: is the minion running as root?
19:20 subsigna_ joined #salt
19:20 armguy joined #salt
19:21 Edgan whytewolf: yeah, I don't use yml file based grains. They just seem like a bad idea.
19:22 Edgan whytewolf: setting grains in states is pretty much broken too. Which leaves built-in grains and _grains
19:23 whytewolf keldwud: ohhhh, nevermind ... doh. forgot about that. user: runs the mount command as the user. and --options needs to be run as root.
19:24 whytewolf setting grains from a state is broken? how?
19:27 armguy joined #salt
19:28 CeBe joined #salt
19:29 krymzon joined #salt
19:30 Edgan whytewolf: the order of presenience is wrong, and it doesn't apply the setting of a grain value till after the state you set it in, not before. It also ignores order, and always sets them last.
19:31 Edgan whytewolf: https://github.com/saltstack/salt/issues/29163  https://github.com/saltstack/salt/issues/29166  https://github.com/saltstack/salt/issues/29168
19:31 saltstackbot [#29168][OPEN] Grains set in states should be automatically reloaded, and be processes first not last | I want to set a grain in a state, and have it immediately usable. Grains are the only way to set the equivalent of global variables, because you can't set pillars from within a state. What I want is doable, but only with a hack....
19:34 Edgan whytewolf: with grains set in states I want to be able to build an array of services that need to be monitored on a machine. If grains in states worked right, this would be trivial. Instead of have to build the array in pillars, and it is clunker.
19:40 Slimmons whytewolf: looking at it now, thanks
19:40 whytewolf honestly the whole salt DSL is clunky. the render jinja before running states. and having hardly any coarse for logic in the state level causes no end of grief. you perposed fixes would only work for file rendered with jinja. states STILL wouldn't be able to use the grains set through state as the jinja is already rendered by the time the grains get set
19:41 flowstate joined #salt
19:42 Tanta I can show you how I handle this
19:43 whytewolf personally i would just use orchestrate. as each stanza of it is run as a seperate set of calls.
19:44 Tanta http://pastebin.com/raw/tkAqBPNw
19:44 Edgan whytewolf: orchestrate for what exact task?
19:45 whytewolf Edgan: basicly run the grain setup then force a highstate.
19:46 whytewolf but it still a clunky work around
19:46 Edgan whytewolf: this is the generation of a config file, so orchestrate doesn't do anything for me. But what I really hear you sayings is don't set in a state, use _grains.
19:46 Tanta Edgan: look at the snippet I posted, it shows how to do this with a grains file from S3
19:46 Tanta you can substitute whatever method you prefer for provisioning the grains
19:46 s_kunk joined #salt
19:46 Edgan Tanta: I don't like grains files. I want to set a grain in a state more like a global variable.
19:47 whytewolf yeah restarting the current highstate in the current run is an interesting idea. and would achieve about the same result as the orchestrate idea i was talking about.
19:47 Edgan Tanta: If I wanted something like grains in S3, I would use one of the keystore configuration data daemons, like etcd, zookeeper, etc.
19:47 Tanta https://groups.google.com/forum/#!topic/salt-users/pSj2j0Ftkr8
19:48 Edgan Tanta: I also have other tools at hand, like foreman as a external node classifier.
19:48 Tanta I use grains in a masterless environment for storing secrets
19:48 Tanta my use case is almost assuredly different than yours
19:49 Edgan whytewolf: When you say orchestrate, I think manually running something. Are you thinking of combining it with a reactor?
19:49 whytewolf Edgan: combinded with a reactor. or a schedule.
19:49 Edgan Tanta: I use pillars in masterless mode, but only inside packer when making generic custom AMIs
19:50 Edgan whytewolf: yeah, sounds clunky enough my pillar solution is simpler.
19:52 west575 joined #salt
19:56 tapoxi pillar data it is :)
19:56 tapoxi seems clunky running states based on a regex of the hostname though
19:57 Slimmons whytewolf: that worked, thanks a lot.  That was driving me nuts
19:58 whytewolf tapoxi: targetting on grains is considered insecure.
19:59 whytewolf tapoxi: a compromised minion can change grain data in order to do discovery attacks on pillar data if pillars are using grains for targetting
19:59 tapoxi great point
20:07 toanju joined #salt
20:08 kevinquinnyo1 joined #salt
20:11 subsignal joined #salt
20:17 cyrus_mc left #salt
20:23 mirko can i somehow iterate over all hosts in my roster? i wanna setup a monitoring system and would like to setup monitoring for all hosts in my salt roster
20:23 brotatochip joined #salt
20:25 throwawayj salt-key -L
20:27 snc joined #salt
20:28 aphor mirko: why would you iterate over a list of boxes in your roster?
20:28 aphor mirko: can't you just target them all with a salt command?
20:29 aphor mirko: salt does all the iteration for you inside the salt command...
20:29 mirko you misunderstand. i want to target 1 host. the host, which monitors all my other hosts. and on that host i'd like to setup basic monitoring (e.g. "is alive?") for all my hosts
20:30 mirko it would be more convenient to use only one list (the one in my salt roster) than maintaining 2 (one with the salt hosts, one with the to be monitored ones)
20:30 aphor mirko: the salty way to do that would be to set a role grain on the monitoring box and target it by grain.
20:31 dtsar joined #salt
20:31 throwawayj I wonder if you can call salt-key through salt-api from your monitoring host
20:31 aphor mirko: then set a mine on all the other boxes for wants_monitoring: ping for example.
20:31 mirko aphor: ok, let me reprase my question: can i access the hosts in my salt roster from an SLS file and iterate over that list inside that SLS file?
20:32 aphor mirko: that's what the top.sls file does.
20:32 throwawayj mirko: I agree with aphor
20:33 mirko ok, thanks
20:34 aphor mirko: the top.sls file has targets, which are like "WHERE" clauses on a query for all your minions, and all the states listed under that target get enforced on all the matching minions.
20:37 aphor you can also get that effect with a "salt -G 'role:monitored' state.sls monitored.sls" command, assuming you do agent setup or mine setup in monitored.sls
20:37 mirko i'm still not sure we're talking about the same: i want to *pass* the list of hosts specified in my salt roster (more precisely: its hostnames) to 1 target (the monitoring host) to then iterate over that list and ensure files are created/deleted/modified named after the hosts listed in my salt roster. again, i only want to target 1 host - the host which monitors all other hosts (icinga)
20:38 mirko sorry, if i'm repeating myself, i just want to make sure i stated clearly what i'm aiming to do
20:38 flowstate joined #salt
20:39 dyasny joined #salt
20:40 mirko i'll definitely take a look at top.sls
20:41 protoz joined #salt
20:43 throwawayj mirko: are you wanting the monitoring host to reach out to the salt-master to get the info?
20:44 throwawayj or have the salt-master reach out to the monitoring host and generate the monitoring configs?
20:44 FreeSpencer joined #salt
20:44 FreeSpencer joined #salt
20:45 krymzon joined #salt
20:46 GreatSnoopy he wants to generate the config of ONE host (the monitoring host) based on the list of other hosts (let's say "monitored role")
20:46 amcorreia joined #salt
20:46 GreatSnoopy so what he needs is that the one STATE of the MONITORING host has access to all the hosts that are to be monitored
20:47 GreatSnoopy but that list of monitored hosts is more or less dynamic
20:47 aw110f joined #salt
20:48 GreatSnoopy there are ways to do that, but neither is very elegant at the moment imho
20:48 GreatSnoopy he's more likely to be looking for http://garthwaite.org/saltmine_check_mk_agent.html
20:48 netcho joined #salt
20:48 mirko *click*
20:49 mirko maybe i should just maintain 2 lists ;)
20:49 GreatSnoopy ofc, you colud just declare all the hosts to be monitored in a pillar
20:50 GreatSnoopy and that would actually solve your problem for a limited number of hosts
20:50 jhauser joined #salt
20:50 Sketch using salt to run checks seems like it would be more overhead than just using xinetd
20:50 GreatSnoopy noone is running checks with salt
20:50 aphor The pillar way is a scale limiting choice.
20:51 aphor Actually beacons are the salt way of running checks.
20:51 GreatSnoopy well, you can have some pillar populated from an external system
20:52 mirko i don't wanna run checks with salt
20:52 aphor GreatSnoopy: if you trust the external pillar source is never out of sync with the running host list.
20:52 GreatSnoopy aphor, well, ofc. If its some cmdb thingy one would assume is a good source of truth
20:52 mirko i want to generate files for hosts to be monitored for nagios/icinga on ine host, the monitoring host
20:53 aphor mirko: I didn't recommend using beacons for your checks. I was just disagreeing with the statement nobody runs checks with salt.
20:53 mirko ah, ok
20:53 whaity joined #salt
20:53 Sketch from what i found it seems like the way to go is just to use salt mine to generate the cmk config
20:54 aphor GreatSnoopy: in my experience, you need an intermediate copy of the CMDB unless it implements change blackout windows for you.
20:54 Sketch that's still on my backburner todo list, though
20:54 alinuxninja joined #salt
20:54 FreeSpencer joined #salt
20:54 FreeSpencer joined #salt
20:54 GreatSnoopy it may be possible to use a sdb in which you register key-values in the monitorED hosts state, and on the other hand you READ all the k-v's in the monitorING's host state and iterate over all the dictionary with jinja and generate the configs
20:55 aphor Sketch: I think the right way is to have the monitoring box populate a grain with a list of targets seen via mines.
20:55 GreatSnoopy however sdb also seems a little primitive at the moment
20:55 GreatSnoopy but that would be a better way and more scalable, too
20:55 jrgochan joined #salt
20:56 Sketch aphor: yeah, that's probably best
20:56 Sketch i wish there was a simpler way
20:56 jrgochan Hello all! I'm copying /etc using recurse and was wondering if there was an option to do in place file backups with recurse?
20:56 jrgochan etc:
20:56 jrgochan file.recurse:
20:56 jrgochan - source: salt://files/{{ grains['os'] }}/{{ grains['osmajorrelease'] }}/etc
20:56 jrgochan - target: /etc
20:56 jrgochan - makedirs: True
20:56 jrgochan - backup: minion
20:57 aphor Sketch: simpler would not be better. Ops is actually pretty complicated when you span multiple concurrent changes with non-aligned time intervals.
20:57 tapoxi looking for thoughts on organization. I have a base that includes setting up systems (base/pkgrepo.sls, base/sysctl.sls) etc. the top file actually points to a machine's role state (web/init.sls) which includes base. in weird circumstances where a machine is an exception to how its normally configured, say a web dev box, I include web.sls (which includes base) and exclude/extend keys. is this...sane?
20:58 mirko thank you guys for your efforts on this!
20:59 pcdummy tapoxi: have to read again ...
20:59 tapoxi I made it sound way more confusing than it is :P
21:00 pcdummy tapoxi: theres a way to "exclude" something?
21:00 pcdummy you overwrite, right?
21:00 tapoxi here's my demo.sls, which is a webserver without installing the production stuff
21:00 tapoxi http://hastebin.com/xelomigova.sm
21:01 pcdummy tapoxi: how do you do that?
21:01 tapoxi extend overwrites, exclude removes
21:01 * pcdummy thinks hes learning new things
21:01 tapoxi pcdummy https://docs.saltstack.com/en/latest/ref/states/include.html
21:02 tapoxi you can exclude by sls or id
21:02 pcdummy NICE!
21:02 pcdummy tapoxi: good i readed your complicated question.
21:02 jrgochan Can forget about my question. "backup: minion" is working now...?
21:03 pcdummy tapoxi: i have the same setup than you got, i think its sane.
21:04 Sokel joined #salt
21:04 tapoxi ok, just wondering how people do this, I'm new to salt
21:04 pcdummy tapoxi: but that exclude may gets wired stuff
21:04 pcdummy prefer the pillar way exclude over pillar data.
21:04 krymzon joined #salt
21:05 tapoxi jinja logic in pillar?
21:05 tapoxi yeah thats where this gets weird
21:05 pcdummy tapoxi: i use jinja in pillar but your question is for states, right?
21:05 tapoxi right
21:05 Brew joined #salt
21:05 pcdummy then use a "host/hostname.sls"
21:06 pcdummy where you say "use_pip: False" for example.
21:06 Sokel Here's something I can't seem to find a lot of answers on. I have a pillar dictionary lookup that has braces in it (example, data: {AES}xyz). Issue is, when doing a pillary lookup through a salt state, it fails with "expected block end but found scalar" in the master logs -- How would I get around this?
21:06 pcdummy Sokel: use "" around
21:08 pcdummy tapoxi: i also use "states" which i call "roles" like "role.webserver.nginx"
21:09 pcdummy in the top.sls i include "role.webserver.nginx"
21:09 tapoxi pcdummy yeah thats what im attempting
21:09 pcdummy "roles.webserver.nginx" includes "-nginx.ng and letsencrypt" for example.
21:10 pcdummy bad exaple
21:10 tapoxi http://hastebin.com/usegatocaq.vbs
21:10 pcdummy tapoxi: then you can include those by grains
21:10 tapoxi I just match them to the one role, and that role includes base.sls which configures the os
21:10 pcdummy theres the "@G" selector
21:11 pcdummy you could write grains in /etc/salt/grains
21:11 tapoxi yeah I may do that
21:12 pcdummy tapoxi: but personaly i use external tops https://rene.jochums.at/howto-move-saltstack-tops-and-pillar-contents-to-mongodb (will switch to postgresql for that data i think)
21:12 Sokel pcdummy: The next issue is that the string has a \ character in it, so now it believes I'm trying to do escaping of another character. If I use single quotes or do \\, it brings me back to the same error as before.
21:13 pcdummy Sokel: lookup yaml and escaping idk how
21:15 Trauma joined #salt
21:19 phx joined #salt
21:20 pcdummy jrgochan: idk
21:20 pcdummy jrgochan: never used that, will look into the code
21:21 pcdummy jrgochan: no don't think so
21:22 tapoxi pcdummy ill look into that, thanks!
21:22 pcdummy jrgochan: wait ...
21:22 pcdummy jrgochan: do file.recurse backupname
21:23 pcdummy argh again wrong
21:25 Rumbles joined #salt
21:28 DEger joined #salt
21:28 pcdummy jrgochan: with the latest develop version it should work yes!
21:28 pcdummy jrgochan: theres either backup="minion" or backup="both"
21:30 ajw0100 joined #salt
21:38 flowstate joined #salt
21:43 jhauser joined #salt
21:44 Nahual joined #salt
21:46 rem5 joined #salt
21:47 onlyanegg joined #salt
21:48 rem5_ joined #salt
21:50 jtang joined #salt
21:51 whaity joined #salt
21:53 dtsar joined #salt
22:25 debian112 joined #salt
22:30 Trauma joined #salt
22:33 subsignal joined #salt
22:35 Someguy123 joined #salt
22:35 Someguy123 guys, why can't I change cachedir?
22:36 Someguy123 I've set it in my saltfile to a folder in my local salt-ssh folder
22:36 Someguy123 but it's being ignored
22:36 Someguy123 since I get a nice big "permission denied /var/cache/salt..."
22:36 rsys joined #salt
22:37 Someguy123 i'm on 2016.3.1
22:37 pwhack joined #salt
22:38 Someguy123 if I try manually, I get salt-ssh: error: no such option: --cachedir
22:39 flowstate joined #salt
22:40 keys left #salt
22:43 skinnejo joined #salt
22:44 SpeeR I keep getting this error when trying to push a state...The function "state.sls" is running as PID 30703 and was started at 2016, Jul 18 14:53:26.520167 with jid 20160718145326520167
22:44 SpeeR I've restart master and minion process, is there any way to clean the job out
22:44 SpeeR ?
22:45 Sketch it should time out eventually, but you might look for a file with that jid in /var/cache/salt/master/jobs/
22:47 Someguy123 anyone?
22:49 netcho joined #salt
22:51 SpeeR was able to find the job and kill it using saltutil
22:53 pcdummy SpeeR: good
22:54 jrgochan pcdummy: Thanks!
22:54 pcdummy https://docs.saltstack.com/en/latest/topics/ssh/ its "-c" for salt-ssh
22:55 pcdummy jrgochan: please try it first, i've been looking into the code and it looks like it works, but i'm not sure.
22:56 irctc289 joined #salt
22:57 pcdummy jrgochan: may add a issue somewhere to document taht stuff in the docs.
23:01 writteno1 joined #salt
23:03 bilal80 joined #salt
23:03 aw110f_ joined #salt
23:07 west575_ joined #salt
23:09 aw110f joined #salt
23:10 pwhack need someone to point out my obvious mistake: master has a formula mounted via gitfs_remotes. minion complains that it cannot find the sls in env 'development' when attempting to highstate. but 'salt-call state.sls' on minion shows the states just fine. on master 'salt-run fileserver.file_list backend=git' shows the git repo contents just fine. http://pastebin.com/38ED33ie
23:14 pcdummy pwhack: does the actual git checkout work
23:14 pcdummy pwhack: must be somewhere in /var/?/salt/
23:14 pcdummy pwhack: /var/cache/salt/master
23:14 pwhack @pcdummy checking...
23:15 pcdummy pwhack: did you check master log?
23:15 gableroux joined #salt
23:15 pcdummy pwhack: especialy after a restar tof salt-master
23:18 pwhack @pcdummy sorry, got pulled into standup meeting. inside /var/cache/salt/master/gifts i see two subdirs with long hash names that remote_map.txt says line up with my two git repos. those hash name folders are empty
23:19 pcdummy pwhack: what about the master log?
23:19 pcdummy pwhack: think i'm on the wrong trip, let me look again.
23:21 pwhack @pcdummy master log section of relevance:    http://pastebin.com/4KNTpGaj
23:22 ageorgop joined #salt
23:22 whytewolf pwhack: sounds like the minion is told it's enviroment is not 'base' but is 'development' but all your checking looks to be checking 'base'
23:23 pcdummy yep
23:23 pcdummy but havent found the right key to switch env
23:24 pcdummy pwhack: its branches
23:25 brotatochip joined #salt
23:25 pcdummy pillar git allows that... https://docs.saltstack.com/en/latest/ref/pillar/all/salt.pillar.git_pillar.html
23:25 pwhack @pcdummy the git repos have a development branch in each. and 'gitfs_base: development' in master config should be setting base branch as development
23:26 whytewolf pwhack: other way around.
23:26 pcdummy ^ whytewolf figured it out :)
23:26 whytewolf pwhack: gitfs_base sets the base enviroment to what branch you tell it
23:27 pcdummy so branch name = salt enviornment (as long as in whitelist), "gitfs_base" = other branch as "base" env
23:28 pcdummy normaly git "master" = salt "base"
23:28 pwhack @whytewolf @pcdummy ah. ok, my bad. in theory though development is same name for branch in git and the environment i'm targeting in top.sls
23:28 whytewolf well take the gitfs_base out
23:28 pwhack testing....
23:29 whytewolf cause development is most likly blank in the file server cause it thinks it is base
23:30 amcorreia joined #salt
23:30 whytewolf you might also need to set GITFS_ENV_WHITELIST
23:30 pwhack commented out 'gitfs_base: development' in master config, restarted master service and minion service for giggles. still getting "No matching sls found for 'sun-java' in env 'development'" from minion
23:30 pwhack looking at whitelist doc...
23:31 felskrone joined #salt
23:32 whytewolf also for searching if it is showing up in the right enviroment. tag saltenv='development' on the end of your fileserver runner
23:33 whytewolf and also check salt-run filserver.envs backend=git
23:34 whytewolf err fileserver.envs
23:34 whytewolf stupid typos
23:38 pwhack @whytewolf i sure wish people would stop coming to my desk and interrupting.      [root@master ~]# salt-run fileserver.envs backend=git:   - development
23:38 flowstate joined #salt
23:39 whytewolf pwhack: work from home. saves people coming to your desk :P
23:40 whytewolf ok so development is now listed as the only git enviroment.
23:40 pwhack that was with this addition to master config:             gitfs_env_whitelist:    - development  (with yaml newlines).  restarted master service after that addition, ran highstate, still no luck. then gathered that envs output
23:41 pwhack since the pillars and states are on local fs, only the formulas are on gitfs, having development as only git environment should be ok, yes?
23:41 whytewolf humm shouldn't be needed but try salt-run fileserver.clear_cache && salt-run fileserver.update
23:41 whytewolf yeah it should
23:43 pwhack ran those two cache/update statements then highstate debug on minion, still no matching sls. i'm sure the problem is glaring me in the face, i'm just blind to it.
23:43 gableroux Hey there, when using git.latest state, is it necessary to have ssh-key specified in ~/.ssh/config file?
23:43 gableroux I'm getting Unable to authenticate using identity file
23:44 whytewolf okay and what shows up for salt-run fileserver.file_list backend=git saltenv=development
23:45 gableroux But it works when I do it manually with git, key works fine when specified with -I parameter   ssh -I ~/.ssh/path_to_deployment_key github.com   says Hi team/repo from github
23:45 whytewolf gableroux: look at the identity setting for git.latest
23:45 pwhack @whytewolf http://pastebin.com/WmpD8TrN           (those are the contents i expect so that's good)
23:45 gableroux Yeah, that's what I'm using
23:46 gableroux executing command ['git', 'ls-remote', 'ssh://git@github.com:<snip>/<snip>.git'] as user '<snip>' in directory '/home/<snip>'
23:46 pwhack @whytewolf when doing highstate -l debug on minion, it complains about sun-java/init.sls which is clearly in that list.                   [DEBUG   ] Could not find file from saltenv 'development', 'salt://sun-java.sls', [DEBUG   ] Could not find file from saltenv 'development', 'salt://sun-java/init.sls'
23:46 gableroux [INFO    ] Attempting git authentication using identity file /home/<snip>/.ssh/deployment_key_rsa
23:47 whytewolf pwhack: okay. that is strange.... but it sounds like progress is being made.
23:47 jdp99898 joined #salt
23:47 whytewolf gableroux: use -l debug with salt-call to see if there is something else going on
23:47 pwhack @whytewolf unfortunately that's the same behavior as when i originally posted here. :-(   the master seems to view the git contents just fine.
23:48 jdp99898 does anyone have a link to a masterless minion file for a windows machine?  so much information on salt, so little information on salt windows masterless
23:48 whytewolf pwhack: what version?
23:48 pwhack @whytewolf since the minion can see the sls but not highstate, could this still just be related to my perhaps broken environment config? maybe i'll just tear down the dev branches and put everything in master branch to rule that out.
23:49 pwhack @whytewolf versions-report:        http://pastebin.com/33tnsTC8
23:49 whytewolf pwhack: could try that. for a second i was wondering if it was related to this issue https://github.com/saltstack/salt/issues/26149
23:50 saltstackbot [#26149][MERGED] GitFS returns no file during highstate when fileserver.file_list claims it exists | I have an issue where claims files are missing when I run a `state.highstate`, but `fileserver.file_list` and `cp.list_master` shows that they exist in the environment. Also `cp.get_file` does not work on the files. I'm not sure what my next steps in debugging should be. I also run into this on develop....
23:51 whytewolf maybe need to clear the cp cache on the minion?
23:51 gableroux @whytewolf yeah I did and I don't see anything special
23:51 gableroux http://pastebin.com/bFsKACXJ
23:53 gableroux Works manually when I do it with git; eval `ssh-agent`; ssh-add ~/.ssh/deployment_key_rsa; git clone ssh://git@github.com:team/repo.git
23:54 brotatochip joined #salt
23:55 gableroux I don't think identity setting for git.latest requires ~/.ssh/config entry. Would be in the docs if it were the case. I'll try with a more recent version of salt, dev machine has older version than prod anyway.
23:55 whytewolf it shouldn't need it.
23:55 whytewolf iirc it uses something more akin to GIT_SSH_COMMANd
23:59 whytewolf ugh, I hate when i get to the point that my normal chrome tabs are as small as my pinned chrome tabs

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary