Perl 6 - the future is here, just unevenly distributed

IRC log for #salt, 2016-08-12

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:01 jenastar joined #salt
00:05 akhter joined #salt
00:06 ageorgop joined #salt
00:41 mikecmpbll joined #salt
00:41 flowstate joined #salt
00:57 k_sze[work] joined #salt
01:06 ageorgop joined #salt
01:08 catpigger joined #salt
01:09 edrocks joined #salt
01:09 ssplatt joined #salt
01:11 ageorgop joined #salt
01:23 nZac joined #salt
01:24 WKNiGHT joined #salt
01:42 flowstate joined #salt
02:00 squishypebble joined #salt
02:15 yidhra joined #salt
02:24 anotherZero joined #salt
02:30 bastiand1 joined #salt
02:30 yidhra joined #salt
02:42 flowstate joined #salt
02:48 hasues joined #salt
02:48 hasues left #salt
02:50 nZac joined #salt
02:50 antpa joined #salt
02:51 aphor +1 salt-run state.event pretty=True
02:57 mpanetta joined #salt
02:58 flowstate joined #salt
03:02 trave joined #salt
03:09 mpanetta_ joined #salt
03:12 edrocks joined #salt
03:13 om joined #salt
03:14 mpanetta joined #salt
03:19 mpanetta joined #salt
03:20 xbglowx_ joined #salt
03:30 mpanetta joined #salt
03:39 _JZ_ joined #salt
03:40 mpanetta joined #salt
03:41 flowstate joined #salt
03:44 sagerdearia joined #salt
03:50 ageorgop joined #salt
03:58 racooper joined #salt
04:07 akhter joined #salt
04:11 scsinutz joined #salt
04:11 mpanetta_ joined #salt
04:13 mpanetta joined #salt
04:20 ageorgop joined #salt
04:21 mpanetta joined #salt
04:36 mpanetta joined #salt
04:40 flowstate joined #salt
04:42 evle joined #salt
04:45 mpanetta joined #salt
04:50 antpa joined #salt
04:52 antpa joined #salt
05:00 jaybocc2 joined #salt
05:01 rdas joined #salt
05:05 mpanetta joined #salt
05:07 [1]PredatorVI joined #salt
05:09 mpanetta_ joined #salt
05:13 nZac joined #salt
05:15 edrocks joined #salt
05:19 Tgrv joined #salt
05:20 mpanetta joined #salt
05:24 mpanetta joined #salt
05:40 flowstate joined #salt
05:43 impi joined #salt
05:48 felskrone joined #salt
05:51 mpanetta joined #salt
05:57 onlyanegg joined #salt
06:04 ivanjaros joined #salt
06:09 mibr0 joined #salt
06:17 kshlm joined #salt
06:23 bocaneri joined #salt
06:39 stooj joined #salt
06:41 flowstate joined #salt
06:48 GreatSnoopy joined #salt
06:55 fracklen joined #salt
06:56 jaybocc2 joined #salt
06:57 fracklen joined #salt
06:59 __saltmaster__ joined #salt
07:00 cyborg-one joined #salt
07:06 amy_ joined #salt
07:10 shiriru joined #salt
07:13 toanju joined #salt
07:18 edrocks joined #salt
07:25 om joined #salt
07:28 ivanjaros joined #salt
07:34 Electron^- joined #salt
07:36 jhauser joined #salt
07:39 keimlink joined #salt
07:40 flowstate joined #salt
07:45 __saltmaster__ hello
07:47 __saltmaster__ http://pastebin.com/0PynzdPW
07:47 __saltmaster__ I get this error when state run
07:47 __saltmaster__ Comment: Missing parameter content for state file.line
07:48 __saltmaster__ I wonder why because I just want to remove all the line related to nfs
07:49 babilen pastebin.com mangles input, takes forever to load, often makes us enter a CAPTCHA to see your paste and fills the screen with ads.  Please use a different site, like one of http://refheap.com, http://paste.debian.net, https://gist.github.com, http://sprunge.us, …
07:50 babilen file.line is speshul, might want to use file.replace
07:51 Rumbles joined #salt
07:53 __saltmaster__ https://gist.github.com/lord2y/dcdb180ba9243747ced156191a09ac76
07:54 antpa joined #salt
07:55 babilen __saltmaster__: You have to provide content if you use file.line
07:55 __saltmaster__ babilen: but I don't want to replace content, I want to delete
07:56 babilen I understand .. and I said that file.line is speshul and that you might just want to use file.replace
07:56 krymzon joined #salt
07:56 babilen Not sure why you have to provide content if you provide match
07:56 __saltmaster__ I tried also with file.replace but it left blank line
07:57 __saltmaster__ babilen: btw I tried to add content but it didn't work
07:57 __saltmaster__ I mean, it doesn't delete lines
07:58 babilen __saltmaster__: If you use file.replace you have to match the newline if you want to remove that. Something like '^.*nfs.*$' ''
07:59 __saltmaster__ babilen: the regexp match but I get blank line as soon as I put new statement in the file
08:00 babilen "new statement in the file" ?
08:00 babilen What are you doing exactly, what happens and what do you want to happen?
08:01 __saltmaster__ babilen: basically I want to clean file before add new nfs entries
08:02 babilen How are you doing that and what does "new statement in the file" mean?
08:02 __saltmaster__ babilen: so first I remove all nfs entries in /etc/fstab
08:02 babilen Why do you get blank lines?
08:02 __saltmaster__ then I use the mounted state to create the new entries
08:03 __saltmaster__ this is what I meant with "new statement"
08:03 __saltmaster__ I tried to use file.replace: it removed all nfs entries
08:03 babilen So .. why isn't that working with file.replace ?
08:04 __saltmaster__ but when the mounted put the new entries for some weird reason remain blank line for each line that file.replace deleted
08:04 babilen I already answered that earlier
08:04 babilen 09:58:37         babilen > __saltmaster__: If you use file.replace you have to match the newline if you want to remove that. Something like '^.*nfs.*$' ''
08:04 babilen Note the $
08:04 __saltmaster__ problably because I made some mistake
08:04 __saltmaster__ what's wrong with my regexp?
08:05 babilen I have no idea what you did
08:05 __saltmaster__ hang on
08:05 babilen Which regex?
08:05 __saltmaster__ ^(.*nfs(?![\ \t]+.*\b(?:nosuid|nosetuid)\b)).*
08:05 babilen It's missing "$" at the end
08:05 __saltmaster__ ok
08:05 __saltmaster__ hold on, let me try
08:05 babilen And there might be other issues
08:08 __saltmaster__ babilen: it is file.replace, is it?
08:09 jaybocc2 joined #salt
08:09 akhter joined #salt
08:10 impi joined #salt
08:10 babilen The state I recommended is file.replace, yes
08:10 babilen (or module function if you want to run it manually)
08:13 jhauser joined #salt
08:13 mikecmpbll joined #salt
08:15 __saltmaster__ babilen: something linke this https://gist.github.com/lord2y/dcdb180ba9243747ced156191a09ac76
08:16 babilen yeah
08:16 babilen You can use your regex though
08:16 babilen (mine was just an example)
08:17 __saltmaster__ let me try to see what happen
08:18 __saltmaster__ babilen: blank lines are there
08:21 __saltmaster__ this is the result
08:21 __saltmaster__ https://gist.github.com/lord2y/9a28ea23d3e8a9e16fe584c5dcd32066
08:24 babilen __saltmaster__: Use "^.*nfs.*$\n"
08:25 __saltmaster__ babilen: in pattern: right?
08:25 babilen Yes
08:26 GreatSnoopy joined #salt
08:32 __saltmaster__ babilen: like this - pattern: '"^.*nfs.*$\n"'
08:32 babilen Yes
08:32 babilen http://paste.debian.net/788564/
08:33 amy_ joined #salt
08:33 ravenx joined #salt
08:37 __saltmaster__ Function: file.replace
08:37 __saltmaster__ Comment: No changes needed to be made
08:38 __saltmaster__ I was wrong to leave the ""
08:38 __saltmaster__ now it works
08:38 __saltmaster__ thank you
08:39 __saltmaster__ babilen: thank you
08:39 babilen yw
08:42 s_kunk joined #salt
08:42 flowstate joined #salt
08:50 jaybocc2 joined #salt
08:54 ws2k3 joined #salt
08:55 fracklen joined #salt
08:55 phx what ways are there with 2016.3 have the pillars top.sls done by python code? (renderrer, external, whatever) how to do this is not kinda clear from the documentation
08:58 AndreasLutro just put #!py at the top I guess
09:00 phx and what's all the things about external pillars and such then?
09:02 AndreasLutro external pillars don't use top.sls
09:03 AndreasLutro an external pillar is just a python function that takes the minion ID and returns a dict of pillar data
09:04 phx so what's the difference then between having pillars with the #!py renderrer, and external pillars?
09:04 Xenophon1 joined #salt
09:06 AndreasLutro the former involves a top.sls, the other doesn't
09:07 phx so if i want to store pillar code in a git repo, tieing them to environments, then external pillars is not the way I want to go?
09:08 lero joined #salt
09:08 AndreasLutro there is a built-in external pillar called git_pillar or something which does that for you
09:08 AndreasLutro basically meaning you can put /srv/pillar in a git repo
09:08 phx right
09:10 Inver joined #salt
09:17 AirOnSkin joined #salt
09:21 edrocks joined #salt
09:29 Santee joined #salt
09:29 Santee hi
09:29 Santee is Salt better than puppet ? pros n cons pls
09:29 cyrus_mc joined #salt
09:29 Santee ant catch ?
09:29 Santee any*
09:29 Santee drawbacks ?
09:30 Santee Any here ?
09:33 babilen Santee: It is
09:34 babilen There are numerous articles online that discuss the differences and merits
09:34 amy_ joined #salt
09:34 Santee Ah Thanks babilen
09:34 Santee When was this developed ?
09:35 babilen Salt?
09:37 Santee ye
09:38 babilen Roughly the last 5-6 years
09:40 Santee wow cool
09:41 Santee we totally rely on puppet but u know its all ruby based :(
09:41 Santee how's ansible compared to slatstack ?
09:42 flowstate joined #salt
09:42 __saltmaster__ Santee: they are enough different imho
09:43 AirOnSkin joined #salt
09:46 Santee any video which show how to deploy as service on a node from master ?
09:46 Santee using slatslack ?
09:46 Santee a*
09:46 Santee lets say I want telnet on 3 nodes
09:47 babilen Santee: You might be interested in https://docs.saltstack.com/en/getstarted/
09:49 deus_ex joined #salt
09:49 jhauser joined #salt
09:49 Santee wow amazing, am gonna try via vagrant
09:50 Santee tnx bibi
09:50 flowstate joined #salt
09:50 jaybocc2 joined #salt
09:51 babilen https://github.com/UtahDave/salt-vagrant-demo might come in handy for that
09:52 mpanetta joined #salt
09:53 babilen Santee: What's your landscape like? What kind of requirements do you have and what would you like to do that you can't at the moment?
09:56 fredvd joined #salt
09:56 TRUMP-PENCE joined #salt
10:00 Lionel_Debroux_ joined #salt
10:01 Santee bibi well we have 11 node blade, with some 2 db servers, jboss server bla bla
10:01 Santee we need to select the nodes n install various service-groups, packages etc
10:02 Santee sometimes 13node blade too physical hardware
10:02 Santee all r connected via LAN
10:02 Santee I wanna power off / on too
10:02 flowstate joined #salt
10:03 mpanetta_ joined #salt
10:06 SubOracle joined #salt
10:08 Santee oh gosh one minion ain't responsing
10:11 SubOracle joined #salt
10:14 babilen Santee: My nickname is "babilen" no "bibi". Most IRC clients provide autocompletion of nicknames. Try "bab<TAB>"
10:14 Santee sorry babilen
10:14 babilen Santee: Not responding where?
10:14 babilen (and to what?)
10:14 Santee Minion did not return. [No response]
10:15 babilen What did you do to get that?
10:16 Santee salt 'minion1' state.apply nettools
10:16 ravenx did you try test.ping first
10:16 babilen Santee: In that vagrant environment?
10:16 ravenx and see if the minion is even online
10:17 cswang joined #salt
10:17 Santee ya ping gives true for both
10:17 Santee ya its saw by vm box
10:17 Santee babilen: yes
10:17 babilen Try it again .. maybe you didn't wait long enough after accepting the keys
10:18 Santee oh
10:18 Santee on a re-try it gives me
10:18 Santee Salt request timed out. The master is not responding. If this error persists after verifying the master is up, worker_threads may need to be increased.
10:19 ravenx maybe try setting the timeout time to be longer?
10:20 AndreasLutro just check the status of your minion/master, check the logs etc
10:20 Santee cool no worries, I got the gist of it
10:21 Santee looks cool not sure how it behaves on my hardware
10:21 Santee 13 blade hardware has anyone tried it ?
10:21 Santee 3 db servers , 2 web servers bla bla etc ?
10:21 AndreasLutro it's just python communcating over tcp, it'll work anywhere
10:21 Santee so everything is written using Python ?
10:21 Santee 100% ?
10:22 Santee in saltstack ?
10:22 Santee cool cheers AndreasLutro
10:22 Santee ravenx: how u set the timeout longer ?
10:22 AndreasLutro some of the python dependencies are probably compiled (like zeromq and the cryptography stuff) but yes
10:22 XenophonF joined #salt
10:22 Santee AndreasLutro: cool
10:22 babilen Santee: That might be rather a problem with that vagrant setup
10:23 Santee babilen: I see
10:23 Santee cool cheers guys
10:23 Santee seems cool
10:23 babilen I haven't actually used that (I have my own)
10:23 Santee any link which shows the performance of salt vs puppet ?
10:23 ravenx Santee: you can set it on the command line when you run the salt command.
10:23 babilen Salt is perfectly capable of working at your scale
10:23 AndreasLutro I've never ever had to change timeout values. if you get a timeout it most likely means your master isn't responding properly
10:24 Santee babilen: wat u mean u have ur own
10:24 Santee AndreasLutro: ya maybe my vm is slow
10:24 babilen Santee: I don't use UtahDave's vagrant boxes to test salt
10:24 Santee babilen: ah cool
10:25 babilen Just though I'd suggest the setup provided by one of the people that work for Saltstack
10:25 babilen Santee: Could you run "salt-call -ldebug state.apply nettools" on the minion2 itself?
10:27 Santee like this ? salt-call 'minion1' -ldebug state.apply nettools
10:28 Santee [ERROR   ] Master hostname: 'salt' not found. Retrying in 30 seconds
10:28 ravenx i dont think you need the minion
10:28 Santee k same error
10:29 Santee no worries this was just a test
10:29 Santee just trying it
10:29 Santee looks cool
10:29 Santee wanna know which is faster puppet or salt
10:30 ravenx puppet uses ssh, so....
10:30 Santee coz in our company we are puppet slaves
10:30 Santee everyone loves it
10:30 Santee I hate Ruby so
10:30 Santee exploring
10:30 Santee n gonna suggest my CTO
10:30 Santee wanna show him figures / proof
10:30 Santee to convince him
10:30 Santee :D
10:31 Santee that slat is better
10:31 ravenx mmmm i love slats ;)
10:32 Santee hey how to stop this vagrant ?
10:32 ravenx vangrant halt --hammertime
10:32 ravenx without the hammertime
10:32 KingOfFools Santee: tell him that the King says salt is better :P
10:33 Santee lol
10:33 Santee vagrant destroy
10:36 amy_ joined #salt
10:37 Santee k tnx guys bye will come back with full force
10:37 ravenx no.  pls
10:37 ravenx ._.
10:38 DanyC joined #salt
10:42 flowstate joined #salt
10:43 Pulp joined #salt
10:43 jaybocc2 joined #salt
10:45 AndreasLutro puppet doesn't use ssh
10:47 ravenx i've read that it does, no?
10:47 AndreasLutro maybe it has an option for it, just like salt-ssh
10:48 AndreasLutro but it definitely has a server/agent just like salt
10:48 ravenx what else does it use for transport if not ssh
10:49 AndreasLutro tcp with ssl as far as I know
10:49 ravenx ah i see
10:49 ravenx my bad
10:50 ravenx hmm, then which one was the one that uses ssh
10:50 ravenx probably ansible then
10:50 AndreasLutro ansible and itamae use ssh exclusively afaik
10:51 robinsmidsrod I'm trying to set worker_threads on my master to 3, but I still see 12 processes in ps - what gives?
10:53 AndreasLutro maybe 9 of the threads don't count as worker threads?
10:54 AndreasLutro pure guessing of course
10:59 alexhayes joined #salt
11:00 lero__ joined #salt
11:01 amcorreia joined #salt
11:03 giany hi, i keep getting this message "Parent directory not present" - http://pastebin.com/s61Z1Dqk , how can i create parent dir before copying a file to it?
11:04 robinsmidsrod AndreasLutro: do you know of any other setting that impact the number of processes running?
11:04 AndreasLutro nope
11:05 AndreasLutro giany: use the makedirs argument
11:05 AndreasLutro or have a separate file.directory state for the directory
11:06 irctc879 joined #salt
11:24 edrocks joined #salt
11:25 zer0def joined #salt
11:33 giany thx
11:34 lero joined #salt
11:35 lero__ joined #salt
11:37 amy_ joined #salt
11:41 chamunks joined #salt
11:41 Eugene joined #salt
11:46 georgemarshall joined #salt
11:46 atmosx Hello, I want to launch an script when a file has been updated, with cmd.wait:\n - file: /path/to/file but doesn't work. Any hints/ideas?
11:47 AndreasLutro atmosx: use cmd.run with "onchanges"
11:47 AndreasLutro it's basically the same as cmd.wait but less buggy
11:49 atmosx AndreasLutro: I think there's a bug there too actually... at least in the version we're running. I had a similar situation about a month and a half back.
11:49 jaybocc2 joined #salt
11:49 atmosx okay found onlyif
11:49 AndreasLutro onlyif is different. onchanges is what you want
11:56 atmosx ok let's try
11:57 flowstate joined #salt
12:04 iggy sadly https://github.com/saltstack/salt/issues/35321
12:04 saltstackbot [#35321][OPEN] cmd.wait deprecated, but alternative doesn't work for ordered state execution | Description of Issue/Question...
12:04 flowstate joined #salt
12:06 alexhayes joined #salt
12:07 AndreasLutro good point
12:08 impi joined #salt
12:08 packeteer joined #salt
12:08 JoshuaX joined #salt
12:08 atmosx hm, onchanges worked for me only when the file didn't exist (and was created from salt): https://gist.github.com/atmosx/cc4047fb6fc90b4f9e1a72589348e78b switched back to cmd.wait
12:09 dendazen joined #salt
12:09 iggy salt only acts on changes that it makes
12:09 iggy so changing a file outside of salt isn't going to do anything
12:11 ssplatt joined #salt
12:11 atmosx hm the 1st state is wrong then, I need to change/update that state only when the file doesn't exist though.
12:12 iggy why?
12:12 AndreasLutro use the "replace" argument to file.managed
12:12 akhter joined #salt
12:13 alexhayes joined #salt
12:14 fracklen joined #salt
12:14 flowstate joined #salt
12:14 numkem joined #salt
12:14 AndreasLutro also your watch is wrong, you need "file:" instead of "cmd:"
12:15 atmosx iggy: the script depends on the psk file. If the .psk file exists I don't want to run the script.
12:15 atmosx AndreasLutro: looking replace in the docs
12:15 AndreasLutro also use "contents: {{ psk_key | json }}"
12:15 AndreasLutro it'll be more reliable
12:21 mrud ,.
12:21 s_kunk joined #salt
12:22 DammitJim joined #salt
12:22 JoshuaX joined #salt
12:24 akhter joined #salt
12:24 atmosx ok made it, thanks!
12:24 edrocks joined #salt
12:38 gh34 joined #salt
12:39 atmosx hm, a question. I have psk generate at every run, I run {% set psk_key = ... %} only when a file is replaced?
12:40 jaybocc2 joined #salt
12:41 AndreasLutro you could put the "contents" argument inside an if salt['file.file_exists'] statement
12:42 akhter joined #salt
12:43 atmosx AndreasLutro: that's my current approach to avoid generating an aplhanumeric on every run, but when the file exists it failes with "psk_key" not defined, because indeed it was not defined, so I'm not sure if there's a sane workaround. I don't wanna generate the psk_key if psk file exists.
12:44 rofl____ anyone having issues with ubuntu 12.04 2016.3.2 packages?
12:44 rofl____ https://github.com/saltstack/salt/issues/35416
12:44 saltstackbot [#35416][OPEN] salt-minion fails on Ubuntu 12.04 | Description of Issue/Question...
12:44 rofl____ seems i dont get jinja dependencies installed
12:45 AndreasLutro atmosx: where do you get psk_key from?
12:50 keimlink joined #salt
12:56 atmosx AndreasLutro: I'm setting it at the begining of the file
12:57 Sketch is file.line the best way to ensure that an unordered file contains a particular line?
13:00 Sketch hmm, maybe replace + append_if_not_found
13:01 babilen Sketch: file.append works for that
13:01 Sketch The text will not be appended if it already exists in the file. A
13:01 Sketch oh yeah, i guess so
13:01 babilen (that appends a line if it is not found)
13:01 Sketch i was worried it would add multiple items if it wasn't at the end
13:02 babilen No
13:05 fracklen joined #salt
13:05 squishypebble joined #salt
13:06 irctc166 joined #salt
13:06 irctc166 hello
13:06 irctc166 I have a question about beacons
13:06 mvmike joined #salt
13:07 irctc166 is it possible to have different intervals for different beacons? I want to make a service beacon that checks one service more often then another
13:07 mvmike new to salt, what's the best way to make a minion screen shot and then upload it to azure blob?
13:07 babilen Screenshot of what?
13:08 mvmike The screen
13:08 babilen Which screen?
13:08 mvmike The desktop screen
13:08 mvmike The whole screen
13:08 mvmike Not just a webpage or anything
13:08 mvmike I need to know if a minion needs remote management or not
13:08 babilen None of my minions have a "desktop screen", so I guess that you might be talking about MS Windows?
13:09 mvmike No...
13:09 mvmike My minions are running chromium
13:09 mvmike and open box
13:11 cmarzullo If you can find a cli way to do it you can make salt do it.
13:11 edrocks joined #salt
13:12 mvmike I was going to use gnome-screenshot..? I was just curious if anyone else had done this before, and they knew a best method
13:12 flowstate joined #salt
13:12 Sketch you could run import form ImageMagick, but you'd have to have salt get your X session's credentials somehow
13:14 bearonis joined #salt
13:15 Sketch that's probably going to be the tricky part of any method, unless you are lazy and just make your clients run "xhost +localhost" at X startup
13:16 babilen Ah, no .. don't do that
13:16 Sketch yeah, it would not be good for security
13:17 amiskell joined #salt
13:18 mvmike Hmm, alright I'll take a look at importing with ImageMagick..
13:20 west575 joined #salt
13:22 Sketch it looks like, at least in theory, you can just set DISPLAY=:0 (assuming the user's display is :0) and XAUTHORITY=/home/user/.Xauthority and things should Just Work™
13:23 NV joined #salt
13:23 babilen Could export the magix cookie with "xauth extract /path/to/some/file $DISPLAY" and then merged with "xauth merge /path/to/some/file"
13:23 babilen *magic cookie
13:23 babilen No idea how well that plays with salt though .. not convinced it is the best tool for this
13:26 drawsmcgraw joined #salt
13:27 lero joined #salt
13:29 mvmike I think I'll take a screenshot with gnome-screenshot, and then use https://docs.saltstack.com/en/latest/topics/cloud/azure.html to upload it
13:31 jaybocc2 joined #salt
13:31 akhter joined #salt
13:34 akhter joined #salt
13:38 amy_ joined #salt
13:39 ZiLi0n joined #salt
13:39 babilen "Help me build an employee surveillance system"
13:40 Sketch hehe
13:40 ZiLi0n Hello, is it possible to store events, as beacons for example in a database using a returner? I am able to store job results, but even though there is a "returner_event" parameter un master.conf events seem not to be stored...anyone has been able to do it?
13:41 AndreasLutro it's event_returner
13:41 teryx510 joined #salt
13:41 ivanjaros joined #salt
13:42 ZiLi0n AndreasLutro you are right, thanks for the correction!
13:42 mvmike Haha, these computers aren't going to be used by employees. Digital signage
13:44 mvmike We use mini computers, and if something ever goes wrong... It sucks to drive 10 states away in America
13:46 atmosx mvmike: What software are you using?
13:46 mvmike Chromium to display a webpage
13:47 mvmike And then open box
13:47 mvmike That's pretty much it
13:48 babilen You need that magic cookie
13:48 babilen (of the user running the session)
13:48 babilen well .. of the session really
13:48 mvmike I've never worked with that before? What exactly is magic cookie?
13:49 mvmike I'm not sure if it's some sort of package or a concept.
13:51 babilen 15:23:26         babilen > Could export the magix cookie with "xauth extract /path/to/some/file $DISPLAY" and then merged with "xauth merge /path/to/some/file"
13:51 Sketch the magic cookie is what X uses to authenticate clients
13:51 babilen https://en.wikipedia.org/wiki/X_Window_authorization#Cookie-based_access
13:51 saltstackbot [WIKIPEDIA] X Window authorization#Cookie-based access | "In the X Window System, programs run as X clients, and as such they connect to the X display server, possibly via a computer network. Since the network may be accessible to other users, a method for forbidding access to programs run by users different from the one who is logged in is necessary.There..."
13:52 nZac joined #salt
13:53 ronnix joined #salt
13:54 joe1 joined #salt
13:56 Tanta joined #salt
14:04 antpa joined #salt
14:04 perfectsine joined #salt
14:04 timoguin joined #salt
14:06 fracklen joined #salt
14:08 __saltmaster__ joined #salt
14:09 nonades joined #salt
14:09 bowhunter joined #salt
14:13 akhter joined #salt
14:14 akhter_1 joined #salt
14:16 mvmike Thanks for everyones' help
14:16 mvmike Im out!
14:18 akhter joined #salt
14:18 bearonis joined #salt
14:21 coval3nce joined #salt
14:21 _JZ_ joined #salt
14:22 akhter joined #salt
14:25 nZac joined #salt
14:28 tpaul joined #salt
14:29 akhter joined #salt
14:31 jaybocc2 joined #salt
14:33 perfectsine_ joined #salt
14:34 Sylvain31 joined #salt
14:34 akhter joined #salt
14:34 akhter joined #salt
14:35 joshin joined #salt
14:36 Sylvain31 hi, how I'm suppose to code a state that generate a password and having the result for the next state? must I {% set new_pass = salt['cmd.run']('get_pass customerid email') %} or is it some more quicker trick as a return value or something?
14:38 akhter joined #salt
14:38 Brew joined #salt
14:45 DammitJim joined #salt
14:50 spuder joined #salt
14:51 TooLmaN joined #salt
14:53 akhter joined #salt
14:54 perfectsine joined #salt
14:55 coval3nce joined #salt
14:57 akhter_1 joined #salt
14:59 geomacy joined #salt
15:03 nethershaw joined #salt
15:05 jaybocc2 joined #salt
15:08 Sylvain31 OK, I will see that another time… ;)
15:14 bearonis joined #salt
15:16 fracklen joined #salt
15:18 mapu joined #salt
15:20 n1ck joined #salt
15:20 scsinutz joined #salt
15:20 scsinutz joined #salt
15:21 n1ck hi , I'm using salt python api and need advice, what is the best way to check that the output i'm getting is valid?
15:22 n1ck for example: I'm calling dockerng.create and might get errors in the dict that the cmd() method returns , like : {"ubuntu": "ERROR: some error string/exception"}
15:23 n1ck the text in the error message isn't static , is there a better method to check that the output is valid instead of check for "ERROR" in the output?
15:23 scsinutz1 joined #salt
15:23 edrocks joined #salt
15:26 alrayyes joined #salt
15:26 kus joined #salt
15:27 scsinutz joined #salt
15:31 fracklen joined #salt
15:32 Brew1 joined #salt
15:35 akhter joined #salt
15:36 scsinutz1 joined #salt
15:37 ZiLi0n AndreasLutro, have you ever used event_returner?
15:39 perfectsine joined #salt
15:39 amy_ joined #salt
15:42 SpX joined #salt
15:45 alexlist joined #salt
15:50 scsinutz joined #salt
15:51 amcorreia joined #salt
15:51 win_salt joined #salt
15:54 MeltedLux joined #salt
15:55 spuder joined #salt
15:55 dyasny joined #salt
15:55 akhter joined #salt
15:58 scsinutz1 joined #salt
15:58 MeltedLux joined #salt
15:59 jerredbell joined #salt
16:04 MeltedLux joined #salt
16:05 onlyanegg joined #salt
16:06 cyborg-one joined #salt
16:10 perfectsine joined #salt
16:10 TRUMP-PENCE joined #salt
16:16 MeltedLux joined #salt
16:17 autofsckk joined #salt
16:21 dyasny joined #salt
16:25 numkem joined #salt
16:25 akhter joined #salt
16:29 akhter joined #salt
16:34 akhter joined #salt
16:35 flowstate has anyone at all had luck managing pip, python, or virtualenvs with salt?
16:36 fredrick joined #salt
16:36 flowstate like... none of the documentation actually works
16:36 fredrick anyone get external auth with pam to work, using a local account on the machine?
16:38 mpanetta joined #salt
16:40 amy_ joined #salt
16:44 akhter joined #salt
16:46 mpanetta_ joined #salt
16:46 fredrick flowstate: everything but virtual envs work for me.
16:46 fredrick What are you seeing
16:52 akhter joined #salt
16:56 sp0097 joined #salt
16:57 akhter joined #salt
16:57 akhter joined #salt
17:00 bearonis joined #salt
17:02 akhter joined #salt
17:05 Edgan Any have or seen a salt-ssh script/api based automatic roster?
17:05 lilvim joined #salt
17:06 akhter joined #salt
17:06 keltim joined #salt
17:09 flowstate joined #salt
17:12 jaybocc2 joined #salt
17:25 cmarzullo flowstate: yeah.
17:25 cmarzullo fredrick: yes
17:25 LtLefse joined #salt
17:25 flowstate basically, I can't use pip, or manage venvs unless I just cmd.run in my statefiles
17:26 flowstate which is a bit frustrating
17:26 flowstate because of the portable 2.6 salt is using
17:26 LtLefse left #salt
17:26 flowstate so my shell has a pip, but then pip.installed says there's no pip
17:27 onlyanegg joined #salt
17:28 cmarzullo you can set the bin_env parameter to pip.installed
17:28 cmarzullo tell it to use a different pip
17:29 cmarzullo fredrick: we use external auth with pam. what issue you having? I do recall there was a bunch of wierdness getting it just right.
17:30 bltmiller joined #salt
17:32 Edgan gtmanfred: ping
17:32 bltmiller does anyone else find the docs on the manage runner to be confusing? https://docs.saltstack.com/en/latest/ref/runners/all/salt.runners.manage.html it seems like there are a bunch of functions that all do the same thing
17:33 alexlist joined #salt
17:39 mpanetta joined #salt
17:39 Tanta you should be able to initialize the environment with ~/[venv name]/bin/activate
17:40 cscf bltmiller, alived and allowed do seem the same
17:40 Tanta https://docs.saltstack.com/en/latest/ref/states/all/salt.states.pip_state.html also lists a ton of options you can pass into the pip state to customize it for a env
17:40 Tanta venv
17:43 tuxx joined #salt
17:45 fredrick cmarzullo:  it is acting like I still have no permissions.  I added my account with the test.ping as a test.  Got denied permission to both logs and the result.
17:47 ageorgop joined #salt
17:49 scsinutz joined #salt
17:51 amy_ joined #salt
17:53 fredrick cmarzullo: running again to grab actual errors.
17:53 cmarzullo here's snippet from my master file: http://pastebin.com/CdgEQxeS
17:53 squishypebble1 joined #salt
17:54 cmarzullo peeps in admin group can do whatever. the ci_user can only call sls_id on the staging master
17:55 fredrick where is your admin group defined?
17:55 cmarzullo /etc/group
17:55 fredrick ldap?
17:55 fredrick or just local machine group
17:55 cmarzullo local.
17:57 fredrick wow my saltmaster is painfully slow today....
17:57 fredrick salt '*saltstack-master*' test.ping [WARNING ] Failed to open log file, do you have permission to write to /var/log/salt/master?
17:57 fredrick then it just silently fails.
17:57 fracklen joined #salt
17:58 fredrick and very much like your external auth paste
17:59 cmarzullo is that done as a reg user? Are you getting a token?
18:01 cmarzullo need to do a salt -T on first run and keep using the token
18:02 cmarzullo https://docs.saltstack.com/en/latest/topics/eauth/index.html#usage
18:02 cmarzullo need to do the -a pam . But I think it's actually -a eauth
18:02 MTecknology What was the option in salt commands to report minions that didn't finish in the timeout limit?
18:03 TRUMP-PENCE joined #salt
18:04 cmarzullo dunno
18:05 scsinutz left #salt
18:07 antpa joined #salt
18:07 cmarzullo look at the job queue and query jids your interested in.
18:08 MTecknology the job queue isn't reliable enough for what I'm dicking with
18:20 subsignal joined #salt
18:21 baffle joined #salt
18:22 Brew joined #salt
18:22 Electron^- joined #salt
18:24 MTecknology lol... I knew it was stupidly simple... -v
18:26 jenastar joined #salt
18:26 spuder joined #salt
18:28 DammitJim one of the reasons we have pillar data for a minion is because it's secure, right?
18:28 DammitJim should I be putting mysql passwords on there?
18:28 MTecknology DammitJim: only as safe as the pillar files on disk.
18:29 cmarzullo DammitJim: gpg encrypted pillar isn't too bad to do.
18:29 cmarzullo anyone can put in gpg data cause you just encode against the master's pub key.
18:30 MTecknology then keep the master's private key stored in a special/secure location (including a backup copy)
18:30 MTecknology Then, if you ever have someone steal a copy of your pillar data, you're still not screwed. :)
18:31 DammitJim oh man
18:31 DammitJim security... love/hate relationship
18:32 Edgan DammitJim: Convenience = people can do stuff != Security = prevent people from doing stuff.
18:32 cscf MTecknology, any articles/tutorials on that?
18:32 Edgan DammitJim: It is really bad when it is the same people on both sides
18:33 DammitJim I mean, I have passwords for samba users in pillar
18:33 DammitJim clear text
18:33 DammitJim alright... one step at a time
18:33 MTecknology cscf: sorry, none that I know of
18:33 MTecknology it's done with the gpg renderer, though
18:34 cmarzullo DammitJim: that's kinda what I did. Did clear text while sorting things out. People complained a lot, as they should, so we rotated everything and gpg it.
18:34 cmarzullo cscf: the online docs are pretty spot on.
18:34 DammitJim you know the problem I have right now is this whole thing about working with a team
18:34 DammitJim and I've hesitated, so I've done states where I applied it with the passwords
18:34 DammitJim then I changed the pillar to remove it
18:35 DammitJim and if someone else tries to run the state, it'll fail because the data isn't there
18:35 DammitJim I know, I'm a mess
18:35 cscf So it is, https://docs.saltstack.com/en/latest/ref/renderers/all/salt.renderers.gpg.html
18:35 cmarzullo can confirm. you mess
18:35 DammitJim hey, are you guys doing something to your environment for the tcp flaw on linux?
18:35 cmarzullo cscf: yep.
18:35 MTecknology oh, wow... that gpg renderer got sexy!
18:36 bowhunter joined #salt
18:36 cmarzullo yeah it's nice. blows up the size of your pillar. (nbd)
18:36 zmalone joined #salt
18:36 cmarzullo Sometimes you get wierd pillar rendering issues if people encode the gpg wrong.
18:37 MTecknology It was a bit of a nightmare the first time I ever looked at it
18:37 cmarzullo Had beers with a bro at saltconf and he was like naw it easy. He was right
18:37 MTecknology looks easy... now
18:38 cmarzullo I get more burned mostly by not having the #! at the top of the file. Jsut forgetting to put it.
18:39 Edgan gtmanfred: I am trying to get your ansible roster code working with ansible's ec2.py.
18:41 gtmanfred Edgan: https://github.com/saltstack/salt/issues/29522
18:41 saltstackbot [#29522][OPEN] salt-ssh ansible roster does not work | Hi @all,...
18:42 DammitJim is there a way to do ssh_auth.present and have salt create the folders?
18:42 gtmanfred there are also other contstraints, it doesn't work with older ansible inventories, and I don't know if it works for anything new, it was working with my one thing back in 2014
18:42 gtmanfred and on one has touched it since really then afaik
18:42 gtmanfred if you setup salt-cloud and use the ec2 driver, you could just use the salt cloud roster
18:43 MTecknology DammitJim: I thought it did... as long as the user directory existed
18:43 Edgan gtmanfred: The issue I found it is it says if key == '_meta' continue, but then it never finds hostvars. I can comment that out, but then it still doesn't work.
18:43 DammitJim MTecknology, right... what if the user directory doesn't exist?
18:43 DammitJim You see, I am using a domain user
18:43 Edgan gtmanfred: I already have my own replacement for salt-cloud. I looked at salt-cloud and found it lacking.
18:44 gtmanfred i meant use the salt-cloud roster with salt-ssh
18:44 MTecknology DammitJim: Then you should probably store the key on the domain resource ;)
18:44 DammitJim and every time I spin up a server, I have to log on to that server with the user I will be applying the ssh_auth, to...
18:44 DammitJim ooohhhh... how do I do that?
18:44 gtmanfred all you have to have is a list of the servers from there, other than that, i haven't looked at the ansible roster in 2 years and have no idea where to even begin with it
18:44 Tanta my replacement for salt-cloud is cloudformation
18:45 DammitJim or would it bad to "create" the home folder with salt as well?
18:45 MTecknology DammitJim: I haven't done it, but it's less a salt thing. I know you can do that with pam modules and sssd. That's what I'd try to do anyway.
18:45 DammitJim oh, but my AD is WIndows
18:45 DammitJim was that a redundant statement?
18:45 MTecknology I would assume everyone runs AD on windows...
18:46 gtmanfred Edgan: and there are other errors like this https://github.com/saltstack/salt/issues/14622
18:46 saltstackbot [#14622][OPEN] Ansible dynamic inventory doesn't support the default format from ansible nova.py | The dict it outputs by default is:...
18:46 gtmanfred it needs a lot of love
18:46 DammitJim I think I'm going to cheat and I'm going to try to see if I can create the folders ;)
18:46 Edgan gtmanfred: For my use case it feels close to working, just have to get to the bottom of why it doesn't work
18:46 MTecknology DammitJim: It's just a poorly designed LDAP, you can stick SSH keys in there as a user attribute, then have ssh use the key stored there. I've never done it, but I know it gets done
18:47 MTecknology DammitJim: as far as a hacky solution... key's don't have to be stored in the users directory.
18:47 DammitJim hhmmmm... thanks!
18:47 DammitJim openssh is what knows where the keys are, right?
18:48 Edgan gtmanfred: Do you use salt-cloud instead now?
18:48 gtmanfred i don't use salt-ssh at all
18:49 Edgan Tanta: Not a fan of cloudformation. Two very common complaints are json and all or nothing execution.
18:49 Tanta the syntax and learning curve are intense, I agree
18:49 Edgan gtmanfred: I have found salt-ssh is the way for things executed by jenkins jobs, and being pushed more in that direction.
18:49 jenastar joined #salt
18:49 Edgan Tanta: I have a simple boto script that reads simple yaml files.
18:50 Tanta but evaluating ways to automate infrastructure -- if you are in AWS -- then cloud formation, terraform, salt-cloud, etc., are all going to use the same API. the only advantage I see for cloud formation is that it's implemented by the same people that made the API
18:50 akhter joined #salt
18:51 Tanta you could also make your own solution with Boto, I'm just not that clever with Python programming
18:52 Edgan Tanta: terraform's maintaining of state makes it unusable to me. Even if you ignore that I ran into issues where the way the DSL is written you can go down the wrong path(a natural path to take if you are trying to make things more dynamic). Then they say, sorry you can't do that, but now you have to start over your state file.
18:52 Tanta I just really hate HashiCorp
18:52 Tanta all their products I've tried to use myself were a clusterf-ck
18:53 Edgan Tanta: In the latest release they just got around to adding the beginnings of a import of existing state feature.
18:53 jenastar what about terraform and vault? its not all bad
18:53 Edgan Tanta: I kind of agree. The problem is when they are the only tool for the job.
18:53 Tanta I'm trying to work with consul on another project... a nightmare
18:53 Edgan Tanta: yeah, Consul is at the top of that list
18:54 Edgan Tanta: I do use vagrant(have my issues), and packer(mostly works).
18:54 tapoxi joined #salt
18:54 Tanta I use cloud formation, Salt, and a few glue bash scripts
18:55 bearonis joined #salt
18:55 Edgan Tanta: Some people use a cloudformation library to generate cloudformation json, and write their configuration in something else like yaml.
18:55 Tanta I have a really cool CFN template that takes a parameter and has different dynamic elements for different environments
18:56 Tanta between parameters & maps you can sort-of make it work
18:56 bltmiller joined #salt
18:56 Tanta but you end up with weird stuff like: "MaxSize": {"Fn::FindInMap":["environmentMap",{"Ref":"environment"},"autoscaleNodeCount"]},
18:57 onlyanegg Can I install all packages from a local directory?
18:57 onlyanegg something like:
18:57 onlyanegg -sources:
18:57 onlyanegg - pkg: salt://rpms/*
18:58 gtmanfred i do not believe so
18:58 cmarzullo use the salt module to get a list of files in a directory. then do pkg.installed: pkgs: {{ array }}
18:58 cmarzullo crappy way. but might work.
18:58 Tanta {% set package_list = cmd.run['echo /path/*'] %}
18:59 onlyanegg ok, I'll try that. Thanks!
18:59 jenastar1 joined #salt
18:59 Tanta not sure if that will give you one giant string or a real list
19:00 fredrick cmarzullo: thanks for the help I forgot about the dang -a.  All is good.
19:03 scoates joined #salt
19:04 Edgan gtmanfred: ok, I will keep digging and make a pull request after I figure it out
19:09 gtmanfred sounds good!
19:09 akhter joined #salt
19:11 Edgan gtmanfred: Thanks for writing the original code. It simplifies trying to get this ec2.py script working with salt, a lot. I really want a dynamic roster.
19:12 gtmanfred :)
19:13 cmarzullo fredrick: woot!
19:15 onlyanegg Tanta: np, I'll just use {% for rpm in package_list %}
19:15 Edgan gtmanfred: Also going to improve the documentation. /etc/salt/roster as a script name example doesn't help, and not mention that the file has to be executable to be a script isn't helpful. I had to read the code to find the executable requirement.
19:15 gtmanfred {% for rpm in package_list.split('\n') %}
19:16 ssplatt does anyone have a working example of https://docs.saltstack.com/en/2015.8/ref/states/all/salt.states.x509.html#salt.states.x509.certificate_managed? my certs seem to be not working. I’m getting handshake errors with rsyslog and if i try to use it with nginx, curl will report “wrong usage”
19:17 ssplatt which leads me to think that “- keyUsage: "critical cRLSign, keyCertSign”” is wrong in the signing policy above
19:23 fredrick any one ever add a user and use the hash for creating a password.
19:23 cmarzullo all the time
19:24 fredrick how do you pass it?
19:25 cmarzullo either directly as the has. or as gpg encrypted has.
19:26 cmarzullo - password: {{ options.password }}
19:26 cmarzullo fed from pillar of course
19:28 fredrick I tried that with - password {{ pillar.item}} and it did not work.
19:28 silviud joined #salt
19:29 cmarzullo I'd have to see your state. But it can be done. We loop over the user data creating a user for each entry.
19:29 win_salt joined #salt
19:29 fredrick I will play more.  Must have done something incorrec.t
19:29 win_salt would anyone know why cmd.run in a state is just returning the text of the cmd not what it should return?
19:29 silviud hi - i need help regarding the jenkins tests when I send a pull request
19:30 fredrick ha it was a spacing issue.
19:31 cmarzullo so annoying eh?
19:33 silviud i have some failures but not sure how to interpret errors like No problems were identified. If you know why this problem occurred, please add a suitable Cause for it.
19:38 fracklen joined #salt
19:41 nate_c joined #salt
19:46 Awesomecase joined #salt
19:50 bearonis joined #salt
19:51 Edgan gtmanfred: looks like the code is just incomplete
19:52 gtmanfred correct
19:52 gtmanfred it was only written for one specific use case
19:52 gtmanfred not all of the inventory paths that ansible could do
19:53 Edgan gtmanfred: Well you call out groups, hostvars, and parents and then only use groups
19:54 gtmanfred it is worth noting that I barelyhad any idea what I was doing
19:54 Edgan gtmanfred: haha
19:56 Edgan gtmanfred: I got it a little further with for "key, value in six.iteritems(self.groups):" to for "key, value in six.iteritems(self.hostvars):"
20:02 jaybocc2 joined #salt
20:06 edrocks joined #salt
20:08 jaybocc2 joined #salt
20:09 anotherZero joined #salt
20:10 jenastar joined #salt
20:10 alexlist joined #salt
20:10 GreatSnoopy joined #salt
20:10 MeltingFiction joined #salt
20:11 fredvd joined #salt
20:13 TOoSmOotH joined #salt
20:14 TOoSmOotH_ joined #salt
20:23 Patch joined #salt
20:30 marie1972 joined #salt
20:32 felskrone joined #salt
20:35 drawsmcgraw left #salt
20:35 fracklen joined #salt
20:35 Edgan gtmanfred: I got it kind of working with ec2.py.
20:43 ranomore joined #salt
20:46 scsinutz joined #salt
20:55 scsinutz joined #salt
20:59 bltmiller joined #salt
20:59 lovecraftian joined #salt
21:00 geomacy joined #salt
21:06 scsinutz1 joined #salt
21:17 scsinutz joined #salt
21:17 Shirkdog joined #salt
21:31 scsinutz joined #salt
21:36 fracklen joined #salt
21:37 krymzon joined #salt
21:37 keltim anyone here use datadog? if so, how do you deal with them not accomodating ec2 tags that are lists? (like comma separated, etc)
21:42 flowstate joined #salt
22:03 marie1972 left #salt
22:04 mohae joined #salt
22:08 antpa joined #salt
22:11 amcorreia joined #salt
22:11 alexlist joined #salt
22:18 snaggleb joined #salt
22:29 Guest67132 joined #salt
22:31 west575 joined #salt
22:40 flowstate joined #salt
22:43 lynxman joined #salt
22:44 brotatochip joined #salt
22:52 lungaro joined #salt
22:58 geomacy joined #salt
23:00 kunersdorf joined #salt
23:07 deus_ex joined #salt
23:08 kunersdorf {% set file = salt['file.find']('/path/to/search/', name='some.log', type='f') %}
23:09 kunersdorf it is showing the right output in state.show_sls
23:09 kunersdorf but the result in the config looks like: ['/path/to/search/some.log']
23:10 kunersdorf how do I strip of the brackets and single quotes?
23:16 jgarr is there a way for me to run salt on all my nodes alphabetically?
23:17 jgarr I run a module every 30 minutes (batch of 10%) but if the order is random then host1 could possibly run at the end of the first 30 minutes and begining of the 2nd 30 minutes
23:21 whytewolf kunersdorf: {% set file = salt['file.find']('/path/to/search/', name='some.log', type='f')| first %}
23:23 kunersdorf whytewolf: perfect, tyvm
23:29 fannet joined #salt
23:40 flowstate joined #salt
23:51 nicksloa_ joined #salt
23:52 Pulp joined #salt

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary