Perl 6 - the future is here, just unevenly distributed

IRC log for #salt, 2016-08-19

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:00 numblok joined #salt
00:01 akhter joined #salt
00:02 om joined #salt
00:03 edrocks joined #salt
00:04 om joined #salt
00:05 akhter joined #salt
00:06 pipps joined #salt
00:06 pipps joined #salt
00:07 jaybocc2 joined #salt
00:07 numblok left #salt
00:07 woodtablet left #salt
00:09 om joined #salt
00:11 ajw0100 joined #salt
00:12 fannet joined #salt
00:14 ablinkin joined #salt
00:14 rylnd joined #salt
00:18 jaybocc2 joined #salt
00:19 yidhra joined #salt
00:30 mrBen2k2k2k joined #salt
00:31 ablinkin joined #salt
00:36 ajw0100 joined #salt
00:36 antpa joined #salt
00:36 ablinkin joined #salt
00:44 teryx510 joined #salt
00:52 pipps joined #salt
00:55 xbglowx What is the recommended way to use conditionals when using https://docs.saltstack.com/en/latest/ref/renderers/all/salt.renderers.gpg.html for pillar data?
00:58 stanchan joined #salt
00:59 ablinkin joined #salt
01:01 stanchan joined #salt
01:07 ablinkin_ joined #salt
01:07 amy_ joined #salt
01:08 amcorreia joined #salt
01:09 XenophonF joined #salt
01:09 mrBen2k2k2k joined #salt
01:15 ssplatt xbglowx: what do you mean?
01:16 ssplatt oh. you mean if you put #!yaml|gpg at the top of the file, you don’t get jinja rendered anymore
01:16 xbglowx correct
01:16 xbglowx I had to move the logic out to the state file instead, for now
01:17 xbglowx not sure if that is the correct/recommended way though
01:17 ssplatt you add in |jinja too
01:17 ssplatt let me check my syntax
01:17 xbglowx I haven't tried that idea yet
01:17 xbglowx I also noticed that the encrypted data is not being decrypted and is just being passed along to the minion encrypted
01:18 dendazen joined #salt
01:18 ssplatt xbglowx: i think its #!jinja|yaml|gpg  but i can’t find my example code
01:18 ssplatt may be #!yaml|jinja|gpg
01:18 xbglowx ssplatt let me give that a try
01:19 xbglowx thanks
01:19 ssplatt i think theres somewhere in the fdocs that says somethign like “the default is #!jinja|yaml
01:20 ssplatt https://docs.saltstack.com/en/latest/ref/renderers/index.html#multiple-renderers   kind of like that
01:20 ssplatt just tack |gpg on the end when you need gpg
01:22 Nahual joined #salt
01:23 xbglowx ssplatt thanks for the link
01:28 ssplatt joined #salt
01:30 ablinkin joined #salt
01:40 xbglowx ssplatt thanks for your help. That did it for me.
01:41 ssplatt cool. glad to help
01:47 ablinkin joined #salt
01:49 ilbot3 joined #salt
01:49 Topic for #salt is now Welcome to #salt! | Latest Versions: 2015.5.11, 2015.8.11, 2016.3.2 | Support: https://www.saltstack.com/support/ | Logs: http://irclog.perlgeek.de/salt/ | Paste: https://gist.github.com/ (please don't multiline paste into channel) | See also: #salt-devel, #salt-offtopic | Ask with patience as we are volunteers and may not have immediate answers
01:52 mrBen2k2k2k joined #salt
01:58 dh__ joined #salt
01:58 catpiggest joined #salt
01:59 ablinkin joined #salt
02:06 edrocks joined #salt
02:06 bastiand1 joined #salt
02:13 fannet joined #salt
02:16 ablinkin joined #salt
02:18 west575 joined #salt
02:31 debian112 joined #salt
02:31 ablinkin joined #salt
02:38 mrBen2k2k2k joined #salt
02:46 ablinkin joined #salt
02:51 Brew joined #salt
02:52 agentnoel Hi, I am using salt 2015.8.8 (Beryllium). It appears that the check_cmd doesn't work for the majority of the file state module. Is this a known problem?
02:55 ablinkin joined #salt
03:03 evle joined #salt
03:09 ablinkin joined #salt
03:11 gtmillion joined #salt
03:12 krymzon joined #salt
03:24 mrBen2k2k2k joined #salt
03:25 ablinkin joined #salt
03:30 antpa joined #salt
03:37 antpa joined #salt
03:40 ablinkin joined #salt
03:41 justanotheruser joined #salt
03:49 bltmiller joined #salt
03:49 jaybocc2 joined #salt
03:50 ablinkin joined #salt
04:01 ablinkin joined #salt
04:09 pipps joined #salt
04:09 edrocks joined #salt
04:10 ablinkin joined #salt
04:13 krymzon joined #salt
04:13 mrBen2k2k2k joined #salt
04:14 fannet joined #salt
04:15 John_Kang joined #salt
04:15 brent__ joined #salt
04:21 ablinkin joined #salt
04:32 ablinkin joined #salt
04:32 pipps joined #salt
04:38 Nag_ind joined #salt
04:38 Nag_ind hi, couldn't find command to start/stop GCE instance?
04:39 ffredrikk joined #salt
04:41 jaybocc2 joined #salt
04:51 DEger joined #salt
04:52 raspy joined #salt
04:53 raspy hi all... have a unique situation, I have a salt minion that is calling two environments
04:53 raspy we set the salt map file for the minion to environment: dev
04:53 raspy but the minion is calling dev,test
04:56 ablinkin joined #salt
04:59 luigi joined #salt
05:01 luigi Hello! I was hoping someone could help me with an error I'm getting when running a custom execution module...
05:01 luigi I'm getting a NameError: global name '__salt__' is not defined
05:02 luigi What's different about my module is that I defined classes and am calling a method on a instance of one such class, where I reference __salt__
05:02 luigi The documentation doesn't provide any specific guidance on this case.
05:03 luigi Any clues?
05:03 CeBe joined #salt
05:05 fracklen joined #salt
05:05 rdas joined #salt
05:05 mrBen2k2k2k joined #salt
05:08 agentnoel luigi: When you instanciate the class, do you take a copy of __salt__?
05:09 agentnoel (I'm not a ninja python dev, but think it could be a scoping problem)
05:12 ablinkin joined #salt
05:12 luigi Me neither. :)
05:12 luigi What do you mean by "take a copy" of __salt__?
05:14 krymzon joined #salt
05:14 raspy all... is there a way to do a salt-call to see the environment on the minion side?
05:22 agentnoel luigi: Thinking a long the lines of, when the class is instanciated to an object, the __salt__ variable exists in scope, but needs to be copied to self.__salt__ to be useable by the object when it is executing its functions.
05:22 agentnoel Unless an object can access the outside scope of the module - I hope it cannot...
05:23 raspy does the salt master store any cache similar to the minions?
05:23 raspy in /var/cache/salt/*
05:23 luigi right, but salt loads the module that contains the class -- shouldn't it inject the __salt__ global in the module as it loads like does for all other modules?
05:24 agentnoel I guess I would assume so. Have you had a look at the GitHub issues for salt to see if it was reported? (search closed too)
05:24 sp0097 joined #salt
05:25 luigi I did. There were some similar issues, but not exactly the same.
05:26 luigi One was about using __salt__ within the __virtual__() function, which does not work by design.
05:26 nidr0x joined #salt
05:26 luigi But nothing on classes.
05:26 luigi I guess I'll take a look at salt's own modules to see if there's anything similar to what I'm trying to do... :)
05:26 luigi But thanks for your help!
05:29 agentnoel Maybe set up some logging and use the salt-call --local -l debug execution?
05:29 agentnoel I think you can use the Python dir() function to see what variables are available?
05:30 luigi Yep, I tried with globals() just now, will try with dir() too. Thanks!
05:32 agentnoel Was it present in either?
05:34 luigi nope
05:36 agentnoel This may be useful? https://docs.saltstack.com/en/2015.8/ref/clients/index.html
05:39 luigi I was looking at that just a minute ago, but was resisting writing all of that code to access the salt modules since they should be available through the dunder dictionary out of the box...
05:41 Brijesh1 joined #salt
05:46 agentnoel Mmmm agreed.
05:46 agentnoel I'm out. Good luck with getting it going.
05:49 om joined #salt
05:50 luigi thanks!
05:50 jxm_ joined #salt
05:50 Raiden joined #salt
05:53 Brijesh1 joined #salt
06:02 amy_ joined #salt
06:03 jaybocc2 joined #salt
06:03 kshlm joined #salt
06:03 mrBen2k2k2k joined #salt
06:03 Brijesh1 joined #salt
06:05 ivanjaros joined #salt
06:07 Brijesh2 joined #salt
06:12 edrocks joined #salt
06:13 fracklen joined #salt
06:14 krymzon joined #salt
06:15 fannet joined #salt
06:17 impi joined #salt
06:18 keimlink joined #salt
06:19 west575 joined #salt
06:21 ffredrikk joined #salt
06:25 klaas joined #salt
06:33 Electron^- joined #salt
06:35 Brijesh1 joined #salt
06:36 devopsprosiva joined #salt
06:37 devopsprosiva Hi, Is there documentation related to this fix: https://github.com/saltstack/salt/pull/15181?
06:37 saltstackbot [#15181][MERGED] Send cloud maps through salt renderer system | Fixes #8403....
06:47 bocaneri joined #salt
06:51 sxar joined #salt
06:52 Brijesh1 joined #salt
06:56 raspy how can I set a grain on a minion using CLI?
06:57 sxar_ joined #salt
06:57 Miouge joined #salt
06:58 scavara i'm trying to setup backup clients on minions. installation/config file setup is somewhat straight forward. the trick is to orchestrate a 'password' file that needs to be pulled from backup server. i was thinking to setup a master so it will execute a script on master as a prerequisite for creating 'password' file on minion. this script will pull/update a static 'password list' file and use it as pillar.
06:58 scavara the master should be able to extract password value for a minion and create appropriate file. any hints on how to achieve this? I've read about salt runners, reactor and similar, but, to be honest, i'm slightly lost when it comes to choosing the right path
06:59 raspy nm.. found it
07:00 sxar__ joined #salt
07:01 ffredrikk joined #salt
07:01 JohnnyRun joined #salt
07:05 jaybocc2 joined #salt
07:05 keimlink joined #salt
07:08 JohnnRun joined #salt
07:09 mrBen2k2k2k joined #salt
07:15 jeblair joined #salt
07:16 jaybocc2 joined #salt
07:20 ivanjaros joined #salt
07:21 Brijesh2 joined #salt
07:24 amy_ joined #salt
07:28 DEger_ joined #salt
07:28 jaybocc2 joined #salt
07:31 manji joined #salt
07:31 raspy wowwwww
07:31 raspy no way
07:31 raspy guys, correct me if im wrong here
07:33 raspy so I am setting grains in my map_file, I am calling a state file which has a bunch of if statements for a grain named "ClusterType". This grain or value, I dont define in my map file
07:33 jhauser joined #salt
07:33 raspy and just because of this, the minion states it cannot run because ClusterType is not defined
07:33 raspy even when I am specifically saying if grains['role'] and not grains['ClusterType']
07:35 jaybocc2 joined #salt
07:35 Brijesh1 joined #salt
07:37 fredvd joined #salt
07:39 Brijesh1 joined #salt
07:40 ablinkin joined #salt
07:43 Brijesh1 joined #salt
07:45 jaybocc2 joined #salt
07:51 ravenx joined #salt
07:52 tongpu joined #salt
07:54 DEger joined #salt
07:54 DEger joined #salt
08:02 |aaron joined #salt
08:03 |aaron does salt-cloud support provisions lxc hosts via proxmox? the docs are weird.. the technology parameter accepts either 'qemu' or 'openvz' but proxmox no longer supports openvz.. yet at the top of the salt-cloud proxmox page it mentions that proxmox uses lxc so it cant be out of date?
08:03 |aaron salt-cloud -p is giving me '501 server error: method post /nodes/my-proxmox-node/openvz' not implemented
08:06 |aaron yeah seems like it doesnt work with the latest proxmox v4 :(
08:06 keimlink joined #salt
08:08 Rumbles joined #salt
08:09 krymzon joined #salt
08:12 fannet joined #salt
08:14 mrBen2k2k2k joined #salt
08:15 edrocks joined #salt
08:16 s_kunk joined #salt
08:17 peters-tx joined #salt
08:21 evle joined #salt
08:26 amy_ joined #salt
08:35 ablinkin joined #salt
08:45 jhauser joined #salt
08:53 hoonetorg joined #salt
08:56 ronnix joined #salt
09:13 felskrone joined #salt
09:15 losh joined #salt
09:22 stooj_ joined #salt
09:27 mrBen2k2k2k joined #salt
09:28 ronnix joined #salt
09:36 jhauser_ joined #salt
09:37 cyborg-one joined #salt
09:41 netcho joined #salt
09:43 peters-tx joined #salt
09:46 jaybocc2 joined #salt
09:49 jhauser joined #salt
09:51 colegatron joined #salt
09:55 ajw0100 joined #salt
09:56 mrueg joined #salt
10:02 stooj joined #salt
10:17 edrocks joined #salt
10:23 ablinkin joined #salt
10:28 amy_ joined #salt
10:37 M-liberdiko joined #salt
10:40 mrBen2k2k2k joined #salt
10:45 Mattch joined #salt
10:45 fracklen joined #salt
10:50 Mattch Hi - I was wondering if there's a way to dynamically set 'disable_modules' on a minion? i.e. turn a particular module off for a period of time - e.g. not doing package updates during office hours?
10:56 jhauser joined #salt
10:58 babilen Mattch: Roll out the configuration change, restart minion .. done. Easy with salt-formula
10:59 amcorreia joined #salt
10:59 rem5_ joined #salt
11:00 Mattch babilen: that's true - and I've just discovered the 'state.disable' method which is actually likely to be more useful for state modules like pkg.
11:06 jhauser joined #salt
11:11 babilen Depends on what you actually want to do
11:15 jhauser joined #salt
11:15 Mattch babilen: Hmm - I may have misunderstood this. Certainly 'state.disable pkg' and/or 'state.disable pkg.installed' doesn't stop those state modules from being active.
11:15 debian112 left #salt
11:17 Mattch I'm thinking this is is just methods within the 'state' module, e.g. highstate - not other state modules.
11:18 necronian joined #salt
11:18 M-MadsRC joined #salt
11:20 jellyfrog joined #salt
11:21 jellyfrog hi guys, in file.managed, can name use a glob? like /opt/*tomcat*/file.jar  (too be used with create: false)
11:23 babilen jellyfrog: What would you want that to do? (And, I guess, the answer is "no")
11:24 babilen But then .. I'm not actually sure. Have you tried it?
11:32 jaybocc2 joined #salt
11:34 numkem joined #salt
11:35 ablinkin joined #salt
11:43 sxar joined #salt
11:52 netcho joined #salt
11:53 jellyfrog babilen: if it finds the file it should replace it, got no dev setup now but ill try
11:55 freelock joined #salt
11:57 mrBen2k2k2k joined #salt
12:03 ablinkin joined #salt
12:08 akhter joined #salt
12:09 jellyfrog babilen: didnt work, if youre curios
12:10 babilen As expected :)
12:10 Guest0 joined #salt
12:17 DammitJim joined #salt
12:17 Guest0 left #salt
12:20 ffredrikk joined #salt
12:21 edrocks joined #salt
12:25 ssplatt joined #salt
12:26 keimlink joined #salt
12:29 tsia joined #salt
12:29 edrocks joined #salt
12:29 amy_ joined #salt
12:33 jaybocc2 joined #salt
12:34 ronnix joined #salt
12:35 XenophonF joined #salt
12:35 ALLmightySPIFF joined #salt
12:37 ablinkin joined #salt
12:40 ALLmightySPIFF joined #salt
12:41 Xopher joined #salt
12:42 DammitJim anyone using mongodb through salt?
12:43 keimlink joined #salt
12:44 west575 joined #salt
12:46 gh34 joined #salt
12:47 babilen Be the first!
12:49 ablinkin joined #salt
12:49 DammitJim I'm still trying to learn mongoDB... not sure I can do that just yet ;)
12:54 akhter joined #salt
12:55 edrocks joined #salt
13:11 keimlink joined #salt
13:12 TooLmaN joined #salt
13:17 Mattch Dammitjim: https://github.com/saltstack-formulas/mongodb-formula might be helpful
13:24 DammitJim thanks Mattch but I don't think that formula creates users with roles and databases
13:24 velikan joined #salt
13:25 teryx510 joined #salt
13:25 babilen DammitJim: Oh, all you want is to install and configure mongodb with salt?
13:25 DammitJim no, I already did that
13:25 DammitJim that's the easy part
13:25 velikan hello everyone! no luck with states in git. when I’m trying to do `salt '*' state.apply vim` minions always say: - No matching sls found for 'vim' in env 'base'”
13:25 DammitJim I want to create users with roles and databases
13:26 babilen Ah .. it sounded as if you want to have salt running on top of mongodb (for pillar input and output)
13:27 DammitJim oooohhh... that sounds interesting ;)
13:27 ssplatt like…an external pillar?
13:28 ssplatt and a returner?
13:28 ssplatt DammitJim: sounds like you need to write a mongodb module, similar to the mysql/mariadb modules
13:29 DammitJim yeah
13:29 DammitJim first I need to learn mongo
13:29 DammitJim :D
13:29 DammitJim I think I'm going to have to write a script to inject into mongo
13:29 DammitJim and just have salt file.manage it and execute it for now
13:30 tapoxi joined #salt
13:30 Mattch velikan: Assuming you've set fileserver_backend and gitfs_remotes properly and restarted ther master, can you check /var/cache/salt/master/gitfs/remote_map.txt has the appropriate repos available?
13:31 mrBen2k2k2k joined #salt
13:31 velikan Mattch: yes, it contains my git repo… but I think maybe I’m out of luck because of git+ssh?
13:32 velikan oh my God
13:32 velikan I’m dumb asshole
13:35 tiwula joined #salt
13:36 babilen ssplatt: Yes, exactly
13:36 babilen velikan: What happened?
13:37 babilen "A moment of clarity for velikan"
13:37 Mattch I'm guessing 'forgot to push' :-p
13:38 velikan thanks) just misspelled the gitfs_remote, trying to make it all right
13:39 colegatron just a question: should a state.highstate force reload also the pillars on the minions or not?
13:39 babilen My colleague called it "insultstack" the other day after having spend some time fighting bugs in salt-ssh
13:39 racooper joined #salt
13:39 babilen colegatron: You do that explictly with saltutil.refresh_pillars
13:39 ALLmightySPIFF joined #salt
13:40 babilen - plural
13:40 AndreasLutro hah
13:40 velikan gitfs authentication was configured, but the 'gitpython' gitfs_provider does not support authentication
13:40 AndreasLutro yeah you need pygit2
13:40 Mattch velikan: you're best off installing pygit2 - see the bit at the top here: https://docs.saltstack.com/en/latest/topics/tutorials/gitfs.html
13:41 colegatron mmmm there is no option to force a reload? I mean... to write a state saltutil.refresh_pillar:module.run:-order:1 seems a ugly workaround, isn't?
13:41 velikan Mattch: yeah, I’ve ended up with gitpython cause just couldn’t install pygit2 normally on debian8… it’s weird. first tried via pip, then tried to make from source - no luck at all :’(
13:41 AndreasLutro unless you run highstates extremely often, you probably won't need to colegatron
13:42 AndreasLutro I think max pillar cache time is 15 mins or something
13:43 colegatron AndreasLutro, for releases I usually use highstate, but I feel weird to have to remember to refresh_pillar every single command (because maybe someone in the team could have updated an element in a pillar)
13:43 velikan anyway, just don’t want to make it from source…
13:43 colegatron AndreasLutro, basically because I use salt to don't have to remember how to do things manually ;)
13:44 fredvd joined #salt
13:45 ablinkin joined #salt
13:46 AndreasLutro there is an if opts['pillar_cache']: so I guess you could just disable that
13:47 AndreasLutro also it looks like pillar caching is disabled by default which makes all I've said wrong I guess
13:47 colegatron I'll have a look :)
13:47 colegatron tbnx
13:47 colegatron tnx
13:49 Rumbles joined #salt
13:57 edrocks joined #salt
13:59 Nahual joined #salt
14:00 jerredbell joined #salt
14:06 keimlink joined #salt
14:09 Brijesh1 joined #salt
14:10 west575_ joined #salt
14:12 velikan does anyone know how to make libgit2 with libssh2 support?
14:15 ivanjaros joined #salt
14:16 johnkeates joined #salt
14:17 autofsckk joined #salt
14:19 keimlink joined #salt
14:20 Brew joined #salt
14:22 keimlink joined #salt
14:24 evilRails joined #salt
14:27 andi- joined #salt
14:31 amy_ joined #salt
14:31 daks hello
14:31 daks i'm running a state which creates user
14:32 daks and another one which creates special directories in my user home
14:32 statik joined #salt
14:32 daks i saw that you can use salt['user.info'](user).home to get the $HOME value for a user
14:32 daks and it seems to solve my problem
14:32 kshlm joined #salt
14:33 daks but, in the same highstate, it seems that salt['user.info'](user).home returns None
14:33 daks even if my user creation state runs before my directories creation
14:33 daks do you have an idea how i can do that?
14:34 jaybocc2 joined #salt
14:34 daks (without accessing pillar for one state in the other state)
14:35 keimlink joined #salt
14:37 one joined #salt
14:38 catpig joined #salt
14:38 velikan all right
14:38 one joined #salt
14:39 velikan so is here anyone who successfully set up salt master with states in git repository?
14:39 velikan via ssh
14:39 velikan *ssh git
14:40 velikan on debian 8
14:41 XenophonF velikan: me?
14:41 tapoxi velikan using gitfs you mean?
14:41 XenophonF on centos and freebsd but tbh it isn't really that different on other operating systems
14:41 velikan XenophonF: I just can’t make libgit2 with libssh2. it always says LIBSSH2 not found.
14:42 one left #salt
14:42 XenophonF libgit/libssh suck
14:42 XenophonF i don't use them
14:42 tapoxi I'm using python-pygit2
14:42 XenophonF i use gitpython instead of pygit as a result
14:42 tapoxi is gitpython the python native implementation and pygit2 wraps libgit?
14:42 velikan XenophonF: yeah, but gitpython does not allow ssh, am I right?
14:42 XenophonF you are wrong
14:43 gtmanfred yes it does
14:43 XenophonF it's ok
14:43 gtmanfred you have to just setup ~/.ssh/ and such
14:43 velikan hm
14:43 XenophonF pobody's nerfect
14:43 gtmanfred you can't pass passwords and things through the settings though
14:43 XenophonF velikan: i will show you a samle config, just a moment
14:43 gtmanfred which is a nice thin gin pygit2, but not necessary
14:44 velikan XenophonF: when I’m trying to start salt master it shouts: “gitfs authentication parameter 'privkey' (from remote 'ssh://git@bitbucket.org:fight24/fight24-salt-states.git') is only supported by the following provider(s): pygit2. Current gitfs_provider is 'gitpython'.See the GitFS Walkthrough in the Salt documentation for further information."
14:44 XenophonF https://github.com/irtnog/salt-pillar-example/blob/master/salt/example/com/init.sls
14:44 XenophonF oh well in that case you're already using gitpython
14:44 XenophonF congratulations
14:45 velikan XenophonF: yes, but my salt master just shuts down with critical
14:45 XenophonF i use salt-formula and users-formula to manage my salt-master config
14:45 XenophonF right because your config is buggy
14:45 XenophonF take a look at the url i provided
14:46 XenophonF assuming you're using ssh public key auth to access bitbucket
14:46 velikan yeah, as it said in docs
14:46 mapu joined #salt
14:46 sxar_ joined #salt
14:46 velikan I just don’t get what’s wrong
14:46 XenophonF just add the private key to the user account under which salt-master runs
14:46 XenophonF https://github.com/irtnog/salt-pillar-example/blob/master/salt/example/com/init.sls#L23 (users-formula does this for me)
14:46 velikan yep, I’m trying to run master from root and he has appropriate private key
14:47 XenophonF and then all you need to do is setup the remotes correctly
14:47 XenophonF ala https://github.com/irtnog/salt-pillar-example/blob/master/salt/example/com/init.sls#L254
14:47 gtmanfred if you configure it in ~/.ssh, you don't need to pass the privkey,then just set the git remote to git@... without the ssh:// proto
14:47 XenophonF you don't need to specify privkey etc.
14:47 velikan oh
14:47 XenophonF b/c gitpython just calls out to git/ssh
14:47 gtmanfred and make sure you remove ssh://
14:48 XenophonF please do note
14:48 chefffff joined #salt
14:48 XenophonF in the ssh config for the user account under which the salt-master runs
14:48 XenophonF i have explicitly specified the private key to use for connections to, in my case, github
14:48 XenophonF https://github.com/irtnog/salt-pillar-example/blob/master/salt/example/com/init.sls#L26
14:49 tsia joined #salt
14:49 johnkeates joined #salt
14:49 chefffff greetings, does anyone know if there were changes to file.managed in 2015.5.3 (Lithium)?  States seem to be ignoring the contents of the file and just checking that the file exists with proper permissions.
14:50 chefffff previous versions would replace the file if the contents were different
14:50 velikan MY. HOLY. GOD.
14:50 velikan XenophonF: it’s working
14:50 * johnkeates you called?
14:50 gtmanfred velikan: :)
14:50 XenophonF LOL
14:50 velikan XenophonF: thank you, man!
14:50 XenophonF hey gtmanfred helped too
14:51 gtmanfred \o/
14:51 XenophonF and tapoxi
14:51 velikan gtmanfred: thank you too!!!
14:51 velikan and tapoxi, thank you man!
14:51 velikan you rock guys
14:53 mrBen2k2k2k joined #salt
14:53 XenophonF daks: for cases like yours, i put everything into a single sls because clearly, they're tied closely together
14:55 johnkeates what are you guys using to target your minions? I've been using hostname-based setups since i'm in control of naming conventions, but I want to switch over to something less dependant on that, like grains
14:55 johnkeates but with grains, you have to set them, and you have to target them to set them, so chicken-and-egg
14:55 gtmanfred so
14:55 gtmanfred you can use grains
14:56 jaybocc2 joined #salt
14:56 gtmanfred but remember, the minion can change if it gets targeted or not
14:56 gtmanfred which could lead to your pillars getting compromised on a minion they shouldn't be on
14:56 krymzon chefffff: strange, do you specify the template with the 'source' parameter?
14:56 johnkeates so i'm basically stuck on mapping on masters
14:56 gtmanfred you could use pillars
14:56 gtmanfred but still target your pillars on names
14:57 chefffff dont specify a template, but the source is set
14:57 gtmanfred the grains issue is just something to be aware of
14:57 johnkeates theoretically, a minion could change its minion id
14:57 johnkeates no wait, that would require re-keying
14:57 chefffff i noticed this a few weeks back, it used to work beautifully but something changed and now i have to delete the file then run the state
14:57 gtmanfred johnkeates: exactly
14:57 johnkeates I basically have to take minion ID's, and map them internally somehow
14:57 johnkeates maybe using mine?
14:58 nonades joined #salt
14:58 gtmanfred you could use reclass
14:58 johnkeates yes, i've been looking in to that as well
14:58 gtmanfred you can also use ldap in 2016.3
14:58 gtmanfred and specify all your machines in ldap
14:59 gtmanfred and then use the pillars from that to target
14:59 krymzon chefffff: I understand you then have something like "source: salt://grub/basic", and no 'replace: False'.. in this case, sorry, I don't know what went wrong
14:59 johnkeates i'm registering them in LDAP anyway, so that would be nice
14:59 johnkeates they have machine accounts using FreeIPA
15:00 gtmanfred https://docs.saltstack.com/en/develop/topics/eauth/index.html
15:00 chefffff replace: defaults to True correct?
15:00 johnkeates I guess I could link them to OU's of groups in LDAP
15:00 gtmanfred johnkeates: https://docs.saltstack.com/en/latest/ref/pillar/all/salt.pillar.pillar_ldap.html there ya go
15:00 johnkeates and then target that
15:00 gtmanfred yar
15:00 johnkeates well, that's a nice improvement over my current setup
15:01 edrocks joined #salt
15:01 johnkeates i'll basically keep hostname/ID targeting around for legacy networks with no IdM/IPA and networks with proper AAA have kerberos/LDAP anyway so then I can use that
15:01 johnkeates does salt cache LDAP responses?
15:02 krymzon chefffff: correct, you could still try setting it explicitly, to make sure that's not the issue
15:02 johnkeates I have plenty of replicas so I could load balance requests to LDAP
15:02 gtmanfred johnkeates: i believe it can
15:02 johnkeates good
15:02 johnkeates thanks :)
15:02 gtmanfred but i don't rememebr for 100%
15:02 johnkeates well, i can always put a local ldap cache daemon on the master and link via that
15:02 gtmanfred never had the chance to use it extensively, we just played with it a bit while working on the ldap auth restriction
15:02 gtmanfred and being able to set acls to specific groups and stuff in ldap
15:03 gtmanfred yar
15:03 bowhunter joined #salt
15:04 chefffff just gave that a go and the behavior is the same, the state runs successfully and logs "exists with proper permissions. No changes made."
15:04 chefffff this is setting replace: True
15:05 ravenx left #salt
15:05 daks XenophonF: so no perfect solution for this
15:07 XenophonF perfect is the enemy of good
15:08 freelock joined #salt
15:08 krymzon johnkeates: have you considered nodegroups? I'm approaching what seems to be a similar dilemma, and nodegroups appear a good idea, though with a few serious drawbacks
15:10 XenophonF daks: i'm surprised the user lookup you perform fails
15:10 XenophonF b/c that'd be my approach, too
15:10 XenophonF esp. since i'd be using a formula to create the user
15:10 XenophonF so dependencies would be loosly coupled (if any, i'd specify a sls: requisite)
15:11 XenophonF oh
15:11 XenophonF i know what it is
15:11 XenophonF render time happens before state execution time
15:11 XenophonF duh
15:12 XenophonF ok, so daks, you're going to have to either reference a pillar key with the desired path, or you have to construct the path given the username and what you know about the target operating system
15:12 johnkeates joined #salt
15:12 Sokel Maybe someone can explain this to me. https://paste.fedoraproject.org/410818/14716194/ -- If I run the user state without the account on the system, it succeeds. If I run again, it fails. Why does it say "These values could not be changed: {'groups': []}"
15:12 XenophonF you might be able to get away with using paths like ~username/blah/blah
15:12 krymzon johnkeates: have you considered nodegroups? I'm approaching what seems to be a similar dilemma, and nodegroups appear a good idea, though with a few serious drawbacks
15:13 johnkeates well, not really, it seems to be more for structural organisation than targeting
15:13 johnkeates for example, i had hostnames like $purpose-$int-$level.FQDN.EXT
15:13 adelcast joined #salt
15:13 raspy joined #salt
15:14 pipps joined #salt
15:14 johnkeates so for redis we'd have redis-1-prod.domain.org, redis-2-prod.domain.org etc. and for test redis-1-test.domain.org, dev gets redis-1-dev.domain.org etc
15:14 daks XenophonF: it seems to be the case, render happens before execution so salt['user.info'](user).home returns None
15:14 johnkeates then you could target redis-*-prod for all production redis servers
15:14 XenophonF right
15:14 XenophonF so you need run-time interpolation of the user's home directory
15:15 daks and as you say, i use a formula to create my users and don't really want to 'merge' it with my other state
15:15 krymzon I was thinking of using the hostames just to define nodegroups, and then do all the top.sls on nodegroups, but haven't tried it yet
15:15 daks run-time interpolation... yes, but how
15:15 XenophonF you can quickly test something by using 'salt-call state.single file.managed ~username/foo.txt'
15:15 daks one of my problems is:
15:16 daks (forget about it, nevermind)
15:16 XenophonF iirc python will expand the pathname
15:16 daks okay, but what for?
15:16 krymzon johnkeates: so I understand so far all the information you need is actually encoded in the hostname, that's convenient (and no possible in my case :) )
15:16 johnkeates yes
15:16 deus_ex joined #salt
15:16 johnkeates but i want to not rely on that
15:16 daks you mean, useing the equivalent of salt-call in my state?
15:16 johnkeates i imagine there will be setups where there is no hostname control, and then i want to rely on something else
15:17 johnkeates but ldap works
15:17 raspy how can I create a specific instance from using salt-cloud on my map file?
15:17 johnkeates and for cloud providers there is discovery API's
15:17 krymzon johnkeates: So I understand you are going to go with ldap as external pillar source? sounds good
15:18 gtmanfred raspy: i do not believe you can make only one instance while referencing the map, you could do the salt-cloud -p <profile> <name>, but not specify only build one of the 10 servers referenced in a map
15:18 gtmanfred unless the other 9 are already built, then the map will only build the one server
15:18 johnkeates yeah, reclass would probably work too, but ldap has to be there anyway
15:18 coval3nce joined #salt
15:18 XenophonF daks: https://gist.github.com/xenophonf/0c463c3b756906dd27ffda2b2de1e91b
15:18 johnkeates if you get SSO you will have a registry
15:19 raspy darn, that sucks, i just wanted to do something like salt-cloud "host3" -m map_file
15:19 XenophonF daks: so in your state, for the filename, just use ~user/path/filename
15:19 XenophonF salt will expand that at runtime
15:19 XenophonF yay
15:19 XenophonF let me try again with a user i know doesn't exist
15:20 p3rror joined #salt
15:20 krymzon yeah, in my case ldap is still in 'would be nice to have, but not at all urgent' stage. Perhaps I'll just try targeting with standard pillar
15:20 dh__ joined #salt
15:20 raspy gtmanfred: oh this works salt-cloud -m map_file hostname
15:20 gtmanfred oh, it does? neat
15:21 abednarik joined #salt
15:21 daks hum.. strange, because this issue https://github.com/saltstack/salt/issues/35594 seems to indicate that ~ is not understood by salt
15:21 saltstackbot [#35594][OPEN] expand ~ to user home directory | For example:...
15:21 abednarik Hi
15:21 abednarik Anyone having issue when installing salt from git? https://github.com/saltstack/salt/blob/v2015.8.10/requirements/base.txt there are spaces there
15:21 abednarik really weird
15:22 XenophonF daks: i've updated the gist
15:22 XenophonF i tested a user that doesn't have a valid pathname as a home directory, and the file.manage state fails (as it should)
15:22 krymzon johnkeates: reclass looks interesting, I'll have a closer look, thanks
15:23 XenophonF i also test a user that doesn't exist, and the file.managed state doesn't work again (as it should)
15:23 johnkeates I guess seeding then gets the following steps, 1. seed vm, 2. add host id-based key, 3. install sso and activate, 4. target using ldap
15:23 abednarik https://github.com/saltstack/salt/pull/35497
15:23 saltstackbot [#35497][MERGED] Fixes spacing in requirements files | What does this PR do?...
15:23 tapoxi joined #salt
15:23 XenophonF daks: that's because the person who wrote that bug report is clueless
15:23 tapoxi can you use gitfs for runners?
15:24 abednarik los like a salt bootstrap change
15:24 gtmanfred tapoxi: yes
15:24 daks XenophonF: oh, if this is not an issue, maybe it should be closed
15:24 gtmanfred tapoxi: in 2016.3, jsut drop it into _runners, for 2015.8 you have to do other things
15:24 daks XenophonF: i take the wrong issue, i saw this one before https://github.com/saltstack/salt/issues/7883
15:24 saltstackbot [#7883][OPEN] Support tilde-prefixed home directories in salt.states.file | I just tried to copy some files into a bunch of user's home directories, using tilde prefixes:...
15:25 tapoxi gtmanfred _runners? a subdir in my git repo?
15:25 gtmanfred yes
15:25 tapoxi awesome
15:26 gtmanfred tapoxi: https://docs.saltstack.com/en/latest/ref/file_server/dynamic-modules.html
15:26 gtmanfred it should be in there, it used to be ...
15:26 tapoxi doesn't seem to...
15:27 gtmanfred tapoxi: https://docs.saltstack.com/en/latest/ref/runners/all/salt.runners.saltutil.html#salt.runners.saltutil.sync_runners
15:27 gtmanfred you have to run `salt-run saltutil.sync_runners`
15:28 tapoxi and it'll fetch from gitfs and store it somewhere in /tmp?
15:30 gtmanfred it will put it in /var/cache/salt/extmods/runners
15:30 gtmanfred somewhere around there
15:30 gtmanfred maybe /var/cache/salt/master/extmods/runners
15:30 tapoxi ok. thanks gtmanfred! this makes my deployment way easier
15:30 gtmanfred np :)
15:31 irated joined #salt
15:32 XenophonF tapoxi: this might be a useful example, too - https://www.reddit.com/r/saltstack/comments/4w16mx/can_reactor_use_gitfs/d634h96
15:32 saltstackbot [REDDIT] can reactor use gitfs? (self.saltstack) | 2 points (100.0%) | 2 comments | Posted by rizo- | Created at 2016-08-03 - 22:09:20
15:32 XenophonF assuming runners work the same way as reactors when it comes to mounting them under salt://
15:32 gtmanfred they do
15:33 raspy how can I create an empty grain?
15:33 ablinkin joined #salt
15:36 raspy hi all, I have this error "Rendering SLS 'dev:fs_mounts' failed: Jinja variable 'dict object' has no attribute 'clusterType'"
15:36 ssplatt grains.set thing: []
15:36 ssplatt something like that
15:37 ssplatt grains.set thing:””
15:37 raspy ah ok
15:37 raspy thx
15:38 teryx510 joined #salt
15:39 XenophonF daks: i looked at the second bug report but couldn't reproduce it
15:40 dezertol joined #salt
15:40 XenophonF i can use ~ in pathnames fed to file.managed and it works
15:40 sp0097 joined #salt
15:40 XenophonF whether i use it in the dictionary key or in the name argument to the state
15:41 jfelchner joined #salt
15:41 KingOfFools joined #salt
15:45 akhter joined #salt
15:50 akhter joined #salt
15:51 daks XenophonF: i need to go now, but i'll look that monday
15:51 daks thanks for your help
15:52 badon joined #salt
15:53 XenophonF cheers
15:58 akhter joined #salt
15:58 mpanetta joined #salt
15:59 nicksloan joined #salt
16:00 mpanetta joined #salt
16:03 dendazen joined #salt
16:09 schemanic joined #salt
16:10 mrBen2k2k2k joined #salt
16:12 pipps joined #salt
16:14 johnkeates joined #salt
16:16 amy_ joined #salt
16:20 mapu_ joined #salt
16:23 pipps joined #salt
16:24 bearonis joined #salt
16:26 raspy hi all... if a state file has if statements for specific grains so lets say {% if grains['clusterType'] == 'SingleNode' and grains['firstrun'] == True %} do... blah {% endif %}
16:26 raspy even though my map file does not have clusterType as a grain, do I still need to define it in my map file so it doesnt bork when parsing the file?
16:27 bearonis joined #salt
16:27 mapu_ joined #salt
16:27 dezertol you can use salt['grains.get']('clusterType','somedefaultvalue')
16:27 dezertol so if it's empty
16:27 dezertol it will use the default value
16:28 raspy dezertol: okay thanks, so that means that the map file needs to have clusterType even though I dont even use it in order for it to successfully parse the state file with a bunch of if statements for different grains?
16:28 onlyanegg joined #salt
16:29 dezertol if you change the code form grains['clusterType'] to salt['grains.get']('clusterType','')
16:29 dezertol it won't be required it will just return empty
16:30 raspy oh so basically thats an enforcement
16:30 ablinkin joined #salt
16:30 Garo_ joined #salt
16:30 dezertol for example ifyou did to salt['grains.get']('clusterType','None')
16:30 akhter_1 joined #salt
16:30 dezertol then if clusterType is not defined in the grains..
16:31 dezertol when the state runs it will have the value of None
16:31 pipps joined #salt
16:32 amcorreia joined #salt
16:33 bltmiller joined #salt
16:41 pipps joined #salt
16:41 sjorge joined #salt
16:41 sjorge joined #salt
16:41 riftman joined #salt
16:43 raspy dezertol: is there a cleaner way to just say if grain is defined
16:43 raspy instead of it borking just because the grain is not defined
16:44 dezertol well if all your doing is checking it.. then you can just check with if .. but if your doing a jinja template and trying to hand off the value you'll need to use the if statement to skip it
16:45 dezertol so it kinda depends on what your trying to with the value
16:46 jaybocc2 joined #salt
16:47 dezertol you can do {% if grains['clusterType' %}
16:47 dezertol and if there is a value it returns true and if not it won't
16:47 raspy yeah kinda thinking that too
16:47 raspy thx dezertol
16:47 scoates joined #salt
16:47 dezertol but it might blow up still
16:47 dezertol https://docs.saltstack.com/en/latest/topics/grains/
16:47 dezertol {% set the_node_type = salt['grains.get']('node_type', '') %}
16:47 dezertol {% if the_node_type %}
16:47 dezertol 'node_type:{{ the_node_type }}':
16:47 dezertol - match: grain
16:47 dezertol - {{ the_node_type }}
16:47 dezertol {% endif %}
16:48 dezertol just depends on what your dong realy
16:52 akhter joined #salt
16:53 spuder joined #salt
16:53 spuder_ joined #salt
17:01 rylnd has anyone but me issues with creating a repo from deb packages via salt-pack on ubuntu 16.04?
17:02 rylnd reprepo seems to fail with a 254 error code, but no other outputs to go with. running it now again with full debug mode
17:07 keimlink joined #salt
17:08 onlyanegg joined #salt
17:09 brotatochip joined #salt
17:09 ffredrikk joined #salt
17:12 raspy dezertol: quick Q, if I set salt['grains.get']('clusterType', 'SingleNode')
17:12 raspy does that match grains with clusterType:SingleNode?
17:13 raspy or will that set clusterType:SingleNode if it doesnt find a grain that matches that
17:13 bowhunter joined #salt
17:18 west575 joined #salt
17:22 Misfit joined #salt
17:23 west575_ joined #salt
17:26 ageorgop joined #salt
17:28 dezertol so "if" the grain "clusterType" is missing .. then it will default to "SingleNode".. if the grain is set to "SingleNode" already.. then it would just use the set value
17:29 mapu joined #salt
17:34 raspy how can you match to say if clusterType is SingleNode then dosomething, else move along and dont go through the if statement
17:35 spuder joined #salt
17:35 dezertol {% set clusterType = salt['grains.get']('clusterType','singleNode') %}
17:36 dezertol {% if clusterType == "SingleNode" %}
17:37 dezertol - somestate
17:37 dezertol {% elif clusterType == "LotaNodes" %}
17:37 kojiro joined #salt
17:37 dezertol - someother state
17:37 dezertol {% endif %}
17:37 raspy cool thx dezertol
17:42 DEger joined #salt
17:45 tuxx joined #salt
17:46 hasues joined #salt
17:47 hasues left #salt
17:57 circ-user-yqq6t joined #salt
18:00 circ-user-yqq6t Is there a method for targeting a list of minions from a file? Like hosts in Ansible.
18:00 ffredrikk joined #salt
18:01 bconnelly_iseatz I found this feature request while searching - https://github.com/saltstack/salt/issues/23523
18:01 saltstackbot [#23523][OPEN] Target minions by a list from a file | Currently salt can target minions in a number of ways. The only "list" way is a comma-delimited list....
18:01 gimpy2938 joined #salt
18:02 gimpy2938 Is there any way to pass a variable to an included SLS outside of setting them in grains and pillars?  https://gist.github.com/jwhite530/1746dc38d7e540e46afec68709f7dc85
18:04 tapoxi joined #salt
18:09 spuder_ joined #salt
18:12 cmarzullo pillar is your answer. You could do other tricks, like import a yaml file or something.
18:12 cmarzullo But you'll want to get pillar sorted.
18:13 edrocks joined #salt
18:13 gimpy2938 cmarzullo: I don't think it will help in my case ... every use of pillars and templates I've seen are backwards for what I want
18:14 cmarzullo hmmmm
18:14 gimpy2938 I have dozens of SLS that each confgure PXE booting for a single system, I want to keep each system in its own SLS or whatever with its settings there and have a common "template" SLS eat those values when I call it
18:15 cmarzullo I do the same thing. Except I have one sls. The values from the sls are pulled from pillar or grains.
18:15 sjorge joined #salt
18:15 cmarzullo So the source: salt://pxe/files/{{ grains.id}}.j2
18:16 cmarzullo or salt://pxe/files/{{ pxe.role }}.j2
18:16 gimpy2938 ... "source"?
18:17 cmarzullo The source line in file.managed
18:17 spuder joined #salt
18:17 gimpy2938 ... um, I'm talking about more than just one state .... I have dozens in each of the SLS
18:17 cmarzullo We have different templates for the different classes of machines.
18:17 cmarzullo So you just feed the data into the template based on the hw you are provisioning.
18:18 Misfit joined #salt
18:18 fracklen joined #salt
18:18 gimpy2938 Take a look at this: https://gist.github.com/jwhite530/fdf02a70ed9c046e7549cf1ccd1d21cb
18:19 gimpy2938 I have dozens of those files ... the lower section is the same in all of them
18:19 cmarzullo back at ya! from our pxe formula: http://pastebin.com/7Sex2Ls9
18:21 gimpy2938 I don't understand in the slightest what yours is doing or how it works or how it relates to mine
18:23 cmarzullo in mine the {{ pxe.preseed_configs }} is a hash describing all the preseeds I want. This comes from pillar. Then it does the needful based on pillar.
18:23 gimpy2938 show me your pillar
18:23 cmarzullo See line 18? the source is parameterized. So it can come from anywhere with any templating in it.
18:25 ffredrikk joined #salt
18:25 cmarzullo http://pastebin.com/HkwejHtt
18:25 gimpy2938 so I have 1 provisoning host and dozens of nodes ... you're talking about adding *all* of these nodes' info into the provision host's pillar, correct?
18:25 cmarzullo there's a lot more. our pxe formula does all the syslinux bits too. Builds out menus and shit.
18:27 cmarzullo What's the difference between the nodes? IP? hostname?
18:27 gimpy2938 cmarzullo: everything being set in the first file I showed
18:28 gimpy2938 MACs, GUIDs, hostname, IPs
18:28 gimpy2938 likely more as time goes on
18:29 cmarzullo You'll have scaling issues. As you are experiencing. Work to separate the data the drives the state from the state itself
18:29 cmarzullo data that drives
18:30 gimpy2938 I know, that's exactly what I'm trying to do
18:30 sjorge joined #salt
18:31 pipps joined #salt
18:31 cmarzullo http://pastebin.com/1euiuS8T
18:32 cmarzullo see how it'll loop over the pillar data?
18:32 gimpy2938 that's the thing, I *really* don't want to loop through every node
18:32 gimpy2938 I need to be able to say "provision sn3 and onlyt sn3"
18:32 gimpy2938 otherwise I'll run it and come back next week when it is done
18:33 gimpy2938 hence me using multiple SLS files int eh first place
18:33 scoates joined #salt
18:34 cmarzullo Doesn't make too much sense to me mate. Why would writing out 12 directories take a lot.
18:34 cmarzullo highstating our pxe server takes less than a minute.
18:35 gimpy2938 cmarzullo: it does more than just create a file or dir, it installs a whole OS, calls external systems to do other work, etc.
18:35 cmarzullo perhaps it's tht yum command? or something in your states/pxe
18:36 gimpy2938 there is nothing I can do to make it faster or more lightwieght
18:36 cmarzullo kk. that wasn't clear in your snippet. So you aren't really talking about 'maintaining state' of your pxe server. More so that you are doing 'ochestration
18:36 gimpy2938 yea, both really
18:37 cmarzullo There's your problem. IMO the should be decoupled.
18:37 gimpy2938 I could make a provivisioning module, that seem like even more pain ... last time I looked at modules Salt wouldn't even accept the example provided in the docs
18:38 gimpy2938 ok fine, I lied, it's 100% orch, whatever
18:38 cmarzullo heheh. In that case switch from state management for an orchestrate runner.
18:38 spuder_ joined #salt
18:38 gimpy2938 I re-run those states from time to time but it's mostly to provision them once
18:39 |aaron is anyone using salt-cloud to provision containers in the latest proxmox? i think maybe its out of date? the only options for 'technology' are 'openvz' and 'qemu' but proxmox uses lxc now.. also the proxmox api endpoint it wants to use is /nodes/my-node/openvz but it should be /nodes/my-node/lxc ... is there an update in the works?
18:39 sp0097 joined #salt
18:39 cmarzullo We have one formula that ensure the integrity of our dnsmasq / pxe provisioning system. And something different for actually making the provisioning happen.
18:40 cmarzullo For VMs we use salt-cloud so we don't have to pxe anything. But for hardware, systems boot and are hands off. They just come up.
18:40 cmarzullo sorry arron I don't know.
18:41 ub1quit33 joined #salt
18:41 |aaron im surprised i cant find anything online about it since i dont think its *that* recent of a change for proxmox
18:41 |aaron which makes me wonder if im really missing something lol
18:42 gimpy2938 well, from my initial read of a "" I don't think that's what I need either ... is it for running inter-dependant states accross multiple minions?
18:44 cmarzullo I use orchestartion to be like (from the master) tell node1 to do something. then tell node2 to do something.
18:44 gimpy2938 yea, in thise case it's always "tell the provisioner to run this single state"
18:44 cmarzullo yeah.
18:45 gimpy2938 he happens to call out to external things but not via Salt, just externals APIs
18:45 cmarzullo yeah totally.
18:47 gimpy2938 dumb question but is there any way to get the equiv of argv[1] in an SLS?  If so I could do `salt prov_dude state.sls do_prov sn1` and have do_prov pull just sn5 out of the pillar
18:48 gimpy2938 ... but then again I might as well fight with making a module again
18:51 mpanetta gimpy2938: You can set pillar on the command line
18:52 s_kunk joined #salt
18:52 mpanetta Donno if that will help with what you want or not though.
18:53 gimpy2938 nah, I know how to shove data into a pillar
18:54 tmkerr joined #salt
18:56 amcorreia joined #salt
18:59 spuder joined #salt
19:00 raspy anyone know why setting "del_all_vol_on_destroy" to True does not actually delete the non-root EBS volume when I terminate an instance?
19:01 akhter joined #salt
19:05 cmarzullo I don't sorry bud.
19:05 ronnix joined #salt
19:06 ablinkin joined #salt
19:07 mapu joined #salt
19:07 manji joined #salt
19:11 murrdoc joined #salt
19:12 raspy I found a typo in the salt documentation, search "del_all_vol_on_destroy" in https://docs.saltstack.com/en/latest/topics/cloud/aws.html#del-all-vols-on-destroy
19:12 raspy del_all_vol_on_destroy doesnt destroy the volumes, this must be a typo in the example
19:13 iggy the docs are generated from the source... send a PR
19:14 raspy iggy: just to confirm, del_all_vol_on_destroy is incorrect right?
19:15 heaje joined #salt
19:20 om joined #salt
19:20 hasues joined #salt
19:20 west575 joined #salt
19:21 spuder_ joined #salt
19:21 hasues left #salt
19:22 sp0097 joined #salt
19:24 RandyT joined #salt
19:25 ffredrikk joined #salt
19:32 rylnd so when i used pkgbuild.repo in salt-pack, it gives me a "An exception occurred in this state: Traceback (most recent call last): TypeError: 'NoneType' object has no attribute '__getitem__'" traceback. i also see in the minion log that every call of reprepro fails with return code 251. anyone experienced that before?
19:33 ssplatt joined #salt
19:36 pipps joined #salt
19:38 djgerm joined #salt
19:39 djgerm anybody doing anything cool with salt state pushs and grafana annotations? by cool i mean automatically adding annotations when salt commands are run that push state changes
19:40 manji my head aches to the idea
19:40 manji :D
19:40 djgerm hehehe
19:41 manji it is useful to keep graphs of the success rate of your state runs
19:41 manji or highstates
19:41 djgerm my boss says "I want this: http://play.grafana.org/dashboard/db/annotations"
19:42 spuder joined #salt
19:46 cmarzullo djgerm: was eyeing up the the elasticsearch master returner, but seems there's some bugs.
19:46 cmarzullo splunk has salt report filtering or something.
19:47 * MTecknology grumbles
19:47 DEger joined #salt
19:48 MTecknology dunno why, but somehow salt dies during the first highstate and works perfect every time after.
19:51 Kelsar joined #salt
19:57 gimpy2938 now I need to add "try out grafana" to my todo list ... it never ends
19:58 djgerm right? it NEVER ends.
20:02 gimpy2938 djgerm: you could write a program that listens for Salt events and push htme into an external system
20:02 viq djgerm: salt-eventsd may be useful? Also, there's graphite returner
20:03 |aaron ah i see compatibility for proxmox v4 is in the develop branch. is there any kind of anticipated release date for the next version i wonder?
20:03 spuder_ joined #salt
20:06 ajw0100 joined #salt
20:10 xbglowx joined #salt
20:11 iggy djgerm: I did at my old job, don't have that code available anymore
20:11 djgerm cool. was it particularly difficult?
20:13 scoates joined #salt
20:13 babilen gimpy2938: Check out https://grafana.wikimedia.org/
20:13 babilen (click on "Home" for all dashboards)
20:17 iggy |aaron: https://groups.google.com/forum/#!topic/salt-announce/8e44sbbJj_I
20:18 |aaron iggy: awesome thanks so much :)
20:18 iggy djgerm: not particularly, just created a module that poked the url to send the event... triggered that module in a reactor that keyed off returns and looked for highstate
20:19 babilen gimpy2938: We deployed grafana on top of influxdb and are really quite happy with it
20:20 mrBen2k2k2k joined #salt
20:20 ssplatt joined #salt
20:21 DammitJim is it normal for salt to use about 9GB of RAM in an environment where I have about 100 minions?
20:23 stickmack how many workers have you configured on the master
20:26 DEger joined #salt
20:31 ablinkin joined #salt
20:32 pfallenop joined #salt
20:32 ablinkin joined #salt
20:32 pipps joined #salt
20:33 ssplatt joined #salt
20:34 raspy joined #salt
20:37 bearonis joined #salt
20:38 iggy is that RSS or VIRT?
20:40 teryx510 joined #salt
20:40 XenophonF how do i rename a minion?
20:44 raspy joined #salt
20:44 raspy is it possible to name an ec2 ebs volume as you create it through salt-cloud?
20:47 nbuchanan joined #salt
20:48 XenophonF probably
20:48 raspy i only see a way to tag
20:48 raspy but not give it an actual name, all the names are empty  :\
20:48 babilen XenophonF: Remove it, set id to something, accept new key
20:48 DammitJim stickmack, how do I determine that?
20:49 DammitJim man, it almost looks like I have a memory leak
20:49 DammitJim the thing keeps growing
20:49 DammitJim I'm up to 11G
20:49 babilen Old age, DammitJim
20:49 XenophonF raspy: you'd give it a "Name" tag
20:49 XenophonF hang on i need to look up block device mappings
20:49 raspy XenophonF: oh okay thx!
20:49 DammitJim babilen, how did you know I'm old
20:49 DammitJim 'cause I am!
20:53 akhter joined #salt
20:53 XenophonF raspy: doesn't appear to be possible to set tags in block device mappings :(
20:54 raspy im more interested in the volume https://docs.saltstack.com/en/latest/topics/cloud/aws.html#cloud-profiles
20:54 raspy looks like you can set a tag within the volume? Look at Environment: production
20:54 XenophonF raspy: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-blockdev-mapping.html
20:54 XenophonF raspy: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-blockdev-template.html
20:55 XenophonF you can definitely tag a volume via the CreateVolume API
20:55 pfallenop joined #salt
20:55 XenophonF raspy: http://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html
20:56 XenophonF but salt-cloud calls RunInstances and uses block device mappings to create/modify the attached storage
20:56 raspy hmmm
20:57 XenophonF the other way to do it would be via a state formula
20:57 XenophonF like, iterate over a list of instances, find their attached ebs volume, and tag them accordingly
20:57 XenophonF i dunno
20:58 XenophonF you could try passing a tagset via the block device mappings, but i dunno if it will work
20:58 cwright left #salt
20:58 XenophonF i'd have to dig through salt-cloud's aws driver and the corresponding api documentation at amazon
20:59 XenophonF thanks babilen that's the tack i'm taking
20:59 XenophonF shouldn't you be at the pub by now?
21:00 XenophonF so to reset the minion trust relationship, i just nuke everything under /etc/salt/pki/minion, right?
21:01 bltmiller joined #salt
21:07 pfallenop joined #salt
21:08 pipps joined #salt
21:11 pipps joined #salt
21:11 MTecknology BAM! GOT IT!
21:11 MTecknology FINALLY!!!!
21:12 raspy MTecknology: lets see it
21:12 MTecknology 45.55.235.213
21:12 raspy hax
21:14 XenophonF WTF HOW DO YOU KNOW MY IP ADDRESS
21:14 dezertol LOL
21:14 XenophonF /kick MTecknology
21:14 MTecknology that would be odd considering it's mine... possibly to keep
21:15 MTecknology "salt-cloud -p do <fqdn>" now spins up a server running in digitalocean, sticks salt-minion and certs on it, assembles an openvpn config from different places (wish pillar were included in that...), connects to my home network into an OOB openvpn server and runs a highstate that sticks in rules for firewall, users, ssh stuff, logging, backups, etc. That address is for my we web server.
21:16 MTecknology top.sls is based on node names, so there's no special config, just deploy it w/ the correct name and done.
21:17 MTecknology So, "salt-cloud -p do web01.lustfield.net" gets me all that, plus the whole website cloned from a private git repo, static content site built, xmlpipe2 file exported, picked up by the local search indexer, and loads up the uwsgi search app
21:20 bowhunter joined #salt
21:20 viq MTecknology: neat :)
21:24 ablinkin joined #salt
21:24 MTecknology thanks :)
21:25 MTecknology It's been a pain getting to that point, but I *LOVE* being at this point
21:25 MTecknology next up, reactor to kick off rebuilds when I push to git
21:26 djgerm nice. I feel ya: i hate learning stuff, but i love knowing stuff!
21:27 xbglowx joined #salt
21:30 XenophonF that's really awesome
21:30 XenophonF i want to be there some day
21:32 orionx joined #salt
21:36 lungaro joined #salt
21:40 MTecknology XenophonF: my place? I'm having beers w/ friends tonight, stop by
21:41 MTecknology djgerm: been learning squid ... :(
21:41 t0m0 joined #salt
21:42 wendall911 joined #salt
21:47 hasues joined #salt
21:48 XenophonF hah
21:48 XenophonF dude are you anywhere near southwestern ohio?
21:48 XenophonF and can i bring my wife?
21:48 XenophonF we are desperate to get out of the house and talk to adults
21:49 MTecknology sodak...
21:51 pipps joined #salt
21:55 hasues left #salt
21:57 pipps joined #salt
21:58 raspy joined #salt
21:59 raspy does "del_all_vols_on_destroy: true" not work on every version of salt?
21:59 raspy no matter what I do to add this argument in the cloud config, it will not enable True on the volume salt-cloud creates
22:00 t0m0 joined #salt
22:08 dendazen joined #salt
22:09 sp0097 joined #salt
22:17 bltmiller joined #salt
22:18 jaybocc2 joined #salt
22:19 ablinkin joined #salt
22:29 gimpy2938 archive.extracted claims my tarball is "not in gzip format" but it is and works, what do?    https://gist.github.com/jwhite530/c0b13dfb91fdf7aa27ac796f6ebacb80
22:33 ablinkin joined #salt
22:39 fracklen joined #salt
22:46 raspy what is the name of the script that provisions instances on clouds?
22:47 ablinkin joined #salt
22:47 dh__ joined #salt
22:48 ub1quit33_ joined #salt
22:49 dezertol gimpy2938 why are you passing z in the options
22:49 stooj joined #salt
22:49 dezertol it's "archive.extracted" .. the z is implied .. use v see if it works
22:56 XenophonF raspy: what version of salt are you running?
23:03 raspy XenophonF: salt 2015.5.2 (Lithium)
23:04 gimpy2938 dezertol: z for gzip, the same option you give `tar` for a gzipped archive ... removing that causes an exception to be generated:  https://gist.github.com/jwhite530/c0b13dfb91fdf7aa27ac796f6ebacb80
23:05 dezertol weird works fine for me
23:05 dezertol i'm extracting tomcat in one of my states
23:05 gimpy2938 dezertol: yup, I have another state which extracs a .tgz in exactly the same way and it is fine
23:05 gimpy2938 so fucking tired of finding broken garbage in salt
23:05 dezertol .. maybe it's something specific to that archive...
23:06 gimpy2938 dezertol: it extracts cleanly
23:06 dezertol but throws the error anyway
23:06 dezertol lol
23:06 gimpy2938 no, I mean if I extract the .tgz by hand, outside of salt, it works
23:07 XenophonF raspy: can you upgrade?
23:07 gimpy2938 salt is failing
23:07 XenophonF i don't recall having this issue on my minions
23:07 raspy XenophonF: not atm, were standing up a new prod environment with latest stable version, if we upgrade now, im sure were going to break a few things :)
23:08 stanchan joined #salt
23:09 raspy XenophonF: Is there a place where I can see the details for specific PR's? In the notes within the salt git, I see "- **ISSUE** `#24483`_: (*codehotter*) clouds/ec2.py: del_root_vol_on_destroy and del_all_vols_on_destroy not working"
23:09 raspy apparently, this was fixed in 2015.5.4, im on 5.2
23:10 t0m0 joined #salt
23:12 dezertol gimpy2938 just out of curiosity ... have you tried "extracting" manually.. removing the old archive and re-archiving it.. maybe it's something specific with the compression...
23:13 ablinkin joined #salt
23:13 pipps joined #salt
23:13 gimpy2938 dezertol: I cleared the minion's cache and now it works
23:13 bltmiller joined #salt
23:15 mrBen2k2k2k joined #salt
23:15 doriftoshoes joined #salt
23:15 dezertol ah.. yes.. pesky cache
23:16 imanc joined #salt
23:18 ablinkin_ joined #salt
23:19 twodayslate joined #salt
23:19 Freek joined #salt
23:20 pipps joined #salt
23:21 raspy okay... i just made a grim discovery
23:21 raspy this is why i cant delete ebs volumes on destroy https://github.com/saltstack/salt/issues/24483
23:21 saltstackbot [#24483][MERGED] clouds/ec2.py: del_root_vol_on_destroy and del_all_vols_on_destroy not working | Test case:...
23:21 nicksloan joined #salt
23:21 raspy im just on a very old version
23:22 jaybocc2 joined #salt
23:22 wangofett joined #salt
23:24 pipps joined #salt
23:25 ablinkin joined #salt
23:31 ablinkin joined #salt
23:31 ajw0100 joined #salt
23:32 brotatochip joined #salt
23:35 ablinkin joined #salt
23:36 lungaro joined #salt
23:37 t0m0 joined #salt
23:41 ablinkin joined #salt
23:46 robawt hey salt folks, where can i safely store test code for a custom module I wrote?
23:46 xbglowx Hi, trying to configure multi-master, with two masters. If I take down the first master and bounce the minion process, I see "Error while bringing up minion for multi-master. Is master at saltmaster1 responding?"
23:47 xbglowx my minion config includes: master:
23:47 xbglowx - saltmaster1
23:47 xbglowx - saltmaster2
23:47 xbglowx master_alive_interval: 10
23:47 xbglowx master_tries: 1
23:47 ablinkin joined #salt
23:52 ablinkin joined #salt
23:53 xbglowx Although the logs are saying error and complaining about not being able to reach saltmaster1, I noticed that states still work. If I try to run salt-call though, it hangs for a very long time and eventually runs. Any tips on which knobs to tweak to speed this up?
23:54 jaybocc2 joined #salt
23:55 sxar joined #salt
23:58 ablinkin joined #salt
23:59 statik joined #salt
23:59 lungaro joined #salt

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary