Perl 6 - the future is here, just unevenly distributed

IRC log for #salt, 2016-10-31

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:04 mavhq joined #salt
00:05 Deliant joined #salt
00:10 armguy joined #salt
00:28 jas02 joined #salt
00:30 GreenLord joined #salt
00:31 onlyanegg joined #salt
00:31 akhter joined #salt
00:33 PsionTheory joined #salt
00:35 fannet joined #salt
00:37 subsignal joined #salt
00:56 subsignal joined #salt
00:57 jenastar joined #salt
01:15 nicksloan joined #salt
01:24 onlyanegg joined #salt
01:39 prg3 joined #salt
01:40 k_sze[work] joined #salt
01:42 n1x0n joined #salt
01:44 PerilousApricot joined #salt
01:44 onlyanegg joined #salt
01:56 jas02 joined #salt
02:07 voxpop joined #salt
02:19 sysdba joined #salt
02:20 spuder joined #salt
02:22 voxpop joined #salt
02:23 voxpop joined #salt
02:29 v0xpop joined #salt
02:30 jas02 joined #salt
02:33 akhter joined #salt
02:35 fannet joined #salt
02:41 sebastian-w joined #salt
02:46 catpiggest joined #salt
02:47 ilbot3 joined #salt
02:47 Topic for #salt is now Welcome to #salt! | Latest Versions: 2015.8.12, 2016.3.3 | Support: https://www.saltstack.com/support/ | Logs: http://irclog.perlgeek.de/salt/ | Paste: https://gist.github.com/ (please don't multiline paste into channel) | See also: #salt-devel, #salt-offtopic | Ask with patience as we are volunteers and may not have immediate answers
02:54 evle joined #salt
02:57 voxpop joined #salt
03:13 jas02 joined #salt
03:16 promorphus joined #salt
03:20 bastiand1 joined #salt
03:21 swills joined #salt
03:27 fracklen joined #salt
03:45 JPT joined #salt
03:45 voxpop joined #salt
03:46 PerilousApricot joined #salt
04:04 keltim joined #salt
04:15 jas02 joined #salt
04:22 onlyanegg joined #salt
04:32 jas02_ joined #salt
04:35 akhter joined #salt
04:36 fannet joined #salt
04:36 mosen joined #salt
04:41 om2__ joined #salt
04:50 nawwmz joined #salt
04:51 cryptolukas joined #salt
05:03 Ni3mm4nd joined #salt
05:13 PerilousApricot joined #salt
05:17 promorphus joined #salt
05:23 preludedrew joined #salt
05:28 fracklen joined #salt
05:35 jas02 joined #salt
05:43 sgo_ joined #salt
05:46 Garo_ joined #salt
05:49 cyborg-one joined #salt
06:00 akhter joined #salt
06:08 subsigna_ joined #salt
06:12 rawzone joined #salt
06:14 felskrone joined #salt
06:15 nidr0x joined #salt
06:18 zulutango joined #salt
06:34 jas02 joined #salt
06:39 armyriad joined #salt
06:53 jas02 joined #salt
06:56 GreatSnoopy joined #salt
06:56 armyriad joined #salt
06:59 sgo_ joined #salt
07:05 alex_zel joined #salt
07:06 alex_zel hello, can I somehow include an sls file and also have it require to complete something first? I tried this https://gist.github.com/alex-zel/3f72dc981c0554774c6716e901591b75 but that doesn't work
07:06 Salander27 joined #salt
07:07 iggy no, but there's extend
07:09 alex_zel can you give me an example?
07:12 iggy nvm, I wasn't thinking it through well... no there's not a way to do what you want
07:15 alex_zel never mind I found another to achieve what i need, thanks anyway
07:22 fracklen joined #salt
07:25 yuhlw____ joined #salt
07:27 yuhlw____ joined #salt
07:28 ivanjaros joined #salt
07:28 jas02 joined #salt
07:29 ivanjaros3916 joined #salt
07:30 jas02 joined #salt
07:30 yuhlw____ joined #salt
07:33 fannet joined #salt
07:35 jas02_ joined #salt
07:42 narfology joined #salt
07:55 JohnnyRun joined #salt
07:56 fracklen joined #salt
08:01 q1x joined #salt
08:02 akhter joined #salt
08:06 haam3r joined #salt
08:08 fracklen joined #salt
08:10 fannet joined #salt
08:18 samodid joined #salt
08:21 xet7 joined #salt
08:21 promorphus joined #salt
08:23 PerilousApricot joined #salt
08:32 mikecmpbll joined #salt
08:34 subsignal joined #salt
08:35 Elsmorian joined #salt
08:35 jas02_ joined #salt
08:44 jas02_ joined #salt
08:45 jas02 joined #salt
08:48 infrmnt joined #salt
08:57 mikecmpbll joined #salt
09:00 ronnix joined #salt
09:03 ronnix_ joined #salt
09:15 k_sze[work] Odd, I get "Module function aptpkg.refresh_db is not available" for a Ubuntu 14.04 minion.
09:17 Straphka joined #salt
09:18 k_sze[work] How do I tell what pkg provider salt has decided to use? Because it's really odd that it's not apt on a Ubuntu minion.
09:18 hemebond k_sze[work]: Just use pkg.refresh_db
09:19 ronnix joined #salt
09:19 k_sze[work] hemebond: that's a module function? I don't think I see it documented.
09:20 Rumbles joined #salt
09:20 k_sze[work] ok, so I don't use the aptpkg module name directly?
09:20 hemebond https://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.aptpkg.html#salt.modules.aptpkg.refresh_db
09:20 hemebond Not usually, no.
09:20 hemebond You just use the main module and let Salt pick which one to use.
09:21 k_sze[work] I see.
09:25 Electron^- joined #salt
09:26 ronnix joined #salt
09:35 Reverend what command do I need to run on minions to register them with master?
09:35 Reverend i've run highstate, but htey don't appear in salt-key -L
09:35 hemebond Reverend: They register automatically when salt-minion starts.
09:36 hemebond Assuming you've configured the minion to point to the correct master.
09:36 hemebond i.e., by setting the master configuration property.
09:37 Reverend systemctl start salt-minion
09:37 Reverend might work then
09:38 jas02_ joined #salt
09:39 Reverend weird. apparently it comes with a completely different hostname on saltmaster as it does on the minion itself.
09:40 Reverend that's why I couldn't see it ;P
09:40 Reverend hostname is not ip-10.xxx.xxx.xxx, it's ip-172.xxx.xxx.xxx
09:40 Reverend ?
09:40 Reverend what the shit
09:41 hemebond What do you mean?
09:41 Reverend I mean, when I do echo $HOSTNAME on the minion
09:41 Reverend i get: ip-10-xxx-xxx-xxx.eu-west-1.compute.internal
09:41 Reverend which is correct, it's in the 10.xxx subnet, so that's right.
09:42 s_kunk joined #salt
09:42 Reverend on the master, it's registered as ip-172-xxx-xxx.blah.blah
09:42 AndreasLutro on the minion; python -c 'import socket; print socket.getfqdn()'
09:42 Reverend same as $HOSTNAME
09:43 AndreasLutro check /etc/salt for that wrong hostname
09:43 AndreasLutro grep -r
09:43 hemebond What is in /etc/minion/minion_id ?
09:43 hemebond er
09:43 hemebond /etc/salt/minion_id
09:43 Reverend ooooooooookaythen
09:43 Reverend thereeeesss your problems
09:44 Reverend can i just remove that shit and let it use it's fqdn? :/
09:44 hemebond It will repopulate minion_id when it starts.
09:44 AndreasLutro you can, but you should explicitly state the minion id in that file if you ask me
09:45 Reverend yey
09:45 Reverend AndreasLutro - not going to work. This needs to be a 'raw' image, as it's an autoscaling server cluster.
09:45 Reverend if they all have the same minion ID, I assume it's going to be issues
09:45 Reverend >_<
09:46 AndreasLutro okay, but at least set up a script or something in that image that re-writes the minion_id file once networks are up etc
09:47 hemebond If this is AWS you can use cloud-init to setup salt-minion for you.
09:47 hemebond (suppose it depends on the AMI really)
09:47 Reverend hemebond - Looked at it. Unfortunately it's not quick enough :/
09:48 Reverend we need servers in under 60 seconds, so I'm having to do an AMI with most shit preconfigured, and salt 'picks up the slack'
09:48 Reverend of the unconfigured bits...
09:48 hemebond Where is it getting the wrong IP address then?
09:48 Reverend it was the minion_id file
09:48 hemebond What about deleting minion_id before baking the image?
09:48 keimlink joined #salt
09:49 Reverend Yeah, I'll need to. salt-minion is enabled, so it should start on boot, and write hte minion_id file for me
09:49 Reverend i think :PO
09:51 Reverend at the minute - SSLTermination and Varnish clusters are fucking with my zen...
09:51 Reverend >:|
09:53 N-Mi joined #salt
09:58 SaltyVagrant_ joined #salt
10:04 akhter joined #salt
10:08 netcho_ joined #salt
10:18 ronnix joined #salt
10:22 promorphus joined #salt
10:23 sybix joined #salt
10:31 fannet joined #salt
10:35 amcorreia joined #salt
10:40 abednarik joined #salt
10:42 fleaz joined #salt
10:43 N-Mi joined #salt
10:43 jhauser joined #salt
10:44 amontalban joined #salt
10:44 amontalban joined #salt
10:58 yuhlw____ joined #salt
11:08 mavhq joined #salt
11:20 N-Mi joined #salt
11:27 cyteen joined #salt
11:29 guerby_ joined #salt
11:33 guerby joined #salt
11:56 amontalb1n joined #salt
11:58 J0hnSteel joined #salt
12:06 akhter joined #salt
12:16 numkem joined #salt
12:21 keltim joined #salt
12:23 Rumbles joined #salt
12:24 promorphus joined #salt
12:26 sh123124213 joined #salt
12:26 geomacy joined #salt
12:32 sh123124213 joined #salt
12:33 fannet joined #salt
12:39 jav joined #salt
12:40 rem5 joined #salt
12:43 dariusjs joined #salt
12:56 HotCoffey_C60199 joined #salt
12:58 edrocks joined #salt
13:01 bakins joined #salt
13:02 akhter joined #salt
13:07 akhter joined #salt
13:10 cyborg-one joined #salt
13:11 HotCoffey_C60199 greetings!
13:11 dyasny joined #salt
13:17 dyasny joined #salt
13:22 akhter joined #salt
13:23 dariusjs joined #salt
13:29 akhter joined #salt
13:31 cmarzullo o/
13:33 scoates joined #salt
13:37 akhter joined #salt
13:39 edrocks_ joined #salt
13:42 sebastian-w joined #salt
13:45 PerilousApricot joined #salt
13:47 PerilousApricot joined #salt
13:49 jenastar joined #salt
13:55 akhter joined #salt
14:00 PerilousApricot joined #salt
14:00 sh123124213 joined #salt
14:00 sh123124213 joined #salt
14:02 nicksloan joined #salt
14:03 Sketch hmm, so what i thought worked last week doesn't actually
14:04 dya1n joined #salt
14:05 netcho_ joined #salt
14:06 Sketch anyone know why % if opts['test'] == "False" %} ... doesn't work?
14:06 Sketch i can do stuff with {{ opts['test'] }} within the state, but doing an if on it doesn't seem to work
14:06 Sketch is it's value not actually false, even though if i print it, it's false?
14:08 Sketch heh, guess it's not.  {% if not test %} works
14:08 Tanta joined #salt
14:09 mpanetta joined #salt
14:09 jnials joined #salt
14:10 tapoxi joined #salt
14:11 netcho_ joined #salt
14:14 jas02 joined #salt
14:15 subsignal joined #salt
14:21 subsigna_ joined #salt
14:23 ntropy Sketch: do you mean that the actual value of opts['test'] is the string "False"?
14:24 ntropy or do you intend to do a boolean test?
14:24 ntropy as always, much easier to get what you mean if you paste some code and output on a (sensible) paste site
14:25 promorphus joined #salt
14:26 subsignal joined #salt
14:26 _JZ_ joined #salt
14:26 Sketch apparently it's boolean and not text.  which isn't really surprising.
14:28 ntropy in that case you can test it with if opts['test']
14:29 cswang joined #salt
14:30 Brew joined #salt
14:32 PerilousApricot joined #salt
14:36 keimlink joined #salt
14:38 edrocks joined #salt
14:42 cscf joined #salt
14:45 tercenya joined #salt
14:48 hasues joined #salt
14:49 akhter joined #salt
14:49 Sketch yeah, that's what i ended up doing
14:49 rherna joined #salt
14:50 spuder joined #salt
14:51 Reverend is there any way to opt for a restart over a reload, IF a certain file is modified?
14:51 lompik joined #salt
14:51 Reverend for instance, we only want a reload when the config is changed..
14:51 hasues left #salt
14:51 Reverend but when params / sysconfig is changed, we need a restart.
14:52 Reverend ? thawts?
14:53 Reverend hacky workaround: cmd.run onlyif
14:53 Reverend congitest = ok
14:53 cscf Reverend, I suppose you could have 2 service.running states with different watches
14:53 Reverend true
14:53 Reverend will that not cause a conflict?
14:53 elektrix_ joined #salt
14:53 Reverend it is yaml afterall :P
14:53 cscf I don't think so? So long as they are named differently
14:54 Reverend but it will use the title of the block as the service name, right?
14:54 cscf you'd need to use - name: syntax, but I usually do that anyway
14:54 Reverend :S
14:54 Reverend OHHHHHH
14:54 Reverend yeh
14:56 ALLmightySPIFF joined #salt
14:58 Reverend cscf: you genius. it worked :)
14:58 Reverend <3
14:59 joecrowe joined #salt
14:59 tiwula joined #salt
14:59 joecrowe Good morning. Quick question about salt.napalm...was wondering if any one is familiar with it ?
15:02 dariusjs joined #salt
15:04 cscf Reverend, np
15:05 armonge joined #salt
15:05 ntropy joecrowe: no, but i know people use it with some success in production
15:06 joecrowe I am just trying to see if net.cli is able to be used in a config t mode.
15:06 joecrowe I had emailed Jerome and Mircea, the co-authors of the module.
15:09 keltim joined #salt
15:09 ntropy ok, i was actually going to point you to Mircea's nanog talk, but i guess that doesn't help :)
15:09 joecrowe I was at the recent talk
15:09 joecrowe That's what had pushed me into looking into it
15:12 anotherzero joined #salt
15:12 joecrowe Thanks for the quick response ntropy
15:14 CaptTofu joined #salt
15:18 godlike joined #salt
15:18 godlike joined #salt
15:18 akhter joined #salt
15:19 ntropy no problem, sorry i couldn't help.  maybe ask on the mailing list?  i've no idea how many people are using salt to manage network devices
15:20 nawwmz joined #salt
15:20 Ni3mm4nd joined #salt
15:24 akhter joined #salt
15:27 KingOfFools any zabbix module users here?
15:27 spuder joined #salt
15:29 cryptolukas left #salt
15:31 baconmanmaster joined #salt
15:32 baconmanmaster hey there! has anyone experienced Salt changing a single quote to unicode while applying a state?
15:32 akhter joined #salt
15:33 baconmanmaster This is what I'm getting:   Name: /usr/local/sbin/rabbitmqadmin --vhost /wasabi_deva --user [removed] --password [removed] declare queue name=control_opc durable=true arguments=&#39;{"x-dead-letter-exchange": "wasabiError", "x-message-ttl": 86400000} - Function: cmd.run - Result: Changed
15:33 Zaunei joined #salt
15:37 wendall911 joined #salt
15:39 cscf baconmanmaster, could you pastebin the state, please?
15:40 baconmanmaster yeah, one sec
15:40 ntropy baconmanmaster: &#39; doesn't look like a single quote, put that into a search engine, it'll tell you its an apostrophe
15:41 cscf O_o isn't that the same thing?
15:41 baconmanmaster yeah, same thing
15:42 ntropy d'oh, yeah sorry folk, im thinking about a backtick :)
15:44 baconmanmaster http://pastebin.com/rwPcNGCu
15:44 baconmanmaster lines 135 and 164
15:46 Awesomecase joined #salt
15:47 cscf that's some fun escaping
15:48 cscf baconmanmaster, it might be better to move those commands into a script, and simplify the escaping
15:48 sp0097 joined #salt
15:49 baconmanmaster yeah, I didn't write it. I just have to fix it lol
15:50 adelcast joined #salt
15:50 onlyanegg joined #salt
16:00 jas02 joined #salt
16:05 spuder_ joined #salt
16:08 debian112 joined #salt
16:10 amcorreia joined #salt
16:13 jas02 joined #salt
16:21 whitenoise joined #salt
16:26 anotherzero joined #salt
16:26 promorphus joined #salt
16:28 beowuff joined #salt
16:28 tduerr joined #salt
16:30 netcho_ hi all, is there way to somehow pass user input to template/state file?
16:31 netcho_ for example: {% set my_val = $user_input_val %}
16:32 CEH joined #salt
16:34 fannet joined #salt
16:35 netcho_ i would need couple od states with just 1 variable different so i don't feel like having 10 state files
16:35 gtmanfred you could pass in pillars on the commandline, pillar='{"test": "answer"}'
16:35 gtmanfred and then do pillar.get('test')
16:35 netcho_ oh yeah, i forgot about passing pillar data
16:35 gtmanfred but that is it, you can't do it with enviroment variables for state stuff, cause that is all rendered on the minion, and it won't pass the environment variables over
16:37 av_ joined #salt
16:39 netcho_ gtmanfred: can i do multiple? test1, test2.. testn?
16:39 netcho_ i guess i can
16:42 netcho_ joined #salt
16:42 gtmanfred sure, you can pass whatever and it just gets merged into the pillars
16:42 honestly netcho_: If it's a lot of data, put it all in pillar and then just pass a key for it to the call
16:43 netcho_ it's different every time
16:46 netcho_ for example i have a state that creates laod balancers, security groups, autocascaling, instances and stuff on aws (basically full env)... running it from jenkins and and i need a suer to set app_name for example and it will create 'app_name_load_balancer'
16:46 Edgan joined #salt
16:46 netcho_ s/suer/user
16:49 jas02 joined #salt
16:51 Trauma joined #salt
16:54 anotherzero joined #salt
16:56 honestly And it's not practical to put all that data into pillar before you run the build?
17:03 akhter joined #salt
17:09 akhter joined #salt
17:14 edrocks joined #salt
17:16 pipps joined #salt
17:17 jas02 joined #salt
17:19 BattleChicken joined #salt
17:20 patarr joined #salt
17:20 patarr Hi all. Is anyone here using Terraform along with salt? Do you create your machines with salt-cloud, or with Terraform? I'm curious about some of the pros and cons of each approach
17:23 LondonAppDev joined #salt
17:24 stooj joined #salt
17:26 abednarik joined #salt
17:28 MTecknology gtmanfred: Good morning!
17:31 ivanjaros joined #salt
17:33 MTecknology Is it possible to figure out what salt-master process is serving what role? I was looking at pstree (http://dpaste.com/1MN97HH) but I'm still struggling.
17:33 DEger joined #salt
17:34 MTecknology Mostly, I'm trying to figure out what 24012 is and why it's frequently pegging a core
17:37 gtmanfred uhh, that i do not know, I would ask s0undt3ch or cachedout if they are online
17:38 MTecknology I wanted to prod you about other things :)
17:38 MTecknology salty things
17:38 notnotpeter joined #salt
17:38 gtmanfred yar
17:40 gtmanfred MTecknology: Frank C?
17:41 MTecknology I'm not sure who that is off the top of my head.
17:42 gtmanfred who did you say was the person you were coordinating with
17:43 notnotpeter joined #salt
17:43 MTecknology grr... ~200 minions connecting to a single 2-core box. :(
17:44 MTecknology Why do we have high CPU?
17:45 edrocks joined #salt
17:47 cscf MTecknology, when running a '*' state.apply, or when idle?
17:48 MTecknology when random minions do random things randomly
17:48 MTecknology or... predictably given knowledge of every little tiny thing (I don't have that knowledge)
17:51 MTecknology cscf: Sorry, "Why do we have high CPU?" was meant to be sarcasm, as in... duhr?
17:51 cscf ah
17:52 MTecknology 2 cores @ 2.5 GHz, 8 GB RAM (ram is plenty), 10 worker threads, 200+ minions (most of them via syndic-masters)
17:53 MTecknology the syndic boxes have plenty of power, but it's still not really enough for the master becaues the master is what's in charge of the orchestration
17:54 tapoxi so I'm using salt-cloud to build VMs, but it never sets the FQDN (which sucks since I have pillar data using grains['domain']. thoughts on why? I need to manually hostnamectl set-hostname and then restart the minion
17:54 nawwmz joined #salt
17:55 MTecknology tapoxi: Are you using a custom deploy script?
17:56 tapoxi MTecknology: nope just salt-cloud -m /path/to/map
17:56 MTecknology I've never played w/ maps..
17:56 nicksloan joined #salt
17:57 tapoxi MTecknology: how are you setting it without a map?
17:57 MTecknology I run "salt-cloud -p do.sfo pubweb07.lustfield.net"
17:58 tapoxi MTecknology: map is http://hastebin.com/ugijubulej.css
17:59 tapoxi I think I'm doing the same thing, basically
17:59 tapoxi is -p profile?
17:59 MTecknology yup
17:59 MTecknology hastebin needs to die a horrible and painful death in a fire
18:00 MTecknology can't even display crap without needing to enable javascript
18:03 MTecknology tapoxi: I took a look at my deploy script and don't see any hostname stuff there. If I had to take a guess, it'd be that aws needs some extra parameter to set the hostname correctly.
18:03 tapoxi MTecknology: yeah but I'm also running into it on my openstack cluster, which is the weird part
18:03 tapoxi ill keep digging, thanks
18:04 MTecknology however, the documentation disagrees with that guess
18:05 fracklen joined #salt
18:06 fxhp joined #salt
18:06 writtenoff joined #salt
18:07 druonysus joined #salt
18:08 MTecknology tapoxi: any chance of a regression bug?
18:10 gtmanfred tapoxi: MTecknology map and -p profile do basically the same thing
18:11 haam3r joined #salt
18:12 tapoxi gtmanfred: thoughts? it sets the minion name to dev01.or.company.internal but the hostname is just 'dev01'
18:12 mikecmpbll joined #salt
18:12 gtmanfred salt doesn't change any of that, that would be the provider setting all that information on the server
18:13 gtmanfred probably via cloud-init
18:13 LostSoul joined #salt
18:15 abednarik joined #salt
18:16 dps joined #salt
18:18 mohae joined #salt
18:22 akhter joined #salt
18:25 sh123124213 joined #salt
18:27 samodid joined #salt
18:27 promorphus joined #salt
18:30 jas02 joined #salt
18:35 MTecknology gtmanfred: so what you're saying is, he should try rebooting it?
18:35 gtmanfred ¯\(°_o)/¯
18:35 gtmanfred worth a shot
18:35 MTecknology lol
18:35 fannet joined #salt
18:35 gtmanfred but salt doesn't set the fqdn or /etc/hostname when it boots a machine with salt-cloud
18:35 MTecknology I had a PM once that responded that way to many statements I made toward her
18:35 gtmanfred it lets the provider do what it wants
18:35 gtmanfred prime minister?
18:36 MTecknology hm?
18:36 gtmanfred PM
18:36 MTecknology oh.. project managed
18:36 gtmanfred ahh
18:36 MTecknology r*
18:36 gtmanfred i kinda like `ghi` i think i am going to try and use it to manage the issues list tomorrow
18:36 gtmanfred ghi list --no-milestone -s open --no-pulls -- saltstack/salt
18:38 MTecknology Her: Do we have any concerns?   Me: I need a to be modified to b. c is going to be this and this and if we stick with a, then it won't work with c and c can't be changed. We need to roll w/ b.  Her: So, what you're saying is, we need to get b done before we can roll out a and then get to c?
18:39 MTecknology uhm... no, we need to drop a and get b done or y'all gonna eff over my trip to the first ever salt conference   ;;   oh, no, no worries, c isn't important to a or b; you'll definitely be able to go to the conference.
18:39 GreatSnoopy joined #salt
18:39 MTecknology and now I work for Taos. :P
18:40 Tanta can you get jobs at the salt conference?
18:40 MTecknology Corey: speaking of which... how ya been? :P
18:41 xmj as with all conferences "likely if you do it right"
18:42 MTecknology Tanta: heheh, I considered just going anyway and trying to find a job there, but it would have meant screwing over >50,000 innocent people and I wasn't ready to do that.
18:43 Tanta I only ever went to 1 conference, and it was a stupid Parallels thing
18:46 pipps joined #salt
18:46 xmj MTecknology: don't see why going to a conference is screwing over innocent people :O
18:48 fannet joined #salt
18:49 sagerdearia joined #salt
18:50 MTecknology xmj: at the time, there were >10 highly visible and also quite critical projects that were paused in their tracks if I left. Rolling out shoretel (voip phones), winxp->win7 (across 12,000 remote endpoints), debian4->d8 (across 200 remote facilities) + 2 additional servers out there, oracle ldap -> MS AD, XIV upgrades, beehive -> exchange, ... and lots more.
18:50 cscf MTecknology, debian 4 to 8 ? O_o
18:50 sh123124213 is it normal for my server to go have crazy load when restarting salt-master ?
18:50 MTecknology sh123124213: kinda ya
18:50 cscf sh123124213, how many minions?
18:51 sh123124213 ~200
18:51 MTecknology configure re-auth delays
18:51 xmj MTecknology: fun
18:51 MTecknology sh123124213: https://docs.saltstack.com/en/carbon/topics/tutorials/intro_scale.html
18:51 xmj MTecknology: which year was that?
18:51 MTecknology xmj: 14? 15?..
18:52 MTecknology Was there a saltconf14? That sounds right
18:52 gtmanfred 14 was the first one
18:52 MTecknology ya, that's the one
18:52 fracklen joined #salt
18:52 MTecknology they told me the friday before the sunday I was supposed to leave that they're terminating the flight/hotel/etc.
18:53 gtmanfred heh
18:53 mohae_ joined #salt
18:53 gtmanfred I might be moving up there soon... we will see, my girlfriend is interviewing for jobs in salt lake... in San Antonio now
18:54 * MTecknology lives in south dakota
18:54 gtmanfred ouch
18:54 gtmanfred better than north dakota
18:54 MTecknology heheh.. yup
18:55 Elsmorian joined #salt
18:56 pipps joined #salt
18:57 MTecknology The only reason I really lost my sh* after that was because they'd told me repeatedly it'll be fine and I'll be able to go on that trip (to the very first salt conference.. I felt special) and I'd asked them many times (starting 6 mo prior) to push back the schedule two weeks. There wasn't even a set schedule, it was still being decided back then.
18:57 Tanta hmm, I live in DC
18:57 MTecknology The only reason that project(s) went so poorly was because they saw some young clueless kid telling them what to do and stopped listening.
18:57 Tanta if you sneeze here, you will have a new job
18:57 MTecknology hm?
18:57 MTecknology is it that easy to find jobs or?.
18:57 Tanta DC
18:58 Tanta lots of startups here
18:58 gtmanfred pass, i don't really wanna move back to the east coast
18:58 MTecknology ^ +1   I didn't like my time over there
18:58 netcho_ joined #salt
18:58 Tanta I didn't say it was a great place to live,... just good money and plenty of jobs
18:58 gtmanfred fair
18:59 Tanta the residential part of DC is terrible unless you're really wealthy
18:59 MTecknology I actually like living in SD. People can't drive for crap, but it's otherwise nicep
18:59 xmj I like the option "work remotely"
18:59 cmarzullo what you didn't like LA?
18:59 MTecknology HAHA!!
18:59 MTecknology oh, frick no
19:00 xmj aka, do consulting with US clients all the while living in Eastern Europe.
19:00 cmarzullo hehe. I could have shown you the fun stuff.
19:00 MTecknology forplay?
19:00 MTecknology that was a fun place that drained me of $1.6k pretty quickly :P
19:01 sh123124213 I would like to use salt-api for xmlrpc but I guess thats not possible atm unless I add another framework right ?
19:01 cmarzullo ouch.
19:01 MTecknology san jose has been kinda fun
19:01 cmarzullo It is expensive there. Kinda why I got out.
19:02 xmj MTecknology: how quickly? :p
19:02 cryptolukas joined #salt
19:02 MTecknology xmj: ~3hr
19:02 sh123124213 now the problem is that I would like to have it async so somebody would do a request and would get a jid but later when the job is finished I would like to do a callback with the result. Any idea how would that be possible ?
19:02 Tanta use curl in the job?
19:02 cryptolukas Have anyone experience with acme / letsencrypt? I don't get a functional state.
19:04 MTecknology cscf: If I paid off my house, sold it, and took all that cash, I'd have enough for a down payment on a similar house out there (in a similar neighborhood), but would probably be paying PMI.
19:04 cscf I think perhaps you meant cmarzullo
19:05 MTecknology yup, I did...
19:05 GreenLord left #salt
19:05 cmarzullo I sold my apt in DTLA. moved somewhere 24% cheaper than the national average.
19:05 MTecknology cryptolukas: https://gist.github.com/MTecknology/17b020c2ff572ab2be8d535cbddb2f7e
19:05 cmarzullo compared to LA which is like 27% above the national average
19:06 MTecknology I wonder what my house is compared to national average
19:06 MTecknology I wonder what my lot size is...
19:08 nicksloan joined #salt
19:09 MTecknology looks like 7,320 sq.ft.
19:14 akhter_1 joined #salt
19:14 dyasny joined #salt
19:15 cryptolukas Mtechnology: For a functional acme I need both state files?
19:16 MTecknology cryptolukas: type "mt<tab>"  Much easier than risking someone not being hilighted because of a typo. ;)   When it comes to salt states, no. You could drop all of those in a single file... or one file per state. I just did a fast copy/paste and even included line numbers from my editor.
19:17 MTecknology that's my own directory structure
19:17 pipps joined #salt
19:18 cryptolukas MTe thanks
19:18 cryptolukas MTecknology: thanks :)
19:19 nicksloan joined #salt
19:19 cryptolukas MTecknology: Ok also both are needed for the states
19:21 zer0def joined #salt
19:21 pipps99 joined #salt
19:24 Rubin_ if salt runs a command as some user.. does it execute .bash_profile or something? how would I adjust the $PATH ?
19:25 KajiMaster joined #salt
19:26 sagerdearia joined #salt
19:26 nidr0x joined #salt
19:27 gtmanfred you would need to pass env: to the cmd module
19:28 pipps joined #salt
19:28 gtmanfred you could also set the path in the daemon defaults files.  /etc/defaults/salt-minion on ubuntu/debian, or added Environment=PATH=.... to the systemd service unit for systemd stuff
19:28 gtmanfred also /etc/sysconfig/salt-minion for sysvinit, like other init scripts
19:29 gtmanfred afaik, it does not source the users .bash_profile, unless you specify something like python_shell=True, but that is much less secure than just setting the environment variable
19:30 Rubin_ this is for postgres_initdb
19:30 Rubin_ it doesnt have initdb in the path
19:30 Rubin_ (running as postgres user on debian)
19:30 Rubin_ i feel liek this is kind of a bug
19:30 gtmanfred it is not
19:30 gtmanfred it is the expected behavior
19:31 gtmanfred are you using the cmd.run state/
19:31 haam3r joined #salt
19:31 Rubin_ no im uisng postgres_initdb.present
19:31 Rubin_ it doesnt have an 'env' argument
19:31 gtmanfred ahh, hold on
19:31 Rubin_ so its kinda impossible to use it seems
19:31 Rubin_ im a salt n00b though maybe im missing something?
19:31 gtmanfred give me one second
19:32 Rubin_ k
19:33 gtmanfred you can set 'postgres.initdb_bin' in the grains/pillar or minion config and it will find it
19:33 gtmanfred docs on that are set to be added in 2016.11
19:33 Rubin_ oh
19:33 Rubin_ um
19:33 gtmanfred https://github.com/saltstack/salt/commit/4cdafd20e69b2a00f6f59924e95062152f13e49b
19:33 Rubin_ what do you mean gains/pillar ?
19:33 Rubin_ pillar would work but which?
19:34 gtmanfred just echo 'postgres.initdb_bin: /path/to/initdb' >> /srv/pillar/initdb.sls
19:34 gtmanfred and add initdb to the top.sls
19:34 gtmanfred or do
19:34 Rubin_ no thats perfect
19:34 Rubin_ thanks
19:34 fannet joined #salt
19:34 gtmanfred echo 'postgres.initdb_bin: /path/to/initdb' >> /etc/salt/grains
19:34 gtmanfred cool
19:35 gtmanfred yeah, docs about that will be in the 2016.11 docs
19:36 gtmanfred actually
19:36 gtmanfred hrm...
19:36 gtmanfred that wont be in until 2016.11
19:37 gtmanfred Rubin_: ^^
19:38 gtmanfred so you would need to modify the systemd service unit, or add PATH= to the initscript modifier stuff
19:38 Rubin_ hm
19:39 Rubin_ might be easier to just run initdb as a cmd for now :/
19:39 gtmanfred yar, i use cmd.run and set Env on that in mine
19:39 gtmanfred Rubin_: https://github.com/gtmanfred/openstack-salt-states/blob/liberty/postgres/init_db.sls
19:39 Rubin_ what do you check to see if its already there? base directory or something?
19:40 Rubin_ oh thanks
19:40 pipps joined #salt
19:40 gtmanfred i set a grain once it has been setup
19:40 gtmanfred you can also add a `creates: ` option to the cmd.run and it won't run if that directory exists
19:40 gtmanfred set creates: to the data directory
19:41 gtmanfred Rubin_: This is also worth using https://github.com/saltstack-formulas/postgres-formula
19:41 pipps99 joined #salt
19:42 Rubin_ i found the postgres-formula to be a bit .. lacking
19:42 gtmanfred submit pull requests <3
19:43 fracklen joined #salt
19:43 honestly formulas always need love
19:44 stooj joined #salt
19:44 Corey MTecknology: I am well!
19:44 Corey gtmanfred: Insider information time: When's the next SaltConf.
19:44 Corey ?
19:44 MTecknology http://dpaste.com/1D623J8  -- I have some salt processes that don't seem to be behaving correctly
19:44 fracklen_ joined #salt
19:45 MTecknology http://dpaste.com/1ZHAMZ7 - everything underneath of 5790 is spitting that out
19:46 jas02 joined #salt
19:46 gtmanfred Corey: no idea
19:46 jas02 joined #salt
19:47 gtmanfred Corey: probably earlier in the year this year, so that skiing could happen again?
19:47 gtmanfred cause that was a big complaint from saltstack employees :P
19:48 snc joined #salt
19:48 toanju joined #salt
19:51 pipps joined #salt
19:55 jav joined #salt
19:56 toastedpenguin joined #salt
19:57 druonysus joined #salt
19:57 samodid joined #salt
20:02 cyborg-one joined #salt
20:02 impi joined #salt
20:02 DammitJim joined #salt
20:03 stooj joined #salt
20:05 DammitJim alright. time to talk about vmware
20:05 DammitJim is there a way to take snapshots of VMs in a vCenter with salt?
20:06 gtmanfred i believe so
20:06 DammitJim noway
20:06 DammitJim noway, I don't believe you
20:07 JPT the vCenter exposes an API that probably also allows triggering the creation of a snapshot
20:08 gtmanfred we use pyvmomi to interface with vsphere
20:08 DammitJim awesome!!!
20:08 JPT https://docs.saltstack.com/en/latest/ref/clouds/all/salt.cloud.clouds.vsphere.html
20:08 JPT > salt.cloud.clouds.vsphere.create_snapshot(kwargs=None, call=None)
20:08 gtmanfred salt vmware take snapshot
20:08 DammitJim so, the word cloud doesn't mean it has to be on the "cloud?" right?
20:08 gtmanfred don't use vsphere cloud
20:08 gtmanfred it is deprecated
20:08 JPT Oh, damn it. I didn't see that
20:08 gtmanfred use the vmware one https://docs.saltstack.com/en/latest/ref/clouds/all/salt.cloud.clouds.vmware.html#salt.cloud.clouds.vmware.create_snapshot
20:09 gtmanfred salt -f create_snapshot <servername>
20:09 gtmanfred or -a
20:09 gtmanfred not -f
20:09 gtmanfred salt-cloud -a create_snapshot <vmname> snapshot_name='snapshot'
20:09 DammitJim I guess I need to learn what cloud means in this context
20:09 DammitJim I just have local servers in my data center
20:10 gtmanfred that is a *cloud*
20:10 DammitJim oh
20:10 gtmanfred salt-cloud is just a way to interface with virtualized servers
20:10 DammitJim what's the difference between doing a salt call vs a salt-cloud call?
20:10 gtmanfred salt-call is to run salt-minion type work on a minion ...
20:10 DammitJim all my servers that run applications are VMs
20:10 DammitJim the hosts run just ESXi
20:10 gtmanfred salt-cloud is just a thing to interface with apis to manage virtualized servers
20:11 gtmanfred there is also an esxi proxy minion, but i don't see a way to take a snapshot with that
20:11 DammitJim oh, so with salt-cloud I'm actually interfacing with the ESXi host in this case?
20:11 gtmanfred you are interfaceing with vsphere
20:11 DammitJim right
20:11 DammitJim sorry... vSphere
20:11 gtmanfred there is an esxi proxy minion for configuring esxi and making the esxi host act and responsd to salt esxi test.ping
20:12 gtmanfred https://docs.saltstack.com/en/latest/topics/tutorials/esxi_proxy_minion.html
20:12 DammitJim I wonder what I need to install to get salt-cloud working
20:12 gtmanfred https://docs.saltstack.com/en/latest/ref/proxy/all/salt.proxy.esxi.html
20:12 gtmanfred yum install salt-cloud, and configure a vmware provider/profile
20:12 gtmanfred DammitJim: check the top of this page https://docs.saltstack.com/en/latest/ref/clouds/all/salt.cloud.clouds.vmware.html
20:13 DammitJim gtmanfred, I know we were talking last week about versions.. I'm still on 2015.8.12, is that OK?
20:13 gtmanfred yeah
20:13 gtmanfred vmware salt-cloud was added in 2015.5.4
20:13 gtmanfred and the salt proxy for esxi was added in 2015.8.4
20:13 DammitJim wow... I hadn't installed python-pip to my master
20:15 gtmanfred if you have python version before 2.7.9 or don't have the ssl hostname match backported to that version (redhat/centos 7.2 does, no idea about ubuntu or debian) then you will need to isntall pyVmomi 5.5.0.2014.1.1
20:15 DammitJim what is a simple test I can run?
20:15 gtmanfred there isn't onw
20:15 gtmanfred one*
20:16 gtmanfred but if you run into ssl issues, you may have to downgrade, read the not on the vmware page
20:16 DammitJim wow... I actually have 2.7.5 of python
20:16 DammitJim now I need to uninstall pyVmomi
20:17 gtmanfred are you on redhat or centos?
20:17 gtmanfred just try setting it up, if it gives you an error, run the line in the vmware page to downgrade it to the other version
20:17 jav joined #salt
20:18 DammitJim ubuntu
20:18 gtmanfred see last message
20:19 DammitJim I just installed v 5.5
20:19 DanyC joined #salt
20:19 gtmanfred i would highly recommend using the newer version cause it actually does ssl stuff, if you have the backport in, which i would imagine and update ubuntu 14.04 or 16.04 release would... but whatever
20:20 DammitJim thanks man!
20:20 DammitJim we'll get there
20:20 DammitJim another thing on my list of things to do ;)
20:24 druonysus joined #salt
20:26 DanyC left #salt
20:27 DammitJim what is the url under my-vmware-config ?
20:27 DammitJim oh, just the vcenter server
20:28 promorphus joined #salt
20:29 mavhq joined #salt
20:31 pipps joined #salt
20:34 sagerdearia joined #salt
20:35 cscf Is it common to manage the main /etc/salt/master through Salt?
20:35 XenophonF yes
20:35 DammitJim yes
20:35 XenophonF jinx!
20:35 DammitJim for my /etc/salt/cloud.providers.d/vmware.conf... should I be worried about my credentials in that file?
20:35 XenophonF cscf: take a look at https://github.com/saltstack-formulas/salt-formula
20:35 DammitJim you win
20:36 cscf hmm, salt.pkgrepo would have been handy, but I reimplemented that already
20:37 keltim hm, are environments supposed to be functional with salt-call --local, or is the master needed?
20:38 DammitJim OMG gtmanfred this is SOOOO powerful!
20:38 keltim (assuming file/pillar roots are set up)
20:39 gtmanfred DammitJim: you could store them in sdb, but other than that... meh, it is just security by obscurity
20:39 gtmanfred DammitJim: https://docs.saltstack.com/en/latest/ref/sdb/all/salt.sdb.sqlite3.html
20:39 gtmanfred keltim: if they are setup locally, then no, you should not need a master for salt-call --local
20:39 gtmanfred they need to be on the minion though, or setup with external pillars and fileservers
20:40 onlyanegg joined #salt
20:40 gtmanfred keltim: https://github.com/gtmanfred/blog-sls/blob/master/minion.d/fileserver.conf
20:40 DammitJim gotcha
20:41 DammitJim is there a way to delete a snapshot?
20:41 mpanetta joined #salt
20:41 gtmanfred there is a remove_snapshot function on that salt.cloud.clouds.vmware page
20:42 gtmanfred well, remove_all_snapshots
20:42 DammitJim right, I don't want that (even though that's what is recommended)
20:42 DammitJim man, I have snapshots that someone in my team took last year!
20:43 gtmanfred well, you could add it
20:43 gtmanfred but it is not provided
20:43 DammitJim add what?
20:43 gtmanfred a remove_snapshot function
20:43 gtmanfred but no, it cannot delete just one snapshot
20:43 DammitJim to the python code?
20:43 gtmanfred it can only do remove_all_snapshots
20:43 gtmanfred yes, you could add it to the cloud driver
20:44 DammitJim I'd love to... if I had time (yes, a little self absorbed at this time)
20:44 gtmanfred then the answer is no, it does not have a functon to delete a snapshot
20:45 DammitJim thank you
20:46 DammitJim the next step... how do I use salt say to create snapshots of a group of VMs
20:46 DammitJim is that more of a.... bash script?
20:47 DammitJim than a targeting?
20:48 DammitJim nice... just finished removing all snapshots of a VM
20:48 gtmanfred write a python function that looks up the vm using the salt.cloud.CloudClient to look up vms and trigger the actions
20:48 gtmanfred https://docs.saltstack.com/en/latest/topics/cloud/salt.html#cloudclient
20:48 DammitJim oh ok, so at this stage (this is all new to me)... I need to start creating python scripts
20:48 DammitJim is there a default place to save these?
20:49 gtmanfred /usr/local/bin ?
20:49 honestly _modules?
20:49 gtmanfred _runners
20:49 honestly oh right
20:49 DammitJim _runners
20:49 gtmanfred you could use the salt-run to manage stuff in cloudclient, since it needs to run on the master
20:50 DammitJim oh, I don't have a _runners folder
20:50 gtmanfred make one, it is like _modules or _states, but you can make customer runner modules
20:50 gtmanfred custom*
20:50 gtmanfred then you can pass the runner modules around in your gitfs or however you setup your fileserver
20:50 DammitJim but those should go on /usr/local/bin ?
20:50 gtmanfred no
20:51 gtmanfred it should go in salt://_runners
20:51 DammitJim /etc/salt/_runners?
20:51 gtmanfred /srv/salt/_runners
20:51 DammitJim oh
20:51 DammitJim in my case /srv/salt/_runners
20:51 gtmanfred yes
20:51 DammitJim OMG... sooo much to learn and to do, but AWESOME!
20:51 DammitJim I'm doing OS updates in 2 days and I want to control everything that happens from salt
20:51 gtmanfred or in your gitfs stuff, and you can run them with salt-run custom.do_thing server1,server2,server3, or whatever
20:52 DammitJim from creating the snapshots on all 30 servers, to updating the OS packages, to rebooting (in a specific order), then testing (the only thing I can't do with salt), and finally removing the snapshots
20:52 DammitJim no gitfs, yet
20:52 DammitJim soon... though
20:53 DammitJim where do I read about this?
20:53 gtmanfred google saltstack gitfs
20:53 gtmanfred https://docs.saltstack.com/en/latest/topics/tutorials/gitfs.html
20:53 DammitJim no, I've read that
20:53 DammitJim the salt-run custom.do_thing
20:53 gtmanfred https://docs.saltstack.com/en/latest/ref/runners/
20:54 gtmanfred that talks about writing salt runners
20:54 DammitJim oh ok
20:54 tapoxi DammitJim: runners are really easy, I have one for deployment
20:54 DammitJim crap, I need more time
20:54 haam3r joined #salt
20:54 gtmanfred do it live!
20:55 tapoxi I can send you some snippets if you want
20:55 DammitJim I gotta get back to drawing out my plan for the upgrades and I'll come back to this
20:55 DammitJim *sigh*
20:55 DammitJim tapoxi, I really appreciate it and gtmanfred... I need to slow down... this is when I get in trouble
20:55 tapoxi hahaha
20:55 gtmanfred :)
20:55 DammitJim it's true, isn't it? you guys have probably learned
20:56 tapoxi learned? :D
20:56 DammitJim I mean, I'd love to dive into this, but I gotta manage the updates and coordinate and do that stuff first (so we can actually do the update)
20:56 gtmanfred ¯\(°_o)/¯ i don't have any real production machines anymore, one nice thing about only working on salt
20:56 cscf gtmanfred, that sounds nice
20:56 DammitJim can I have my runners under /srv/_runners?
20:56 DammitJim I have my /srv/pillar
20:56 DammitJim and /srv/salt
20:56 DammitJim folders
20:56 gtmanfred you cannot
20:56 gtmanfred it has to be in the salt:// fileserver
20:57 DammitJim oh ok
20:57 cscf why an underscore?
20:57 tapoxi yeah I keep forgetting to ask this
20:57 DammitJim got it
20:57 tapoxi how do I store my runners on gitfs
20:57 gtmanfred tapoxi: just put them in a _runners directory in the git repo
20:57 tapoxi oh damn
20:57 tapoxi ok
20:57 gtmanfred cscf: for a custom written runner module
20:57 mpanetta joined #salt
20:58 hemebond Wait... you can just use _runners?
20:58 cscf gtmanfred, that's a reserved filename?
20:58 hemebond I thought you had to configure extmods.
20:58 gtmanfred hemebond: yeah starting in boron
20:58 hemebond Oooh
20:58 gtmanfred nope
20:58 hemebond I had to configure external modules directory.
20:58 tapoxi gtmanfred: does _engines work too?
20:58 gtmanfred yes
20:58 tapoxi awesome
20:58 tapoxi I'm a masochist so I have a personal goal to implement the sensu api as an engine
20:59 DammitJim real quick
20:59 DammitJim I created a file called test.py
20:59 CeBe Hi, what is the tool to use salt without master but from a control machine? I mean like just going over ssh like it seems to be possible with ansible. And why would I not want to do that? :)
20:59 DammitJim with a function called foo
20:59 gtmanfred tapoxi: hemebond all of these ones can be synced https://github.com/saltstack/salt/blob/2016.3/salt/runners/saltutil.py#L34-L45
20:59 tapoxi DammitJim: one sec
20:59 DammitJim why am I getting 'test.foo' is not available when I run: sudo salt-run test.foo
20:59 hemebond Ooh, maybe that's why I used external modules; I don't need/want them synced to minions.
20:59 CeBe I feel like a minion-master setup does not fit my current workflow well
20:59 gtmanfred DammitJim: did you put it in _runners, and run salt-run saltutil.sync_all ?
20:59 DammitJim all I'm doing is printing hello world
21:00 DammitJim oh, no sync
21:00 cscf CeBe, you mean like pushing changes from your workstation?
21:00 DammitJim weird... sync_all is also not available
21:00 DammitJim let me google it
21:00 CeBe cscf: yes
21:00 mpanetta joined #salt
21:00 gtmanfred DammitJim: oh
21:00 cscf CeBe, why not make your workstation a master?
21:01 gtmanfred DammitJim: you can't do custom runners on 2015.8
21:01 gtmanfred DammitJim: that was added in 2016.3.3
21:01 DammitJim DAMMIT
21:01 DammitJim ok, no problem
21:01 cscf Or have a master and work over ssh, that's what most ppl do
21:01 tapoxi DammitJim: http://hastebin.com/axapigacik.py
21:01 DammitJim I can deal with that... I now have a plan to upgrade to 2016.3.1
21:01 tapoxi DammitJim: boilerplate for you
21:01 pipps_ joined #salt
21:01 gtmanfred DammitJim: you can still use the extension modules and set runners in there
21:01 CeBe cscf: because the minion can not connect to it if it is on public internet and there may be many workstations that want to deploy something, e.g. other devs
21:01 DammitJim how do you run that, tapoxi
21:01 DammitJim ok, gotta run, the kids and wife are waiting to go trick or treating... long drive
21:02 DammitJim THANK YOU SO MUCH!!!
21:02 gtmanfred cscf: it is https://docs.saltstack.com/en/2015.8/ref/modules/index.html
21:02 DammitJim sorry for the caps
21:02 cscf CeBe, what is wrong with devs all ssh'ing into the master?
21:02 tapoxi DammitJim: happy halloween ill go over it later
21:02 gtmanfred cscf: _modules _runners _engines, etc
21:03 CeBe cscf: I'd like to re-use the same states for local development also, so I'd need to create a set of virtual machines to create a network where minons find their master
21:03 tapoxi CeBe: salt-ssh
21:04 tapoxi CeBe: with salt-ssh you just feed it a roster of machines and you can pass the pw at runtime or have it deploy a key. works like ansible
21:04 cscf tapoxi, can you use salt-ssh to install salt-minion?
21:04 CeBe tapoxi: thanks, that sounds like what I want
21:04 tapoxi cscf: yep, I've done that
21:05 cscf That sounds handy
21:05 CeBe tapoxi: is there a guide about how it works?
21:05 tapoxi I use salt-ssh for debugging minion issues and upgrading them
21:05 CeBe I was searching the docs but did not find this option
21:05 tapoxi CeBe: https://docs.saltstack.com/en/latest/topics/ssh/
21:05 cscf Sounds good in combo with VM & container systems that provision with an ssh key
21:05 cscf I guess salt-cloud does that
21:06 jas02 joined #salt
21:06 tapoxi CeBe: downside is that for sudo to work you need to have it set to NOPASSWD in sudoers. I just have a key deployed for root access
21:06 DanyC joined #salt
21:07 zer0def joined #salt
21:07 xbglowx joined #salt
21:07 CeBe tapoxi: thanks, that's exactly what I was looking for :)
21:08 CeBe still need to think about user structure/permissions
21:08 tapoxi CeBe: for managing users on the boxes?
21:09 CeBe tapoxi: no, whether I want to  connect as root or use sudo
21:09 tapoxi ahh
21:10 CeBe for multiple devs it might be better to have users with sudo
21:10 gtmanfred tapoxi: you could also use the saltify cloud driver to install the salt-minion, it will use bootstrap
21:10 jas02_ joined #salt
21:11 tapoxi gtmanfred: yeah my new env is salt-cloud.
21:11 gtmanfred i fixed the salt-ssh roster so that you could use the salt-master cache to ssh to minions
21:12 gtmanfred https://gist.github.com/gtmanfred/34b5d6b9cbc8faf800cdb2014ee1534c
21:12 gtmanfred salt-ssh cache roster
21:12 keltim gtmanfred, thanks
21:12 gtmanfred keltim: np
21:12 keltim gtmanfred, thanks!
21:12 tapoxi gtmanfred: so my new master is deployed via the bootstrap
21:12 keltim oops
21:12 tapoxi the config file looks different than stock, why is that?
21:13 gtmanfred because it is rendered on the server from salt-cloud using the SALT_MASTER_DEFAULTS_OPTS to set all the defaults on the master, so that you could configure it in the cloud profile/provider
21:13 tapoxi oh damn
21:13 jhauser joined #salt
21:13 keltim what's the simplest way to set a jinja var from pillar but default to some other value? this does not work of course, but something like {%- set Protocol = global.pval('ssh:server:config:Protocol', '2') %}
21:14 keltim should it be {%- set Protocol = global.pval(('ssh:server:config:Protocol'), '2') %}  ?
21:14 gtmanfred you mean, {%- set Protocol = salt.pillar.get('ssh:server:config:Protocol', '2') %}
21:15 keltim gtmanfred, well, that's what I have and it's not working
21:15 gtmanfred you have
21:15 gtmanfred ssh:
21:15 gtmanfred server:
21:15 gtmanfred config:
21:15 gtmanfred Protocol: '3'
21:15 gtmanfred or something in the pillars? or is the default not working?
21:15 keltim yes, pillar is right the defaults are rendering strangely, like 'yes' becoming 'true' somehow
21:15 gtmanfred that is a yaml thing
21:15 sagerdearia joined #salt
21:15 keltim ah. how to avoid?
21:16 gtmanfred keltim: https://docs.saltstack.com/en/latest/topics/troubleshooting/yaml_idiosyncrasies.html#true-false-yes-no-on-off
21:16 keltim thanks
21:16 gtmanfred you need to quote it
21:20 honestly I should put out bounties for all of the salt-ssh bugs I find...
21:20 keltim working now, thanks gtmanfred
21:21 gtmanfred dope
21:21 gtmanfred i am going to go start cooking dinner
21:22 Edgan honestly: I have found many and at least 50% I have gotten fixed
21:23 Edgan honestly: You will be in a much better place when 2016.11 comes out
21:23 honestly https://github.com/saltstack/salt/issues?utf8=%E2%9C%93&amp;q=is%3Aissue%20author%3Aduk3luk3%20
21:23 honestly 5 open, 4 closed
21:23 honestly (:
21:24 Edgan honestly: https://github.com/saltstack/salt/issues?utf8=%E2%9C%93&amp;q=is%3Aissue%20author%3Aedgan%20ssh
21:26 honestly hehe
21:26 Edgan honestly: I am heavily using salt-ssh for salt testing(pre-commit), deployments, and mixes of datastores/deployments.
21:27 honestly I'm using it essentially as literate code for all of our infrastructure
21:28 Edgan honestly: literate?
21:28 honestly https://en.wikipedia.org/wiki/Literate_programming
21:28 saltstackbot [WIKIPEDIA] Literate programming | "Literate programming is an approach to programming introduced by Donald Knuth in which a program is given as an explanation of the program logic in a natural language, such as English, interspersed with snippets of macros and traditional source code, from which a compilable source code can be generated..."
21:29 Edgan honestly: a more common way of saying that is infrastructure as code
21:29 Edgan honestly: datacenter, not AWS/Cloud?
21:30 honestly yeah it's all, uh, on-prem or whatever the kids say these days
21:30 honestly most stuff runs in ESXI VMs, but we don't do anything fancy cloud-like with the ESX
21:31 RandyT howdy salts
21:31 RandyT I'm getting a 'source_hash_update' is an invalid keyword argument for 'archive.extracted' warning.
21:31 RandyT running on 2016.3.3
21:31 RandyT from the docs, this should be supported...
21:32 prg3 joined #salt
21:32 RandyT https://docs.saltstack.com/en/carbon/ref/states/all/salt.states.archive.html#salt.states.archive.extracted
21:34 prg3 joined #salt
21:36 s_kunk joined #salt
21:36 RandyT actually have the answer, appears a salt-cloud has deployed a 2015.8.5 minion...
21:37 stooj joined #salt
21:39 twork_ joined #salt
21:43 Rubin_ gtmanfred, why did your example earlier hav {%- intstead of {% ?
21:43 netcho_ joined #salt
21:43 Rubin_ i have not encountered that yet
21:44 honestly {%- removes preceding whitespace
21:44 honestly -%} removes trailing whitespace, conversely
21:45 CEH joined #salt
21:45 Rubin_ whole lines?
21:45 Rubin_ or all?
21:45 honestly everything
21:45 stooj joined #salt
21:45 honestly ...which is pretty annoying
21:46 Rubin_ so then wouldnt it jam up into the previous statement?
21:46 RandyT Rubin_: best example some-file-name-{{- variable -}}.ext
21:46 honestly RandyT: huh?
21:46 anotherzero joined #salt
21:46 Rubin_ no it already does that
21:46 RandyT useful when you want to make sure no extra white space gets added when constructing strings
21:46 Rubin_ foo{{ somevariable }}bar is already foovarbar
21:47 honestly well mainly it's good for not having an annoying empty line for every jinja macro block
21:47 RandyT not my experience
21:47 honestly but if you have a file that you also want to have indents in it gets very ugly very quickly
21:48 honestly anyway, here's the documentation: http://jinja.pocoo.org/docs/dev/templates/#whitespace-control
21:51 netcho joined #salt
21:53 gtmanfred Rubin_: http://jinja.pocoo.org/docs/dev/templates/#whitespace-control
21:53 gtmanfred whitespace control
21:54 honestly gtmanfred: plagiarist
21:54 gtmanfred heh, i didn't see you had linked that
21:54 gtmanfred my spanish rice is simmering
21:55 gtmanfred I am still unable to assign the milestone Approved to issues :(
21:59 Rumbles_ joined #salt
22:00 pipps joined #salt
22:01 pipps99 joined #salt
22:04 abednarik joined #salt
22:04 dyasny joined #salt
22:06 gtmanfred and fixed
22:09 haam3r joined #salt
22:10 haam3r joined #salt
22:11 haam3r joined #salt
22:12 haam3r joined #salt
22:12 haam3r joined #salt
22:13 jnials joined #salt
22:13 haam3r joined #salt
22:13 justanotheruser joined #salt
22:14 haam3r joined #salt
22:15 haam3r joined #salt
22:15 haam3r joined #salt
22:16 haam3r joined #salt
22:17 haam3r joined #salt
22:17 jnials joined #salt
22:23 jnials joined #salt
22:27 jnials joined #salt
22:29 jnials joined #salt
22:29 promorphus joined #salt
22:33 snarfy^ joined #salt
22:33 snarfy^ Hey dudes. anyone got a good suggestion of how to control the docker logs for an image with dockerng?
22:34 snarfy^ it's kinda the last piece missing for me - volumes and stuff are all managed
22:34 snarfy^ but i got an app that can fill up a log volume toute de suite
22:35 keltim when using multiple environments, how does the minion know what env it's in? a grain?
22:36 keltim or does any running of states have to be passed saltenv= ?
22:38 babilen keltim: You typically assign states in the top file
22:38 babilen (and environments)
22:38 CeBe keltim: its defined in the top.sls: https://docs.saltstack.com/en/latest/ref/states/top.html#a-basic-example
22:40 Derailed joined #salt
22:40 keltim so it's normal to make some grain and match them to that?
22:41 gtmanfred keltim: that would be less than secure
22:41 gtmanfred but you can do it
22:41 gtmanfred but if someone compromises the box, they could change the grain and get different targets
22:41 mapu joined #salt
22:42 keltim perhaps I'm using it wrong, I though for ex. have one sshd sls in base, but multiple sshd pillars depending on environment. Or should there be one sshd pillar with jinja conditions matching the environment?
22:43 keltim it kind of suggests that it be used that way to me anyway
22:44 pipps joined #salt
22:46 keltim but in the "basic example" CeBe posted, the matching is identical in each environment. How does that work?
22:47 pipps99 joined #salt
22:47 dps joined #salt
22:48 gtmanfred keltim: you can hard lock a minion to a specific environment by adding 'environment: prod' in the grains
22:48 gtmanfred or in the minion config
22:49 gtmanfred that is probably how that example is doing it
22:49 keltim gtmanfred, must be ...
22:49 keltim they can still see "base" I assume ...
22:49 keltim ok thanks a lot
22:50 west575_ joined #salt
22:50 gtmanfred no problem
22:52 snarfy_ joined #salt
22:53 sagerdearia joined #salt
22:54 abednarik joined #salt
22:58 fannet joined #salt
22:58 jas02 joined #salt
23:00 Klas joined #salt
23:03 edrocks joined #salt
23:07 stooj joined #salt
23:08 mavhq joined #salt
23:11 JT joined #salt
23:13 JonT I'm trying to use watch_in with a file.managed, but the service it refers to may or may not be in use with this particular host. Is there any way to conditionally use watch_in only if that service exists?
23:13 Klas joined #salt
23:15 amontalban joined #salt
23:17 gtmanfred JonT: you could wrap it in an if jinja statement {%- if '<servicename>' in salt.service.get_all() %}
23:17 gtmanfred or
23:18 gtmanfred {%- if salt.service.available('servicename') %}
23:18 gtmanfred https://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.service.html
23:19 JonT gtmanfred: works perfectly. Thanks!
23:19 gtmanfred no problem
23:20 sh123124213 gtmanfred: you know anybody having done some other framework on top of salt-api ( like twisted ) ?
23:20 gtmanfred what do you mean by framework?
23:20 gtmanfred as in other than rest_cherrypy or rest_tornado?
23:21 gtmanfred you would just need to write another netapi, or you could do what I did and write an engine
23:21 gtmanfred http://blog.gtmanfred.com/masterless-reactor.html
23:21 gtmanfred or what do you mean by on top of salt-api?
23:22 gtmanfred salt-api just runs rest_cherrypy, but rest_tornado just runs with the salt master
23:23 sh123124213 just like cherrypy or tornado yes
23:24 gtmanfred i am not aware of one, but i don't see a reason you couldn't do it
23:24 gtmanfred though i would make sure that it is python3 compatible
23:24 abednarik joined #salt
23:25 gtmanfred cause i don't think we are going to add any more netapi apps that aren't python3 compatible
23:25 gtmanfred a flask one would be good, maybe I will do that some day
23:26 mavhq joined #salt
23:26 sh123124213 I want something that does xmlrpc
23:26 jacksontj joined #salt
23:26 gtmanfred ahh, yeah i am not aware of one, but it shouldn't be too difficult
23:28 gtmanfred yeah, looks like it just needs to be written https://docs.saltstack.com/en/latest/topics/netapi/index.html
23:32 sh123124213 ye but I don't see why I should write it with salt-api and not just write a normal WS that uses salt libraries
23:32 gtmanfred that is all that salt-api is
23:32 gtmanfred it just sits in front of salt and uses the salt client libraries
23:33 nicksloan joined #salt
23:34 sh123124213 well salt uses tornado for other reasons as well, not only for the api so I'm thinking you have some direct connectivity to the ioloop through the api
23:35 gtmanfred we do not
23:35 gtmanfred it just uses the client libraries
23:36 gtmanfred here is where they are assigned in the SaltClientsMixin https://github.com/saltstack/salt/blob/develop/salt/netapi/rest_tornado/saltnado.py#L252-L259
23:37 gtmanfred tornado is actually only partially implemented, it does not support everything that rest_cherrypy does
23:38 gtmanfred https://github.com/saltstack/salt/issues/26505
23:38 saltstackbot [#26505][OPEN] Bring Saltnado up to feature parity with rest_cherrypy | [As has been discussed](https://github.com/saltstack/salt/issues/13698#issuecomment-94056727) now that Tornado is a dep for Salt core it makes sense to move development effort on a REST API to Saltnado. We do not yet have a timeline for this work but we cannot deprecate `rest_cherrypy` until Saltnado has feature parity and identical interfaces so this issue will serve as a
23:38 keltim joined #salt
23:40 spuder joined #salt
23:41 Sokel joined #salt
23:41 Sokel left #salt
23:44 akhter joined #salt
23:48 abednarik joined #salt
23:52 mikecmpbll joined #salt
23:53 amontalban joined #salt
23:55 jas02 joined #salt
23:58 amontalb1n joined #salt
23:58 jas02_ joined #salt
23:59 pipps joined #salt

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary