Perl 6 - the future is here, just unevenly distributed

IRC log for #salt, 2016-11-04

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:00 jas02 joined #salt
00:05 pipps joined #salt
00:15 mariusv joined #salt
00:15 mariusv joined #salt
00:17 onlyanegg joined #salt
00:17 edrocks joined #salt
00:20 patarr joined #salt
00:21 pipps joined #salt
00:22 lordcirth Is it just me, or is nfs3.del_export broken?
00:22 lordcirth No matter what (valid) export path I specify, it errors: "Is a directory" which of course it is, and should be!
00:27 pipps joined #salt
00:34 hasues joined #salt
00:34 fracklen joined #salt
00:34 hasues left #salt
00:37 flowstate joined #salt
00:39 systo joined #salt
00:40 patarr joined #salt
00:47 sh123124_ joined #salt
00:47 nawwmz how can I get salt-cloud to use a different user than root when its provisioning the hosts
00:48 nawwmz its running commands as root when its bootstrapping
00:49 hemebond nawwmz: salt-cloud contacts the remove provider to create instances.
00:50 nawwmz hemebond: is there anyway to change the user it uses to bootstrap the hosts during provision?
00:51 hemebond Yeah, whatever you put in the provider configuration.
00:51 hemebond Depends on which driver you're using.
00:51 nawwmz openstack
00:51 skeezix-hf joined #salt
00:51 nawwmz i passed user: cloud
00:51 nawwmz in my profile but it still bootstraps as root
00:51 nawwmz interestingly, it did use the ssh key i passed it
00:52 hemebond So you put user and password in your provider config?
00:52 lordcirth nawwmz, is it doing cloud and then sudo, perhaps?
00:53 hemebond nawwmz: You say "profile"
00:53 hemebond What do you mean?
00:54 hemebond "in my profile but it still bootstraps as root"
00:54 hemebond What does that mean?
00:54 nawwmz hehe ok so heres what i got
00:54 nawwmz im my provider config, i've got user and password which defines the authentication to hit provider
00:55 hemebond "different user than root when its provisioning the hosts"
00:55 hemebond You seem to be mixing terms.
00:55 nawwmz i think so... hmm
00:57 vegasq joined #salt
01:01 jas02 joined #salt
01:02 lordcirth Figured out nfs3, you have to do path= , otherwise it assumes you mean the exports file...
01:03 nawwmz hemebond: ok i changed the user from my email addr to user: cloud but it failed to authenticate to the cloud
01:03 hemebond Do you have a "cloud" user on your OpenStack provider?
01:03 hemebond Is that how you login to OpenStack to do stuff?
01:04 nawwmz oh nah, its using my own account for now, we do need to make a shared account
01:04 nawwmz then when its bootstrapping the host, i get "[DEBUG   ] Please login as the user "cloud" rather than the user "root"."
01:04 hemebond user and password is the user and password you use to login to OpenStack.
01:04 hemebond Aha, the bootstrapping is your problem.
01:05 nawwmz yeah
01:05 nawwmz the bootstrap piece
01:05 nawwmz i cant seem to change the user anywhere :\
01:06 hemebond Try ssh_username
01:06 hemebond In the profile
01:06 nawwmz ooo ok let me try
01:09 nawwmz @hemebond you are a beast
01:09 nawwmz hemebond: works, thx!
01:09 hemebond ūüĎć
01:09 hemebond Similar to EC2.
01:09 nawwmz ahhh
01:09 nawwmz fml
01:09 nawwmz :)
01:10 hemebond https://docs.saltstack.com/en/latest/topics/cloud/misc.html
01:12 vodik joined #salt
01:20 jas02 joined #salt
01:27 neilf__ joined #salt
01:30 nawwmz ever seen boot strap failed because of a failed package install? "Error unpacking rpm package python2-crypto-2.6.1-9.el7.x86_64" on centos7
01:30 hemebond Well that's required for salt-minion so yeah, it'll cause the bootstrap to fail.
01:31 hemebond Try running the bootstrap script manually to see if it works.
01:31 ablemann joined #salt
01:32 ablemann left #salt
01:32 nawwmz i tried locally on the minion by doing a yum install and I get an error "error: unpacking of archive failed on file /usr/lib64/python2.7/site-packages/pycrypto-2.6.1-py2.7.egg-info: cpio: rename"
01:33 hemebond If you're trying to debug bootstrapping you should really test with the bootstrap script.
01:33 hemebond But in this case it looks like a centos package fauilt.
01:36 nawwmz yeah
01:36 hemebond Try a pip install
01:36 flowstate joined #salt
01:37 hemebond Likely won't help.
01:37 hemebond I see a lot of problems with centos.
01:40 DEger joined #salt
01:40 kevc joined #salt
01:49 fas3r joined #salt
01:49 keimlink joined #salt
01:50 akhter joined #salt
01:53 tkharju joined #salt
01:53 nicksloan joined #salt
01:58 netcho_ joined #salt
01:59 lorengordon anyone know where in the salt code one might add additional jinja filters?
02:00 lorengordon i found salt/utils/jinja.py, where `load_yaml` et al are defined in the class SerializerExtension, but it's not clear to me how one might add a simple custom jinja filter...
02:00 nawwmz hemebond: on your test instance is /usr/lib64/python2.7/site-packages/pycrypto-2.6.1-py2.7.egg-info a directory or is it a file
02:02 jas02 joined #salt
02:02 hemebond nawwmz: site-packages doesn't exist apparently.
02:03 nawwmz kk my instances in aws its a file but in my other dc (new) its a folder
02:03 hemebond lorengordon: Would you not add it to the SerializerExtension class?
02:04 lorengordon well, i dunno
02:04 hemebond nawwmz:  I don't have that egg on my test instance.
02:04 hemebond lorengordon: That's where the other extensions are.
02:05 hemebond nawwmz: I don't have any Centos instances, btw. Only Debian or Ubuntu.
02:05 nawwmz ahkk
02:05 lorengordon lol, alright, i'll play with it a bit more and see if i can tease it out
02:05 hemebond lorengordon: https://github.com/saltstack/salt/blob/develop/salt/utils/jinja.py#L209
02:06 lorengordon that's where i'm looking already
02:06 lorengordon it wasn't particularly clear from that how to add a custom filter
02:07 lorengordon i think i see it now though
02:09 lorengordon got it, thanks hemebond
02:10 systo joined #salt
02:10 hemebond ūüĎć
02:11 netcho joined #salt
02:13 abednarik joined #salt
02:14 pipps joined #salt
02:19 edrocks joined #salt
02:24 TyrfingMjolnir joined #salt
02:32 pipps joined #salt
02:36 flowstate joined #salt
02:39 catpiggest joined #salt
02:46 chadhs joined #salt
02:50 a_ghost_irl joined #salt
02:51 jas02 joined #salt
02:53 pipps joined #salt
02:59 chadhs can you set local vars in a state file from say pillar data?  can't seem to make this work
02:59 chadhs `{% set app_user = {{ pillar['app-name-user'] }} %}`
02:59 hemebond chadhs: Environment variables?
03:00 hemebond Oh Jinja variables.
03:00 hemebond You don't use {{ }}  inside {% %}
03:00 chadhs ah crap…  thnx hemebond; let me try again quick
03:00 hemebond ūüĎć
03:02 chadhs hemebond does that seem silly to do?  i'm just trying to set it at the top of  a state file and then use {{ app_user }} in throughout the file
03:02 hemebond Sounds fine.
03:02 chadhs so im not repeating that pillar lookup over and over and over
03:02 chadhs cool
03:07 ziggit joined #salt
03:10 mpanetta joined #salt
03:11 PerilousApricot joined #salt
03:12 PerilousApricot joined #salt
03:16 bastiand1 joined #salt
03:19 rpb joined #salt
03:21 pipps joined #salt
03:34 fracklen joined #salt
03:35 flowstate joined #salt
03:35 frew joined #salt
03:44 bluenemo joined #salt
03:47 pipps joined #salt
03:59 pipps joined #salt
04:03 fracklen joined #salt
04:04 jas02 joined #salt
04:05 subsignal joined #salt
04:06 DEger joined #salt
04:16 akhter joined #salt
04:20 subsignal joined #salt
04:27 rdas joined #salt
04:31 pipps joined #salt
04:32 onlyanegg joined #salt
04:33 subsignal joined #salt
04:36 flowstate joined #salt
04:37 ziggit joined #salt
04:37 systo joined #salt
04:41 mavhq joined #salt
04:41 subsignal joined #salt
04:42 pipps joined #salt
04:52 pipps joined #salt
04:53 kshlm joined #salt
04:57 DEger joined #salt
04:58 PerilousApricot joined #salt
05:01 Ni3mm4nd joined #salt
05:04 ivanjaros joined #salt
05:05 zer0def joined #salt
05:15 pipps joined #salt
05:16 DEger joined #salt
05:22 samodid joined #salt
05:25 sgo_ joined #salt
05:36 flowstate joined #salt
05:49 sgo_ joined #salt
05:50 vodik joined #salt
05:58 pipps joined #salt
06:05 jas02 joined #salt
06:07 sh123124213 joined #salt
06:07 sh123124213 joined #salt
06:07 akhter joined #salt
06:10 zulutango joined #salt
06:13 onlyanegg joined #salt
06:14 vodik joined #salt
06:14 av_ joined #salt
06:15 sh123124213 joined #salt
06:19 fracklen joined #salt
06:23 debian112 joined #salt
06:24 pipps joined #salt
06:31 sh123124213 joined #salt
06:36 flowstate joined #salt
06:39 pipps joined #salt
06:41 mavhq joined #salt
06:42 cyborg-one joined #salt
06:45 sh123124213 left #salt
06:45 sh123124213 joined #salt
06:48 ProT-0-TypE joined #salt
06:50 pipps joined #salt
06:56 Elsmorian joined #salt
06:57 mpanetta joined #salt
06:59 PerilousApricot joined #salt
07:02 felskrone joined #salt
07:04 scooby2 joined #salt
07:06 cyborg-one joined #salt
07:06 subsignal joined #salt
07:11 pipps joined #salt
07:13 preludedrew joined #salt
07:15 jas02 joined #salt
07:16 Elsmorian joined #salt
07:19 jas02 joined #salt
07:25 ivanjaros joined #salt
07:33 mbersoult joined #salt
07:33 mbersoult left #salt
07:33 fracklen joined #salt
07:33 onlyanegg joined #salt
07:34 pipps joined #salt
07:36 flowstate joined #salt
07:42 jas02_ joined #salt
07:43 yuhlw____ joined #salt
07:45 yuhlw____ joined #salt
07:48 Sebbe54 joined #salt
07:48 sgo_ joined #salt
07:55 pipps joined #salt
08:01 sebastian-w joined #salt
08:05 subsignal joined #salt
08:06 informant joined #salt
08:07 fracklen joined #salt
08:08 informant Is there a way to get the (absolute/relative) path of the current sls file e.g. to iterate and manage all *.conf files in a subdir?
08:08 informant I'm using the "py"-renderer
08:08 informant slspath does not exist, __opt__['rootfs']['base'] is empty
08:08 fracklen joined #salt
08:09 akhter joined #salt
08:09 pipps joined #salt
08:09 fracklen joined #salt
08:16 scooby2 joined #salt
08:25 edrocks joined #salt
08:26 JohnnyRun joined #salt
08:26 pipps joined #salt
08:32 samodid joined #salt
08:32 ronnix joined #salt
08:40 hemebond informant: "__sls__ - The SLS path of the file."
08:40 hemebond https://docs.saltstack.com/en/latest/ref/renderers/all/salt.renderers.py.html
08:41 informant homebond: This returns a relative sls path i.e. my_service.rules-py.sls
08:41 hemebond Ah
08:42 informant hemebond: I can't use this i.e. for os.listdir(<path to rules.d in my state_dir>)
08:42 informant but I try a different way
08:43 hemebond Well, states are compiled/processed on the minion. Bear that in mind.
08:43 informant yes
08:43 informant I want to have kind of a drop-in rules.d directory in my states
08:43 informant I'm now using files.recurse
08:44 informant to put all rules to my filesystem. afterwards I'm using the py-renderer reading all rules from rules.d from the filesystem and then creating the config file pointing to all rules
08:46 informant this is tricky .. the main point is the service (prometheus) does not support s.th. like "include_all_rules_from /etc/prometheus/rules.d"
08:46 pipps joined #salt
08:46 informant so I have to reference each rule in /etc/prometheus/rules.d in /etc/prometheus.yml ...
08:50 hemebond Hmm. That sounds like the Puppet method of compiling config files.
08:53 AndreasLutro {% for file in salt['file.find']('/etc/prometheus/rules.d') %} include {{ file }} {% endfor %}
08:53 AndreasLutro wouldn't that work?
08:56 krymzon joined #salt
08:58 xet7 joined #salt
09:01 PerilousApricot joined #salt
09:04 mpanetta_ joined #salt
09:04 CrummyGummy joined #salt
09:06 simmel Is there a prefered way to install systemd unit files with salt? Or should I just drop them at the right place?
09:06 mikecmpbll joined #salt
09:07 AndreasLutro I just drop them in /etc/systemd/system
09:11 Rumbles_ joined #salt
09:12 jas02 joined #salt
09:16 toanju joined #salt
09:17 toanju joined #salt
09:17 fracklen joined #salt
09:18 JohnnyRun joined #salt
09:21 dkrae joined #salt
09:22 pipps joined #salt
09:32 haam3r joined #salt
09:34 onlyanegg joined #salt
09:40 pipps joined #salt
09:41 subsignal joined #salt
09:46 SaltyVagrant joined #salt
09:49 simmel Looks like that
09:49 simmel 's where salt tries to find them.
09:50 simmel AndreasLutro: Thanks for https://www.lutro.me/posts/managing-systemd-units-with-salt = )
09:50 hemebond Hah, that was my reference too.
09:53 fracklen Yep - good kharma for a short, precise and very useful writeup :)
09:55 Sebbe54 joined #salt
09:56 simmel Looks like it isn't needed anymore though, just as long as you put your units in /etc/systemd/system/
09:57 jhauser joined #salt
09:58 Yee joined #salt
09:58 Yee Hi
09:58 Yee Good time to ask question?
10:01 alexlist joined #salt
10:01 pipps joined #salt
10:11 xmj never
10:11 xmj do it anyway, Yee
10:11 akhter joined #salt
10:11 Yee xmj:
10:11 Yee i am new to salt
10:12 xmj that's not a question
10:12 Yee :) yes
10:12 amcorreia joined #salt
10:13 Yee whenever i do some configuration changes in linux where salt running it's gone after after sometime
10:13 Yee is there command to commit changes once all the changes completed?
10:15 Yee say like i add linux user and ssh login banner all disappear after sometime
10:17 pipps joined #salt
10:17 Yee xmj: hi
10:22 fracklen xmj: Do you have other config-management on the server? (e. g. Chef / Puppet )
10:23 fracklen s/xmj/Yee/
10:26 edrocks joined #salt
10:30 Yee no i dont have
10:30 Yee only salt
10:35 onlyanegg joined #salt
10:36 jas02 joined #salt
10:37 Yee seems salt is managing the OS level configurations too in my environment
10:37 Yee is my understanding correct?
10:37 pipps joined #salt
10:38 netcho joined #salt
10:39 xmj which changes are you making?
10:39 gareth_ joined #salt
10:40 gareth_ Where should WAIT_FOR_IP_TIMEOUT go? I've put it in the profile conf but it is being ignored. Thanks.
10:40 Yee i made the changes in linux
10:40 xmj do you have some system rules (selinux?) that prevent you from doing those changes?
10:41 Zaunei_ joined #salt
10:43 jas02 joined #salt
10:43 athaller_ joined #salt
10:43 sknebel_ joined #salt
10:44 Reverend netsplittttt
10:44 mrueg_ joined #salt
10:44 Kelsar_ joined #salt
10:45 Trauma joined #salt
10:45 mschiff joined #salt
10:45 mschiff joined #salt
10:45 lkannan joined #salt
10:45 johtso joined #salt
10:45 darix joined #salt
10:45 linovia joined #salt
10:45 Rebus_ joined #salt
10:45 antonw joined #salt
10:45 bVector joined #salt
10:46 jas02 joined #salt
10:46 Yee yes selinux is enforcing in my environment, do you think that it is due the selinux not because of salt?
10:46 wiqd joined #salt
10:46 twodayslate joined #salt
10:46 mattl joined #salt
10:46 Nightcinder joined #salt
10:47 SteamWells joined #salt
10:47 djural joined #salt
10:48 Yee xmj:
10:48 Twiglet joined #salt
10:48 cb joined #salt
10:49 LordOfLA joined #salt
10:49 Sketch joined #salt
10:49 robinsmidsrod joined #salt
10:49 dlloyd joined #salt
10:50 CustosLimen joined #salt
10:50 xmj lol
10:50 arapaho joined #salt
10:51 Eugene joined #salt
10:56 hexa- joined #salt
10:57 tongpu joined #salt
10:58 hacks joined #salt
10:58 dkrae joined #salt
10:58 dunz0r I have a locally compiled package I want to distribute, a deb-package, not sure what the best way to do it with salt is.
10:59 dunz0r Distributing the deb-file directly seems "wrong". Is there a better way?
11:00 Jarus joined #salt
11:01 pipps joined #salt
11:02 PerilousApricot joined #salt
11:04 stooj joined #salt
11:07 nkuttler dunz0r: check https://wiki.debian.org/HowToSetupADebianRepository
11:07 nkuttler i've done it with reprepro in the past
11:10 abednarik joined #salt
11:12 subsignal joined #salt
11:12 scoates joined #salt
11:13 akhter joined #salt
11:14 jas02_ joined #salt
11:14 hacks_ joined #salt
11:17 haam3r1 joined #salt
11:19 McNinja joined #salt
11:20 haam3r1 Hi! I'm getting an error on executing a state.apply that just can't seem to figure out: Data passed to highstate outputter is not a valid highstate return: {'minion.example.com': ["Rendering SLS 'base:cuckoo.vms' failed: Jinja variable salt.utils.templates.AliasedLoader object has no element <bound method NamespacedDictWrapper.get of {}>"]}
11:25 dunz0r nkuttler: Seems a bit unnecessary for just one package, but I guess it's The Right Way¬ģ
11:25 pipps joined #salt
11:26 dunz0r I could use the sources-part of states.pkg and publish it via http
11:28 mage_ joined #salt
11:28 mage_ hello
11:29 mage_ is there a module to get the PTR from an IP ?
11:34 ProT-0-TypE joined #salt
11:39 HoloIRCUser2 joined #salt
11:43 mage_ any idea for this https://gist.github.com/silenius/e506344ae961e1759a70d7f485be0239 ?
11:45 pipps joined #salt
11:45 abednarik joined #salt
11:47 sknebel joined #salt
11:50 haam3r1 @mage_ you mean something like: https://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.network.html#salt.modules.network.reverse_ip
11:51 SWtM joined #salt
11:53 JohnnyRun joined #salt
11:54 sgo_ joined #salt
11:55 mage_ haam3r1: perfect :)
11:58 mage_ except that it doesn't work (:
11:59 mage_ https://gist.github.com/silenius/96ef9d5e3116d88878b696cf6ac1d44e
12:00 pipps joined #salt
12:02 abednarik joined #salt
12:11 xet7 joined #salt
12:16 tongpu joined #salt
12:17 amontalban joined #salt
12:17 amontalban joined #salt
12:18 PerilousApricot joined #salt
12:23 pipps joined #salt
12:28 haam3r1 joined #salt
12:29 abednarik joined #salt
12:31 rburkholder joined #salt
12:32 sh123124213 joined #salt
12:33 haam3r1 mage_ what exactly are you trying to do? Because from the gist it seems to be working
12:35 edrocks joined #salt
12:36 onlyanegg joined #salt
12:36 pipps joined #salt
12:37 edrocks_ joined #salt
12:37 Elsmorian joined #salt
12:39 sjoerd_ joined #salt
12:39 netcho joined #salt
12:39 mage_ haam3r1: I'm creating jails and I'd like to force the minion_id
12:39 McNinja joined #salt
12:39 mage_ but it works now, I use a file.managed instead
12:40 haam3r1 ack good
12:41 mage_ I used this https://gist.github.com/silenius/dc60775f23cc81356b414380f48f3ae4
12:41 evilrob joined #salt
12:44 sjoerd_ Hi guys, I'm  trying to understand something about formulas and I'm looking at the postgres one currently
12:44 sjoerd_ It's got a defaults.yaml which is munched by map.jinja. However many of those variables are also inside pillar.example
12:45 sjoerd_ so will the vars in the pillar always override the same vars from a state?
12:46 sjoerd_ Or is the formula just not completely "clean" and there are duplicates?
12:46 sjoerd_ btw, I'm looking at this here: https://github.com/saltstack-formulas/postgres-formula
12:47 perfectsine joined #salt
12:47 subsignal joined #salt
12:49 abednarik joined #salt
12:52 haam3r1 sjoerd_: as the name says, defaults.yaml sets sensible defaults and yes they are overriden by the pillar values. pillar.example shows you what kinds of things you can set in pillar
12:55 sjoerd_ Yes that's what I thought. I got confused by the pillar.example also showing basic stuff like package names that I can't see changing
12:57 sjoerd_ and then I would load pillar data based on what host I'm applying the formula on to set the non-defaults for that particular host
12:58 abednarik joined #salt
12:59 vegasq joined #salt
13:02 pipps joined #salt
13:03 kojiro joined #salt
13:08 Rumbles_ hi, I'm just trying to set up apache using salt, I need to add basic auth and for the site to run a cgi script, can anyone tell me if it's possible to confiure basic auth and cgi using a state file similar to the one in the example here: https://docs.saltstack.com/en/carbon/ref/states/all/salt.states.apache.html
13:08 Rumbles_ ??
13:12 DammitJim joined #salt
13:13 DEger joined #salt
13:14 sjorge joined #salt
13:14 sjorge joined #salt
13:15 PerilousApricot joined #salt
13:15 jas02_ joined #salt
13:16 tkharju joined #salt
13:19 akhter joined #salt
13:20 haam3r1 sjoerd_: yep that's how it's done :)
13:21 pipps joined #salt
13:24 DammitJim this is a really stupid question, but what would I need to do to add a feature to salt-cloud?
13:24 DammitJim I don't even know if it is possible, but I thought I could give it a shot
13:25 DammitJim I don't know what this will take
13:25 DammitJim also, is there a way for a salt state to only return what needs to be updated? I've used --state-output=changes, but that still prints too much green
13:26 numkem joined #salt
13:26 haam3r1 DammitJlim: fork salt on github...do the changes and open a pull request :D
13:27 DammitJim haam3r, when one forks salt on github, one is getting the latest, right? Do I need to be on the latest? I'm working on 2015.8
13:29 AndreasLutro you fork on github, git clone your fork, checkout a new branch for the feature you want to work on, then push that branch back  to your fork
13:29 AndreasLutro which branch you want to base your feature on depends on which version of salt you'd like the feature added to
13:29 AndreasLutro if it's a bugfix you likely want an older branch, if it's a brand new version then maybe develop
13:29 ravenx joined #salt
13:30 ravenx so i have my pillar stuff stored in git, and part of my salt highstate is that the pillar values get rendered into my config files
13:30 ravenx however, i would like to refer to a previous version of my pillar values, maybe from a few commits ago, or a different branch, then highstate
13:30 ravenx is there anyway i can do that
13:32 Tanta joined #salt
13:34 AndreasLutro maybe using salt environments and git_pillar
13:38 akhter joined #salt
13:39 KkL joined #salt
13:39 KkL joined #salt
13:44 ravenx interesting
13:44 ravenx hm..i have been told to stay awy from salt environments a few times
13:44 ravenx as i was told that it complicates things
13:44 ravenx do you think i could get by here with just git_pillar.  or rather, let me ask, how would salt environments help me in this case
13:45 pipps joined #salt
13:46 AndreasLutro I am one of those that hate salt environments :)
13:46 AndreasLutro just saying it's an option
13:47 sjorge joined #salt
13:47 sjorge joined #salt
13:47 nicksloan joined #salt
13:49 DEger joined #salt
13:50 racooper joined #salt
13:51 XenophonF i'm using environments with salt states, but not pillars - or at least, not yet
13:52 ravenx i will look at git_pillar to see if it is enough :)
13:52 ravenx thanks guys
13:53 XenophonF i'd use environments with pillar if there were options to state.apply that let me apply pillars from other environments
13:54 XenophonF e.g., so i could do something like `salt-call state.apply shibboleth.idp saltenv=development pillars=login.irtnog.org pillarenv=development`
13:54 ravenx XenophonF: when you say "if there were options"
13:55 ravenx does this mean that atm it isn't possible, like it is not implemented yet?
13:56 XenophonF unfortunately no
13:57 XenophonF at least, not like that
13:58 ravenx but what you did write as a proof of concept command, i really like
13:58 ravenx and it is something i would love to have.
13:59 ronnix joined #salt
13:59 Rumbles_ has anyone here used the apache state to set up basic auth? Anyone know if it is possible? There is an example in the docs but no mention o basic auth (htpasswd) :/
13:59 XenophonF same here
13:59 XenophonF Rumbles_: do you mean, having it create user accounts on the target minion?
14:00 abonilla joined #salt
14:00 abonilla Does anyone know the log file for salt on Windows?
14:00 Rumbles_ I don't mind creating the htpasswd file, I was more thining applying the htpasswd to a virtualhost
14:00 keltim joined #salt
14:00 Rumbles_ no idea abonilla sorry, never used salt on Windows :)
14:02 XenophonF abonilla: it's under c:\salt\var\log\salt\minion, IIRC
14:02 XenophonF Rumbles_: yes, applying apache configs is pretty straightforward
14:02 Brew joined #salt
14:02 XenophonF Although I ended up writing my own templates for those config files
14:03 Rumbles_ just use the normal syntax for apache config?
14:03 XenophonF correct
14:03 Rumbles_ yeah I was trying to use the state file and do it the salt way :)
14:03 Rumbles_ thanks XenophonF
14:03 flowstate joined #salt
14:03 * Rumbles_ goes to test the config and hope nothing blows up on friday afternoon
14:03 XenophonF i looked at the apache states but ended up writing my own jinja templates for apache
14:03 XenophonF https://github.com/irtnog/apache-formula in cause you're curious
14:04 Rumbles_ nice one, thanks
14:04 XenophonF note that it's not the same as saltstack-formulas/apache-formula
14:04 Rumbles_ I know I've already looked at them
14:05 Rumbles_ I prefer your so far, they're easier to follow
14:05 Rumbles_ yours*
14:05 * XenophonF blushes
14:05 XenophonF Thanks!
14:05 XenophonF Actually, I'm really happy to hear that.
14:06 XenophonF I need to go back over some of my older formulas and tweak the code style.
14:16 Rumbles_ joined #salt
14:17 jas02_ joined #salt
14:17 cscf Many of the official saltformulas have so many variables they don't really do much
14:19 DEger joined #salt
14:19 subsignal joined #salt
14:19 JohnnyRun joined #salt
14:20 gableroux joined #salt
14:21 vegasq joined #salt
14:22 honestly XenophonF: merge them and make a PR ;)
14:22 XenophonF My formulas aren't forks.  They're complete re-writes.
14:23 DammitJim If I am updating a repository on my minions, what state do I use for the package to be updated?
14:23 XenophonF it's there a pkg.uptodate state?
14:23 DammitJim I'm doing pkg.latest
14:23 XenophonF or you could use pkg.latest
14:24 DammitJim with refresh=true
14:24 XenophonF i only ever use pkg.installed
14:24 XenophonF i didn't want a highstate run to patch a server
14:24 flowstate joined #salt
14:24 XenophonF i guess i consider patching separate from config management
14:25 DammitJim now I'm interested on your take on that XenophonF ;)
14:26 XenophonF i run separate update jobs to patch on a set schedule
14:26 XenophonF that way i can also schedule backups prior to updates to make reverting bad patches easier
14:27 XenophonF at work i use a separate toolchain to manage patching
14:28 XenophonF (currently Panorama9, with WSUS acting as a cache for Windows)
14:28 XenophonF (but we're probably going to replace P9 with Salt)
14:31 XenophonF cscf: if you don't like lots of variables, don't look at my shibboleth-formula
14:31 XenophonF that thing's a monster
14:31 DammitJim XenophonF, I started doing some patching using salt
14:32 cscf xenocode, it's not that variables are bad, its that if you parameterize absolutely everything, then using the formula becomes no easier than just writing your own
14:32 XenophonF yaml that drives jinja that writes xml that in reality is a java or spring expression language program
14:32 XenophonF well, true, but on the flip side, parameterizing everything allows one to put the entire config of a given service into pillar
14:32 XenophonF which can be quite useful
14:33 XenophonF i think the key is to have useful defaults
14:33 hasues joined #salt
14:33 hasues left #salt
14:33 XenophonF so that one can initially deploy a formula with maybe just a few configuration variables specified in pillar, and yet end up with something that works
14:34 netcho joined #salt
14:34 PerilousApricot joined #salt
14:34 XenophonF a fully configured Shibboleth IdP is a rather complicated service, but if you use my formula, you can get basic functionality by specifying only a handful of pillar keys
14:35 bbradley i use configuration passthrough in my states and some formulas.
14:35 XenophonF i've tried to hide a lot of the j2ee/spring/xml nightmare that is its configuration behind carefully crafted jinja code
14:35 XenophonF dunno how well i've succeeded as so far, i'm the only one using it
14:35 XenophonF ^_^
14:36 onlyanegg joined #salt
14:37 XenophonF DammitJim: in my mind I think I might use orchestration for patching
14:38 XenophonF so that for servers hosted by vmware or aws or something, i can trigger a snapshot prior to patch deployment
14:43 DammitJim joined #salt
14:44 DammitJim wait a minute, did I hear Shibboleth?
14:45 XenophonF yes
14:45 DammitJim soooo off topic
14:45 DammitJim XenophonF, do you use that with CAS?
14:45 XenophonF no - we're using Shibboleth SP, Shibboleth IdP, and AD FS
14:45 XenophonF our IdP uses Active Directory for the backend
14:45 toanju joined #salt
14:46 DammitJim thanks
14:46 DammitJim is that expensive?
14:46 XenophonF we're also using COmanage plus PostgreSQL plus OpenLDAP plus Shibboleth IdP as an attribute authority
14:46 XenophonF https://www.scienceforum.sc/
14:46 DammitJim what's that link?
14:46 XenophonF There's a presentation up there that gives a high level description of our v1.0 service.
14:47 XenophonF I support international scientific collaboration for NIH/NIAID.
14:47 XenophonF Shibboleth itself is free, but it's taken me a while to learn how to use it.
14:48 DammitJim thanks for the info
14:48 DammitJim now, back to my original question. I am updating from Salt 2015.5 to 2015.8
14:48 XenophonF We're working with Spherical Cow Group to build this stuff out.  They built similar collaboration tooling for LIGO.
14:48 DammitJim this is my state, but it doesn't seem to update it on the minions
14:49 DammitJim https://gist.github.com/anonymous/26a7355c881871a73b16b85e73dd2be9
14:51 XenophonF iirc you have to add a requisite or something to trigger the update
14:51 XenophonF check the pkgrepo or pkg state docs
14:52 XenophonF or take a look at what salt-formula does - it will update minions, too
14:52 DammitJim hhmmm
14:52 DammitJim salt-formula?
14:53 JohnnyRun joined #salt
14:54 XenophonF hm, it's just a pkg.installed state
14:55 DammitJim it seems that if I want to update a salt-minion from 2015.5 (from a ppa repo) to 2015.8 (from the saltstack repos), I need to do a dist-upgrade?
14:55 XenophonF DammitJim: you need to add a require_in requsite to the pkgrepo.managed state
14:55 XenophonF https://docs.saltstack.com/en/latest/ref/states/all/salt.states.pkgrepo.html#salt.states.pkgrepo.managed
14:55 XenophonF it's documented at the end of the page
14:56 DammitJim I see it now
14:56 DammitJim thanks
14:56 DammitJim I got to get my head straightened out
14:57 DammitJim yup, this requires a dist-upgrade, not just an update
14:58 XenophonF that's too bad
14:58 XenophonF i think i have a few systems that still reference the old ppa, too
15:01 cscf What's the best file.* state to chmod/chown without changing contents?
15:04 cscf Ah, file.directory should work
15:04 rherna joined #salt
15:05 Brijesh1 joined #salt
15:05 Brijesh1 left #salt
15:05 AndreasLutro file.managed for files, file.directory for files
15:05 AndreasLutro file.managed for files, file.directory for directories
15:05 AndreasLutro derp
15:06 cscf file.directory looks fine, but doesn't file.managed require a source to overwrite with?
15:06 cscf Or does it just chown if you don't specify a source?
15:06 flowstate joined #salt
15:07 AndreasLutro nope
15:08 honestly is salt still not python 3 compatible?
15:09 cscf AndreasLutro, no to which?
15:13 DammitJim is there a way to delete a repo?
15:13 edrocks joined #salt
15:13 Ch3LL honestly: no, but with the new carbon release there was a lot of work to improve the python3 support but not full support. The next major release after carbon, i believe is nitrogen i believe the plan is to be complete pythoon3 compatible.
15:13 honestly ok (:
15:13 cscf DammitJim, pkgrepo.absent ?
15:13 DammitJim oh yes, I don't know why I was looking at pkg.managed
15:14 sjoerd_ I've got a Q about writing a defaults.yaml (that gets parsed map.jinja). When I specify a variable like version:'9.4' - should I then still specify service:'postgresql-9.4' or can I somehow use my earlier define variable already?
15:16 tercenya_ joined #salt
15:20 PerilousApricot joined #salt
15:24 DammitJim weird... running: salt <server> pkg.install salt-minion - upgraded salt-minion
15:24 DammitJim but my state didn't!
15:25 DammitJim my state had: pkg.latest and pkg.installed
15:26 ThomasJ joined #salt
15:29 tercenya joined #salt
15:30 LinkRage joined #salt
15:32 debian112 joined #salt
15:36 akhter joined #salt
15:39 DammitJim interesting
15:39 DammitJim the state worked when I told it the version to install
15:40 Trauma joined #salt
15:40 sarasfox joined #salt
15:41 sarasfox tring get windows box to update with salt
15:42 sarasfox what are the dep and witch ones go on master a ubuntu box and which go on the windows side
15:47 DammitJim as I update salt, I keep getting this: KeyError: 'saltutil.refresh_modules'
15:47 flowstate joined #salt
15:51 abednarik joined #salt
15:52 mapu joined #salt
15:56 ProT-0-TypE joined #salt
15:59 pipps joined #salt
15:59 onlyanegg joined #salt
16:05 abednarik joined #salt
16:07 subsignal joined #salt
16:08 amcorreia joined #salt
16:11 subsignal joined #salt
16:11 fas3r Can I set "public_ips" and "private_ips" in the profile file when using salt-cloud to deploy VM on openstack ?
16:14 netcho joined #salt
16:21 jas02 joined #salt
16:24 mavhq joined #salt
16:25 edrocks joined #salt
16:25 jhauser joined #salt
16:26 pipps joined #salt
16:28 sarasfox how do install pip on windows minon
16:29 honestly can anyone repro this? https://github.com/saltstack/salt/issues/37468 paging AndreasLutro
16:29 saltstackbot [#37468][OPEN] salt-ssh: singledispatch, backports.abc missing from thin | Description of Issue/Question...
16:32 AndreasLutro friday is not a day to deal with salt-ssh bugs
16:33 netcho joined #salt
16:33 lompik joined #salt
16:36 sgo_ joined #salt
16:38 akhter joined #salt
16:39 Brijesh1 joined #salt
16:40 debian112 left #salt
16:40 pipps joined #salt
16:49 DammitJim who says?
16:49 sarasfox on windows how do i fix     pip:         None
16:50 DammitJim I can't find one of my minions LOL
16:50 DammitJim is there something that the master knows about the minion?
16:50 DammitJim besides a key?
16:51 iggy it's generally going to cache some data about it to speed up targetting
16:51 flowstate joined #salt
16:51 KkLl left #salt
16:51 DammitJim how can I print that info?
16:52 iggy but it's not really readable /var/cache/salt/master/minions/<id>
16:52 DammitJim oh
16:52 DammitJim LOL
16:52 DammitJim what happens if I delete the minion
16:52 DammitJim from the master
16:52 iggy it's pickled
16:52 DammitJim then I find the server
16:52 DammitJim can I add it back in?
16:52 iggy you mean delete the key? yes
16:52 DammitJim this server more than likely is just a temporary server, but just in case
16:53 iggy just restart the minion process and it will reconnect and then reaccept the key
16:53 DammitJim either delete the keys or put it into another state so that when I target a group of servers, this one doesn't delay everything
16:54 DammitJim could I reject it?
16:54 DammitJim then bring it back to accepted?
16:55 iggy I don't know that there's a functional difference between those 2
16:55 iggy I think the minion in either case is going to shutdown after a few iterations
16:55 DammitJim oh ok
16:56 beowuff joined #salt
16:57 DammitJim man, salt is so great
16:57 DammitJim I do find myself fighting little things when the rest of the environment falls behind
16:58 DammitJim you know you can't just update all your servers at the same time
16:58 DammitJim and there are things that get out of sync
16:59 Ni3mm4nd joined #salt
17:00 honestly AndreasLutro: hahaha, so true
17:02 DammitJim man, I'm so dumb... I should have done a state for patching servers!
17:05 DammitJim wait... is there such a thing?
17:06 honestly what do you mean?
17:07 honestly you can leverage ssh access via salt-ssh to get your server back into the herd
17:07 Sketch pkg.uptodate ?
17:07 DammitJim pkg.uptodate will update all the packages?
17:08 honestly https://docs.saltstack.com/en/latest/ref/states/all/salt.states.pkg.html#salt.states.pkg.uptodate
17:08 sgo_ joined #salt
17:08 DammitJim basically do an: update, upgrade, and dist-upgrade?
17:08 DammitJim I was running the following on my servers: salt myserver* pkg.upgrade refresh=True, salt myserver* pkg.upgrade dist_upgrade=True, salt myserver* pkg.autoremove
17:08 pipps99 joined #salt
17:09 pipps99 joined #salt
17:12 morissette joined #salt
17:13 Rubin_ joined #salt
17:17 DammitJim ok, so pkg.uptodate doesn't do a dist-upgrade
17:18 honestly well, dist-upgrade is only a thing with apt
17:18 honestly the states are package system agnostic
17:18 DammitJim oh, right
17:18 DammitJim but the module has that feature
17:18 DammitJim but not the state
17:20 honestly yeah because the state won't know what to do with "dist_upgrade: True" in yum or rpm
17:20 samodid joined #salt
17:20 honestly so there's only one uptodate state that does something reasonable with all pkg providers
17:21 honestly maybe it would make more sense to do a dist-upgrade with apt instead of an upgrade
17:21 DammitJim I tried the kwargs
17:22 infrmnt joined #salt
17:23 edrocks joined #salt
17:24 DammitJim I'm trying module.run
17:25 Edgan joined #salt
17:27 DammitJim too bad I have to use module.run to call pkg.autoremove as well
17:27 DammitJim so, states have only been created if the same action can be performed on all distributions?
17:29 honestly well
17:29 honestly modules have providers
17:29 honestly and providers have a uniform interface
17:30 honestly pkg.upgrade dist_upgrade=True probably only works if your pkg provider is apt
17:31 honestly https://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.pkg.html
17:31 honestly compare https://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.aptpkg.html#salt.modules.aptpkg.upgrade and https://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.yumpkg.html#salt.modules.yumpkg.upgrade
17:32 iggy why do you require distupgrade?
17:32 iggy are you just used to using that or you have some specific need?
17:35 DammitJim when we patch our servers, we patch it all up to date
17:36 DammitJim so, when I have to patch my ubuntu servers, we do upgrade, dist-upgrade, and autoremove, then reboot the servers
17:37 iggy you shouldn't ever need to upgrade and dist-upgrade together
17:37 netcho joined #salt
17:37 sh123124213 joined #salt
17:38 DammitJim I think the need mostly comes from needing to do a dist-upgrade to patch something on the kernel
17:38 stooj joined #salt
17:39 iggy a dist-upgrade is going to do everything an upgrade does (without asking certain questions or touching certain configs
17:39 iggy "dist-upgrade in addition to performing the function of upgrade, also intelligently handles changing dependencies with new versions of packages"
17:39 iggy from the man page
17:39 DammitJim right!
17:39 iggy so you don't run one and then the other... you just run dist-upgrade
17:39 DammitJim we do it in 2 steps, that's all
17:40 DammitJim I'm sure we can change that
17:40 DammitJim actually, this last time I did it with the salt module
17:40 DammitJim I did: pkg.upgrade refresh=True dist_upgrade=true
17:40 DammitJim then pkg.autoremove
17:40 iggy and dist_upgrade should pass through kwargs find
17:40 DammitJim so I guess I did it in one shot
17:41 iggy I mean pkg.uptodate dist_upgrade should pass through in kwargs
17:41 DammitJim oh, so maybe I'm wrong in thinking this should be a state, it should just be a module
17:41 hokie1999 joined #salt
17:41 DammitJim iggy, not sure why it didn't :(
17:41 iggy it's already a state
17:41 DammitJim let me try it again
17:41 iggy post the state
17:42 DammitJim https://gist.github.com/anonymous/46c85f4fb34dfb2d7062cdad9780dc45
17:43 iggy that's not how you do kwargs in states (it oddly is in orch and other places
17:44 DammitJim ooop
17:44 DammitJim s
17:44 DammitJim I just do - dist_upgrade: True ?
17:45 iggy yeah, check the comment I left
17:45 iggy but yes
17:45 DammitJim man, I thought I knew everything. Obviously I don't LOL
17:45 iggy although, come to think of it... I think that might not work for much longer
17:45 iggy I vaguely remember seeing warnings about that
17:46 DammitJim DAMMIT
17:46 DammitJim ... JIMthanks iggy
17:46 DammitJim at least now I know how to use kwargs
17:46 iggy in which case it would be... check new comment
17:46 iggy one of those should work
17:46 DammitJim lol
17:46 DammitJim testing
17:46 DammitJim thanks
17:49 mikecmpbll joined #salt
17:49 Sketch the first one should work
17:49 Sketch (comment)
17:49 DammitJim is there a document that explains how to use kwargs? I need to bookmark it
17:51 DammitJim separate question about salt-cloud
17:51 DammitJim when you work with salt-cloud, does one usually just run commands or does one put all that stuff in a file?
17:52 DammitJim is there a name for that?
17:52 Sketch i found some docs in the general salt docs, but it didn't cover states
17:53 Sketch i use salt-cloud to build the machine, then use salt like usual
17:53 DammitJim oh, so you don't use salt-cloud to take snapshots of your servers before making changes to those vms?
17:53 Sketch nope
17:53 DammitJim man, am I the only paranoid person?
17:54 Sketch i must admit, that doesn't sound like a terrible idea
17:54 UForgotten DammitJim: most of us are probably varying levels of paranoid
17:54 flowstate joined #salt
17:54 DammitJim I mean, we have daily backups, but the snapshots are good when you know your server has changed through the day
17:55 DammitJim UForgotten, you should meet some of the guys I work with... .those guys can't sleep!
17:55 DammitJim thank goodness we don't get paid by our levels of paranoia
17:55 UForgotten Can anyone recommend a python project I could use salt to download from github and then run as a service?  Just as a PoC
17:55 UForgotten DammitJim: InfoSec guys probably do lol
17:56 DammitJim tru
17:56 DammitJim I've got a couple of vms to provision... I wonder how much time I'll need to set up salt-cloud to provision them instead of doing it manually...
17:58 UForgotten if you'll ever provision more again later, it's always worth automating, then you'll know they will all be the same. humans forget, and doign stuff manually can cause snowflakes
17:59 honestly does salt-cloud do esxi?
17:59 honestly hmm, it does
18:00 cyborg-one joined #salt
18:03 tvinson does anyone have the phone or web information for commercial saltstack support handy?
18:03 pipps joined #salt
18:03 tvinson i haven't had to contact support up to this point and it seems to be a little hidden
18:06 honestly you handed them money without making them hand over a support contact? :P
18:09 DammitJim so, UForgotten where do you automate this?
18:09 DammitJim are you from Gainesville?
18:10 armin joined #salt
18:10 Sketch salt-cloud is surprisingly simple to set up
18:10 DammitJim Sketch, I have it set up
18:10 sh123124213 joined #salt
18:10 DammitJim but I can't for my life remember all the commands I need to run
18:10 DammitJim like to check snapshots
18:10 DammitJim or delete all snapshots
18:10 Sketch automate them ;)
18:11 DammitJim what is the salt way of automating them?
18:11 honestly UForgotten: I have a salt state that builds a software package, installs it, and deploys config files
18:11 DammitJim I would normally do a bash script
18:11 honestly UForgotten: it's most cmd.script states
18:11 Sketch i don't think there is one, i would just make a script
18:11 honestly mostly*
18:11 DammitJim (that's actually how I took snapshots of multiple vms)
18:13 tercenya joined #salt
18:16 Sketch hmm, you know what salt-cloud needs....a configuration forcobbler
18:16 Sketch it would be cool to be able to provision physical machines the same way as VMs
18:17 honestly my pxe server is configured via salt
18:17 honestly I reboot the machine and it gets an image from the pxe server
18:17 Sketch how do you manage it?
18:17 honestly manage what part?
18:18 Sketch we currently use a python wrapper script that calls cobbler (cli) and then sets up the keys in salt, and pushes salt to the machine via ssh
18:18 Sketch would just be nice if everything was in one place :)
18:18 honestly I use salt-ssh
18:19 KyleG joined #salt
18:19 KyleG joined #salt
18:19 KyleG Hi everyone…I'm stumped on an issue w/ the git module right now. It's saying "identity 'salt://ssh/etc/keys/wd.key' is not an absolute path" and uh..this worked just fine in my other states when I used it w/ CentOS, now I'm trying to use it w/ FreeBSD.
18:20 cscf salt-ssh is nice for bootstrapping
18:20 KyleG Here's a gist of what's going on: https://gist.github.com/kylegato/55d86b802107a9780abcbdadd1a5b0d6
18:20 KyleG Anyone run into that before?
18:20 honestly and my pxe server just provides ubuntu netinstallers / preseeds
18:21 ivanjaros joined #salt
18:21 MTecknology providing only a net installer is neat if you also have a local apt caching system
18:21 Brew joined #salt
18:22 honestly I just have a full apt mirror for all distros we use
18:22 honestly it works very well
18:22 MTecknology I've tended to prefer apt-cacher-ng just because I hate waste and don't like downloading a million packages I don't need.
18:23 cscf For home networks, squid-deb-proxy is excellent - it has the advantage of not breaking if the cache server isn't reachable
18:23 honestly it's something like 2TB for pretty much all ubuntu lts releases
18:23 cscf It's great for laptops especially
18:27 KyleG Comment: identity 'salt://ssh/etc/keys/wd.key' is not an absolute path
18:27 honestly MTecknology: we had plans to publish the server... since most public servers are kinda shit
18:27 honestly like, they serve completely broken files while they're synching
18:27 honestly I serve from a snapshot, then update the snapshot after a successful sync
18:27 honestly I don't know why everyone else doesn't do it exactly like that
18:28 KyleG Can anyone explain how the heck that could be?
18:28 hacks_ joined #salt
18:28 marcinkuzminski joined #salt
18:29 Guest68194 joined #salt
18:29 MTecknology KyleG: symlink?
18:29 KyleG I mean /usr/local/etc/salt/states is a symlink
18:29 KyleG but ssh/etc/keys/wd.key is not
18:30 KyleG weirdly enough this command works on my centOS boxes w/ the latest salt minion version, my freebsd minions are stuck @ 2015.8.1 (Beryllium)
18:30 writtenoff joined #salt
18:31 honestly yeahhhh
18:31 Elsmorian joined #salt
18:31 honestly "Key can be specified as a SaltStack file server URL, eg. salt://location/identity_file"
18:31 honestly "New in version 2016.3.0."
18:31 KyleG -_-
18:31 KyleG very well then, thanks
18:31 honestly I'm going to guess that's your problem
18:32 databender joined #salt
18:32 KyleG Seems legit, :thumbsup:
18:33 databender joined #salt
18:33 Aleks3Y joined #salt
18:34 UForgotten honestly: cool, care to share?
18:35 honestly UForgotten: it's just the newest apt-mirror (whatever is in ubuntu 16.04) and a bash script that pokes the .zfs/snapshots dir in a nfs-mounted zfs
18:36 honestly and then places a symlink to the snapshot in /var/www/ubuntu
18:37 edrocks joined #salt
18:37 honestly I sync 4 times a day (triggered by cronjob), and have a cronjob running daily that deletes old snapshots
18:37 honestly sync takes between 20 and 40 minutes
18:41 UForgotten ah. that prob wont do what I want.  I'm trying to build something that checks out code from github and starts a service from the checked out code. via salt. inside a container. that deploys sharks with laserbeams.
18:41 UForgotten managed to get as far as building a container that runs a minion. Just working on finding something to check out and start up :)
18:42 cscf Let us know how the shark bit turns out
18:44 honestly UForgotten: django?
18:45 akhter joined #salt
18:50 cscf Clearly, there was a lasershark-related accident which rendered him incapable of responding
18:51 UForgotten honestly: doesn't have to be. I'm not as familiar with django as I am with basic python.  I think I found something viable for now. but if anyone has scripts that parse/validate salt minion responses that would be awesome.
18:51 m4rx joined #salt
18:54 kuromagi joined #salt
18:56 sh123124213 joined #salt
19:06 DammitJim UForgotten, are you in Gainesville? LOL
19:07 west575_ joined #salt
19:17 UForgotten DammitJim: Used to be. Orlando now.  Still have a house I can't sell there.  Know someone who wants an investment property? :)
19:17 DammitJim Cool. I'm in Central Florida
19:18 DammitJim and no, don't know of anyone at this time
19:18 DammitJim I should look for houses there for when my kids go to UF
19:20 UForgotten value of that is debatable. Depends on what/where.
19:21 DammitJim We should get together so I can pick your brain
19:24 LotusNopes left #salt
19:24 ziggit joined #salt
19:26 cscf Is there a way in network.managed to set an interface 'manual' ?
19:26 mikecmpbll joined #salt
19:26 cscf I need it to be up but not configured for keepalived
19:28 LotusNopes joined #salt
19:28 honestly UForgotten: you can get json-formatted salt output
19:28 irated joined #salt
19:28 irated Hey Guys,
19:29 UForgotten honestly: yes, that seems to be the most programatic output. just need something that parses it.
19:29 irated is there a way to make highstate enforce every 10 minutes
19:29 LotusNopes left #salt
19:29 irated I thought about cron, but i thought salt would have a saltified goodness method
19:30 UForgotten irated: https://docs.saltstack.com/en/latest/topics/jobs/#scheduling-highstates
19:30 irated exactly what i was looking for
19:30 irated thank you
19:30 UForgotten good luck, have fun :)
19:30 irated my googlefu was not helping me today
19:30 irated gg gl hf :)
19:31 UForgotten just remember
19:31 UForgotten its read only friday
19:31 UForgotten so dont turn that on in production.
19:31 UForgotten it might cause you undue pain
19:31 irated I feel like my starcraft days are back..
19:31 UForgotten many place dont auto highstate because it can be intensive depending on how tough your highstate is
19:31 nickg left #salt
19:31 irated We are moving toward IaC... So only stuff migrated will have this on :)
19:31 Tanta if you write idempotent states, it's no issue
19:32 Tanta just wastes CPU cycles
19:32 irated Tanta it could destroy legacy stuffs :)
19:32 Tanta how's that?
19:32 irated maybe you push out a version of cacerts that didnt have your special cert for legacy needs in it?
19:32 Tanta denoting an element of a set that is unchanged in value when multiplied or otherwise operated on by itself.
19:33 Tanta you tell me how that word means what you are thinking
19:33 irated I know what it means but some old servers were not built with idempotent in mind.
19:33 Tanta a set of idempotent states will never change a system that is correct
19:34 Tanta you can use the built-in validation tools in salt like require: onchanges: cmd.wait, etc
19:35 Tanta for instance:
19:35 Tanta systemctl_reload_daemon_openbd:
19:35 Tanta cmd:
19:35 Tanta - run
19:35 Tanta - name: 'systemctl daemon-reload'
19:35 Tanta - user: root
19:35 Tanta - onchanges:
19:35 Tanta - file: systemd_service_file
19:35 DammitJim wow wow
19:36 Tanta this is an operation that should only ever fire when a service file is updated
19:37 sh123124213 joined #salt
19:39 * whytewolf was happy when onchanges was added.
19:40 Sarphram joined #salt
19:41 heaje joined #salt
19:41 pipps joined #salt
19:42 pipps joined #salt
19:43 netcho joined #salt
19:46 sh123124213 joined #salt
19:53 schemanic joined #salt
19:53 schemanic Hello
19:54 schemanic I have two versions of python installed on my salt master and I need salt to use python 2.7 can anyone help me set the right one?
19:55 keimlink joined #salt
19:56 amontalban joined #salt
19:56 amontalban joined #salt
19:57 honestly it should be using that automatically
19:58 honestly what problem are you having?
19:58 CampusD joined #salt
20:02 pipps joined #salt
20:03 sgo_ joined #salt
20:04 schemanic_ joined #salt
20:04 schemanic_ Hi
20:04 whytewolf schemanic_: what distro are you on?
20:04 edrocks joined #salt
20:04 schemanic_ Amazon Linux
20:04 schemanic- joined #salt
20:05 west575 joined #salt
20:05 schemanic_ I can paste my salt --versions-report if that's helpful
20:05 whytewolf yes please. also if you have 2 versions of python what is the system default because for amazon python 2.7 is the system default
20:06 whytewolf https://aws.amazon.com/amazon-linux-ami/2015.03-release-notes/
20:06 netcho joined #salt
20:06 tapoxi joined #salt
20:06 schemanic joined #salt
20:06 pcn joined #salt
20:07 numkem joined #salt
20:07 schemanic_ https://gist.github.com/anonymous/33751daef45546dee0d6e87b5bfa1ba3
20:07 schemanic_ A few things
20:08 schemanic_ I believe that I have installed libgit2 from source, and thus pygit2 from pip, but pip is associated with python 2.7 and salt cant seem to find it
20:08 sebastian-w joined #salt
20:08 whytewolf Python: 2.6.9 (unknown, Apr  1 2015, 18:16:00)
20:08 jfindlay left #salt
20:09 whytewolf basicly you have to make a choice. set the default to python2.7
20:09 whytewolf OR work with python2.6
20:10 DammitJim with salt-cloud, do I need to create a profile for the VMs I want to create? I already have a template and a script that sets the IP address and server name?
20:11 whytewolf DammitJim: not for every VM. more like every VM type
20:11 DammitJim oh ok
20:11 DammitJim but if I already have a VM template
20:11 DammitJim I just have to create a minimal profile?
20:11 whytewolf I believe so
20:12 pcn Are there docs on what needs to be backed up to restore a saltmaster?  I know the minion keys are needed, but I'm wondering about whether I can backup e.g. mine data
20:12 whytewolf pcn... don't really need the mine data just run "salt '*' mine.update" once you restore
20:13 whytewolf fresh new mine data
20:13 DammitJim where should I save this minimal profile?
20:13 schemanic_ whytewolf, how does one goe about setting the default python
20:13 DammitJim /etc/salt/cloud.profiles.d/vmware.conf?
20:13 whytewolf schemanic_: sudo alternatives --set python /usr/bin/python2.7
20:14 whytewolf DammitJim: that works
20:18 DammitJim I'm reading "Cloning a VM" in the docs, but I don't see what commands I need to run
20:18 schemanic- joined #salt
20:19 gableroux joined #salt
20:19 whytewolf DammitJim: that is because it isn't a command. but an option for the profile
20:20 whytewolf cloneform: <vm to be cloned>
20:20 DammitJim ok
20:20 DammitJim but then what do I "run" to say use that profile and create a vm with this name
20:21 pcn whytewolf: Hmm... ok, that could work
20:21 DammitJim oh, here is where I need to do the .map file?
20:22 rherna joined #salt
20:22 jas02_ joined #salt
20:22 whytewolf the map file or to just launch a single vm based on what you have salt-cloud -p <profilename> <new vm name>
20:23 whytewolf DammitJim: https://docs.saltstack.com/en/latest/ref/cli/salt-cloud.html
20:23 DammitJim I'm assuming that just creates the new VM in the same datastore? Where would I define the datastore I want it to go on?
20:23 whytewolf profile
20:23 whytewolf or provider don't rember which
20:23 DammitJim oh ok
20:23 whytewolf everything is done through the provider or profile
20:23 DammitJim so, yeah, that's where I need to define all that. Thanks!
20:29 schemanic joined #salt
20:29 Elsmorian joined #salt
20:30 Elsmorian joined #salt
20:31 schemanic- joined #salt
20:31 Elsmorian joined #salt
20:32 Elsmorian joined #salt
20:32 tapoxi provider you're basically setting things account wide
20:33 Elsmorian joined #salt
20:33 tapoxi profile it's machine type
20:33 tapoxi map is individual machines
20:33 tapoxi you can override higher-level things at the map level
20:33 rem5 joined #salt
20:35 DammitJim hhhmmmm.... I missed something about a key
20:39 schemanic_ hey, my salt-master service is failing to stop
20:42 dynamicudpate joined #salt
20:43 whitenoise_ joined #salt
20:45 n1x0n_ joined #salt
20:45 DammitJim when I created the VM using a profile, the system started printing: root@<IP Address>'s password:
20:46 DammitJim Permission denied, please try again
20:46 DammitJim what am I missing?
20:46 abednarik joined #salt
20:46 lionel_ joined #salt
20:47 kevc_ joined #salt
20:47 darvon_ joined #salt
20:48 schemanic_ whytewolf
20:48 schemanic_ whytewolf, alternatives --set python /usr/bin/python2.7 did not change the version salt is using
20:48 keltim_ joined #salt
20:48 sgo_ joined #salt
20:48 whytewolf did you reztart salt after words?
20:48 schemanic_ I did yes
20:49 whytewolf python --version gives?
20:49 schemanic_ # python --version
20:49 schemanic_ Python 2.7.9
20:49 gableroux joined #salt
20:49 whytewolf which python
20:49 whytewolf ?
20:50 schemanic_ which python is /usr/bin/python
20:50 DammitJim is destroy the proper way to delete a vm?
20:50 whytewolf head -n1 /usr/bin/salt-master
20:50 ProT-0-TypE joined #salt
20:50 schemanic_ the master may be having trouble dying properly
20:51 schemanic_ "salt-master dead by pid file exists
20:51 schemanic_ OH
20:51 schemanic_ look at that
20:51 whytewolf schemanic_: kill it with extream prejudice
20:51 schemanic_ it calls python 2.6 explicitly
20:52 schemanic_ whytewolf is it supposedd to do that?
20:52 whytewolf humm thats not normal
20:52 whytewolf unless someone did that to the amazon packages
20:52 schemanic_ #!/usr/bin/python2.6
20:52 Brew joined #salt
20:52 schemanic_ its possible. The version of Amazon Linux on this machine is old
20:53 schemanic_ whytewolf, is it advisable to change the call?
20:54 whytewolf that i can't answer. the packages most likely are adding that. I know in centos they use the system default so it shouldn't matter.
20:54 schemanic_ Okay. I'm going to try it and see what happens
20:54 schemanic_ If I cant get that, I'm going to start a t2.micro and begin again
20:55 whytewolf might want to check the issue queue and see fi there is a reason they might be targetting 2.6 instead of default
20:56 schemanic_ yeah that really didn't work
20:56 schemanic_ hmm
20:56 schemanic_ it seems that the proper salt modules aren't installed to python 2.7
20:57 schemanic_ so I'm kindof between worlds at the moment
20:59 schemanic_ whytewolf, anyone really, should I be installing salt in some sort of virtualenv or something?
21:00 honestly you can do that
21:01 DammitJim man salt-cloud does a lot more after it creates the VM
21:01 DammitJim is there a good book I can buy about this?
21:01 pipps joined #salt
21:01 honestly Since I don't know what's going on with your distribution, I don't know if a virtualenv could fix your problem
21:01 DammitJim dammit... it went ahead and it updated salt-minion to the latest
21:01 DammitJim and I'm not running the latest
21:02 haam3r joined #salt
21:08 ronnix joined #salt
21:09 DammitJim yikes honestly
21:12 schemanic joined #salt
21:12 pipps joined #salt
21:16 Xopher joined #salt
21:19 abednarik joined #salt
21:19 Xopher joined #salt
21:22 whytewolf DammitJim: that is what this part of the documentation is about https://docs.saltstack.com/en/latest/topics/cloud/deploy.html
21:23 schemanic joined #salt
21:23 DammitJim thanks! That's what I was missing!
21:27 abednarik joined #salt
21:29 vegasq joined #salt
21:30 cyborg-one joined #salt
21:31 schemanic- joined #salt
21:33 Brew joined #salt
21:37 Brew joined #salt
21:40 Edgan joined #salt
21:41 debian112 joined #salt
21:47 irated Whats the correct way to run multiple commands on the saltmaster? Im trying to write a script that will put the app in maint mode which requires starting/stoping various scripts + running some scripts locally on the master.
21:50 akhter joined #salt
22:04 patrek joined #salt
22:07 ALLmightySPIFF joined #salt
22:19 amontalban joined #salt
22:19 amontalban joined #salt
22:23 systo joined #salt
22:23 jas02_ joined #salt
22:25 patrek joined #salt
22:26 greyeax joined #salt
22:29 pipps joined #salt
22:32 lordcirth I want to push my /srv repo to github, I'm considering using the GPG renderer for credentials in future (no secrets in it yet).  Are there any other ideas for managing secrets + github?
22:33 lordcirth Just wondering if someone uses an alternate system
22:33 pipps joined #salt
22:40 KevinAn27 joined #salt
22:46 pipps joined #salt
22:47 fracklen joined #salt
22:54 mpanetta joined #salt
22:55 Topic for #salt is now Welcome to #salt! | Latest Versions: 2015.8.12, 2016.3.4 | Support: https://www.saltstack.com/support/ | Logs: http://irclog.perlgeek.de/salt/ | Paste: https://gist.github.com/ (please don't multiline paste into channel) | See also: #salt-devel, #salt-offtopic | Ask with patience as we are volunteers and may not have immediate answers
23:10 gtmanfred lordcirth: i use sdb to hold secrets for my server
23:11 gtmanfred then i can just put the references up on github
23:11 gtmanfred https://github.com/gtmanfred/blog-sls
23:11 gtmanfred there is my /srv with also my /etc/salt
23:12 gtmanfred here is the one line with sdb in it https://github.com/gtmanfred/blog-sls/blob/master/salt/reactor/blog.gtmanfred.com.sls#L1
23:12 gtmanfred and i just set salt-call sdb.set sdb://secrets/github_secret "password"
23:12 gtmanfred https://docs.saltstack.com/en/latest/topics/sdb/
23:12 gtmanfred there is also a vault thing, but you would need to store the vault password in a configuration file
23:16 lordcirth gtmanfred, cool, thanks
23:16 danlsgiga left #salt
23:16 aw110f joined #salt
23:18 systo joined #salt
23:18 swa_work joined #salt
23:22 ziggit joined #salt
23:24 Rumbles joined #salt
23:25 jas02_ joined #salt
23:25 nawwmz joined #salt
23:28 SteamWells joined #salt
23:29 Rumbles is there a way you can check in a state file what state files out of users.* are applied to a server? I want to write a for loop that creates a symlink in the user home directories...
23:30 lordcirth My state.apply runs randomly hang, what's a good way to debug?
23:30 Rumbles so I could have a {% for users in pillar['users'] %}\n {% if user in salt.users_list_method %} \ /home/{{ user }}/.filename
23:31 Rumbles lordcirth, have you tried running salt in debug mode?
23:31 Rumbles https://docs.saltstack.com/en/latest/topics/troubleshooting/
23:31 lordcirth Rumbles, the problem is that it's intermittent, so re-running just works
23:32 lordcirth So I'd have to run debug all the time to catch it
23:32 Rumbles in what way does it hang?
23:32 Rumbles never returns and times out?
23:32 lordcirth I do a salt '*' state.apply, the first one returns in 5 or 10 seconds, and then hang
23:33 lordcirth So probably timeout
23:33 lordcirth The salt command doesn't exit, though
23:34 Rumbles ever?
23:35 Rumbles it should time out and return no response from minion after a few minutes
23:37 Rumbles what's the network like between the hosts?
23:37 Rumbles and what version are you running?
23:38 lordcirth Rumbles, a few minutes?  Presumably it would, but I'm far too impatient for that
23:38 lordcirth 2016.3.3, salt repo
23:38 lordcirth I've had it on different networks, some quite solid
23:39 lordcirth Maybe the minion is just taking a long time to run the states, for some reason.  It just annoys me that there's no feedback.  Getting state results one at a time would be pretty cool, actually.
23:39 lordcirth But then that would mess up ordering with multiple minions...
23:45 systo joined #salt
23:45 pipps joined #salt
23:46 whytewolf lordcirth: you could run the command with --async which will output a jid you can lookup
23:47 lordcirth whytewolf, like when you ^C a run?
23:47 whytewolf yeah
23:47 lordcirth Does the data in the jid come in bit by bit?  So I could 'watch' the lookup?
23:47 whytewolf that isn't how returners work
23:48 lordcirth Yeah, I didn't think so
23:48 whytewolf returners only return once the minion has finished
23:48 lordcirth It just annoys me that I have no way of telling whether the minion has hung, or the state is installing packages, or what
23:48 lordcirth Especially on a run that's supposed to be 0 changes
23:49 abednarik joined #salt
23:50 whytewolf you could just run salt-call -l debug on the minion a couple of times
23:52 whytewolf or you could put random events in the bus and watch the bus
23:58 fracklen_ joined #salt

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary