Perl 6 - the future is here, just unevenly distributed

IRC log for #salt, 2016-11-28

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:01 akhter joined #salt
00:05 akhter joined #salt
00:08 nidr0x joined #salt
00:12 jeddi joined #salt
00:16 jas02 joined #salt
00:16 catpig joined #salt
00:20 akhter joined #salt
00:20 CeBe MTecknology: it should be no problem to use the same pillar/state file structure for the master and salt-ssh together. Do you have a more concrete question/issue?
00:24 edrocks joined #salt
00:24 akhter joined #salt
00:25 MTecknology CeBe: I want to be able to run salt '*' state.highstate from the master and have it update nodes that can't/shouldn't run salt-minion. I'm not finding much about setting that up.
00:28 akhter joined #salt
00:32 akhter joined #salt
00:35 CrashOverride joined #salt
00:39 akhter joined #salt
00:39 abednarik joined #salt
00:40 CeBe MTecknology: quite sure that is not possible. You need one command for the machines that run via master-slave and another command for the machines that run salt-ssh
00:44 MTecknology I was picturing a salt-proxy VM set up to handle pushing salt-ssh commands down to the special guys
00:45 stooj joined #salt
00:49 akhter joined #salt
00:51 stooj joined #salt
00:51 krymzon joined #salt
00:55 akunin joined #salt
00:59 stooj joined #salt
01:02 akunin joined #salt
01:08 akhter joined #salt
01:10 swa_work joined #salt
01:11 saintromuald joined #salt
01:18 akhter joined #salt
01:21 akhter joined #salt
01:25 akhter joined #salt
01:29 gtmanfred joined #salt
01:29 akhter joined #salt
01:33 akhter joined #salt
01:37 akhter joined #salt
01:41 akhter joined #salt
01:43 XenophonF gimpy2938: look at the return values of other execution modules for guidance
01:46 akhter joined #salt
01:50 akhter joined #salt
01:50 sagerdearia joined #salt
01:53 dtsar joined #salt
01:53 krymzon joined #salt
01:57 akhter joined #salt
02:02 akhter joined #salt
02:06 akhter joined #salt
02:07 jedd joined #salt
02:13 akhter joined #salt
02:14 davidone joined #salt
02:18 bltmiller joined #salt
02:18 akhter joined #salt
02:22 akhter joined #salt
02:26 edrocks joined #salt
02:30 akhter joined #salt
02:34 akhter joined #salt
02:36 threwahway joined #salt
02:46 jeddi joined #salt
02:48 ilbot3 joined #salt
02:48 Topic for #salt is now Welcome to #salt! <+> Latest Versions: 2015.8.12, 2016.3.4 <+> Support: https://www.saltstack.com/support/ <+> Logs: http://irclog.perlgeek.de/salt/ <+> Paste: https://gist.github.com/ (please don't multiline paste into channel) <+> See also: #salt-devel, #salt-offtopic <+> Ask with patience as we are volunteers and may not have immediate answers"
02:50 catpigger joined #salt
02:53 akhter joined #salt
02:58 akhter joined #salt
02:58 raspado joined #salt
03:02 akhter joined #salt
03:06 akhter joined #salt
03:10 akhter joined #salt
03:13 akhter joined #salt
03:14 cyborg-one joined #salt
03:18 akhter joined #salt
03:23 akhter joined #salt
03:27 akhter joined #salt
03:28 jas02_ joined #salt
03:32 akhter joined #salt
03:36 akhter joined #salt
03:40 akhter joined #salt
03:45 justan0theruser joined #salt
03:46 JPT joined #salt
03:48 bastiandg joined #salt
03:52 pppingme joined #salt
03:55 krymzon joined #salt
04:03 akhter joined #salt
04:04 zzuf joined #salt
04:09 akhter joined #salt
04:12 donmichelangelo joined #salt
04:13 akhter joined #salt
04:16 akhter joined #salt
04:20 akhter joined #salt
04:24 akhter joined #salt
04:31 rdas joined #salt
04:33 pipps joined #salt
04:37 akhter joined #salt
04:39 joe__ joined #salt
04:45 akhter joined #salt
04:49 akhter joined #salt
04:49 felskrone joined #salt
04:56 akhter joined #salt
05:01 akhter joined #salt
05:04 Neighbour joined #salt
05:08 akhter joined #salt
05:09 ProT-0-TypE joined #salt
05:13 akhter joined #salt
05:13 preludedrew joined #salt
05:17 akhter joined #salt
05:21 akhter joined #salt
05:22 DEger joined #salt
05:22 samodid joined #salt
05:28 edrocks joined #salt
05:28 akhter joined #salt
05:31 nethershaw joined #salt
05:33 rem5 joined #salt
05:36 onlyanegg joined #salt
05:39 akhter joined #salt
05:43 akhter joined #salt
05:47 akhter joined #salt
05:49 iggy that would be nice though if ssh worked like other transports
05:49 iggy but yeah, that would take major rework
05:51 honestly it's taking enough work to keep salt-ssh barely working >_>
05:51 iggy lol
05:51 honestly someone should start a salt-ssh-ng project
05:52 honestly where it really is just a transport
05:53 iggy I think the way the mq stuff works, it'd be pretty tough... I mean salt internally really expects guests to be pretty responsive
05:53 honestly PS: It needs to be pseudo-agentless where the minion isn't started until you run a command
05:54 honestly iggy: in my org we use ssh keys (and sudo rights) as the primary authentication (and authorization) primitive
05:54 cyteen__ joined #salt
05:55 honestly we also think it's a terrible idea to have minions that do nothing 99% of the time using CPU and memory 100% of the time
05:56 honestly that's why we use salt-ssh
05:56 iggy that memory is the killer when trying to build a new app and you have to upgrade all your instances just to fit a minion on
05:56 quantumsummers MTecknology: I think you want to look at orchestration to do what you are talking about, use `ssh: True` for those that need to be handled via salt-ssh and omit that for the rest
05:56 honestly lol
05:57 honestly iggy: are you serious?
05:57 dtsar joined #salt
05:57 iggy yes and no... it's really the master that's killing me
05:57 iggy can't fit it on a 512M instance
05:58 honestly ah
05:59 honestly hmmm, has nobody made a CoreOS / Mirage / whatever image that does nothing other than run an ssh server and a salt master?
05:59 quantumsummers MTecknology: admitedly you may need to have two separate orchestration states to do it, it's possible to do in a single command
06:00 quantumsummers left #salt
06:00 akhter_1 joined #salt
06:03 dtsar left #salt
06:05 evle joined #salt
06:06 iggy could use salt-api and pepper instead of ssh
06:10 akhter joined #salt
06:14 akhter joined #salt
06:19 akhter joined #salt
06:23 akhter joined #salt
06:27 akhter joined #salt
06:31 akhter joined #salt
06:36 akhter joined #salt
06:42 cyteen__ joined #salt
06:43 _aeris_ joined #salt
06:46 cyteen_ joined #salt
06:50 zzzxc joined #salt
06:52 colttt joined #salt
06:55 valkyr2e joined #salt
06:58 akhter joined #salt
06:59 zer0def joined #salt
07:01 jas02 joined #salt
07:07 akhter joined #salt
07:08 cyteen__ joined #salt
07:13 akhter joined #salt
07:14 Lionel_Debroux joined #salt
07:17 akhter joined #salt
07:21 akhter joined #salt
07:22 cyteen_ joined #salt
07:28 akhter joined #salt
07:29 jas02 joined #salt
07:30 edrocks joined #salt
07:32 yuhlw joined #salt
07:36 zer0def joined #salt
07:38 ReV013 joined #salt
07:38 ivanjaros joined #salt
07:41 akhter joined #salt
07:50 akhter joined #salt
07:59 akhter joined #salt
08:01 jas02 joined #salt
08:04 jas02 joined #salt
08:04 akhter joined #salt
08:12 yuhlw left #salt
08:12 akhter joined #salt
08:12 yuhlw joined #salt
08:15 fracklen joined #salt
08:16 J0hnSteel joined #salt
08:17 darioleidi joined #salt
08:20 samodid joined #salt
08:22 jas02_ joined #salt
08:24 DEger joined #salt
08:26 ronnix joined #salt
08:28 toanju joined #salt
08:32 J0hnStee- joined #salt
08:33 teclator joined #salt
08:39 J0hnSteel joined #salt
08:41 samodid joined #salt
08:46 J0hnSteel joined #salt
08:46 JohnnyRun joined #salt
08:50 akhter joined #salt
08:54 ProT-0-TypE joined #salt
08:56 J0hnSteel joined #salt
08:56 krymzon joined #salt
08:58 mikecmpbll joined #salt
09:02 jab416171 joined #salt
09:02 samodid joined #salt
09:02 J0hnSteel joined #salt
09:06 akhter joined #salt
09:08 cyteen__ joined #salt
09:11 J0hnSteel joined #salt
09:13 bdrung_work joined #salt
09:19 akhter joined #salt
09:22 fracklen joined #salt
09:27 keimlink joined #salt
09:27 J0hnSteel joined #salt
09:28 N-Mi_ joined #salt
09:32 geomacy joined #salt
09:33 J0hnSteel joined #salt
09:36 akhter joined #salt
09:36 s_kunk joined #salt
09:40 jas02_ joined #salt
09:44 akhter joined #salt
09:50 akhter joined #salt
09:52 kbaikov joined #salt
09:52 Mattch joined #salt
09:53 fracklen joined #salt
09:54 ProT-0-TypE joined #salt
09:58 N-Mi_ joined #salt
10:00 toanju joined #salt
10:03 jhauser joined #salt
10:07 akhter joined #salt
10:12 zer0def joined #salt
10:12 o1e9 joined #salt
10:13 xet7 joined #salt
10:17 akhter joined #salt
10:20 stooj joined #salt
10:24 akhter joined #salt
10:28 akhter joined #salt
10:32 akhter joined #salt
10:32 Hydrosine joined #salt
10:33 edrocks joined #salt
10:34 cyteen_ joined #salt
10:40 jas02_ joined #salt
10:41 akhter joined #salt
10:45 akhter joined #salt
10:50 akhter joined #salt
10:54 amcorreia joined #salt
10:54 akhter joined #salt
10:56 ronnix_ joined #salt
10:57 ProT-0-TypE joined #salt
11:03 akhter joined #salt
11:05 ronnix joined #salt
11:09 akhter joined #salt
11:15 akhter joined #salt
11:19 akhter joined #salt
11:21 JohnnyRun joined #salt
11:25 akhter joined #salt
11:25 andi- joined #salt
11:25 ronnix joined #salt
11:27 kbaikov joined #salt
11:30 Kirill_ joined #salt
11:31 akhter joined #salt
11:31 Kirill_ Hi everyone! Was wondering if anyone has had 'supervisord' states 'watch' a file and restart ONLY when file is changed
11:32 Kirill_ (restart a specific program, not the "supervisord" itself)
11:32 Kirill_ As far as I can see, it's not working properly (with v. 2016.3.3)
11:35 abednarik joined #salt
11:39 davidc_ joined #salt
11:39 akhter joined #salt
11:41 jas02_ joined #salt
11:44 Kirill_ ok, I think I've found the reason: https://github.com/saltstack/salt/issues/6218#issuecomment-263250811
11:44 saltstackbot [#6218][MERGED] states.supervisord restart option should not exist | The restart option in the supervisord state always restarts the given program group....
11:45 Kirill_ thanks everyone
11:50 akhter joined #salt
11:53 AndrewPashkin joined #salt
11:58 akhter joined #salt
12:05 zer0def joined #salt
12:09 akhter joined #salt
12:11 Valfor joined #salt
12:14 aarontc joined #salt
12:17 jas02 Hi, how can I set dynamic variable inside state file, that use other host primary IP address? I can identify other host based on hostname for example. So something like this: {% if salt['hostname'] == 'server_name' %} {% set server_ip = salt['network.interfaces']()['eth0']['inet'][0]['address'] %} {% endif %}. Will it work?
12:17 akhter joined #salt
12:20 ReV013 joined #salt
12:21 manji jas02, you will look it up in mind
12:21 manji mine*
12:25 akhter joined #salt
12:29 akhter joined #salt
12:35 edrocks joined #salt
12:37 numkem joined #salt
12:38 darioleidi joined #salt
12:39 jas02 manji: What if I don't have for some reason mine enabled?
12:39 manji there is no other way I can think of
12:40 manji mine mitigates this exact issue
12:40 manji looking up information about other minions
12:40 manji since salt states run localy on the minion
12:42 jas02_ joined #salt
12:46 akhter joined #salt
12:51 akhter joined #salt
12:52 salteado joined #salt
12:53 babilen jas02: I'd also recommend to not hardcode interfaces, but use network.ip_addrs with a suitable CIDR or based on type (i.e. public or private)
12:53 babilen (unless you *really* care about the interface)
12:54 babilen Please note, for example, https://www.freedesktop.org/wiki/Software/systemd/PredictableNetworkInterfaceNames/ and evaluate your assumptions concerning network interface naming schemes
12:58 akhter joined #salt
12:59 ronnix joined #salt
13:03 akhter joined #salt
13:05 alrayyes joined #salt
13:10 JohnnyRun joined #salt
13:14 JohnnRun joined #salt
13:14 akhter joined #salt
13:15 av_ joined #salt
13:18 _JZ_ joined #salt
13:19 edrocks joined #salt
13:20 cyteen__ joined #salt
13:21 edrocks joined #salt
13:27 rem5 joined #salt
13:28 akhter joined #salt
13:29 cyteen_ joined #salt
13:31 amontalban joined #salt
13:31 amontalban joined #salt
13:35 Neighbour is it possible to retrieve values from a pillar defined for a minion that doesn't exist (yet)?
13:38 CeBe Neighbour: I guess not because pillar is assigned to a host via top.sls file and you need to retrieve pillars from the host to see which where sent there
13:38 CeBe why do you need this?
13:38 Neighbour `salt-run pillar.show_pillar minion=asdf` is what I was planning to use, but lots of errors result when all modules that are apparently invoked fail to load because of missing grains
13:39 Neighbour I have a 'generate_secrets'-external pillar that will generate ssh-keys, passwords etc that I want to use in setting up a minion
13:41 Neighbour I already have the pillar files in place and adjusted the top.sls to include the to-be-created minion
13:41 Neighbour the pillar/top.sls, that is
13:41 CeBe Neighbour: the salt-run command you gave works fine in my environment
13:41 Neighbour CeBe: even when you specify a minion-id that doesn't exist?
13:41 CeBe yes
13:41 CeBe do your pillar files rely on some grains?
13:42 cyteen_ joined #salt
13:42 CeBe Neighbour: dependent on the minion id it shows what would match the hostname, e.g. empty for example.com and some default settings for my domain name
13:43 jas02_ joined #salt
13:43 Neighbour afaik there aren't any grains used in the pillar files
13:44 CeBe could you paste the error?
13:45 Neighbour I'm using v2016.3, and what I'm seeing is http://pastebin.com/gV6t0baT
13:45 Neighbour and that for a load of modules, not just selinux
13:46 CeBe I am using salt-run 2015.5.3 (Lithium)
13:48 Neighbour The error implies that it tries to read basic grains (like 'kernel') which don't exist
13:48 Neighbour but why it does that (and doesn't error out on your end)...
13:49 CeBe no idea, could be about the version.
13:49 geomacy joined #salt
13:59 tkharju joined #salt
13:59 fxhp joined #salt
14:00 akhter joined #salt
14:07 cyteen_ joined #salt
14:11 akhter joined #salt
14:12 Neighbour CeBe: found it....defining external pillars without defining extension_modules in the salt master config apparently caused it
14:12 Neighbour now that i've defined extension_modules and pointed it to the right path, I'm not getting the errors anymore
14:14 CeBe great!
14:20 disaster2345 joined #salt
14:25 racooper joined #salt
14:31 huleboer joined #salt
14:33 huleboer I'm setting up salt to use git as a backend.. but it doesn't look like it uses any of my branches.. When I go to /var/cache/salt/master/gitfs/f*/ and do a git log it just says fatal: bad default revision 'HEAD'... And there isn't any files there.. If I change branch there I can download with git pull (master branch).. Any clues what I'm doing wrong?
14:36 toanju joined #salt
14:37 rem5 joined #salt
14:39 fracklen joined #salt
14:43 jas02_ joined #salt
14:48 akhter joined #salt
14:49 racooper joined #salt
14:50 pipps joined #salt
14:58 akhter joined #salt
14:59 dxiri joined #salt
14:59 Tanta joined #salt
15:00 dxiri joined #salt
15:02 anotherzero joined #salt
15:03 shorty_mu joined #salt
15:04 goal joined #salt
15:05 goal is it possible to stop a state from running by default (it should only run if another state sets an onchanges_in for it)?
15:06 XenophonF huleboer: how did you configure the backend?
15:06 gtmanfred goal: it is not, you would have to have something that has onchanges_in to change that states behavior
15:07 XenophonF huleboer: the directory under /var/cache/salt/master/gitfs is not a clone of the repo like you'd get using "git clone"
15:08 catpig joined #salt
15:10 XenophonF huleboer: don't mess with those files, basically
15:10 XenophonF you should be able to run "salt cp.list_master saltenv=foo" and see the contents of branch "foo"
15:10 XenophonF er, "salt-call cp.list_master saltenv=foo" i mean
15:11 disaster2345 hi is there a way to automatically regenerate the minion_id if the hostname changes?
15:11 fracklen joined #salt
15:11 gtmanfred disaster2345: remove the /etc/salt/minion_id file
15:11 goal gtmanfred: okay, thanks
15:12 shorty_mu Hi all, I'm running into a timeout of  a runner started via Salt-API. Who's timeout might it be? I set the timeout in the JSON post but it doesn't seem to work. Code and API-Return: https://gist.github.com/bemeyert/0b85b300214b14321550be0caa31c544
15:12 akhter joined #salt
15:13 SpX joined #salt
15:13 disaster2345 @gtmanfred: yes but if i do so within a state file the highstate run fails for sure and there is no clean exit. My sls file: https://gist.github.com/disaster123/2fa1113ef628cc27f46ded1864c9488a
15:13 gtmanfred disaster2345: best way to do it IMO, would be to use salt-ssh
15:13 gtmanfred to apply the state to all the minions
15:13 SpX joined #salt
15:14 disaster2345 @gtmanfred: yeah but we have a lot of people cloning their VMs. And i want to prevent that there are VMs with wrong minion_ids so it's not a one time job.
15:14 gtmanfred disaster2345: are they manually cloning vms and not using salt-cloud to do it?
15:15 disaster2345 @gtmanfred: yes
15:16 nickabbey joined #salt
15:17 gtmanfred so that gets difficult, because there isn't a good way to update the minion id using just salt-minion... What I would do is have an init script/systemd service that runs a command that checks that the two match, and updates them if they dont, and runs before the salt-minion service starts
15:17 gtmanfred what are you using to virtualize?
15:19 mpanetta joined #salt
15:20 disaster2345 @gtmanfred: yeah that is another idea i had. I found it just nice todo it with salt itself. Virtualization is done with proxmox
15:20 disaster2345 yes it's support by salt-cloud ;-)
15:20 gtmanfred yeah, i just wanted to see if they had cloud-init or something like that
15:21 gtmanfred yeah, it looks like it does
15:21 gtmanfred so you could also enforce that people have to include a specific user-data file when cloning vms
15:21 gtmanfred but the initscript would be the best way IMO, cause you could just install it on all the vms using salt
15:21 Tanta make the first execution state inspect the id equivalence, and if it fails, it can correct/re-launch the salt process
15:22 gtmanfred Tanta: wouldn't it stop talking to the master in the middle and die?
15:22 Tanta I'm not sure, I use a masterless setup
15:22 Tanta maybe that method doesn't work in a master-minion setup
15:22 Tanta if you had auto-signing configured, I believe it would work
15:23 gtmanfred disaster2345: have you tried using startup_states:sls and your script to just rm /etc/salt/minion_id and /etc/salt/pki/minion, and then restarting the salt-minion service?
15:23 disaster2345 @gtmanfred: yes it does but what seems to work (just found out) is to simply recreate the minion_id and NOT restarting the salt-minion - as it does this itself after the run (inode watch?)
15:23 disaster2345 @gtmanfred: no i didn't have to read about startup_states - never heard that before
15:26 raspado joined #salt
15:27 zer0def joined #salt
15:31 disaster2345 @gtmanfred: great - that works absolutely perfectly
15:31 edrocks joined #salt
15:36 disaster2345 @gtmanfred: do you think this one is OK in general? or is there a better way than using onchanges and watch https://gist.github.com/disaster123/2fa1113ef628cc27f46ded1864c9488a
15:36 Brew joined #salt
15:42 nicksloan joined #salt
15:42 raspado joined #salt
15:42 sarcasticadmin joined #salt
15:42 mohae_ joined #salt
15:43 andi- joined #salt
15:43 gtmanfred i would use listen instead of watch, but otherwise it looks good
15:43 gtmanfred in this case, listen and watch do the same thing
15:44 disaster2345 @gtmanfred: could you tell me why you would use listen?
15:44 gtmanfred because listen doesn't reorganize the order of running states, it tacks the restart onto the end of the entire state run
15:45 scoates joined #salt
15:45 gtmanfred in this case, it wouldn't matter because it would go at the end anyway
15:45 gtmanfred but in other cases, it might
15:45 jas02_ joined #salt
15:45 disaster2345 @gtmanfred: ok thanks
15:47 fracklen joined #salt
15:48 fracklen_ joined #salt
15:49 XenophonF anyone here using letsencrypt-formula?
15:52 mohae joined #salt
15:53 ALLmightySPIFF joined #salt
15:54 cyteen joined #salt
15:55 rem5 joined #salt
15:58 Shirkdog joined #salt
15:58 Shirkdog joined #salt
16:00 cyteen_ joined #salt
16:01 garthk joined #salt
16:01 berto- joined #salt
16:01 Aikar joined #salt
16:01 Micromus joined #salt
16:01 Aikar joined #salt
16:01 twiedenbein joined #salt
16:01 capn-morgan joined #salt
16:01 chmod666org joined #salt
16:01 pfallenop joined #salt
16:01 armin joined #salt
16:01 dwfreed joined #salt
16:01 jhujhiti joined #salt
16:01 xmj joined #salt
16:01 xmj joined #salt
16:01 \ask joined #salt
16:02 viq joined #salt
16:02 RandyT joined #salt
16:02 izibi joined #salt
16:02 Horgix joined #salt
16:02 dnull[m] joined #salt
16:02 scooby2 joined #salt
16:02 Vye joined #salt
16:02 vaelen joined #salt
16:02 bbradley joined #salt
16:02 jav joined #salt
16:02 racooper joined #salt
16:02 lubyou joined #salt
16:02 zer0def joined #salt
16:02 mjimeneznet joined #salt
16:02 Karunamon joined #salt
16:02 carmony joined #salt
16:02 patrek joined #salt
16:03 Shirkdog joined #salt
16:03 Shirkdog joined #salt
16:03 cyraxjoe joined #salt
16:03 cebreidian joined #salt
16:03 v0rtex joined #salt
16:04 valkyr2e joined #salt
16:05 ronnix joined #salt
16:05 WKNiGHT joined #salt
16:05 jas02 joined #salt
16:06 dxiri joined #salt
16:06 shorty_mu left #salt
16:06 Garo_ joined #salt
16:06 phx joined #salt
16:07 mattl joined #salt
16:09 Awesomecase joined #salt
16:10 Awesomecase joined #salt
16:12 dxiri_ joined #salt
16:15 dxiri joined #salt
16:18 Rumbles joined #salt
16:19 bdrung_work joined #salt
16:19 dxiri joined #salt
16:19 ivanjaros joined #salt
16:20 iggy XenophonF: me
16:24 k0ng joined #salt
16:24 dxiri joined #salt
16:25 orionx joined #salt
16:25 ronnix_ joined #salt
16:26 dxiri joined #salt
16:27 bltmiller joined #salt
16:28 bltmiller joined #salt
16:28 akhter joined #salt
16:29 teclator joined #salt
16:31 cyteen_ joined #salt
16:32 swa_work joined #salt
16:33 nickabbey joined #salt
16:39 Trauma joined #salt
16:41 dxiri joined #salt
16:42 zer0def joined #salt
16:43 Salander27 joined #salt
16:43 ssplatt joined #salt
16:43 J0hnSteel joined #salt
16:45 jas02 joined #salt
17:03 dyasny joined #salt
17:05 cyteen_ joined #salt
17:07 zer0def joined #salt
17:08 cyteen joined #salt
17:08 beowuff joined #salt
17:13 bltmiller joined #salt
17:15 J0hnSteel joined #salt
17:16 bltmiller joined #salt
17:18 onlyanegg joined #salt
17:20 bltmiller joined #salt
17:21 edrocks joined #salt
17:22 greyeax_ joined #salt
17:26 nidr0x joined #salt
17:30 bltmiller I cobbled together an article on how to automate a Docker Swarm cluster using an orchestrator. Don't know how self-promotion is viewed in this channel, but thought I'd share back my experience: http://btmiller.com/2016/11/27/docker-swarm-1.12-cluster-orchestration-with-saltstack.html
17:30 akhter joined #salt
17:32 gtmanfred bltmiller: i would also post it on /r/saltstack and the salt-users mailing list, looks awesome
17:34 bltmiller you mean like this? https://www.reddit.com/r/saltstack/comments/5fcvkn/docker_swarm_112_cluster_orchestration_with/ ;)
17:34 saltstackbot [REDDIT] Docker Swarm 1.12 Cluster Orchestration with SaltStack (http://btmiller.com/2016/11/27/docker-swarm-1.12-cluster-orchestration-with-saltstack.html) to r/saltstack | 1 points (100.0%) | 0 comments | Posted by abs01ute | Created at 2016-11-28 - 17:21:55
17:34 gtmanfred :+1:
17:38 jas02 joined #salt
17:45 KajiMaster joined #salt
17:46 jas02_ joined #salt
17:47 wendall911 joined #salt
17:56 piGA joined #salt
18:00 nicksloan joined #salt
18:01 nickabbey joined #salt
18:05 samodid joined #salt
18:10 egor_ joined #salt
18:25 Nahual joined #salt
18:27 pipps joined #salt
18:28 s_kunk joined #salt
18:28 nicksloan joined #salt
18:30 Xopher joined #salt
18:31 dijit heh
18:32 akhter joined #salt
18:40 zer0def joined #salt
18:45 bltmiller ha, I see that follow dijit ;)
18:47 jas02_ joined #salt
18:49 ProT-0-TypE joined #salt
18:55 PerilousApricot joined #salt
18:57 pipps joined #salt
18:58 mikecmpbll joined #salt
18:59 pipps99 joined #salt
19:00 abednarik joined #salt
19:00 dijit you probably also see an email from me.
19:00 dijit I didn't realise you pasted the link xD
19:00 dijit and noticed your nick after I sent it.
19:02 sean` joined #salt
19:02 voileux_ joined #salt
19:06 PerilousApricot joined #salt
19:07 seanhagen joined #salt
19:09 akhter joined #salt
19:10 huleboer joined #salt
19:19 irctc620 joined #salt
19:20 irctc620 hello everyone :)
19:22 irctc620 I would like to issue a command towards the minion when I keyboard interrupt a state on the master
19:22 irctc620 anyone willing to know the details and have a chat? :)
19:22 Trauma joined #salt
19:22 gtmanfred you would need to wrap the salt command in a bash script that traps the keyboard interrupt and sends the command you want to send
19:24 irctc620 the same should happen with salt-call as well
19:26 irctc620 I have a state that sends an api request to an external resource. That resource starts building some software for me to deploy (don't ask why). I am waiting indefinitely for a response, but if salt fails for some reason (e.g. ctrl+c) the 3rd party won't know and won't stop
19:26 debian112 joined #salt
19:26 gtmanfred you would need to manually send a kill_job command through the api if the command is ^c
19:27 gtmanfred or again, you could wrap the call in a bash trap, to catch the ^c
19:27 irctc620 yup ... kill is nice, but I cannot figure out how to get the jid of the currently running state
19:28 irctc620 if I get that I will include it in the api call and handle it's pid on the other end
19:28 gtmanfred you would have to do a list_jobs to find it
19:28 gtmanfred if you want it back, you could do the cmd_async, which would return back the jobid
19:28 irctc620 can I do that from within the state ? ... I suppose no
19:29 gtmanfred you cannot, because the api can only return once
19:30 edrocks joined #salt
19:31 tapoxi joined #salt
19:31 irctc620 I think I got it. Thanks gtmanfred :)
19:34 jas02_ joined #salt
19:36 yuhll joined #salt
19:42 dxiri joined #salt
19:43 Rumbles joined #salt
19:43 dxiri joined #salt
19:47 nicksloan joined #salt
19:48 keimlink joined #salt
19:49 bltmiller joined #salt
19:51 zer0def joined #salt
20:01 XenophonF iggy: did you migrate to letsencrypt or did you start out using it on new machines?
20:01 amontalban joined #salt
20:01 XenophonF i've got a bunch of web servers (windows and linux) which i'd like to switch over to letsencrypt
20:02 XenophonF i'm having a bit of a hard time wrapping my head around it
20:02 XenophonF and how certbot works
20:02 XenophonF and how to tie it into salt
20:04 abednarik joined #salt
20:08 pipps joined #salt
20:09 ALLmightySPIFF joined #salt
20:11 datenarbeit joined #salt
20:16 dxiri joined #salt
20:19 jas02_ joined #salt
20:20 tercenya joined #salt
20:21 akhter joined #salt
20:24 datenarbeit joined #salt
20:28 Trauma joined #salt
20:28 ronnix joined #salt
20:28 zer0def joined #salt
20:32 fracklen joined #salt
20:35 swa_work joined #salt
20:36 Llmiseyhaa Huh, the dependancy graph generation seems to be somewhat odd... I've got a state file that includes another state file, then below the include has an additional state with "-watch_in: ..." on one of the states from the included file.
20:37 Llmiseyhaa what it's adding a watch in is service.running, so to my understanding it should be restarting the service but it is not.
20:38 Aleks3Y joined #salt
20:39 gableroux joined #salt
20:39 whytewolf did the state with the watch_in actually register a change?
20:40 swa_work joined #salt
20:40 Llmiseyhaa Yes, the state that specifies the watch_in registers a change, but salt lists it after the states from the included file
20:42 whytewolf humm. are both files included in top?
20:42 whytewolf [they shouldn't be]
20:44 Llmiseyhaa Not using top at all here
20:44 whytewolf okay, strange
20:44 whytewolf can you put the two files in gist?
20:44 Llmiseyhaa But I thought that might be a problem since it's included in two places in the dependency tree (init includes prepare and metrics, which both include the formula in question) so I'll try with it only included into metrics
20:44 Llmiseyhaa and if that doesn't work I'll gist them up for you, yeah. (=
20:50 jas02 joined #salt
20:51 PerilousApricot joined #salt
20:55 zer0def joined #salt
20:56 ernescz joined #salt
20:56 gimpy2938 joined #salt
20:56 pipps joined #salt
20:57 gimpy2938 I'm trying to install a specific version of a package with pkg.installed but it grabs the latest version instead.  ANy idea what I am doing wrong?  https://gist.github.com/jwhite530/20b7870c6fce9322cebe1d1f4d035f4a
20:58 akhter joined #salt
20:59 ernescz gimpy2938: If I'm not mistaken, specifying version with 'pkgs' doesn't work that way
20:59 gtmanfred yeah, i believe you would have to use names:
20:59 gtmanfred or name:
20:59 ernescz only for single package, with 'name:'
21:00 gtmanfred for pkgs, you would have to put the versin on the package
21:00 gtmanfred so
21:00 gtmanfred - pkgs:
21:00 gtmanfred - cuda: 7.5-18.el7
21:01 gtmanfred as noted in the pkg.installed documentation
21:01 gimpy2938 oh, I tried cuda-7.5 like you can pass to yum but I'll try 'cuda: 7.5-18.el7'
21:03 Llmiseyhaa whytewolf: https://gist.github.com/anonymous/73ac6f515b36f06804cd2b98e2c82d73
21:03 disaster2132 joined #salt
21:04 disaster2132 hi is there a way to filter the salt output of a state run so it only displays the failed minions?
21:05 hemebond disaster2132: these will cut down the output: state_verbose: False, state_output: changes
21:05 hemebond You could also pipe the JSON output to jq
21:06 gtmanfred you can test it by passing it to salt on the cli, so salt --state-verbose=False --state-output=changes \* state.highstate
21:06 gtmanfred disaster2132: https://docs.saltstack.com/en/latest/ref/output/all/salt.output.highstate.html this lists the options
21:06 whytewolf Llmiseyhaa: iirc the _in versions require that the module be present in the decleration.
21:06 Llmiseyhaa Oh!  That's peculiar but ok
21:06 Llmiseyhaa thanks
21:07 whytewolf they all used to. but only in recent versions has that started to change for the non-_in versions
21:07 hemebond :-(
21:07 hemebond That's an unpleasant discrepancy. Why did they change it to allow it without the module?
21:07 Llmiseyhaa Yeah, and I was leaving it out based on that in the docco; just surprised me that they failed to do that for the _in statements.  Aw well, easy enough to work around.
21:07 ozux joined #salt
21:08 DammitJim joined #salt
21:08 gtmanfred hemebond: i believe to require an entire state id
21:08 gtmanfred so
21:08 gtmanfred something:
21:08 gtmanfred pkg.installed:
21:08 gtmanfred file.managed
21:08 Llmiseyhaa thanks whytewolf, that fixed it. (=
21:08 hemebond I thought you could already do that.
21:08 gtmanfred do a require on just something
21:08 gtmanfred and it requires both the pkg and file
21:08 o1e9 joined #salt
21:08 whytewolf hemebond: you are thinking of -sls: which actually is an entire sls file
21:08 gtmanfred hemebond: you could do the entire state file
21:09 CampusD joined #salt
21:09 gtmanfred but the stateid can have multiple modules under it
21:09 disaster2132 @gtmanfred: yes i already read this. But even this one salt -b 250 --state-output=changes --state-verbose=False '*' state.highstate  is too noisy.
21:09 disaster2132 i just want a list of failed stuff nothing more
21:10 hemebond Pipe to jq
21:12 CampusD hi all, I am running into a some issues when trying to use the line function in the file state. Is something wrong with the format of my state?  https://gist.github.com/UtahCampusD/0ff7ebe7eaad9a2229012eb50aeb49b8
21:12 disaster2132 in batch mode it seems there's also no summary. So i do not even know if there is a failed one.
21:12 disaster2132 hemebond: jq?
21:13 hemebond https://stedolan.github.io/jq/
21:13 gtmanfred CampusD: it looks like mode is just a string, not a list
21:13 gtmanfred so do mode: ensuee
21:13 gtmanfred so do mode: ensure
21:15 pcdummy joined #salt
21:15 CampusD hi gtmanfred, I wondered about that, can use multiple options there? like ensure and replace?
21:15 gtmanfred you cannot
21:15 gtmanfred only one
21:15 gtmanfred mode
21:15 gtmanfred Defines how to edit a line. One of the following options is required:
21:16 whytewolf multiple options doesn't make a lot of sense for that setting
21:16 gtmanfred yar
21:17 jas02 joined #salt
21:17 CampusD what option would cover both the line there with a different value or the line not there at all?
21:18 gtmanfred you would need two different states
21:19 CampusD ok, so then mode would just be  something like "mode: ensure" instead of the list?
21:19 gtmanfred yes
21:19 Rolypoly joined #salt
21:19 CampusD thanks, I'll give it a try
21:19 gtmanfred you might be able to use ensure with a match? i wonder if that already does the logic that you are wanting
21:20 CampusD yeah, I thought of that, like ensure did both a add and replace if needed
21:20 gtmanfred where as replace would only replace
21:20 gtmanfred and not add if it doesn't find the match
21:24 morissette joined #salt
21:25 Topic for #salt is now Welcome to #salt! <+> Latest Versions: 2016.3.4, 2016.11.0 <+> Support: https://www.saltstack.com/support/ <+> Logs: http://irclog.perlgeek.de/salt/ <+> Paste: https://gist.github.com/ (please don't multiline paste into channel) <+> See also: #salt-devel, #salt-offtopic <+> Ask with patience as we are volunteers and may not have immediate answers
21:25 whytewolf honestly I am not a fan of file.line. it always seemed rather hacky
21:25 honestly yeah I just use cmd.run with sed -i :)
21:25 gtmanfred file.replace
21:25 gtmanfred actually, file.blockreplace is pretty good
21:25 disaster2132 is there a good way to manage files in /etc/salt/minion.d? Problem here again this would restart the salt-minion itself. For example i would dynamically set the salt-master based on geo location pillar data. So it uses the local salt master.
21:26 gtmanfred disaster2132: https://github.com/saltstack-formulas/salt-formula#salt-minion ?
21:26 whytewolf disaster2132: https://docs.saltstack.com/en/latest/faq.html#what-is-the-best-way-to-restart-a-salt-daemon-using-salt
21:26 pcdummy disaster2132: gtmanfred formula works for me.
21:27 johnkeates joined #salt
21:27 gtmanfred disaster2132: which version of salt are you using?
21:27 gtmanfred and on what os?
21:27 gtmanfred if it is using systemd, and after 2016.3.3, i believe you should still get a return value because the minion thread making the changes shouldn't be killed off before sending the event data back to the master
21:28 XenophonF disaster2132: I use salt-formula to manage Linux, BSD, and Windows minions.
21:28 johnkeates salt is looking in the wrong place on debian but in the right place on centos :( I don't understand why. I'm re-engineering logstash-formula to work with the breaking release of 5.x
21:28 pcdummy XenophonF: hows salt windows working for you?
21:28 johnkeates i always take my windows with a pinch of salt
21:29 johnkeates it's so bland without...
21:29 gtmanfred hue hue
21:29 pcdummy XenophonF: my presentation: https://fileshare.lugv.at/public/LinuxDay_2016/raum_3/Saltstack-Einf%C3%BChrung.pdf
21:29 whytewolf johnkeates: check the map.jinja
21:29 disaster2132 @gtmanfred: yes systemd with 2016.3.3 will check the links! thanks.
21:29 pcdummy XenophonF: didn't use anything of yours so ... no mention, sry mate :/
21:29 johnkeates not mapping anything related to the issue there
21:29 whytewolf I always take my windows with a dash of sledgehammer
21:30 johnkeates using: salt-call state.sls logstash.repo (works on centos7 but not debian 8.6)
21:31 whytewolf ahhh... strange, what error are you getting. the repo seems pretty straight forward
21:33 CampusD looks like ensure needs a before and/or after , i am getting "CommandExecutionError: Wrong conditions? Unable to ensure line without knowing where to put it before and/or after."
21:33 johnkeates data failed to compile / Cannot extend ID 'logstash' in 'base:logstash.repo'. It is not part of the high state.
21:33 johnkeates it's not supposed to even want to check base
21:33 disaster2132 whytewolf: these ones look very ugly: https://docs.saltstack.com/en/latest/faq.html#what-is-the-best-way-to-restart-a-salt-daemon-using-salt
21:33 johnkeates well, it can, but it shouldn't
21:33 austin_ joined #salt
21:33 whytewolf wtf
21:34 austin_ has anyone used salt-cloud with openstack liberty ?
21:34 whytewolf disaster2132: "ugly" is relative.
21:34 DEger joined #salt
21:34 whytewolf austin_: I did a long time ago. havn't touched salt-cloud since i moved to mataka though. and don't remeber the magic i used back then
21:35 austin_ unfamiliar with mataka
21:35 austin_ i spell that right?
21:35 whytewolf it is the next version of openstack after liberty :P
21:35 austin_ o ok
21:36 whytewolf mitaka
21:36 whytewolf hoping with the carbon release to rebuild my cluster with newton
21:37 austin_ yea. i dont build out openstack. just use at the moment
21:38 austin_ so you had some black magic to get it to work right?
21:38 whytewolf wasn't black. kind of pinkish with green pokadots
21:38 austin_ lovely
21:39 austin_ i think it keeps looking for v2 endpoint? but i have v3 for identify_url
21:40 whytewolf liberty could still use the v2 endpoint. also are you using the nova driver or the openstack driver?
21:40 austin_ trying to the nova driver
21:40 austin_ just started looking at this an hour ago
21:40 whytewolf and what kind of networking does your openstack cluster use? provisioner or self service?
21:40 whytewolf and version of salt?
21:40 austin_ its v3
21:40 whytewolf ... v3 tells me nothing about your networking style
21:41 austin_ salt-cloud 2016.3.4 (Boron)
21:41 whytewolf v3 is the keystone authentication setup. [which means you get all the nice little things like domains .. kind of]
21:41 austin_ what would be the appropriate way to check that (for networking)
21:41 datenarbeit joined #salt
21:41 austin_ yea you'll have to excuse the lack of openstack knowledge :)
21:42 austin_ for what i've needed, simple hand jam was good enough
21:42 whytewolf no problem. do you get to build networks in horizon or are you just assigned one and that is all you get? [no need for floating ips]
21:43 austin_ nope. we dont build the network
21:43 ernescz Hi! Is it possible for Salt to begin building a new cloud machine instance based on events? Like - receive event and then launch a new instance on a provider and run highstate. I think I ran across something similar in the docs but can't find it now..
21:43 austin_ its rather locked down
21:43 austin_ so external ip is assigned by me
21:43 whytewolf austin_: locked down is good
21:44 whytewolf wait? you assign an external ip?
21:44 austin_ the floating ip that is
21:44 cmarzullo ernescz: yes you can. Haven't done it, but defo seems possible using reactors.
21:45 whytewolf okay. then the nova driver before carbon is useless to you [carbon is salt 2016.11, that was just released over the weekend] you want to either update. or use the openstack driver
21:46 austin_ fair enough
21:46 whytewolf gtmanfred: hs the repo been updated with the new packages yet?
21:46 ernescz cmarzullo: thanks. Will continue looking.
21:46 nidr0x joined #salt
21:47 whytewolf austin_: https://docs.saltstack.com/en/latest/topics/cloud/openstack.html docs for the openstack driver. you will noticed there are some notes in there for the v3 auth
21:47 whytewolf warning openstack driver does print a warning about being depreceated.
21:48 jhauser joined #salt
21:48 austin_ yea. i think that is ultimately why i did that
21:48 austin_ ha
21:49 whytewolf wait ... what happened to the documentation about v3 auth in the openstack driver.... i know it was there last week
21:49 whytewolf never mind ... https://docs.saltstack.com/en/latest/ref/clouds/all/salt.cloud.clouds.openstack.html
21:49 stooj joined #salt
21:49 whytewolf I must be tired
21:50 austin_ ah!
21:50 austin_ ok so i wasn't losing my mind either
21:51 austin_ imho, part of the fun of salt is knowing where to look in docs :)
21:51 whytewolf eh i just use google to search them :P
21:51 cmarzullo ernescz: you'll want a reactor that uses the salt cloud modules to do the things.
21:51 Edgan joined #salt
21:52 disaster2132 anybody here using a good GUI for salt? saltpad / saltshaker?
21:52 cmarzullo You could have jenkins fire a web hook into the salt api to do things.
21:54 disaster2132 is there a way to setup salt environments like in puppet? I want completly unrelated envs. Salt should never look into another if an env is set.
21:54 pipps joined #salt
21:54 whytewolf disaster2132: no
21:54 austin_ disaster2132: saltpd i believe is the most widely used. however, salt just released salt enterprise ... pending of course you want to go that route
21:54 Edgan disaster2132: I use foreman for a salt dashboard.
21:55 Edgan disaster2132: salt has environments, but people recommend against using them
21:55 ernescz cmarzullo: yeah, just wrapping my head around the concept is strange. After just defining a profile/map and launching instances with salt-cloud command.
21:56 whytewolf salt enviroments are not the compleate split they share top files and can easilly be circumvented [so easy that most people do it on accident]
21:56 Edgan gtmanfred: Thanks for getting 2016.11.0 out
21:57 jas02 joined #salt
21:58 disaster2132 whytewolf: but what's the alternative to envs? testing single sls files is simple. But if you have todo major rework it's easier to work with git for me and use rebase and merge.
21:58 whytewolf seperate masters per enviroment
21:58 whytewolf which forces the split
22:01 disaster2132 thanks have to think about it
22:01 disaster2132 will go to bed right now
22:01 whytewolf have a good night
22:08 abednarik joined #salt
22:10 akhter joined #salt
22:11 johnkeates salt enterprise makes me sad.
22:12 hemebond Why's that?
22:12 johnkeates well, instead of the usual support+enterprise extra's it's a whole split with a gui and basically 50% more stuff
22:13 hemebond split?
22:13 johnkeates ever since halite was killed no good gui was FOSS'ed
22:13 johnkeates and now with enterprise, it's pretty much never going to happen
22:13 whytewolf I wouldn't call halite a good gui
22:13 johnkeates well, it's better than no-gui
22:13 hemebond Well, web UI is an enterprise thing.
22:13 johnkeates exactly
22:14 * whytewolf shrugs. I'm not a fan of gui's to begin with so that is subjective
22:14 hemebond I don't really understand why it's bad that the UI is for enterprise only
22:14 johnkeates well, it's not as much a personal preference as it's a management issue
22:14 johnkeates it splits the community
22:15 hemebond I've always looked at it as, "you go do your enterprise stuff over there" since it doesn't affect me.
22:15 hemebond Not really.
22:15 hemebond Salt is fully open source.
22:15 hemebond It's not like Puppet enterprise which is a real split on the actual project.
22:15 johnkeates well, for me it's like putting work into a project, and then having to pay on top of that to use it
22:15 hemebond But... you don't.
22:15 johnkeates if i want a GUI i do
22:16 hemebond Or you could work on the open source version.
22:16 austin_ whytewolf: seems i'm generating this error https://gist.github.com/austinpapp/bfaf0dc70dd00df666d5c368fcec46d5
22:16 hemebond GUI is like a separate product.
22:16 austin_ looking into why that is
22:16 hemebond Or rather "a product"
22:16 austin_ but it does get passed that error and then fails to find the image it old it to look for which isn't right because that image does in fact exist
22:16 hemebond Not even separate. Just something that someone made.
22:17 hemebond Like the open source version except people are paid to work on it and customise it for clients.
22:17 XenophonF pcdummy: that's cool - thanks for sharing!
22:17 johnkeates yes, but those same people also use salt but aren't giving back
22:18 hemebond What?
22:18 hemebond Of course they are.
22:18 hemebond Any change to Salt goes back into the source.
22:18 austin_ the issue with me and the UI is its incompatible with syndics
22:18 hemebond Which UI?
22:19 austin_ well... eAPI that is
22:19 nickabbey joined #salt
22:31 Sammichmaker joined #salt
22:31 nethershaw joined #salt
22:34 jas02 joined #salt
22:38 ozux joined #salt
22:42 zzuf joined #salt
22:43 keimlink_ joined #salt
22:43 ozux__ joined #salt
22:46 akhter joined #salt
22:50 PerilousApricot joined #salt
22:55 ozux joined #salt
22:57 pipps joined #salt
22:57 hemebond Is there any way to add a VM to the salt-cloud index?
22:58 armin joined #salt
23:00 ozux__ joined #salt
23:05 rem5 joined #salt
23:05 jas02_ joined #salt
23:05 tercenya joined #salt
23:07 whytewolf austin_: just testing and i got my mitaka system to return with salt-cloud --list-images=all wolfcloud with a list of images
23:07 whytewolf austin_: https://gist.github.com/whytewolf/c90bdfeeb731a94eb4f58266d6f5ab9e
23:07 whytewolf [note this is just enough info to at least return images, not enough to actually build a vm]
23:12 ozux joined #salt
23:17 stooj joined #salt
23:22 ozux__ joined #salt
23:26 Klas joined #salt
23:26 ozux_ joined #salt
23:33 ozux joined #salt
23:34 ozux joined #salt
23:40 stooj joined #salt
23:41 ozux__ joined #salt
23:43 Marth joined #salt
23:43 Marth Hello
23:45 iggy XenophonF: green field
23:46 Marth left #salt
23:47 PurityPrincess joined #salt
23:49 PerilousApricot joined #salt
23:52 justanotheruser joined #salt
23:52 seanhagen left #salt
23:54 kreid joined #salt
23:54 PerilousApricot joined #salt
23:58 akhter joined #salt
23:59 PerilousApricot joined #salt

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary