Perl 6 - the future is here, just unevenly distributed

IRC log for #salt, 2016-12-20

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:27 stooj joined #salt
00:38 okolesnykov joined #salt
00:39 nZac joined #salt
00:45 stooj joined #salt
00:49 DEger joined #salt
00:52 Klas joined #salt
00:52 darix joined #salt
01:05 jacksontj joined #salt
01:12 stooj joined #salt
01:28 anotherzero joined #salt
01:31 madboxs joined #salt
01:32 lempa joined #salt
01:37 stooj joined #salt
01:39 MasterNayru joined #salt
01:44 MasterNayru Hello all! I'm am trying to use Salt to set up applications in Docker containers. The issue I am having at the moment is that the containers don't have an init system running in them, so all of my service resources fail. Does anyone have experience using Salt to build Docker containers?
01:44 MasterNayru The OS I am working with the moment is CentOS 7.
01:50 stooj joined #salt
02:01 whytewolf MasterNayru: that would be because Docker is only meant to run one app. per container. [which is why it doesn't have an init system] your Docker container should be setup to start the application, with salt just handaling the docker container.
02:04 whytewolf MasterNayru: read here https://www.packtpub.com/books/content/docker-container-management-with-saltstack
02:05 whytewolf although i think that is pre dockerng ... but the concept is the same
02:07 18VAARJ0D joined #salt
02:12 dxiri joined #salt
02:12 stooj joined #salt
02:20 dxiri joined #salt
02:22 austin_ i have a situation where i have a require on a file.managed. however, the file.managed has an unless
02:22 austin_ see https://gist.github.com/austinpapp/73d367b87363d9be505d6e757bfbc322
02:22 austin_ the unless blocks
02:22 austin_ which is in fact what i want
02:23 austin_ however, the require seems to fail because /tmp/get-pip.py isn't present. however the unless blocked. so it shouldn't have really returned true
02:34 jorian joined #salt
02:36 MasterNayru Sorry, I'm not suggesting that I want to have an init system in Docker containers. What I'm trying to do is reuse the salt states that I have made for VMs to also work for building Docker containers.
02:37 MasterNayru I'd be happy with something that just allowed services to say they were managed successfully but actually do a no-op, otherwise I'll always get fails for any service.running resource, for example
02:40 evle joined #salt
02:40 whytewolf MasterNayru: well there is the test.nop [which is a no-op] you could substitute for the service.running part.
02:40 sebastian-w joined #salt
02:46 whytewolf austin_: i think you want onchanges not require... require means the state was passed, or changed. the unless still counts the state as passed
02:46 MasterNayru Right, but then I have to have if statements through all of my states to account for when it's a container vs a VM
02:46 whytewolf MasterNayru: you won't get around that.
02:46 austin_ whytewolf: ugh. thanks. complete forget about onchanges
02:46 stooj joined #salt
02:48 ilbot3 joined #salt
02:48 Topic for #salt is now Welcome to #salt! <+> Latest Versions: 2016.3.4, 2016.11.0 <+> Support: https://www.saltstack.com/support/ <+> Logs: http://irclog.perlgeek.de/salt/ <+> Paste: https://gist.github.com/ (please don't multiline paste into channel) <+> See also: #salt-devel, #salt-offtopic <+> Ask with patience as we are volunteers and may not have immediate answers
02:48 doorsnsardines Hey, can someone double check me and tell me if I'm just getting the use of state.orchestrate wrong here? I keep getting that the environment can't be found (I assume the missing sls is because it doesn't know which env to look in). Pastebin: http://pastebin.com/E4HCGP0w
02:49 whytewolf doorsnsardines: salt-call??
02:50 dxiri joined #salt
02:50 whytewolf orchestration is a runner
02:50 doorsnsardines whytewolf: yeah, this is all inside a docker container. I'm trying to find a nice way to use it to test out salt changes before pushing them upstream
02:50 jorian joined #salt
02:50 doorsnsardines I don't quite hate myself enough to chose '336e66d8297e' as a hostname :P
02:51 doorsnsardines I've been going off this doc: https://docs.saltstack.com/en/latest/topics/orchestrate/orchestrate_runner.html#masterless-orchestration
02:51 doorsnsardines with the environment parameters from here: https://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.state.html#salt.modules.state.orchestrate
02:51 whytewolf interesting... didn't know about that change
02:51 doorsnsardines this is all on salt-call 2016.11.0 (Carbon) btw
02:52 doorsnsardines yeah, the --local looks to be a nifty little tool for exactly this sort of thing
02:52 whytewolf but yeah if there is no enviroment prod then it won't be able to access the motd orchestration file
02:53 doorsnsardines that's what's confusing me here, there is an environment named prod
02:53 whytewolf in your minion config?
02:53 whytewolf [not on a master]
02:53 doorsnsardines hmm, maybe that's the issue is that I need to have the 'minion' learn it's env manually
02:54 doorsnsardines since there is no master and salt isn't laying down the /etc/salt/minion file from a template
02:54 whytewolf well that is what --local is about. it ignores the master. and everything has to be setup in the minion
02:54 whytewolf do you have a file_roots setup on the minion?
02:55 doorsnsardines I was trying to pass the file roots (salt and pillar) as well as the environments in the command
02:55 doorsnsardines so "-file-root=/srv/salt --pillar-root=/srv/pillar" and then "saltenv=prod pillarenv=prod" after the state.orchestrate
02:55 whytewolf --file-root would only be base
02:56 doorsnsardines the saltenv= wouldn't override that?
02:56 whytewolf nope
02:56 cliluw joined #salt
02:57 whytewolf --file-root Set this directory as the base file root.
02:57 doorsnsardines is that expected behavior? I would think a cli argument like that would override the config file
02:57 doorsnsardines I don't have an env named base
02:57 doorsnsardines at the moment I only have the prod one
02:57 whytewolf everyone has an enviroment names base
02:57 whytewolf saltstacks default enviroment is base
02:57 cliluw joined #salt
02:57 catpigger joined #salt
02:58 doorsnsardines well, /srv/salt/base doesn't exist
02:58 whytewolf it doesn't have to
02:59 doorsnsardines I'm not sure I follow that part. if /srv/salt/base doesn't exist, it won't contain the sls files.
02:59 whytewolf you told it that /srv/salt is the base
02:59 doorsnsardines is it just not possible to alter which env to search in as part of the command?
03:00 doorsnsardines ah okay, so then yes, that exists
03:00 whytewolf also /srv/salt is the default directory for base
03:00 doorsnsardines but calling saltenv=base and apply prod.motd will mess up the salt:/// uris
03:00 doorsnsardines so I was under the impression I would have to do something to change the search path to /srv/salt/prod
03:01 whytewolf enviroments are a lot more then just directories.
03:01 whytewolf they are also a pain in the backside
03:02 doorsnsardines yes, but when I use something like state.orchestrator it's not going to read the top file and see the environment assignments
03:02 doorsnsardines so I gotta do it some other way
03:02 doorsnsardines I did find this bug: https://github.com/saltstack/salt/issues/22048 but I wasn't sure if I'm hitting it or just missing something obvious
03:03 saltstackbot [#22048][OPEN] state.sls: saltenv is being ignored | salt-call --versions-report:...
03:04 doorsnsardines except on this version the env= option appears to have been removed
03:04 whytewolf you have a lot more configuration to do beyond just passing saltenv [or env] you really should read the masterless config. drop trying to set the file-root by cli and setup the minion config file to masterless
03:06 whytewolf https://docs.saltstack.com/en/latest/topics/tutorials/quickstart.html
03:07 whytewolf https://docs.saltstack.com/en/latest/ref/configuration/minion.html#file-roots
03:08 dxiri joined #salt
03:12 stooj joined #salt
03:12 doorsnsardines hmm, not exactly the ideal way to do it I was hoping for, but I can just set the file_root and pillar_root for base to /srv/salt/prod
03:13 doorsnsardines kinda lying about which env is which, but the container is only supposed to survive until I can confirm I'm not going to mess anything up too badly
03:14 whytewolf that is the other way. honestly it approximates enviroment up to a point. the only difference if you you actually do something stupid like check the enviroment in your templates ...
03:14 whytewolf coarse. Docker isn't exactly like spinning up a vm either so you already are losing out on some things there anyway
03:15 doorsnsardines yeah, true, but it does seem like it should fit this purpose well
03:15 whytewolf service.* might have issues
03:15 doorsnsardines all I want is to make sure salt is producing valid config files and that the service can start
03:15 whytewolf Docker containers don't really have an init system
03:16 doorsnsardines I'm basically looking to use this in a way similar to the Chef test kitchen system
03:16 doorsnsardines lying about the base path sorta works, but does mess up state.apply
03:17 doorsnsardines gonna mess with that a little more
03:17 whytewolf so you are replicateing the work done here? https://github.com/simonmcc/kitchen-salt
03:17 doorsnsardines yeah, more or less
03:17 doorsnsardines more work for me, but less ruby in my life
03:18 whytewolf less ruby is a grand goal
03:18 whytewolf it would be why i avoid puppet and chef
03:18 doorsnsardines yeah, if I could reach a point in my life where I never need to try and trick a gem into installing I'll be pretty happy
03:20 whytewolf humm. Vagrant might be less work for what you are doing. Docker is nice and all but can be so limiting when it comes to config file generation.
03:20 doorsnsardines yeah, I considered vagrant too
03:20 doorsnsardines I might go in that direction eventually
03:21 whytewolf and the only way i see it really working [state.apply and all] would be to get the file_root pillar_root setup correctly in the minion
03:21 doorsnsardines yeah, that's what I just hacked in there
03:22 whytewolf it is days like this that i hug my personal openstack cluster
03:25 doorsnsardines oh that's cool
03:25 doorsnsardines how many management nodes did you need to put in to run all of it?
03:26 doorsnsardines I've run openstack in a lab at work a few different times, but the nice thing there is you never have to type you CC number to get gear
03:27 whytewolf not much,, it is a single deployment server, 3 controllers, 2 compute nodes, and a synology NAS devices. I've grown it slowly over the years
03:27 bfrog has anyone done postgres high availability with pacemaker/heartbeat/etc with salt before?
03:27 bastiandg joined #salt
03:27 doorsnsardines ah okay, did you combine swift, keystone, glance, and horizon onto some combination of the mgmt nodes?
03:28 bfrog it seems like there could easily be a fudge up if whatever daemons are running decide to failover and salt then tries to rebuild state inappropriately
03:29 whytewolf doorsnsardines: yeap, it all is smooshed into those three controllers. keystone i only put on the first controller mainly cause i am lazy and don't want to setup a file share system for the kermat keys
03:29 whytewolf although i'm thinking of ditching swift, don't really use it
03:29 doorsnsardines that's pretty cool, I've always held off from installing it at home. the overhead always scared me away
03:29 doorsnsardines Xen's not a bad choice either I suppose
03:30 whytewolf I used to run Xen, I also used to have a enterprise license for vmware... both drove me nuts
03:30 doorsnsardines vmware is good if you leave it alone
03:31 whytewolf yeah thats what drove me nuts about it. I find it hard to leave things alone
03:31 whytewolf I'm a natrual tinker
03:32 whytewolf well that and i hate windows and the only properly good way to run vcenter is on windowsw
03:32 doorsnsardines hehehe, so I did manage to get this to do a state.apply
03:32 doorsnsardines you were totally right about services
03:32 doorsnsardines that's a lot of red...
03:32 whytewolf yeah that missing init system just doesn't play well with services
03:33 doorsnsardines well, the init system is there... but not the rest of the stuff the init system expected to find
03:33 whytewolf such as systemd
03:34 doorsnsardines openrc in this case, but yeah, not going so well in that department
03:34 whytewolf openrc? gentoo?
03:34 doorsnsardines yup
03:34 doorsnsardines I've been known to tinker as well
03:34 * whytewolf shivers.
03:34 whytewolf I havn't touched gentoo in ages
03:34 doorsnsardines yeah, I got off it for a while, but it's pretty nice now
03:35 doorsnsardines I started out in the bsd world so portage feels more at home to me than yum or apt
03:35 whytewolf gentoo was the system i used to wheen myself off of lfs
03:36 doorsnsardines between gentoo and arch I'd take portage any day
03:36 doorsnsardines aur kept throwing me off
03:36 whytewolf I have never tried arch
03:36 bfrog best formula ever, https://github.com/saltstack-formulas/pacemaker-corosync-formula
03:37 doorsnsardines bfrog: all it's missing is a todo file :)
03:37 whytewolf lol. i think i can work with that one
03:38 bfrog hav eyou guys had to deal with HA and Salt at all?
03:38 bfrog any hints at all?
03:38 doorsnsardines I think I can work with this not starting services. I can just add a grain that says I'm in a docker container and use it as a boolean to skip over the services
03:38 doorsnsardines bfrog: I'm not super familiar with pacemaker, is it similar to say keepalived?
03:39 orianbsilva_ joined #salt
03:39 bfrog apparently it uses a cluster quorum to decide when to do something useful like failover
03:40 bfrog though... in the case of say a postgres cluster with 2 nodes, I'm completely baffled how it would deal with a network split sanely
03:40 whytewolf keepalived handeles a subset of what pacemaker/corosync do
03:40 bfrog unless there's at least 3, or its decided one of the nodes gets 2 votes
03:40 whytewolf bfrog: ever worked with corosync before?
03:41 bfrog no, its all new to me
03:41 bfrog but I'm finding I'm needing this yesterday
03:41 whytewolf you are in for some "fun" times
03:42 whytewolf it is nightmare fuel
03:42 bfrog debating at this point if its worth giving up some flexibility and cost and just plunk down for amazon to deal with it with their rds service
03:42 bfrog rds has a lot more limitations and costs a helluva lot more though
03:42 whytewolf I hear it has gotten easier to work with since the days i it up
03:43 whytewolf yeah
03:43 doorsnsardines ... yeah, aws has some latency
03:43 bfrog "some" ?
03:43 bfrog my experience there was terrible
03:43 doorsnsardines not as bad as azure, but you gotta factor it in to do rds
03:43 whytewolf humm when i was working with corosync/pacemaker i used this to help with the cluster http://lcmc.sourceforge.net/
03:43 debian112 joined #salt
03:44 orianbsilva_ joined #salt
03:44 bfrog maybe keepalived would do enough of what I want
03:44 bfrog I'll look at that, there's a formula for it too
03:44 bfrog with more than a README
03:45 whytewolf it might be, pacemaker/corosync and all that can be a pain in the ass, not just to setup but to keep up also
03:45 MasterNayru Looks like I worked around my issue by using a dummy service module and configuring Salt to use that in the provider section of the minion config
03:45 doorsnsardines I dunno how keepalived will get along with pgsql in particular, I know some db servers don't gracefully bind an address as it is added as a secondary on the nic
03:46 doorsnsardines but I use it for services like haproxy and it's excellent
03:46 whytewolf I have heard that keepalived is the generally approved way.
03:47 netcho joined #salt
03:47 whytewolf pacemaker is a bit like bringing a sledgehammer for a screw
03:50 onlyanegg joined #salt
03:54 anotherzero joined #salt
03:55 rdas joined #salt
04:03 debian112 joined #salt
04:13 oida joined #salt
04:37 mpanetta joined #salt
04:46 jorian joined #salt
04:47 bltmiller joined #salt
04:57 stooj joined #salt
05:06 sh123124213 joined #salt
05:07 sp0097 joined #salt
05:09 gnord joined #salt
05:10 darkpixel joined #salt
05:17 darkpixel I'm a bit confused.  I have a state and pillar data that manages Samba on a handful of NAS boxen.  In my pillar data for creating shares, I have a line "{%- if 'tank' in grains['zpool'] %}" which worked last Thursday because I officially migrated management away from Puppet.
05:17 darkpixel Over the weekend, the only changes I made in salt were removing a few old SSH keys and adding a few new ones (I rotated my personal SSH keys I use to connect).
05:17 darkpixel During the weekend, calling 'state.highstate' worked perfectly.
05:17 darkpixel Today I went to show the changes to a co-worker, and state.highstate failed with "TypeError: argument of type 'NoneType' is not iterable" on the line I posted above.
05:17 darkpixel Calling 'grains.get zpool' on all the minions returns info about the zpools, but calling state.highstate bombs.
05:17 darkpixel I verified there were no changes to salt (/srv/salt is a git repo), and now I'm stumped.  Any pointers?
05:21 gnord joined #salt
05:24 bastiandg joined #salt
05:35 binocvlar joined #salt
05:38 ____ joined #salt
05:39 preludedrew joined #salt
05:40 oriansilva joined #salt
05:48 netcho joined #salt
05:52 sh123124213 joined #salt
06:00 DEger joined #salt
06:23 bocaneri joined #salt
06:27 ashmckenzie joined #salt
06:30 eseyman joined #salt
06:30 samodid joined #salt
06:33 ivanjaros joined #salt
06:51 k_sze[work] If I look at this page: https://repo.saltstack.com/#ubuntu
06:51 k_sze[work] The URL of the repository says "amd64". Does anybody know if it's actually cross-platform?
06:51 k_sze[work] AFAIK SaltStack is actually all Python, no?
06:51 k_sze[work] So it *should* be cross platform anyway?
06:52 iggy it's all python
06:52 k_sze[work] I'm trying to install SaltStack on a NVIDIA Jetson TK1, which runs a flavour of Ubuntu 14.04 Trusty, but the CPU is ARMv71
06:52 AndreasLutro salt has dependencies that are compiled python libraries, like msgpack
06:52 AndreasLutro so no, it's not all python
06:53 k_sze[work] AndreasLutro: are those dependencies pulled from repo.saltstack.com?
06:53 AndreasLutro pretty sure some of them are, can't remember which though
06:53 AndreasLutro you could always try
06:57 iggy everything in the salt repo is python, but yeah... things outside aren't necessarily
06:58 pipps joined #salt
06:59 netcho joined #salt
07:04 lasseknudsen I see issues with service restart in LXC container, "[ERROR   ] Command '['systemctl', 'start', 'nscd.service']' failed with return code: 6", i can restart the services manually using service nscd restart. I dont see this issue on any of my phycial ubuntu systems, all are 14.04. Does anyone know what im doing wrong.
07:05 dxiri joined #salt
07:05 armyriad joined #salt
07:13 onlyanegg joined #salt
07:22 sh123124213 joined #salt
07:29 stooj joined #salt
07:31 LostSoul joined #salt
07:38 fracklen joined #salt
07:51 fracklen joined #salt
07:56 tobiasBora joined #salt
07:57 okolesnykov joined #salt
07:59 andi- joined #salt
08:00 saintpablo joined #salt
08:04 flyboy joined #salt
08:06 onlyanegg joined #salt
08:07 oida joined #salt
08:12 DEger joined #salt
08:13 JohnnyRun joined #salt
08:13 JohnnyRun ja
08:13 saintpablos joined #salt
08:17 fracklen joined #salt
08:20 saintpabloss joined #salt
08:22 dkrae joined #salt
08:28 fracklen joined #salt
08:28 fracklen joined #salt
08:32 samodid joined #salt
08:32 sh123124213 joined #salt
08:51 jacekplacek joined #salt
08:53 irctc218 joined #salt
08:54 irctc218 Is there a way to tell salt to not downgrade a package if a newer version is already installed?
08:55 mikecmpbll joined #salt
09:13 s_kunk joined #salt
09:13 keimlink joined #salt
09:17 orianbsilva joined #salt
09:29 m4rk0 joined #salt
09:33 m4rk0 Hello, I'm trying to set users .bashrc in base64 format using file.decode (name, encoding_type: base64)... I always get broken .bashrc file (syntax error: unexpected end of file), like it's in some ambiguous encoding... Any suggestions?
09:35 sh123124213 joined #salt
09:51 alexzel joined #salt
09:52 netcho joined #salt
09:55 alexzel hello, I'm trying to configure a beacon to watch a directory, but I keep getting "DeprecationWarning: Beacon configuration should be a list instead of a dictionary."
09:56 onlyanegg joined #salt
09:56 alexzel The docs on how to configure beacon and the example in the source code are two different things, one tells me to create a dict and the other one a list, and both don't work
09:59 alexzel if i try to configure the beacon as a list i get "TypeError: list indices must be integers, not dict"
10:10 inad922 joined #salt
10:17 stooj joined #salt
10:25 jhauser joined #salt
10:26 Miouge joined #salt
10:29 gladia2r joined #salt
10:32 sh123124213 joined #salt
10:39 lasseknudsen joined #salt
10:40 sh123124213 joined #salt
10:44 lasseknudsen joined #salt
10:44 netcho joined #salt
10:45 fredvd joined #salt
10:51 sh123124213 joined #salt
10:52 amcorreia joined #salt
10:54 onmeac joined #salt
11:09 stooj joined #salt
11:24 N-Mi__ joined #salt
11:28 abednarik joined #salt
11:34 Reverend hey guys - having a slight issue here where things keep getting assigned completely random groups.
11:34 Reverend ./mnt/data1/git is given group ‘nginx’, but every so often ends up with ‘elasticsearch’ instead xD haha
11:38 Reverend figured it
11:38 Reverend sw
11:38 Reverend dw*
11:40 Bico_Fino joined #salt
11:44 aidin joined #salt
11:45 sh123124213 joined #salt
11:47 felskrone joined #salt
11:50 sh123124213 joined #salt
11:52 amontalban joined #salt
11:52 amontalban joined #salt
11:57 onlyanegg joined #salt
11:59 Mandorath joined #salt
12:04 sh123124213 joined #salt
12:10 irctc218 How can i ensure that a specific line in a file exist
12:10 irctc218 i tried to use file.line but it gives me crazy error messages i do not understand
12:23 Mandorath I'm trying to read up on setting relative paths for formulas but its not clear to my there are reference to tpldir, pardir and slsdir. When for example using a jinja from statement  {% from [dir_reference] + "dir/state" import [something] %} what should be the dir_reference be replaced with?
12:25 alrayyes joined #salt
12:26 stooj joined #salt
12:28 onmeac irctc218, tried file.replace?
12:28 chron0 anyone here using https://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.freebsdports.html ?
12:29 chron0 I'm trying to setup a state to build nginx via ports but I struggle to find the right syntax for ports.config
12:32 abednarik joined #salt
12:32 cscf joined #salt
12:32 jav joined #salt
12:33 Mandorath Figured it out, {% from salt['file.normpath'](tpldir + "/map.jinja") works found in the logs that a trailing / was missing.
12:36 aidin joined #salt
12:40 keimlink joined #salt
12:49 Bico_Fino joined #salt
13:15 chron0 specifically, how are **kwargs supposed to be formated in my statefile? def config(name, reset=False, **kwargs)
13:15 chron0 there is only an example for the cli
13:20 shalkie joined #salt
13:24 babilen chron0: What do you want to pass? Are you writing your state module in Python?
13:24 babilen Or rather: Are you writing a custom state module?
13:24 chron0 babilen: No, I just want to build nginx via the freebsdports module: https://fossies.org/linux/salt/salt/modules/freebsdports.py#322
13:25 babilen That's an execution module, not a state
13:25 babilen So you are looking into using module.run ?
13:25 chron0 I'm trying to set the configure option, i.e. MAIL=off SSL=on etc
13:26 babilen How are you calling it now?
13:26 swills joined #salt
13:27 chron0 *headscratch - still new to all of the salt ecosphere - currently I have an nginx.sls below my states folder where I used to have the usual pkg installed routine
13:27 chron0 now I've changed that to
13:27 chron0 nginx.config:
13:27 babilen chron0: You'd essentially use "- kwargs: foo: bar, quux: baz, ....
13:27 chron0 really?
13:27 chron0 just like that? wtf, it can't be that easy. let me try :)
13:28 chron0 like this basically?
13:28 chron0 config.nginx:
13:28 chron0 - ports.config:
13:28 chron0 - name: www/nginx
13:28 chron0 - kwargs: MAIL_IMAP=off
13:28 babilen Well, you have to use module.run as that isn't a state function, but an execution module: https://docs.saltstack.com/en/latest/ref/states/all/salt.states.module.html#salt.states.module.run
13:29 babilen Are you aware of https://github.com/saltstack-formulas/nginx-formula ?
13:30 babilen The nginx.ng states in there might come in handy. See https://github.com/saltstack-formulas/nginx-formula/blob/master/pillar.example
13:30 chron0 yes, I've tried it but it didn't work well on a couple of our hosts OSes
13:31 chron0 it was impossible to get the nginx repo working, it always tried to enable some PPAs which were undersied
13:33 chron0 babilen: so, back to the freebsdports thing, if I understood you correctly I have to wrap ports.config within module.run within my statefile?
13:33 babilen Indeed
13:33 chron0 thanks a lot for that, I'll read into the module.run docs
13:33 babilen chron0: undersied?
13:33 chron0 undesired :)
13:34 babilen Right
13:34 babilen Yeah, PPAs are generally undesired
13:34 Brew joined #salt
13:37 chron0 how do I see if a module is a state or execution module?
13:38 mikecmpb_ joined #salt
13:38 babilen chron0: You mean in the documentation?
13:39 chron0 both, docs and code
13:39 chron0 https://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.freebsdports.html
13:40 chron0 it says: This module allows you to install ports using BATCH=yes to bypass configuration prompts. It is recommended to use the ports state to install ports, but it it also possible to use this module exclusively from the command line.
13:40 babilen The salt.modules is a strong hint
13:41 Mandorath I've tried using the tpldir salt declaration in a {% import_yaml "defaults.yaml" %} but this does not work, is there an other way to make this path relative?
13:46 chron0 meh
13:46 chron0 https://docs.saltstack.com/en/latest/ref/states/all/salt.states.ports.html#module-salt.states.ports
13:47 chron0 so i guess it would be better to use this instead of wrapping manually?
13:50 babilen chron0: If that is the corresponding state module it would most definitely be better to use it, yes
13:51 Mandorath nvm, i need glasses.... again the /
13:52 chron0 babilen: I guess it is, at least the options/example suddenly makes sense to me, I'm rewriting my sls right now to give it a try...
13:53 sh123124213 joined #salt
13:54 abednarik joined #salt
13:57 babilen chron0: execution modules and states typically come in pairs. The states contain the "logic" and the execution module the "actions"
13:58 onlyanegg joined #salt
13:59 stooj joined #salt
14:04 chron0 babilen: thanks for the clarification, it kinda makes sense. So I can use states for the "planned" stuff and execs to do stuff on request, or to check or for things I don't want to fire in highstate...
14:04 babilen Exactly
14:06 stooj joined #salt
14:10 numkem joined #salt
14:11 debian112 joined #salt
14:19 nicksloan joined #salt
14:20 jeddi joined #salt
14:21 edrocks joined #salt
14:30 edrocks does dockerng require dockerpy? I'm looking to make a python script to manage deployments and rollbacks with docker/salt
14:31 wavded joined #salt
14:31 _Cyclone_ joined #salt
14:32 wavded is there anyway to get a non-zero exit code when salt \* state.apply fails?
14:32 wavded i see salt-call has an option but does not seem like salt does
14:33 wavded --retcode-passthrough
14:35 nickabbey joined #salt
14:39 nickabbey joined #salt
14:40 nickabbey joined #salt
14:41 debian112 joined #salt
14:42 _JZ_ joined #salt
14:43 chron0 babilen: how can I require that ports state now? I've used - pkg: nginx before, to make sure configs etc follow after nginx is installed
14:43 swills joined #salt
14:44 chron0 would if be now just - require: www/nginx (if that is my id to install it)
14:44 abednarik joined #salt
14:44 felskrone joined #salt
14:46 nickabbey joined #salt
14:46 racooper joined #salt
14:52 sarcasticadmin joined #salt
14:56 irctc218 is there a way to set the ownerchip and file permissions for multiple files at once?
15:00 Cadmus joined #salt
15:01 Cadmus Hello, quick question about globbing, is there any way to do leading zeros, like how in bash you can do {00...99} to generate 01, 02, 03 and so on?
15:02 Cadmus If I do "salt 'server0[1-5]' test.ping" it works, but "salt 'server[01-05]' test.ping" doesn't
15:02 s_kunk joined #salt
15:03 AndreasLutro if you want 00..99 it's easy enough to do "server[0-9][0-9]"
15:04 AndreasLutro but if you want {01..12} for example I don't think that's possible, you'd have to switch to regex
15:04 Cadmus Nice round sequences are easy, I guess if I wanted (say) server 09 to 12 I'd have to do it as "server[09,10,11,12]". It's a minor thing but I keep catching myself using the bash way and wondering why it doesn't target, thanks for the swift response as ever AndreasLutro :)
15:05 AndreasLutro I'm not sure [09,10] would work as it operates on individual characters, not strings
15:06 chron0 irctc218: I use file.recurse: and - file_mode: 0644 + - dir_mode: 0755 for that
15:06 Cadmus AndreasLutro: Ah yes, you're right, have to watch out for that
15:07 spirit_ joined #salt
15:08 bowhunter joined #salt
15:10 spirit_ does anybody know how to use genshi or cheetah templating systems with saltstack ?
15:14 oida joined #salt
15:16 XenophonF joined #salt
15:17 pcn change the template style?
15:17 pcn I haven't dont it, but what have you tried?
15:19 stooj joined #salt
15:22 spirit_ I am trying to use several templates - #!jinja|genshi|yaml
15:23 spirit_ I want to be able to use one pillar values in another, so I need to process sls file by templating engine twice
15:23 XenophonF yikes
15:23 XenophonF why
15:24 swills joined #salt
15:24 spirit_ if I use jinja twice I need to escape "{{" and "}}" which is not comfortable
15:24 bakins joined #salt
15:24 XenophonF why render twice?
15:25 XenophonF just render the template once
15:25 XenophonF keep things simple
15:25 spirit_ I want to have in pillar the next:
15:26 spirit_ service_name: php5-fpm
15:26 spirit_ log_path: /var/log/{{ pillar.service_name }}/error.log
15:26 spirit_ but pillar does not allow such usage
15:26 wavded joined #salt
15:26 XenophonF use jinja in the pillar file if you need to
15:27 XenophonF but rendering the same file twice is really confusing and thus something you should avoid
15:27 spirit_ wile salt calculates pillar the pillar dict does not exist, so I can not use pillar values within templating engine during pillar calculation
15:28 spirit_ so I decided to use another engine for sls:   log_path: /var/log/${service_name}/error.log
15:28 XenophonF wait - what precisely are you trying to do?
15:29 spirit_ and in sls it will be:   - name: {{ pillar.log_path }}
15:29 spirit_ jinja will process it and replaces with "/var/log/${service_name}/error.log"
15:30 spirit_ and after genshi (or something another) will process to "/var/log/php5-fpm/error.log" value
15:31 spirit_ in 2 words I am trying to render a value of variable, which name is in another variable
15:31 spirit_ php example: $a=5; $b='a'; echo $$b;
15:31 spirit_ bash example: a=5; b='a'; echo "${!b}"
15:31 XenophonF yeah i understand what you're doing
15:31 XenophonF what i don't get is why you want to do that
15:33 spirit_ I am writing sls scenario for php-fpm service, I want to have single pillar dict for php.ini and php-fpm.conf values, but various distros have different paths
15:34 XenophonF oh
15:34 spirit_ in CentOS it is /var/log/php-fpm, in Ubuntu - /var/log/php5-fpm
15:34 XenophonF there's a better way
15:34 XenophonF you want to use the same pattern as other salt formulas
15:34 XenophonF the whole defaults.yaml/map.jinja thing
15:35 spirit_ and how it can be applied to my case ?
15:35 XenophonF here's an example
15:35 XenophonF https://github.com/irtnog/openssh-formula/tree/master/sshd
15:35 XenophonF that's a formula i wrote to manage sshd
15:37 XenophonF you want to keep things simple
15:38 XenophonF here's another slightly more complicated example
15:38 XenophonF https://github.com/irtnog/shibboleth-formula/tree/master/shibboleth/sp
15:38 Sketch hmm, is there a difference between pillar.get('foo') and pillar['foo'] ?
15:38 XenophonF yes
15:39 anotherzero joined #salt
15:39 XenophonF Sketch: one is a function, one uses the dictionary accessor
15:39 XenophonF so if you want to specify a default value for missing keys, use the .get() function
15:40 Sketch is the dictionary accessory newer?  i see a lot of examples/etc using the .get form
15:40 promorphus joined #salt
15:40 Sketch i assume you also need .get for things like {% for user, args in pillar.get('ftpusers', {}).items() %}
15:40 XenophonF https://docs.saltstack.com/en/latest/topics/pillar/index.html#pillar-get-function
15:41 Sketch ah
15:41 Sketch i was wondering about salt['pillar.get'] too, looks like that is explained there ;)
15:43 icebal joined #salt
15:46 Flying_Panda anyone use salt with gitfs ?
15:46 Cadmus Flying_Panda: Yes, but I didn't set it up, I'll help if I can, what's the issue?
15:46 edrocks is there a way to call the tags list endpoint using dockerng? I need a list of tags and their ids from a remote registry
15:48 aidin joined #salt
15:48 stooj joined #salt
15:49 Flying_Panda how do you call a file.managed referencing a file on gitfs I have a repo mounted on salt://prod  I can see the file with a fileserver.file_list giving me a  prod/windows/Files/Minionconfig im trying to call the file with file.managed - source:salt://prod.windows.Files.Minionconfig  :q
15:49 XenophonF Flying_Panda: yes
15:49 Flying_Panda but salt cant find it
15:49 XenophonF um
15:49 wavded joined #salt
15:50 Cadmus I think you need slashes, not dots
15:50 XenophonF yea that
15:50 Flying_Panda ohh so it reads it as an actual path not the python way ?
15:50 Flying_Panda when using gitfs
15:51 XenophonF right
15:51 Cadmus It's like a URL
15:51 XenophonF and it's not really a python way, the dot notation is just for SLS IDs
15:51 oida joined #salt
15:51 Cadmus - source: salt://autofs/files/auto.master.tmpl
15:52 Cadmus (those dots aat the end are part of the filename, maybe a bad exmaple therE)
15:52 Cadmus Oooh, now with added jinja
15:52 Cadmus - source: salt://geoserver/files/{{ version }}/extensions/oracle-connector/ojdbc7.jar
15:53 fracklen joined #salt
15:53 Flying_Panda Awesome thanks :D
15:54 Flying_Panda that had me stumped forever
15:54 Flying_Panda moving to gitfs from file roots is going to need a code cleanup me thinks :(
15:55 stooj joined #salt
15:55 dxiri joined #salt
15:56 fracklen joined #salt
15:57 Cadmus Flying_Panda: PROTIP - Put the top.sls in a separate repo to your other statements, then you can use git branches as environments
15:57 phx joined #salt
16:04 fracklen joined #salt
16:04 chron0 oida: ah :)
16:08 stooj joined #salt
16:09 Flying_Panda ahh nother question in regards to gitfs is it possible to have your pillar files as a seperate repo ?
16:10 Sketch Flying_Panda: yes.
16:12 fracklen joined #salt
16:13 oida chron0: :)
16:14 jls591 joined #salt
16:15 mikecmpbll joined #salt
16:16 Cadmus Flying_Panda: Yeah, that's how I do it. Three repos: base, top, and pillar
16:16 Cadmus base and top are accessible in the whole company, pull requestes accepted. Pillar has passwords and that in it, so that has to stay private.
16:17 sh123124213 joined #salt
16:19 onlyanegg joined #salt
16:21 cyborg-one joined #salt
16:22 bluenemo joined #salt
16:23 dyasny joined #salt
16:25 wavded joined #salt
16:29 stooj joined #salt
16:32 scottk_ joined #salt
16:33 scottk_ I changged the version number from 2.2 to 3.2 in the zabbix formula. Now when I run state.sls zabbix.agent.repo it gives me an error saying that public key for zabbix-agent-3.2.2-1.el7.x86_64.rpm is not installed. It says that I have NOKEY installed. Can anyone help me figure this one out?
16:34 dragon788 joined #salt
16:35 oida joined #salt
16:37 Trauma joined #salt
16:39 DEger joined #salt
16:51 wavded joined #salt
16:55 scottk_ joined #salt
16:55 numkem joined #salt
16:56 ivanjaros joined #salt
16:59 melkore joined #salt
17:00 abednarik joined #salt
17:00 bltmiller joined #salt
17:01 N-Mi__ joined #salt
17:02 samodid joined #salt
17:05 mpanetta joined #salt
17:07 oida joined #salt
17:10 PeterO joined #salt
17:10 edrocks joined #salt
17:11 netcho joined #salt
17:17 Praematura joined #salt
17:19 pipps joined #salt
17:21 nickabbey joined #salt
17:21 woodtablet joined #salt
17:23 felskrone joined #salt
17:24 pipps joined #salt
17:27 nickabbey joined #salt
17:27 promorphus joined #salt
17:27 sh123124213 joined #salt
17:30 nledez joined #salt
17:30 nledez joined #salt
17:31 lws joined #salt
17:32 ponyofdeath hi, how can I get unless to execute as a specific user and not root?
17:38 edrocks joined #salt
17:39 dragon788 it is a single command so you'd probably need to use `sudo` or `su` with the appropriate argument to pass a command into it, I'd check the man pages of your minion's OS
17:39 ponyofdeath dragon788: thanks
17:39 ponyofdeath i was trying to do that but was wondering if there was a cleaner way
17:41 promorphus joined #salt
17:46 oida joined #salt
17:48 stooj joined #salt
17:49 ipmb joined #salt
17:49 ipmb I've frequently been seeing this error with salt-cloud, "AuthenticationError: Failed to authenticate! This is most likely because this user is not permitted to execute commands, but there is a small possibility that a disk error occurred (check disk/inode usage)."
17:49 ipmb it doesn't seem to actually be an error, because everything appears to work
17:54 austin_ joined #salt
17:54 austin_ by default, i have 2 versions of pip. pip and pip2. both of which are in /bin. pip is actually py3. anyway, since i need to use pip2, i was going to set the bin_env for pip mod to the right version
17:55 austin_ can you run a shell command in jinja ?
17:55 swills joined #salt
17:55 austin_ o nm
17:55 austin_ duh
17:56 austin_ % set pip = salt['cmd.run']('which pip2') %}
17:57 tawm04 joined #salt
18:00 ipmb I'd like a module which runs a module on the master then executes modules against a specific minion... what's the best way to set that up?
18:01 ipmb afaict `__salt__` is just for running against the current minion (in my case, the master)
18:03 djgerm joined #salt
18:03 mpanetta joined #salt
18:04 whytewolf ponyofdeath: i nswered you last night about that. there are no other settings you can pass to unless so the only way to do it is to use sodu
18:04 whytewolf sudo
18:05 whytewolf ipmb: orchestration, and salting your master
18:05 ipmb yep, master is also a minion (if that's what you mean by salting)
18:06 whytewolf yes, but to orchestrate things between servers like you are discribing you want to look at orchestration. which allows you to run different thigns on different servers
18:07 ipmb ok, I'll take a peek... basically I want to spin up an lxc container via salt cloud, run a couple things on that container, then update an haproxy config on the lxc host
18:07 onlyanegg joined #salt
18:12 s_kunk joined #salt
18:17 aw110f joined #salt
18:20 icebal joined #salt
18:22 dxiri joined #salt
18:23 wendall911 joined #salt
18:24 pipps joined #salt
18:25 sarcasticadmin joined #salt
18:27 wendall911 joined #salt
18:29 oida joined #salt
18:31 dxiri_ joined #salt
18:31 Trauma joined #salt
18:31 v0rtex is there any reason why passing -P to the bootstrap-salt.sh script with a git install would be bad/wrong/stupid?
18:32 v0rtex when I do that on Debian 8 the salt install is broken so I just want a sanity check before I post an issue
18:34 v0rtex never had a problem with this on pre-systemd guest VMs but with Ubuntu and Debian versions using systemd I can't allow pip-based installs and have it succeed
18:40 whytewolf humm, thats odd. unless it is something new with ubuntu. there was a time when -P needed to be used with ubuntu because it didn't have the right version of tornado [and salt didn't have their own repo yet]
18:40 lasseknudsen2 joined #salt
18:41 whytewolf although with the number of scripts going around and the fact pip can overright system python scripts it can be kind of an issue
18:41 v0rtex exactly...that's the reason why I have had that flag in there forever
18:42 v0rtex I'll go ahead and post my issue on github
18:43 Edgan joined #salt
18:44 nidr0x joined #salt
18:49 orianbsilva_ joined #salt
18:53 pcdummy First PR on saltstack-lxd-formula https://github.com/pcdummy/saltstack-lxd-formula/pull/2 :)
18:53 saltstackbot [#2][OPEN] Some changes (enhancements/bugfixes) | * Start support new api pylxd...
18:54 pcdummy So nice :)
18:54 pcdummy after that PR I'll finaly request a merge into salt/develop.
19:06 PeterO_ joined #salt
19:07 pipps joined #salt
19:07 whytewolf pcdummy: salt/develop? you mean salt-formulas if it is a formula. correct?
19:08 pcdummy whytewolf: no in salt itself, its all execution modules/execution states and a formula.
19:09 pcdummy whytewolf: do you know if a module gets loaded from salt first or from _modules ?
19:09 whytewolf _modules overrights modules
19:10 pcdummy ok, after that merge I'll request a fork into salt-formulas then I'll add a PR to develop for the execution* stuff.
19:10 sp0097 joined #salt
19:10 pipps joined #salt
19:10 pcdummy and after a while I'll remove _modules and _states from the formula.
19:11 whytewolf the pr to salt is going to take a lot more work and won't come from this repo you have
19:11 whytewolf you will have to fork salt, add your modules to it then submit a pr to that
19:11 pcdummy whytewolf: its easy, just copy 5 files or so into the develop branch.
19:12 whytewolf I know I've submitted patches to salt before :P
19:12 pcdummy me too :)
19:12 DEger joined #salt
19:13 whytewolf any chance you will add tests?
19:13 pcdummy no chance for that :/
19:14 whytewolf :(
19:14 pcdummy whytewolf: i would have to mock LXD a lot
19:14 whytewolf they did it for nova
19:14 whytewolf :P
19:15 pcdummy whytewolf: those guys have more time than i do :)
19:15 pcdummy I work on a completly different project atm. :/
19:15 hatifnatt I have veryt simple (may be dumb) question, can I user pillar data in another pillar?
19:15 whytewolf hatifnatt: no
19:15 hatifnatt oh
19:15 whytewolf hatifnatt: and if it was a dumb question it wouldn't be asked several times everyday ;)
19:16 pcdummy hatifnatt: you can define pillar data as .json and import that.
19:16 pcdummy hatifnatt: its what i did before i moved to MongoDB for pillar and tops
19:16 whytewolf pcdummy: ... you could also just load the yaml directly... don't need to convert to json first
19:16 pcdummy whytewolf: right
19:17 whytewolf but, that "workaround" makes me cringe
19:17 londo joined #salt
19:17 pcdummy whytewolf: its nice, define global defaults and per host stuff then merge and import it into hosts pillar.
19:18 pcdummy but i love my MongoDB approach a lot more - well its only good when you have 1 host 1 time.
19:18 pcdummy If you need the same host a lot MongoDB ext_pillar is not worth it.
19:19 pcdummy hmm you can mix it.
19:19 whytewolf i normally put global defaults into defaults.yaml but yeah ext_pillars are a much cleaner way to do pillars anyway
19:19 onlyanegg joined #salt
19:20 pcdummy i once asked for PR of my mongo ext_pillar extention but basepi didn't like it ( import of other pillars into mongodb results).
19:20 hatifnatt I have formula which use pillar data to create users, I need to change path for shell based on 'os_family', sure I can use Jinja for every user but...
19:20 whytewolf you could try again :P basepi doens't work for saltstack anymore, he left for adobe a long time ago
19:20 theblazehen71 joined #salt
19:20 pcdummy whytewolf: hihi, no i wont :)
19:21 pcdummy whytewolf: i'm happy with having it in my own stuff
19:21 pcdummy https://rene.jochums.at/having-fun-with-saltstack-and-ext_pillar-mongo/
19:21 pcdummy ^ that my ext_pillar mongo fun
19:22 pcdummy ohh it wasn't basepi but the boss itself thatch45 :)
19:22 whytewolf honestly i just write my states to make heavy use of lookups. so i don't need to bother with getting fancy in pillar
19:22 whytewolf lol. oh yeah if thatch says no it won't go
19:23 edrocks joined #salt
19:29 hatifnatt So any other option than use Jinja for every user?
19:29 pcdummy hatifnatt: give some code then we might find a better way.
19:30 hatifnatt sure just a minute
19:30 pcdummy whytewolf: can you tell me again howto get a formula into saltstack-formulas?
19:30 dragon788 @hatifnatt use a map.jinja instead of just the raw jinja?
19:30 hatifnatt dragon788: may be I haven
19:30 DammitJim joined #salt
19:31 whytewolf pcdummy: just need to ping someone with the link. or you could post the request to salt-user mailing list
19:31 hatifnatt *I haven't used it for now
19:31 dragon788 it's really handy for the stuff like OS specific package names or shells
19:31 pcdummy whytewolf: someone is you?
19:32 whytewolf lol, I do not work for salt
19:32 dragon788 then you just "from mymapjinja import things with context" and use the map.jinja variables like pillar lookups, no extra jinja conditionals required
19:32 pcdummy whytewolf: I know :P But hows the someone for fomulas?
19:32 whytewolf um, gtmanfred might know. I am not sure who currently does it
19:32 Miouge joined #salt
19:33 hatifnatt What I have now http://pastebin.com/hGBuWcsA
19:33 pcdummy hatifnatt: ok, you want that one for some hosts or what?
19:34 pcdummy if grains you want to replace?
19:36 hatifnatt what I whant http://pastebin.com/rsDrGYJc
19:36 hatifnatt *want
19:38 hatifnatt If I create more users I will need to use Jinja again and again
19:38 hatifnatt it's not DRY
19:39 whytewolf hatifnatt: that can be done way easier.... with out needing to drop to pillars
19:40 pcdummy But the he needs to change users-formula
19:40 whytewolf in pillar
19:40 whytewolf https://gist.github.com/whytewolf/56ad1b409b05690a02f0b7978bcd8b64
19:40 pcdummy with a lookup
19:40 * pcdummy keeps out now, you guys make it :)
19:41 whytewolf just move the logic to the top. and use a variable
19:41 _JZ_ joined #salt
19:42 gtmanfred whytewolf: who does which what?
19:43 gtmanfred pcdummy: send an email to salt-users https://groups.google.com/forum/#!forum/salt-users
19:43 whytewolf pcdummy needs to know who to contact to request a saltstack-formula
19:44 pcdummy gtmanfred: okidoki :)
19:45 disaster123 joined #salt
19:46 disaster123 Why does this salt / python pattern matches multiline? - pattern: '^\s*#\s*Listen 443\r?\n? => matches #\n\n\nListen 443\n But flags multiline is not set on file.replace
19:53 theblazehen71 joined #salt
19:54 cscf Perhaps using \n overrides that, or something?
19:54 whytewolf disaster123: \s* matches any whitespace character (equal to [\r\n\t\f\v ])
19:54 cscf Ah that makes sense
19:55 gtmanfred but it should just be whitspace until # appears
19:55 cscf So substitute [\t\f\v ]*    ?
19:55 gtmanfred then Listen
19:55 gtmanfred it doesn't have a \s* after the Listen 443
19:56 whytewolf gtmanfred: he included it both sides of the # but he also has a \n after LIsten 443
19:56 hatifnatt whytewolf: I don't know that I can use it that way. Thank you.
19:56 gtmanfred right, but the re.search shouldn't see the last newline if re.MULTILINE isn't passed to the flags in the re.search function
19:57 promorphus joined #salt
19:57 gtmanfred disaster123: looks like it is probably the same issue as https://github.com/saltstack/salt/issues/38171
19:57 saltstackbot [#38171][OPEN] file.line mode=ensure state issues | Description of Issue/Question...
19:59 whytewolf humm is he setting any flags? cause if not MULTILINE is default on
19:59 whytewolf [the default flags is 8
19:59 disaster123 gtmanfred: already found that one but it did not give me a working solution
19:59 whytewolf ]
19:59 disaster123 whytewolf: flags: 0 is set
19:59 whytewolf humm
19:59 gtmanfred right, but it would be the same problem
20:00 gtmanfred (probably)
20:02 disaster123 gtmanfred: ah yes you're right - it works if i replace ^ with (^|\n)
20:03 disaster123 gtmanfred: so it seems the "line" mode of file.replace is broken
20:03 gtmanfred :) , i would add on to that ticket that you are seeing the same problem with file.replace as well, and I will see if we need to add it as a blocker
20:05 jrgochan Hello all. Does the rsync module run on the server, or on each minion?
20:06 gtmanfred it runs on the minions that are targeted
20:06 disaster123 gtmanfred: thanks i did
20:06 gtmanfred all execution modules are
20:06 gtmanfred disaster123: looks like we are still saying it is not a blocker, but we will get it fixed
20:07 disaster123 gtmanfred: but  it will def. break peoples setup after upgrading. So it would be good to fix it in 2016.11.2
20:07 gtmanfred i don't make the decision on blockers
20:08 gtmanfred if you wanted to take a look and fix it, we would appreciate it
20:08 disaster123 gtmanfred: to limited python knowledge
20:09 disaster123 gtmanfred: but still \s seems to match \n in non multiline mode. any idea how to fix this?
20:09 gtmanfred don't use \s
20:09 gtmanfred [\t\f\v ]* instead
20:09 disaster123 gtmanfred: perl guy ;-) what's the alternative in python style regex?
20:09 disaster123 gtmanfred: OK thanks
20:10 gtmanfred aight, i gotta go back to openstack
20:10 gtmanfred whytewolf: i am getting segfaults with libvirtd on centos 7.3, which has been annoying
20:11 whytewolf ugh, I havn't updated my setup to 7.3 yet... that doesn't give me hope
20:11 gtmanfred yeah, they updated libvirt to 2.0
20:11 whytewolf I am playing around with a saltmaster on 7.3 and pygit is a royal pain in my backside on it
20:12 DEger joined #salt
20:13 whytewolf really wish they would release a pygit2 0.24 and libgit 0.24
20:14 gtmanfred yeah, that really needs an update
20:14 disaster123 gtmanfred: did you enable coredumps and had a look at them with gdb why it fails?
20:15 gtmanfred nah, i don't want to deal with that, i just reverted back to 7.2, and pinned the releasever to that in /etc/yum/vars/releasever
20:15 gtmanfred also, it is fun to complain about redhat bumping versions
20:15 oida joined #salt
20:16 whytewolf redhat bumping versions mid cycle is strange ...
20:17 whytewolf esp something as breaking as libvirt
20:18 whytewolf one of their core business models centers around KVM being a decent hypervisor
20:18 gtmanfred yeah
20:18 gtmanfred I also haven't seen any bug reports about it yet
20:18 gtmanfred nothing on ask openstack either
20:19 whytewolf strange ... they would have been the first to notice something like that
20:19 whytewolf and i am not sure anyone complains louder then the openstack community
20:21 Salander27 joined #salt
20:24 hatifnatt whytewolf: About your example, is it possible to put Jinja part in another file and then include it in another pillar?
20:25 whytewolf hatifnatt: yeap. https://docs.saltstack.com/en/latest/topics/jinja/index.html#include-and-import
20:26 hatifnatt Ah ok, different code than regular 'import'. Thaks.
20:26 whytewolf yeap
20:28 pcdummy gtmanfred: you guys have your own CI running, right? I'm asking because i have a interest into adding Tests to the lxd formula but that would require a running LXD.
20:30 gtmanfred we do not, a lot of the formulas just use travis-ci and testinfra
20:30 gtmanfred https://github.com/saltstack-formulas/docker-formula/blob/master/.travis.yml
20:30 debian112 left #salt
20:31 debian112 joined #salt
20:31 ipmb is there a way to have a state run after another state independent of whether the requisite state fails or succeeds?
20:32 pcdummy gtmanfred: so no way to run LXD somewhere and connect to it?
20:32 gtmanfred you would have to do it on travis or circleci
20:33 pcdummy gtmanfred: as you might know i want the states and modules in develop AND tested there.
20:33 pcdummy but mocking every LXD call is hard.
20:33 gtmanfred if you just want them tested in saltstack develop... just get the integration tests working
20:34 oida joined #salt
20:34 gtmanfred ipmb: state files run from the top down, so if the state you want to run after is just lower down in the state file, or lowerdown in the top.sls file, it will run later
20:35 ipmb I have a state that often fails, but shouldn't stop the other states from running
20:35 dyasny joined #salt
20:35 pipps joined #salt
20:35 gtmanfred the state file runs top down, so just put it later in the file than the first state
20:36 ipmb ok
20:37 ipmb I'm trying to workaround this https://dpaste.de/JTot
20:37 ipmb It happens most of the time with salt-cloud... I have no idea why
20:37 ipmb other than that the job seems to complete successfully
20:38 lws joined #salt
20:46 DammitJim joined #salt
20:48 promorphus joined #salt
20:53 viq joined #salt
21:05 PeterO joined #salt
21:09 oida joined #salt
21:09 theblazehen71 joined #salt
21:10 debian112 joined #salt
21:11 debian112 joined #salt
21:11 nickabbey joined #salt
21:15 sh123124213 joined #salt
21:16 PeterO_ joined #salt
21:21 Flying_Panda salt stack training course confirmed :D
21:23 amontalb1n joined #salt
21:24 tercenya_ joined #salt
21:24 nickabbey joined #salt
21:26 sarcasticadmin joined #salt
21:32 whytewolf password=`openssl rand -base64 4048 | sha512sum | awk '{print $1}'` for when you absolutly never want to enter a password as a human
21:35 pipps joined #salt
21:35 pipps99 joined #salt
21:36 theblazehen71 joined #salt
21:36 Praematura joined #salt
21:37 promorphus joined #salt
21:39 pipps_ joined #salt
21:39 cscf Solid.  I've been using openssl rand -base64 32
21:41 ipmb joined #salt
21:42 Flying_Panda lol I use 256sum as im bad :(
21:44 cscf sha256 is fine, lol
21:45 cscf There's a >$100M bounty for breaking it (Bitcoin) and I don't see anyone claiming it
21:45 whytewolf yeah mine is a little overkill. but I'm setting up openstack service level accounts... really don't want someone able to crack them through passwords
21:45 cscf Yeah, I agree
21:45 cscf honestly I don't know why they use passwords - should be pki IMHO
21:46 whytewolf there is a pki option... but it is a pain to setup
21:46 Flying_Panda If i ever need to type it i look at my last email recieved choose a random sentence and l33t speak it :D
21:46 whytewolf and this is a home lab :P
21:47 whytewolf oh if i need to type it i use 1password
21:47 Flying_Panda and 100m bounty on sha512? looks like i have my xmas break planned :D
21:49 Flying_Panda Could buy alot of vape liquid for the fun and games I have with salt :D
21:50 Miouge joined #salt
21:51 cscf Flying_Panda, sha256
21:51 Flying_Panda ohh even better :D
21:51 cscf Flying_Panda, a non-literal bounty, but if you can break sha256 fast, you can take over the Bitcoin network.
21:52 Flying_Panda my gray hat days are behind me
21:52 cscf Even if you don't do anything malicious, it's easy money to mine 25 BTC / 10 min
21:53 Flying_Panda yea true that 140k an hr
21:54 Flying_Panda ** 64k my maths is terrible
21:54 Flying_Panda wait no 140k my reading is also terrible
21:55 Flying_Panda nearly hit the 800 mark yesterday didnt it jesus
21:57 promorphus joined #salt
22:00 pipps joined #salt
22:00 Bico_Fino joined #salt
22:00 DammitJim joined #salt
22:00 DammitJim I'm trying to upgrade salt
22:00 DammitJim I'm using pkg.installed
22:00 DammitJim but when I check the version, it is still the old one
22:01 DammitJim I have changed the apt sources file list to get latest
22:01 DammitJim but what do I tell pkg.install to install the latest?
22:03 edrocks joined #salt
22:03 nickabbey joined #salt
22:05 mpanetta joined #salt
22:06 whytewolf DammitJim: - allow_updates: True - version: 2016.11.1+ds-1 [i think]
22:06 DammitJim oh, I have to specify the version
22:06 DammitJim that's probably better so that I don't have minions with different "latest" versions floating around
22:06 DammitJim thanks
22:07 anotherzero joined #salt
22:08 PeterO joined #salt
22:10 nmccollum joined #salt
22:10 nmccollum Is there a way to designate an order of operation in a top.sls ?
22:12 whytewolf nmccollum: it is supposed to be top down. but things like includes and requires can throw off what happens
22:13 nmccollum Yeah, like I have stuff that I want to happen like services being started... but not before certain things are installed.
22:13 dxiri joined #salt
22:13 mpanetta joined #salt
22:17 whytewolf then those services should require the items that need to be installed
22:45 dfinn joined #salt
22:57 dxiri_ joined #salt
22:58 ponyofdeath hi, anyone know why this is not triggering my unless: cmd
22:58 ponyofdeath [ $(cmd) -lt 70 ]
22:58 ponyofdeath if i run that as root i get 0
22:58 ponyofdeath as the return code but salt does not
22:58 ponyofdeath as it does not prevent execution of that state
23:04 Bico_Fino joined #salt
23:06 whytewolf use test instead of [
23:09 whytewolf test $(cmd) -lt 70
23:17 ipmb how can I call a module inside a custom runner?
23:17 ipmb __salt__['module.fun'] doesn't seem to have my custom modules
23:18 madboxs joined #salt
23:20 ipmb looks like __salt__ might just be a list of runners in that context
23:21 whytewolf https://github.com/saltstack/salt/issues/23480
23:21 saltstackbot [#23480][MERGED] Custom runner modules do not pick up custom execution modules | Custom runner modules do not pick up custom execution modules. Although both modules are available in the corresponding `extension_modules` directories the custom execution module is not available in the `__salt__` dictionary that is injected into the custom runner module....
23:22 whytewolf coarse. that is to be expected. runners are master context while exacution modules are in the minion context
23:22 Trauma_ joined #salt
23:25 ipmb whytewolf how would I execute a state from inside a runner?
23:26 ipmb I'd just like to execute it on the master
23:26 whytewolf .. that question doens't make much sense
23:27 whytewolf states are run on minions.
23:27 whytewolf runners are run in the master
23:27 whytewolf orchestration is the closest thing but it still tells the minion to run the state
23:30 amontalban joined #salt
23:31 ipmb ok, I'll rephrase...
23:31 ipmb I'd like to run postgres_user.present inside a runner with the expectation that it would run on the minion that runs on the master
23:32 whytewolf so you want to mimic reactor and orchestration functionality in your custom runner
23:32 whytewolf ok
23:32 whytewolf one sec
23:33 ipmb maybe I'm looking at the problem the wrong way?
23:34 whytewolf I don't know, not sure what your custom runner is doing, or why it even exists
23:35 whytewolf for all i know given the information that you have actually supplied you are rewriting functionality already in saltstack
23:36 ipmb I have a bunch of minions that have database URLs defined in their pillar
23:36 ipmb I want to collect all those database URLs and create the database and user on RDS
23:36 ponyofdeath whytewolf: thanks!
23:37 whytewolf but only the master has access to the rds?
23:37 ipmb actually, that's not true... they are all defined on the master (which is also a minion)
23:37 whytewolf ponyofdeath: no problem
23:37 ipmb correct, only master has rds superuser credentials
23:38 ipmb so my runner was trying to iterate over the pillars, split out the information from the URL and then create the user/databases if necessary
23:38 whytewolf that sounds ... like the wrong way
23:39 ipmb ok, great :)
23:39 whytewolf why not just assign the pillars to the master also and iterate over them in a state?
23:39 ipmb Can I do that without having the state run on highstate?
23:40 ipmb I don't want this to run on every highstate
23:40 whytewolf salt 'master' state.apply state
23:40 ipmb cool, I'll give that a shot. thanks for talking me down from the ledge
23:41 whytewolf no problem ... that was a slippery slope you were on
23:46 shubot joined #salt
23:49 ipmb I think originally I did have them in pillars distributed to each minion which led me to think a state wasn't the right option
23:50 ipmb what's the difference between `state.sls [state]` and `state.apply [state]`?
23:51 pipps joined #salt
23:54 tcowan joined #salt
23:54 tcowan left #salt
23:55 tcowan joined #salt
23:55 tcowan Greetings.
23:56 stooj joined #salt

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary