Perl 6 - the future is here, just unevenly distributed

IRC log for #salt, 2016-12-26

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:10 MTecknology I don't know how to test rendering templates other than running through them logically. I have the pillar data as the minion sees it, so I can be sure of what's being fed to the states. I'm screwing up something in the state because I forgot something about python. I can't figure it out. :(
00:11 honestly MTecknology -l debug to get the rendered state printed
00:16 eThaD joined #salt
00:41 MTecknology honestly: sounds, good, but the file fails to render
00:57 eThaD joined #salt
01:09 madboxs joined #salt
01:12 edrocks joined #salt
01:18 jeddi joined #salt
01:36 myraft joined #salt
01:39 eThaD joined #salt
01:40 whiteinge joined #salt
01:45 johnkeates left #salt
01:54 seanz joined #salt
02:00 mirko anybody knows about the state of that bug https://github.com/saltstack/salt/issues/38016 ?
02:00 saltstackbot [#38016][OPEN] salt-ssh -r '$COMMAND' - $COMMAND seems to interfere with SSH connection | Passed shell command to `salt-ssh -r` seems to interfere with the SSH connection....
02:00 eThaD joined #salt
02:19 AvengerMoJo joined #salt
02:20 MightyJoe joined #salt
02:41 sebastian-w joined #salt
02:42 eThaD joined #salt
02:46 whiteinge_ joined #salt
02:50 catpigger joined #salt
03:01 whiteinge joined #salt
03:11 lazybear joined #salt
03:12 xmj_ joined #salt
03:13 Arendtse1 joined #salt
03:13 bantone_ joined #salt
03:13 mirko_ joined #salt
03:13 tawm04_ joined #salt
03:13 eseyman_ joined #salt
03:13 evle joined #salt
03:13 darix- joined #salt
03:13 tooth_ joined #salt
03:13 mswart joined #salt
03:14 bastiandg joined #salt
03:19 Edur joined #salt
03:22 SamYaple joined #salt
03:23 SamYaple im really trying to figure another way around this issue, but I cannot. I am working on setting up a cluster of some specific software. I need to check if a file exists on _any_ minion, if it does, then all minions proceed normally, if the file doesnt exist anywhere, a single minion needs to bootstrap
03:24 SamYaple now the single minion part is easy (first minion in the list), but the check if file exists on any host part is harder
03:24 SamYaple ive been thinking of using something like zookeeper to do it
03:24 SamYaple anyone done this or something similiar?
03:28 buu why do this
03:28 uu joined #salt
03:28 buu this sounds scary
03:29 SamYaple how on earth does that sound scary?
03:36 buu Dunno, temporary outages?
03:37 buu Why don't you just have a state that configures a specific machine to have your file?
03:41 SamYaple buu: its a bootstrap. all machines will have said file when it is running properly.
03:41 SamYaple if any machines have it, that means the cluster has been bootstraped
03:41 SamYaple if no machines do, it needs so additional steps
03:42 buu Why don't you just.. run bootstrap once
03:44 rpb joined #salt
03:44 SamYaple this is not helpful buu. im trying to use salt to orchesrate an environment. saying do it manually is the opposite of that
03:46 JPT joined #salt
03:47 buu I'm attempting to suggest that this approach is incompatible with salt's worldview
03:48 justanotheruser joined #salt
03:49 bastiand1 joined #salt
03:58 ablemann joined #salt
03:58 ablemann left #salt
04:29 SamYaple buu: with that attitude nothing will evolve
04:30 SamYaple buu: im sure ill be able to find a way to do this inside the ecosystem
04:30 SamYaple ansible said the same thing 2 years ago and lo-and-behold i figured it out then too
04:39 madboxs joined #salt
04:45 icebal joined #salt
04:48 eThaD joined #salt
04:57 justan0theruser joined #salt
05:03 madboxs_ joined #salt
05:11 stooj joined #salt
05:17 promorphus_home joined #salt
05:46 nerdsville joined #salt
05:47 nerdsville Hello all, quick question, I spent a bit of time trying to get the libvirt driver to work for salt cloud to find out I was looking at the development docs :P when is this functionality planned to be merged into the stable release... also is there an easy way to try out the develop branch
05:52 madboxs joined #salt
05:59 rdas joined #salt
06:14 iggy SamYaple: publish (but as was mentioned, it's not foolproof if a minion fails to respond in time or whatever)
06:33 SamYaple iggy: ill look into publish.
06:33 SamYaple ive got something working with zk_conncurrecny and some loops
06:33 SamYaple im testing all the scenarios
06:36 SamYaple iggy: i think i might be able to work out some early fails if all nodes aren't operating as expected to prevent some of the more major issues
06:36 SamYaple thanks for the info
06:42 madboxs joined #salt
06:44 iggy yeah, generally I try to steer people more toward an actual service discovery layer (although zookeeper wouldn't be my first choice)
06:45 teclator joined #salt
06:47 SamYaple iggy: zookeeper happens to already exist for unrelated reasons. its just a convinent choice
06:57 ilbot3 joined #salt
06:57 Topic for #salt is now Welcome to #salt! <+> Latest Versions: 2016.3.4, 2016.11.0 <+> Support: https://www.saltstack.com/support/ <+> Logs: http://irclog.perlgeek.de/salt/ <+> Paste: https://gist.github.com/ (please don't multiline paste into channel) <+> See also: #salt-devel, #salt-offtopic <+> Ask with patience as we are volunteers and may not have immediate answers
06:57 rhand joined #salt
06:57 gmoro joined #salt
06:57 SamYaple iggy: im using the orchestration runner
06:58 samodid joined #salt
06:58 SamYaple iggy: thats what i means by second state run
06:58 SamYaple that should be safe, no?
06:59 ToeSnacks joined #salt
06:59 mirko joined #salt
07:00 pcdummy iggy: more love for mini PR's: https://github.com/saltstack-formulas/salt-formula/pull/276 ?
07:00 saltstackbot [#276][OPEN] Fix pygit2-libgit2 builds on Debian like platforms. | On Ubuntu Trusty/Xenial LXD images pkg-config is not installed and its no dependency on all of "build-essential" so it does not get installed....
07:01 iggy SamYaple: that, yes (assuming it's different stages, and not trying to use it in the actual orch file
07:03 pcdummy I someone using salt with vagrant?
07:04 SamYaple iggy: right. orch has no jinja2 stuff. good to know. i think i can make this all work for all scenarios I have. thanks for your input
07:04 SamYaple *without* publish as well
07:04 * pcdummy plans a demo of saltstack-lxd-formula with vagrant, thats why hes asking
07:05 iggy orch does actually have jinja, you just wouldn't be able to use grains that you set in it
07:05 tom29739 joined #salt
07:10 teclator_ joined #salt
07:22 uu joined #salt
07:22 Sacro_ joined #salt
07:24 nledez joined #salt
07:24 rmc3 joined #salt
07:24 jwon joined #salt
07:24 nledez joined #salt
07:25 ujjain joined #salt
07:25 ujjain joined #salt
07:26 abhilash55 joined #salt
07:26 abhilash55 hey anyone on in there
07:27 ruxu joined #salt
07:28 pietdv joined #salt
07:29 abhilash55 The salt stack gui version is not open source and is a paid software; is this true? Please ack
07:33 pcdummy abhilash55: theres stuff that isn't
07:33 pcdummy abhilash55: as I don't know these stuff I don't know if it contains a nice guys.
07:33 pcdummy guy
07:33 pcdummy gui
07:33 jeddi joined #salt
07:33 abhilash55 pcdummy: you mean some features are paid?
07:34 pcdummy abhilash55: well salstack core is Open Source
07:34 pcdummy saltstack
07:35 abhilash55 pcdummy: right.
07:35 stanchan joined #salt
07:35 madboxs joined #salt
07:35 pcdummy abhilash55: you don't need a gui :)
07:36 abhilash55 pcdummy: I know people who do :) Actually we are trying to develop one
07:37 pcdummy do you know obdi: https://github.com/mclarkson/obdi ?
07:37 abhilash55 Its a gui for salt?
07:37 pcdummy abhilash55: yes
07:38 abhilash55 Thanks for letting know
07:47 lasseknudsen joined #salt
08:17 eThaD joined #salt
08:31 bigbadwolf joined #salt
08:38 lasseknudsen2 joined #salt
08:38 teclator joined #salt
08:39 ilbot3 joined #salt
08:39 Topic for #salt is now Welcome to #salt! <+> Latest Versions: 2016.3.4, 2016.11.0 <+> Support: https://www.saltstack.com/support/ <+> Logs: http://irclog.perlgeek.de/salt/ <+> Paste: https://gist.github.com/ (please don't multiline paste into channel) <+> See also: #salt-devel, #salt-offtopic <+> Ask with patience as we are volunteers and may not have immediate answers
08:40 Trauma joined #salt
08:40 rofl____ joined #salt
08:40 bekks joined #salt
08:45 pcdummy what is the inclusion order of pillar top-down or down-up?
08:45 * pcdummy has some troubles with overriding a list
08:51 rubenb joined #salt
08:52 babilen top-down .. You might want to check that your pillar merge settings are in line with your expectations
08:55 babilen (→ https://docs.saltstack.com/en/latest/ref/configuration/master.html#pillar-merging-options )
08:56 whiteinge joined #salt
08:56 pcdummy babilen: i try the following: http://paste.ubuntu.com/23686762/
08:57 pcdummy orride a list in another pillar, but that doesn't work.
08:58 babilen There's a space missing on line 17
08:58 pcdummy babilen: yes, sry its just an example
08:59 babilen Well, as always: Construct a minimal real example that exhibits the same behaviour.
08:59 pcdummy i want "packages: purged: container: - mdadm" not packages: purged: container: - lots of purges"
08:59 pcdummy That paste is a minimal example, isn't it?
09:00 babilen Yes, but it is not the real example (as it wouldn't work due to the missing space)
09:00 pcdummy ...
09:00 babilen You didn't actually use that data, but other data, other settings and whatnot :)
09:01 pcdummy this is the result: http://paste.ubuntu.com/23686774/
09:01 babilen I take it that you've verified that PILLAR_MERGE_LISTS
09:01 pcdummy is off
09:01 babilen is set to what you expect it to be (i.e. False)
09:02 pcdummy this is the full input: http://paste.ubuntu.com/23686780/
09:03 pcdummy in that particular example in want to remove the "gdisk" purge as it would remove the desktop on that LXD container.
09:03 pcdummy well I'll go the easy route and globaly remove the gdisk purge
09:05 babilen The list should have been replaced if PILLAR_MERGE_LISTS is set to False and if host is assigned after container
09:05 pcdummy it is
09:05 pcdummy babilen: hmm I'll write a bug report.
09:05 babilen So either you are seeing buggy behaviour (on your version of salt) or there is something else that causes a change in behaviour (e.g. includes, ...)
09:06 pcdummy Its 2016.11.1
09:06 babilen Not using that yet unfortunately
09:06 pcdummy or fortunately
09:06 pcdummy In production I don't use 2016.11.x
09:07 big|bad|wolf joined #salt
09:08 babilen Why fortunately? Is it a buggy release (again) ?
09:08 pcdummy For now i have 2 bugs that one (maybe) and i had one with 2016.11.0
09:09 babilen I had planned to look into upgrading in the next couple of days/weeks
09:09 babilen Yeah, I am very hesitant to roll out .0 in production
09:09 pcdummy I don't have other bugs, yet.
09:09 babilen What are those bugs? (Sorry for derailing your questions)
09:10 pcdummy Then one with 2016.11.0 was debian_ip module not working with "lo" network.
09:10 pcdummy The other one is that merge thing
09:10 babilen Right
09:10 pcdummy babilen: so no breakers
09:10 pcdummy blockers
09:19 preludedrew joined #salt
09:20 pcdummy https://github.com/saltstack/salt/issues/38440 <-- lets see if its reproduceable for others
09:20 saltstackbot [#38440][OPEN] Pillar is not overwriting lists, with pillar_merge_lists: False | Description of Issue/Question...
09:20 eThaD joined #salt
09:22 aarontc joined #salt
09:25 aarontc joined #salt
09:53 ivanjaros joined #salt
10:02 eThaD joined #salt
10:05 Kelsar joined #salt
10:05 Trauma joined #salt
10:09 madboxs joined #salt
10:10 lasseknudsen joined #salt
10:17 mavhq joined #salt
10:24 eThaD joined #salt
10:47 samodid joined #salt
10:48 armyriad joined #salt
10:53 fracklen joined #salt
10:53 rmc3 joined #salt
10:55 lasseknudsen2 joined #salt
11:05 eThaD joined #salt
11:27 madboxs joined #salt
11:30 scoates joined #salt
11:44 samodid hi there
11:44 Hazelesque joined #salt
11:45 samodid is it posible to add additional data for salt-cloud events ?
11:46 samodid it would be cool to have minion grains and pillars in salt/cloud/* events
11:47 samodid in my case
11:48 xet7 joined #salt
11:52 samodid my assumption that grains and pillars are minion specific things, and can not be accessible by salt-cloud, am I right?
12:20 keimlink joined #salt
12:28 madboxs joined #salt
12:28 alexzel joined #salt
12:29 alexzel hello, can salt monitor rss feeds and start a reactor for every new feed?
12:36 cboltz joined #salt
12:36 cboltz Hi!
12:37 cboltz I'm trying to get the mysql formula working, but it always fails with
12:37 cboltz Rendering SLS 'production:mysql.server' failed: Jinja variable 'None' has no attribute 'server'
12:37 cboltz Rendering SLS 'production:mysql.server' failed: Jinja variable 'None' has no attribute 'server'
12:38 cboltz does someone have an idea what could be wrong?
12:41 cboltz hmm, this looks like a bug in the mysql formula
12:42 cboltz the obvious reason is that the variable isn't set
12:42 cboltz looking for the details, I found that it looks up the variable content in defaults.yaml based on the 'os' grain
12:43 cboltz for openSUSE Leap, 'os' is 'SUSE' - but the yaml file expects it to be 'openSUSE'
12:43 cboltz after changing the yaml file to 'SUSE', it seems to work :-)
12:45 cyteen joined #salt
13:01 cboltz reported as https://github.com/saltstack-formulas/mysql-formula/issues/156
13:01 saltstackbot [#156][OPEN] mysql-formula fails on openSUSE (wrong key in defaults.yaml) | The mysql formula fails on openSUSE with...
13:11 eThaD joined #salt
13:17 Rumbles joined #salt
13:19 nidr0x joined #salt
13:29 madboxs joined #salt
13:32 eThaD joined #salt
13:37 myraft joined #salt
13:40 keimlink joined #salt
14:14 eThaD joined #salt
14:15 oida joined #salt
14:23 nidr0x joined #salt
14:27 big|bad|wolf joined #salt
14:53 pcdummy cboltz: thanks for reporting, can you extend the map.jinja with opensuse data?
14:53 pcdummy or defaults.yaml
14:54 cboltz IMHO the biggest problem is that the 'os' grain is used, which differs between openSUSE Leap and Tumbleweed
14:55 cboltz the quick fix is to change "openSUSE:" to "SUSE:" in defaults.yaml to get it working (only) on Leap
14:56 eThaD joined #salt
14:56 cboltz it might be a good idea to check the 'os_family' grain instead
14:57 pcdummy cboltz: it does distungish (hope its the right word) between Ubuntu and Debian, so no chance to use "os_family"
14:58 oida joined #salt
14:58 cboltz nice[tm]
15:02 cboltz I hit another issue with the mysql formula:
15:03 cboltz the "salt" user doesn't get created, which results in several failures afterwards
15:03 cboltz as a workaround, I set salt_user_name to root
15:04 cboltz is the salt_user: section expected to create the salt user, or do I need to do this myself?
15:05 jeddi joined #salt
15:05 pcdummy cboltz: should be a from zero to hero solution :)
15:06 cboltz hmm, so what did I break this time? ;-)
15:07 cboltz (if it helps, I can drop /var/lib/mysql and pastebin the output I get without using root as salt user)
15:14 pcdummy cboltz: not your fault, after looking at it it seems that this works only with Debian
15:15 cboltz sounds like you should change the default to use root - or fix it for everybody
15:15 cboltz whatever you prefer ;-)
15:15 pcdummy cboltz: no I'm wrong, it should work with Suse, sry.
15:15 pcdummy supply: mysql:server:root_user
15:16 pcdummy cboltz: current root pw should be "root"
15:16 pcdummy ohh no again... salt['grains.get']('server_id') is it
15:16 promorphus_home joined #salt
15:17 cboltz I have a custom root password in the pillar (which gets set correctly)
15:17 eThaD joined #salt
15:18 pcdummy https://github.com/saltstack-formulas/mysql-formula/blob/master/mysql/server.sls#L37 <-- this it what it should do
15:18 pcdummy cboltz: it doesn't?
15:19 cboltz see http://paste.opensuse.org/24914461 (highstate output and mysql pillar data)
15:19 twork_ joined #salt
15:20 pcdummy seems the unless there works and your pw is somepass.
15:23 cboltz it's only a test password on a local setup, so I didn't even try to hide it ;-)
15:24 cyteen joined #salt
15:27 cboltz so - any idea why it fails if salt_user_name != root?
15:28 dxiri joined #salt
15:29 pcdummy salt_user_name can be anything else than mysql:server:root_password
15:30 pcdummy cboltz: as you see here: https://github.com/saltstack-formulas/mysql-formula/blob/master/mysql/user.sls#L6
15:30 oida joined #salt
15:31 cboltz right, the formula will (try to) use salt_user_name
15:31 cboltz but it doesn't _create_ that user, which then causes the "Access denied" errors
15:36 pcdummy cboltz: do you tried to create that user with the formula?
15:36 pcdummy did
15:36 pcdummy So you have both "root" and "salt" after install
15:37 cboltz no, I assumed that the salt user will get auto-created
15:38 cboltz also, if I get user.sls right,   - connection_user: '{{ mysql_salt_user }}'   might cause a chicken-and-egg problem ;-)
15:38 * pcdummy finaly has no more files in /srv/salt/* but uses git for everything, multiple git repos for salt/ and pillar/ with a shared base and detailed "per" region pillar/state.
15:41 cboltz I'm quite new to salt, so please don't scare me too much ;-))
15:45 pcdummy cboltz: salt is great, I felt in love with it after the first day of using it (after a long time with bcfg2).
15:46 cboltz yes, it looks like a great tool
15:46 cboltz but with my luck in finding each and every bug, getting started isn't too easy ;-)
15:46 netcho joined #salt
15:50 cboltz some improvement :-)
15:50 cboltz it seems creating the salt user is done in a separate module, so I now have
15:50 cboltz include:
15:50 cboltz - mysql
15:50 cboltz - mysql.salt-user
15:50 cboltz - mysql.remove_test_database
15:51 pcdummy nice :)
15:51 cboltz the remaining problem is that I get some failures in the first highstate run, and need a second run to fix everything
15:51 pcdummy what are the failures
15:51 pcdummy =
15:51 pcdummy ?
15:51 cboltz my guess is: "mysql" tries to use the salt user before it's created by "mysql.salt-user"
15:52 pcdummy hmm then abstract it a little more use - mysql.server - mysql.sat-user - mysql.remove_test_database ?
15:52 cboltz http://paste.opensuse.org/24462929
15:55 cboltz starting with mysql.server gives me similar failures (but less failures, because it doesn't include creating users)
15:59 eThaD joined #salt
16:03 cboltz I added back mysql.database and mysql.user - both work
16:04 cboltz but I still get failures for mysql_delete_anonymous_user_* which is part of mysql.server and seems to run before the salt user gets created
16:09 cboltz I think I found the problem:
16:09 cboltz mysql_delete_anonymous_user_* runs too early
16:10 cboltz "too early" means
16:10 cboltz - before the salt user gets created
16:10 cboltz - even before the root password gets set (!)
16:12 cboltz_ joined #salt
16:26 pcdummy cboltz: add a require: line
16:26 pcdummy that way you can fix it
16:27 pcdummy And thanks for fixing it if you do. :)
16:31 madboxs joined #salt
16:33 dxiri joined #salt
16:41 cboltz http://paste.opensuse.org/65148767 is my current diff
16:43 cboltz_ joined #salt
16:44 cboltz_ [argh, my laptop is doing funny things :-/ ]
16:46 cboltz_ does my diff look good (enough)?
16:51 * cboltz wonders if require'ing mysql_root_password is correct - mysql_delete_anonymous_user_* uses mysql_salt_user, not root
16:55 fracklen joined #salt
17:05 mavhq joined #salt
17:12 cyborg-one joined #salt
17:12 eThaD joined #salt
17:14 s_kunk joined #salt
17:22 samodid joined #salt
17:26 MTecknology So, like... there I was, waking up. I couldn't remember how far I got on last night's stuff, but I was pretty sure I didn't complete anything I set out to do. As I pop back in, I notice... one of the things is working correctly! :D
17:27 MTecknology I now have an API server for things like github to hit that can trigger extra magic.
17:29 MTecknology the event magically found it's way to my salt master and now it's an itty bitty tweak to effect my ultimate goal (this new server auto-updates on a git commit on github)
17:42 tiwula joined #salt
17:50 fracklen joined #salt
17:54 eThaD joined #salt
17:58 nidr0x joined #salt
18:15 pcdummy MTecknology: auto update on commit is nice, n1
18:15 pcdummy MTecknology: i do it with reactor hooks but don't like it as i have lots of repos
18:15 eThaD joined #salt
18:16 nidr0x joined #salt
18:18 MTecknology pcdummy: I have git hooks that run a script and that script makes the call about what's allowed to send an event to the master. The master has reactors that trigger different things. One actually sets a timer for a global highstate (if I push to one of three repos). Other repos only trigger updates on specific groups (and can optionally include an environment).
18:18 MTecknology My api server is essentially just a web interface waiting for calls so that it can fire off the exact same script, but on a different server with different allowed triggres.
18:18 MTecknology triggers*
18:20 pcdummy sounds complicated
18:21 MTecknology How do you handle it?
18:24 pcdummy MTecknology: manualy or waiting 60 seconds
18:24 pcdummy MTecknology: sub optimal
18:26 onlyanegg joined #salt
18:26 MTecknology Salt sticks in the script and a sudoers.d/gogs file. The git hook is simple, post-receive runs the script. The script runs salt-run event.fire_master. The reactor looks like this - https://gist.github.com/MTecknology/a94c4176b1ee45936247abe3b5b70494
18:28 MTecknology The env stuff is really just legacy stuff that I want to make myself use someday.
18:30 MTecknology pcdummy: lines 30-36 was a bit of magic sauce. If one of three repos is pushed to, then start a timer. That gives me five minutes to push something else or manually highstate one box (after a manual fileserver.update) and reset the countdown. Once it reaches 10, the orchestrator kicks off and the timer won't be reset again until it reaches 0.
18:31 pcdummy MTecknology: so you highstate all boxes on git push?
18:32 MTecknology I updated the gist with the orchestrator file as well
18:32 MTecknology If it's in one of the three salt repos, yes.
18:32 pcdummy Not sure i would do that.
18:33 MTecknology Other repos trigger an immediate highstate on the box the repo is pertaining to
18:33 MTecknology so, a push to my website repo doesn't trigger a highstate on all boxes, only my pubweb boxes
18:34 pcdummy nice
18:36 MTecknology The salt repos include things like syslog, accounts, etc. and I prefer know they're always running in a state perfectly representing what's in git
18:36 MTecknology it comes with the "potentially break everything all at once" problem, but that's why I'm somewhat careful sometimes.
18:36 pcdummy Sounds reasonable
18:37 pcdummy MTecknology: i develop at home, then push to production, then i could auto update
18:37 pcdummy but sometimes i want to update one box after another
18:37 MTecknology Orchestration baby!
18:38 oaklndr1 joined #salt
18:38 MTecknology If I had a galera cluster at home, I'd still do the same thing but the orchestration would take into account clustered services and only highstate one at a time and then bail out of everything if anything failed
18:39 pcdummy Salt not always knows about failures
18:39 pcdummy I as human do (in conjunction with Monitoring).
18:42 onlyanegg joined #salt
18:42 MTecknology but... you /could/ include a must-test-true monitoring (cmd.run) state that fails when something looks funny
18:44 pcdummy Recently i told people that i have unattended-upgrades enabled, they ... aehm they stared at me :)
18:49 onlyanegg joined #salt
18:50 MTecknology I'm sorta okay with unattended-upgradens ONLY if it's security-only updates
18:50 pcdummy MTecknology: hihi, at home i have enabled for all repos, never had troubles yet :)
18:50 MTecknology for all repos?
18:50 MTecknology sounds like rhell
18:51 pcdummy MTecknology: but still its dangerous, so wouldn't enable it in production.
18:51 FreeSpencer joined #salt
18:51 FreeSpencer joined #salt
18:51 MTecknology I try to force my home network into being a picture perfect example of what production should be.
18:52 pcdummy Same, but that unattended thing is an exception :)
18:53 pcdummy No time to upgrade all hosts every day at home
18:53 MTecknology http://imgur.com/a/fjdoE <-- if you're curious
18:53 pcdummy nice
18:53 MTecknology I do updates in a test environment ($work) before releasing them into production ($home).
18:54 pcdummy test at work and release at home? :) :)
18:55 MTecknology they have more redundancy than I do
18:55 MTecknology not a lot of overlap and I usually update at home first, but the statement sounded funny so I went with it.
18:56 pcdummy https://drive.google.com/file/d/1KU_OMHvCq9-iSIcbLi9nbXRmZcqAlRh0Uw/view <-- my home network :)
18:56 pcdummy Not that professional than yours :)
18:56 onlyanegg joined #salt
18:57 eThaD joined #salt
18:58 tooth joined #salt
18:59 MTecknology that's an oddly interesting way to raise/lower a desk.
18:59 MTecknology can it get you all the way to standing?
19:00 pcdummy no :/
19:01 pcdummy But there a desks which you can raise to stand
19:03 MTecknology I thought that scissors thing on the desk looked like it was to raise/lower :(
19:07 pcdummy Its a raise/lower but not for standing
19:07 pcdummy MTecknology: you have electrical education?
19:08 pcdummy MTecknology: that ups stuff looks hard to make yourself
19:08 pcdummy At work we have a big room full of batteries :)
19:08 pcdummy (A Hospital)
19:10 MTecknology I don't have official electrical training, but I've had many learn by fuckup experiences.
19:10 MTecknology Almost the same thing? :P
19:10 pcdummy hihi
19:11 MTecknology I spent a looooot of time researching different ways to make that work and spent a decent chunk of change making various attempts.
19:11 pcdummy So you can produce 2KW at outages?
19:11 MTecknology I bought two 650 batteries from walmart just to test the theory, knowing they were a sunk cost no matter what.
19:12 pcdummy I love ya cabling, nice colored
19:12 whytewolf ohh are we showing off home setups?
19:12 MTecknology I can't remember what my peak is, but the inverter only powers my sump pump and peaks at 1,200 but that's starting load. It drops quickly to ~800.
19:13 MTecknology it also only runs ~15 seconds if I fill up the entire hole before it's empty and the power draw is almost unnoticed by the batteries.
19:14 MTecknology I need to make a network diagram of what I have going on because it's kinda really neat.
19:15 pcdummy And the USV loads the marine batteries?
19:15 MTecknology whytewolf: I'm curious, go for it
19:15 MTecknology I'm too baked to remember USV
19:15 MTecknology meaning*
19:15 whytewolf MTecknology: you've seen it
19:16 MTecknology oh... not too baked, just never seen it before :P
19:16 whytewolf no i mean my home setup :P http://imgur.com/a/HgSk1
19:16 MTecknology ooooh
19:17 MTecknology what's usv?
19:17 * whytewolf shrugs
19:17 whytewolf I'm not an EE and I don't talk to my dad who is
19:17 MTecknology Oh! I remember this one. some bits of it make me jelly
19:18 pcdummy whytewolf: those servers have which CPU/general config?
19:18 MTecknology My dad recently became an electrician after his plant closed down. We talked about this project some. Mostly, he just said I'll probably kill myself.
19:18 pcdummy MTecknology: rofl
19:19 rpb joined #salt
19:19 pcdummy I see 7 servers
19:19 whytewolf 6 servers and a NAs
19:20 MTecknology GAH!
19:20 whytewolf 3 asus 16GB each with 1 quad core v2 xeon, 2 lenovo rd450s with 2 6 core v3 xeons and a dell 2950 with i forget what
19:20 pcdummy n1
19:20 MTecknology I can't get HE DNS to mirror this zone!
19:21 whytewolf the lenovos have 64GB ram each
19:21 pcdummy whytewolf: and you compute something?
19:21 pcdummy whytewolf: i mean do you use the power?
19:23 whytewolf not really. not currently anyway. I do test out some infrastructure configs with it like a decent sized elasticsearch cluster. as well as use it for dev/testing and prod of my personall projects
19:23 whytewolf it also houses my attlassian products.
19:24 pcdummy whytewolf: so its for fun... N1
19:24 pcdummy And to learn Cloud :)
19:25 whytewolf as well as salt. which is what the 2950 is for it is my salt deploy server which i use to deploy the cloud
19:25 MTecknology pcdummy: what he's saying is that his cluster can barely keep up
19:25 * MTecknology has seen atlassian stuff
19:25 MTecknology and elk
19:26 pcdummy Well elk is very scalable
19:26 MTecknology ehm... sorta
19:26 pcdummy i run an elasticsearch in a VM at work
19:26 pcdummy tiny vm
19:26 pcdummy For collecting firewall logs
19:27 MTecknology you're never supposed to run less than three nodes in a cluster
19:27 whytewolf I run a large cluster of elasticsearch nodes at work. at home i at least test a mid sized cluster
19:27 whytewolf you can get away with 2
19:27 pcdummy i run a single node :) :) :)
19:28 whytewolf I don't recomend it but you can
19:28 whytewolf so no replicas
19:28 pcdummy not at all
19:28 pcdummy VM gets backuped every night
19:28 pcdummy Its only a logstash server for cisco logs
19:28 pcdummy so very tiny
19:30 whytewolf ahh, see I"m pumping all of my logs into it. not just a small subset
19:30 whytewolf some of my projects also use it as a search engine
19:31 whytewolf for my personal stuff i get away with about 6 nodes
19:33 madboxs joined #salt
19:35 mavhq joined #salt
19:35 MTecknology I HATE WORKING ON DNS CRAP!!!!
19:35 whytewolf lol. yeah. dns is a pain in the ass.
19:36 MTecknology Zone failed validation test. Contact support (FDL/ngx.cc)...   Does that mean a problem with the whitelist? Have my updates just not replicated? How long do i have to wait?
19:36 MTecknology Am I hitting an attempt limit on one side?
19:36 * MTecknology grumbles
19:37 MTecknology redundant dns is cool, though
19:37 whytewolf could mean over zealous validation checks
19:38 eThaD joined #salt
19:39 abednarik joined #salt
19:40 whytewolf honestly I'm having trouble even deciding which dns product i want to use anymore ...
19:42 MTecknology I'm using Google as my registrar, dnsimple as my primary provider, and HE as my secondary
19:43 whytewolf oh dnsimple .. I know someone that works for them
19:43 MTecknology they were the only reasonably priced option I could find that supported axfer
19:44 MTecknology 'cept the effers make you pay for a five domain minimum so now I'm just trying to find domains to stick into what I'm already paying for.
19:45 MTecknology If something like that Dyn attack ever happens again and they hit one of my providers, a few requests will fail but half of the name servers would still respond (bad servers dropped out of the list and good responses cached) and I'd have time to drop the name servers under attack.
19:46 whytewolf yeah. i am kind of shocked that dyn attack didn't take me out. I have my dns through route53.
19:46 honestly I think if you're worrying about which dns "product" to use you're probably barking up the wrong tree :P
19:47 MTecknology whytewolf: What's ticking me off the most is I'm 99.9% sure that the problem is patience and all I need to do is screw off for a few hours for it to work.
19:47 whytewolf honestly: I meant for internal dns
19:47 honestly oh, for internal
19:47 MTecknology ooooh
19:47 MTecknology I *cough* use pfsense for internal dns
19:47 honestly we use bind for our domains, forwarding everything else to powerdns recursor
19:47 pcdummy I use knot
19:47 pcdummy I love knot
19:48 honestly works great, including with an overly complicated split/stealth dns setup
19:48 pcdummy and unbound as recursor
19:48 MTecknology using pfsense the way I use pfsense, it's trivial to add a record to get internal resolutions or only add it to dnsimple for external resolutions and it's almost completely transparent which I get except for fewer hoops to jump through when using the internal address.
19:49 whytewolf well i don't have a complex setup. my one requirement is something i can use salt to manege easilly
19:49 MTecknology ^- that's the bummer about my setup.
19:49 MTecknology I know I could have salt manage it, but I don't want salt having access to my pfsense box.
19:49 pcdummy I would love a setup where i can bring up a container with lxd-formula and salt manages my dns record...
19:49 whytewolf as for my external i use route53 so just use the boto_route53 state to manege that
19:50 pcdummy but haven't found one yet.
19:50 fracklen joined #salt
19:50 MTecknology It /would/ be smart of me to ask you what you picked in a few months so I can try to copy it. :P
19:50 whytewolf lol
19:57 MTecknology Hurricane Electric doesn't support the .cc tld. :@
19:57 MTecknology that's why it's failing
19:58 whytewolf ouch... that sucks.
19:58 MTecknology Know of any free DNS provider that would be willing to be a slave?
20:00 onlyanegg joined #salt
20:00 whytewolf sadly no
20:00 eThaD joined #salt
20:01 demize https://puck.nether.net/dns/ does
20:02 demize Think the afraid.org free DNS services does as well.
20:03 demize Though should probably poke HE about their TLD list maybe.
20:03 MTecknology I sent their support address an email. I /really/ hope that's not the case because I really like that setup.
20:06 MTecknology I remember looking at afraid.org before and something about it scared me off, then I thought about buddyns and can't remember why I lost interest
20:09 j4son afraid.org had a bad reputation of hosting 'bad guys'... for a good while it was SOP to blackhole ns*.afriad.org
20:09 j4son some of that has drifted, and it's not quite as bad as it was, but still a liability i think.  especially for anything sensitive to reputation (email, etc)
20:10 j4son http://dns.he.net is my recommendation
20:11 j4son free, easy, decent globally diverse ns set
20:12 MTecknology j4son: except that they don't currently support the .cc tld
20:13 thejrose1984 joined #salt
20:13 j4son that blows.  have you contacted them about it?
20:13 MTecknology I sent an email less than an hour ago
20:14 j4son wonder if it's just oversight or a conscious decision, which would be odd considering I've used them with several new gTLDs
20:14 thejrose1984 joined #salt
20:15 MTecknology I'm sure every TLD requires paperwork and authorization and maybe in some cases they need X requests before they'll do it.
20:15 gladiatr joined #salt
20:18 Eugene dns.he.net is a great service; used it for years as both a paying and non-paying customer. I'm not familiar with their TLD support, but they shouldn't need any paperwork for .cc, just a panel software update. You're just dealing with NS records, not WHOIS ;-)
20:18 MTecknology I didn't know if secondary providers still had to be involved with that
20:19 Eugene I also use Linode for DNS secondary(slaved to both providers) for redundancy, also excellent, but requires you to maintain paying service
20:19 Eugene Nope. NS record at the registrar points to wherever you like
20:19 Eugene Some registrars have mind-numbingly dumb control panels and dont' allow that.... but that's a registrar issue, not a DNS provider
20:19 MTecknology Looks like an hour to go until the HE nameservers expire from DNS and BuddyNS go active. Once those go active, ngx.cc will have proper DNS redundancy. :D
20:20 DEger joined #salt
20:21 MTecknology I use HE DNS for slaving lustfield.net and profarius.com. I'm hoping that I can eventually use them for ngx.cc too.
20:21 Eugene File a ticket with support@he.net, and then be patient. Its mostly maintained as a hobby for the engineers
20:22 MTecknology I sent them an email and I'm in the waiting phase.
20:22 MTecknology Just using buddyns so I can at least finish this project and hopefully switch over to HE later.
20:23 MTecknology actually, it might not update in an hour.
20:24 MTecknology dangit! I knew that seemed a bit off! It turns out namecheap (the unfortunate registrar of this domain) timed me out and didn't take my updates.
20:26 whiteinge joined #salt
20:31 cyteen joined #salt
20:33 gladiatr left #salt
20:34 madboxs joined #salt
20:36 swa_work joined #salt
20:39 prg3 joined #salt
20:41 eThaD joined #salt
20:54 AdamSewell joined #salt
21:07 aw110f joined #salt
21:34 fracklen joined #salt
21:35 madboxs joined #salt
21:36 armyriad joined #salt
21:50 sh123124213 joined #salt
21:59 promorphus_home joined #salt
22:28 keimlink joined #salt
22:29 fracklen joined #salt
22:35 aarontc joined #salt
22:36 madboxs joined #salt
22:37 s0undt3ch joined #salt
22:37 Trauma joined #salt
22:38 netcho joined #salt
22:47 eThaD joined #salt
22:51 aarontc joined #salt
22:51 aw110f_ joined #salt
23:09 eThaD joined #salt
23:12 fracklen joined #salt
23:13 s0undt3ch joined #salt
23:34 aarontc joined #salt
23:36 oaklndr1 joined #salt
23:43 oaklndr1 joined #salt
23:50 eThaD joined #salt
23:51 oaklndr1 joined #salt
23:55 oaklndr1 joined #salt
23:56 madboxs joined #salt
23:59 oaklndr1 joined #salt

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary