Perl 6 - the future is here, just unevenly distributed

IRC log for #salt, 2017-01-17

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:14 filippos joined #salt
00:14 necronian joined #salt
00:19 druonysus joined #salt
00:20 amontalban joined #salt
00:20 amontalban joined #salt
00:41 PeterO_ joined #salt
00:47 Derailed joined #salt
00:51 eprice joined #salt
00:56 XenophonF vexati0n: that's a very good question and one you should repeat tomorrow, if you don't get replies tonight
00:58 Derailed joined #salt
01:06 XenophonF tbh whenever i've tried to figure this out, i've had to snoop the event bus
01:06 edrocks joined #salt
01:07 XenophonF e.g., write a reactor for the event that just pretty-prints the data structure
01:08 XenophonF i'll admit to being a reactor newb so others might have better advice
01:26 mrueg joined #salt
01:35 Eugene joined #salt
01:40 kshlm joined #salt
01:50 swa_work joined #salt
01:55 smcquay joined #salt
02:16 swa_work joined #salt
02:40 sebastian-w joined #salt
02:48 ilbot3 joined #salt
02:48 Topic for #salt is now Welcome to #salt! <+> Latest Versions: 2016.3.4, 2016.11.1 <+> Support: https://www.saltstack.com/support/ <+> Logs: http://irclog.perlgeek.de/salt/ <+> Paste: https://gist.github.com/ (please don't multiline paste into channel) <+> See also: #salt-devel, #salt-offtopic <+> Ask with patience as we are volunteers and may not have immediate answers
02:50 catpigger joined #salt
02:53 rai_ joined #salt
02:58 swa_work joined #salt
03:08 PeterO joined #salt
03:18 MTecknology Finally got pxe booting working! It turns out, I forgot to add outbound nat rules in the firewall for the deploy vlan. oopsies
03:19 MTecknology It's not loading modules for ext4 or anything, but otherwise seems to be working. :D
03:22 MTecknology Next up, figuring out how to write a preseed file to install salt-minion and manage a laptop that won't always have access to the master
03:23 om2 joined #salt
03:25 swa_work joined #salt
03:27 scarcry joined #salt
03:27 sh123124213 joined #salt
03:31 debian112 joined #salt
03:43 amontalban joined #salt
03:53 eprice joined #salt
03:54 sh123124_ joined #salt
03:56 debian112 joined #salt
03:57 KevinAn27 joined #salt
04:01 MTecknology I'm trying to figure out how to manage desktop/laptop devices with saltstack. They won't always be connected. I'm pretty sure it makes the most sense to have a dedicated salt repository and dedicated salt master with a relatively short timeout
04:01 MTecknology anyone happen to have any opinions?
04:05 hqip joined #salt
04:09 edrocks joined #salt
04:14 cavaldryg joined #salt
04:22 swa_work joined #salt
04:26 XenophonF MTecknology: I'm taking a page from Microsoft and scheduling regular calls to state.highstate.
04:27 XenophonF (I'm probably going to do the same with my servers.)
04:28 XenophonF that's basically how GPO works
04:28 XenophonF Group policy processing runs every hour +/- 30 minutes.
04:29 XenophonF also congrats on solving pxe!
04:33 MTecknology back to trying to build gogs into a debian package...
04:33 * MTecknology weeps
04:35 MTecknology XenophonF: you know anything about debian packaging?
04:44 theblazehen joined #salt
04:46 preludedrew joined #salt
04:58 teatime joined #salt
04:58 * teatime waves
05:17 PatrolDoom joined #salt
05:23 mohae joined #salt
05:28 dxiri joined #salt
05:45 amontalban joined #salt
05:45 amontalban joined #salt
05:54 pradiprwt joined #salt
05:55 pradiprwt Hi guys, Is there any tool to lint salt states.
05:56 pradiprwt if only yaml we can do that's also fine,,
05:56 MTecknology that sounds sexy
05:56 MTecknology you should write that!
05:58 pradiprwt MTecknology: have to tried anytime to lint states ?
05:59 MTecknology It'd be fun to have a "qa" branch that fires a CI build of a test version of all servers before allowing a QA rep to accept a PR into the prod branch.
06:00 MTecknology The best I ever got was local virtualbox vm's w/ vagrant, and that's a work setup, not home
06:01 ronnix joined #salt
06:01 XenophonF MTecknology: it's been a long time since i put a .deb together
06:02 XenophonF also, have you heard of gitea, the gogs fork?
06:02 MTecknology I'm getting a new laptop in a week and it'd be a great time to come up with something, but I'm struggling to figure out what that's gonna look like
06:02 MTecknology XenophonF: nope, what's different about it?
06:08 ronnix joined #salt
06:16 zz_Duvrazh joined #salt
06:18 Sketch joined #salt
06:22 jeddi joined #salt
06:28 om2 joined #salt
06:30 impi joined #salt
06:34 dxiri joined #salt
06:40 sh123124213 joined #salt
06:45 sh123124213 joined #salt
06:53 ivanjaros joined #salt
07:02 mswart joined #salt
07:05 netcho joined #salt
07:12 jagguli joined #salt
07:24 keimlink joined #salt
07:30 dkrae joined #salt
07:32 teclator joined #salt
07:34 netcho joined #salt
07:35 nidr0x joined #salt
07:39 barmaley joined #salt
07:48 ReV013 joined #salt
08:00 Rumbles joined #salt
08:01 swa_work joined #salt
08:11 rem5 joined #salt
08:13 edrocks joined #salt
08:14 samodid joined #salt
08:27 o1e9 joined #salt
08:29 K1412 joined #salt
08:42 moeyebus9_ joined #salt
08:42 PatrolDoom joined #salt
08:47 JohnnyRun joined #salt
08:47 golodhrim|work joined #salt
08:47 amontalban joined #salt
08:47 amontalban joined #salt
08:48 ronnix joined #salt
08:51 NV joined #salt
08:58 eprice joined #salt
08:59 Reverend morning everyone
09:00 teatime mornin' preacher
09:01 coredumb Morning o/
09:02 s_kunk joined #salt
09:03 coredumb So yesterday I discovered that env from top file could be agregated in order, and now I was wondering, is that the same for git pillars ?
09:03 rem5 joined #salt
09:05 onmeac joined #salt
09:06 bocaneri joined #salt
09:09 mswart left #salt
09:12 teclator joined #salt
09:18 keimlink joined #salt
09:19 coredumb nope apparently not working like that for git pillars
09:29 coredumb ok one question
09:29 coredumb when using gitfs, top.sls are merged
09:29 Rumbles joined #salt
09:30 coredumb is salt looking for top.sls at the top of the git repo or is it taking any it finds in the repo ?
09:30 johny_ joined #salt
09:31 johny_ hey guys and good morning to Europe :) I have a Salt Mine question. Is there ever a chance of minions seeing different mine data during the same job execution?
09:32 johny_ I guess my questions boils down to: does the mine state get cached as part of each job run or is there a chance that minion A runs "mine.get" at time X and minion B runs "mine.get" at time Y and they see different data?
09:41 debian112 joined #salt
09:57 bookwar joined #salt
09:58 colttt joined #salt
10:06 Mandy joined #salt
10:06 Mandy Hi
10:07 Mandy Plz help me to create a static IP in saltstack in map file
10:07 Mandy ??
10:10 Mandy Is anybody help me in this
10:10 Mandy ??
10:14 dariusjs joined #salt
10:16 Mandy Plz help me to create a static IP in saltstack in map file
10:16 Mandy ???
10:21 Reverend jesus.
10:21 Reverend what do you mean Mandy?
10:22 wwalker joined #salt
10:27 Rumbles joined #salt
10:34 Flying_Panda joined #salt
10:35 Drunken_Panda joined #salt
10:35 Drunken_Panda anyone know how to check if minion exists in f5 and if so disable it ?
10:35 Drunken_Panda ive tried grains['id'] in igip.list_node {{loadbalancer}} {{f5user}} {{f5p}} ~Internal~{{host}}')
10:40 N-Mi_ joined #salt
10:41 dariusjs joined #salt
10:44 muxdaemon joined #salt
10:49 ivanjaros joined #salt
10:51 mandy joined #salt
10:51 mandy hi
10:52 Reverend hi mandy
10:52 mandy can anybody help me to assign static ip in my map file???
10:52 mandy hi
10:52 Reverend i have no idea what you mean by that... but go ahead.
10:52 mandy Reverend
10:52 Reverend gimme what you have already so I can see what you're trying to do :)O
10:53 mandy u have worked with saltstack
10:53 mandy ???
10:54 necronian joined #salt
10:55 pradiprwt hi
11:12 swa_work joined #salt
11:13 amontalban joined #salt
11:13 amontalban joined #salt
11:15 edrocks joined #salt
11:26 jhauser joined #salt
11:34 amcorreia joined #salt
11:44 XenophonF mandy: you will have to be quite a lot more specific with your question
11:46 XenophonF to which map file are you referring?  assuming you're referring to salt-cloud, which hypervisor are you using?
11:46 XenophonF and so on
11:47 mavhq joined #salt
11:47 mandy i m using qemu
11:47 mandy hypervisor
11:47 mandy yes i m using salt-cloud
11:47 mandy to create vm using map file
11:48 mandy thanks for reply.....
11:48 mandy Plz help me to figure out
11:48 XenophonF you haven't provided nearly enough info
11:48 XenophonF qemu, great, what's your current config?
11:49 XenophonF so what's in cloud.map? cloud.profile?
11:49 XenophonF what have you done so far? what isn't working? any logs?
11:50 mandy in my profile file i m using all paramters required for VM creation
11:50 XenophonF none of us read minds, buddy - why don't you post it using gist.github.com or something?
11:51 XenophonF maybe that plus a copy of the salt-cloud output
11:51 XenophonF mandy: http://catb.org/~esr/faqs/smart-questions.html
11:52 XenophonF that will help you help us help you (um)
11:52 pcdummy joined #salt
11:52 pcdummy joined #salt
11:53 XenophonF not a lot of details on the libvirt getting-started page: https://docs.saltstack.com/en/develop/topics/cloud/libvirt.html
11:53 mandy i have just login into quassel
11:54 XenophonF there's a bit there about an option called ip_source
11:55 XenophonF i don't know anything about qemu or libvirt, but i assume that's documented somehwere in libvirt?
11:57 mandy i m using openstack driver
12:01 mandy XenophonF : plaese tell me where i m to send you profile n map file
12:01 mandy ??
12:02 XenophonF sorry that's all the time i have - gotta get the kids ready for school
12:03 XenophonF you can post the profile and map file using gist.github.com, ix.io, etc.
12:03 dariusjs joined #salt
12:09 mandy joined #salt
12:09 mandy Hi
12:11 s_kunk joined #salt
12:14 N-Mi_ joined #salt
12:20 amontalban joined #salt
12:41 ssplatt joined #salt
12:42 roock joined #salt
12:44 denkijin joined #salt
12:44 arapaho joined #salt
12:46 kmack left #salt
12:49 chron0 is there a way to do substr on grains in a statefile?
12:49 chron0 I'm trying something like this:
12:49 chron0 - minute: {{ grains['fqdn'][4:4] ~ "0" }}
12:49 chron0 in order to create cronjobs based on the hostname
12:50 chron0 I'd like to extract the 4th character of the fqdn and add a 0 in order to get 10, 20, 30, 40, 50
12:51 stareyes joined #salt
12:53 ronnix joined #salt
12:53 ssplatt chron0: i may be wrong but i do not think jinja can do that
12:54 stareyes Hi, is it possible to render parts of salt states via. a module-type on the master, rather than the minion? Trying to store data formatted via. pillar/yaml in a database that should only be reachable by the master.
12:55 AndreasLutro you can use external pillars to use database data in pillars, that's the closest thing to what you want I think
12:56 Qwazerty joined #salt
12:59 stareyes Thank you for the reply AndreasLutro, the problem I'm having is that I'd like to use the pillar-data (for example hostnames that are stored only there) and use it for the database. sdb is also not possible, because the sdb paths are also leading to defining data redundantly. brb. in an hour or so.
13:00 chron0 ssplatt: hmm, that may be so, it's such a minimal feature but I've already wasted about an hour trying different combinations and roaming through stackexchange...
13:00 cyborg-one joined #salt
13:00 candyman88 joined #salt
13:01 AndreasLutro chron0: does grains['fqdn'][4] not work?
13:01 ssplatt jinja is not a programming language, so its missing many things
13:01 eprice joined #salt
13:01 AndreasLutro jinja does miss a lot of things but you can treat objects (and strings are objects) just like you would in python
13:01 chron0 AndreasLutro: lemme try, so far I've only used [4:4] syntax....
13:01 AndreasLutro well [4:4] will always return an empty string in python
13:02 chron0 "/tmp/tmp1jZuhA":4: bad minute
13:03 chmod666org joined #salt
13:03 XenophonF chron0: you have to use methods on the string
13:03 XenophonF jinja isn't python and it filters out many python things
13:04 chron0 i though [4:4] was python substr method
13:04 chron0 ah nice
13:04 XenophonF it is but jinja doesn't have syntax for that
13:04 XenophonF it's its own language
13:04 AndreasLutro it is its own language but it does support the [] syntax
13:05 chron0 AndreasLutro: it seems to have worked, my error was starting to count at one, the number is actually on 3 so [3] seems to have done the trick
13:05 XenophonF well that's good to hear
13:05 chron0 what is the secret to concatenate that with a zero to get 10
13:05 orianbsilva_ joined #salt
13:05 XenophonF i've done stuff like call string.split() or string.startswith()
13:05 AndreasLutro what you already did is correct
13:05 chron0 ~ "0" ?
13:06 AndreasLutro I just hope you don't have hostnames with a 6 or higher in them
13:07 chron0 AndreasLutro: awesome, thanks, it worked now
13:07 chron0 and no
13:08 chron0 I don't anticipate that particular cluster growing over 5 machines, hence the brazen approach ;)
13:08 chron0 it's just elasticsearch and I needed some offset for the "garbage collector" that periodically checks avasilable diskspace and drops the oldest index when getting low
13:09 AndreasLutro if you do, consider (grains.fqdn[3] | int) * 10 % 60
13:09 AndreasLutro or multiply by 11 instead if it's important not to overlap
13:09 chron0 much obliged, not so important
13:11 chron0 https://apollo.open-resource.org/mission:log:2013:07:17:elasticsearch-garbage-collector
13:11 chron0 in case someone else needs something like that
13:11 chron0 AndreasLutro: I'll test your (grains.fqdn[3] | int) * 10 % 60 approach now
13:20 onmeac joined #salt
13:24 justanotheruser joined #salt
13:32 ruxu joined #salt
13:32 debian112 joined #salt
13:34 edrocks joined #salt
13:50 Rumbles joined #salt
13:52 usernkey joined #salt
13:52 irctc444 joined #salt
13:55 Tanta joined #salt
13:56 CrummyGummy joined #salt
13:56 _Cyclone_ joined #salt
13:56 keimlink joined #salt
13:59 PeterO joined #salt
14:00 swa_work joined #salt
14:01 dariusjs joined #salt
14:12 austin_ joined #salt
14:13 swa_work joined #salt
14:13 candyman88 joined #salt
14:14 saintpablo joined #salt
14:16 Brew joined #salt
14:33 swa_work joined #salt
14:38 beardedeagle joined #salt
14:39 ALLmightySPIFF joined #salt
14:43 swa_work joined #salt
14:44 fredvd joined #salt
14:47 dariusjs joined #salt
14:48 numkem joined #salt
14:54 swa_work joined #salt
14:55 PatrolDoom joined #salt
14:58 jmcknight joined #salt
15:00 freeloader19191 joined #salt
15:02 dxiri joined #salt
15:02 saintpablos joined #salt
15:02 writteno1 joined #salt
15:03 mher718 joined #salt
15:06 scarcry joined #salt
15:08 CrummyGummy_ joined #salt
15:08 austin_ is anyone running multiple syndic masters with multimaster active/active ?
15:23 SaucyElf_ joined #salt
15:25 racooper joined #salt
15:26 sarcasticadmin joined #salt
15:30 nickabbey joined #salt
15:43 BlackMaria joined #salt
15:44 bhosmer joined #salt
15:45 BattleChicken joined #salt
15:45 BattleChicken left #salt
15:49 debian112 joined #salt
15:50 bakins joined #salt
15:56 ravindranathakil joined #salt
15:58 netcho joined #salt
15:58 _JZ_ joined #salt
15:59 raspado joined #salt
16:01 ravindranathakil joined #salt
16:03 eprice joined #salt
16:04 dxiri joined #salt
16:08 anotherzero joined #salt
16:08 ravindranathakil joined #salt
16:11 ravindranathaki joined #salt
16:12 dxiri_ joined #salt
16:12 ravindranathakil joined #salt
16:13 rakila joined #salt
16:16 pas joined #salt
16:17 stareyes Regarding to my question from: 13:54, salt-ssh https://docs.saltstack.com/en/latest/topics/ssh/#getting-started is supposed to render states (and also modules) on the master.
16:18 stareyes Or do I missunderstand "[...] The state module is an exception, which compiles the state run on the master [...]"
16:19 darioleidi joined #salt
16:20 stareyes So I should be able to put a python script into salt/_modules/, and access it within state-yaml/jinja with {{ salt['my_custom_module.function']('someparameters/as/strings')
16:20 stooj joined #salt
16:21 pas Hi, we just upgraded to 2016.11.1We have the master_job_cache set to mongo The client __init__.py thinks master job cache is local cache and returns warnings jid does not exit and returner unavailable. Same warnings if the returner is changed to mysql. Anyone else seeing this? Is there a work around?
16:22 keltim joined #salt
16:23 keltim is there a way in jinja to generate a random string of arbitrary length and use it as a variable?
16:23 hackel joined #salt
16:23 dxiri joined #salt
16:24 Tanta pas: forward localhost to the mongo IP: iptables -t nat -A OUTPUT -d 127.0.0.1 -p tcp --dport 27017 -j DNAT --to-destination 10.105.6.228:27017
16:24 Tanta then it doesn't matter if the client thinks it's local
16:24 onlyanegg joined #salt
16:24 moeyebus9 joined #salt
16:25 pas Thanks Tanta! I will try that.
16:25 Tanta I used a similar workaround last week
16:25 Tanta hence the canned answer
16:26 Tanta you can clear that rule out with: iptables -t nat -F -- as LONG as you have no other NAT rules
16:26 Tanta view rules with iptables -L --line-numbers -t nat
16:27 sp0097 joined #salt
16:27 s_kunk joined #salt
16:32 stooj joined #salt
16:35 tuxx left #salt
16:37 PatrolDoom '--line' - shorthand for '--line-numbers'
16:38 overyander joined #salt
16:38 gtmanfred morning!
16:38 PatrolDoom howdy
16:41 stooj joined #salt
16:42 dxiri joined #salt
16:50 lws joined #salt
16:50 nickabbey joined #salt
16:54 rylnd joined #salt
16:57 catpig joined #salt
16:59 PatrolDoom joined #salt
17:00 onlyanegg joined #salt
17:00 bowhunter joined #salt
17:08 dxiri joined #salt
17:12 nixjdm joined #salt
17:14 stareyes I was missreading, it is executed on the minion. I don't understand what the salt-ssh documentation is referring to though.
17:15 luckenbach joined #salt
17:16 gtmanfred pretty much everything is run on the minion
17:16 gtmanfred except for a few modules
17:16 gtmanfred which are in the salt-ssh shims
17:17 stareyes So it means there is a module called state which just parses the jinja, looks for salt:// and 'resolves' this then so it's transmitted via. salt-ssh to the minion.
17:17 gtmanfred These modules are run on the master, and wrapped using the salt-ssh wrapper https://github.com/saltstack/salt/tree/develop/salt/client/ssh/wrapper
17:17 fxhp joined #salt
17:18 gtmanfred these modules overwrite the default ones that are used in regular master/minion systems
17:18 gtmanfred because you can't use the regular modules in certain cases
17:19 nixjdm joined #salt
17:19 stareyes Does the wrappers have an understanding of the rendered pillars?
17:20 gtmanfred yes
17:20 Illusioneer joined #salt
17:20 nidr0x joined #salt
17:20 gtmanfred if it is not one of the modules in wrappers, then it uses the regular module from salt/modules or _modules or extmods
17:20 stareyes So I could write a wrapper module that accesses the database based on my pillar data?
17:20 gtmanfred assuming that you need to have it accessed from the master, and the data just passed down, yes
17:21 gtmanfred othrwise, if the minion can access the database, just write a regular module
17:21 gtmanfred if you need it to be a wrapper, you would need to package it yourself into the wrappers directory, cause i do not think there is a sync module
17:22 stareyes I think if it's the only approach that would be ok. Might be worth a pull-request at some point (only if it would fit the rest of salt's logic).
17:22 gtmanfred ¯\(°_o)/¯ idk you would have to make the PR and ask mike
17:23 stareyes But anyway, that is great help!
17:23 gtmanfred you could potentially write an external pillar
17:23 gtmanfred i believe salt-ssh can use those now
17:23 gtmanfred so that you wouldn't have to write a wrapper module, but could have the external pillar pull down the information, and then get plugged into your state files
17:25 woodtablet joined #salt
17:25 stareyes Hm, that is confusing for me now a little bit.
17:26 stareyes Ah, pillar is wrapped too ups.
17:26 stareyes So pillar would access my external pillar as well in the salt state script that has then an understanding of the rendered pillar yaml/jinja from the standard pillar.
17:27 stareyes (sorry, it's hard to formulate my questions)
17:28 stareyes In the state I can write something like {{ external_pillar.get('{{ pillar.get('name') }}' }}?
17:29 gtmanfred no, you would just do pillar.get
17:29 gtmanfred https://docs.saltstack.com/en/latest/topics/development/external_pillars.html
17:29 stareyes Yep, so using external pillar wouldn't resolve the thing I'm trying to resolve.
17:29 ronnix joined #salt
17:29 gtmanfred you are just trying to pull extra data from a database right?
17:30 gtmanfred to then be given to the minion in state files?
17:30 stareyes Yes, based on the context that is stored in the standard pillar.
17:30 woodtablet joined #salt
17:30 pipps joined #salt
17:31 gtmanfred you could do that
17:31 gtmanfred if you set ext_pillar_first: False
17:31 woodtablet left #salt
17:32 gtmanfred i think you can do that if you set ext_pillar_false*
17:32 gtmanfred ext_pillar_first: False
17:33 dxiri joined #salt
17:33 stareyes It's then still not clear for me how that would be scripted.
17:34 lws joined #salt
17:34 woodtablet joined #salt
17:35 stareyes Maybe an example would help: I want to access a path at hostname/servicename/username, which is defined via pillar hostname:\n  - servicename:\n    - username
17:36 stareyes It's complicated, got to go sadly - cinema presentation doesn't wait for me sadly. But thank you a lot, I'll now have something new to read on and maybe tomorrow I'm comming up with new questions or a solution! Thank you!
17:42 gtmanfred you should just have to do __salt__['pillar.get']('hostname:servicename:username') in the external pillar
17:42 tapoxi how do I grains.set a dict?
17:43 tapoxi oh nm
17:51 nickabbey joined #salt
17:52 wendall911 joined #salt
17:54 wangofett joined #salt
17:55 fredvd joined #salt
17:55 s_kunk joined #salt
17:55 s_kunk joined #salt
17:56 wangofett joined #salt
17:59 bhosmer joined #salt
18:00 pipps99 joined #salt
18:00 ivanjaros joined #salt
18:01 stooj joined #salt
18:01 dxiri joined #salt
18:04 ronnix joined #salt
18:11 SaucyElf joined #salt
18:21 edrocks joined #salt
18:22 sh123124213 joined #salt
18:25 ipmb joined #salt
18:26 ipmb joined #salt
18:27 moeyebus9 joined #salt
18:27 heaje joined #salt
18:31 SaucyElf If anyone has a spare moment. Getting some odd resutls when trying to join a domain via state sls. Command line works fine, but when I put it in a state it fails.
18:31 SaucyElf join_domain:
18:31 SaucyElf win_system.join_domain:
18:31 SaucyElf - domain: {{ salt['grains.get']('DNSDomian') }}
18:31 SaucyElf - username: 'PhiAdmin'
18:32 SaucyElf Is the SLS, file. and produces "State 'win_system.join_domain' was not found in SLS 'engine.domain'\nReason: 'win_system.join_domain' is not available.\n"
18:32 SaucyElf in the event system.
18:33 SaucyElf I've also tried variations of just 'system.join_domain' with similar results. Am I just not calling it correctly in the state SLS file?
18:33 SaucyElf The CLI ./salt 'sglXXdb1' -c /root/salt-env/etc/salt/ system.join_domain domain='sglXX.isyntax.net' username='PhiAdmin' works fine
18:34 dxiri joined #salt
18:34 ronnix joined #salt
18:35 wangofett Is it possible to use python3's pip for a pip.installed state? When I try it tells me "An importable pip module is required but could not be found on your system..."
18:36 wangofett I couldn't find much one way or the other online
18:37 edrocks joined #salt
18:42 ipmb Are there any options to help reduce salt-minion memory usage? I'm running a bunch of minions as LXC containers and the overhead adds up.
18:44 MTecknology wangofett: I would guess that won't work without salt also running under python3
18:45 wangofett I thought I had done it before... but I guess not :P
18:56 MTecknology ipmb: in some regard, it's the downside of running a python agent (not that we have better options). At $client's location, their salt boxes have an incredibly high amount of memory consumed just to run normally because of poorly written logic (logic which isn't going anywhere). If we rejiggered it (from scratch), we could probably cut memory consumption in half.
18:56 MTecknology and half is my conservative estimate
18:57 anotherzero joined #salt
18:59 pppingme joined #salt
19:00 ipmb MTecknology is it possible to run with fewer processes?
19:00 dxiri joined #salt
19:01 Tanta go masterless and change pkg.latest to pkg.installed
19:01 Tanta that's how I got an 80% boost in speed
19:02 Tanta may not work for you though, I don't know  your code
19:02 sarcasticadm joined #salt
19:06 eprice joined #salt
19:09 Edgan joined #salt
19:11 druonysus joined #salt
19:12 lazybear joined #salt
19:13 Illusioneer joined #salt
19:13 samodid joined #salt
19:14 onlyanegg joined #salt
19:17 ruxu joined #salt
19:21 MTecknology Tanta: you lose the ability to push when you do that, though
19:23 Tanta not when you have orchestration
19:24 Tanta I built a whole rube goldberg thing, it's probably not the best model to copy, but I have custom scripts I use for batch commands and batch processing of sets of commands
19:25 MTecknology so... when you have a minion running masterless, how do you push 'user.absent firedguy' and ensure every minion picked it up?
19:26 pipps joined #salt
19:28 Tanta I have a dynamic list of users that are allowed, with groups and the rest, and users that are disallowed
19:28 Tanta I expand the disallowed pillar and wait 5 minutes for the cron to pick it up
19:28 netcho joined #salt
19:29 MTecknology it sounds like you're using salt as a delivery mechanism for your own custom config management tool
19:29 MTecknology ipmb: there's worker_threads or something like that for the master and multiprocessing for the minions; looking over to ensure clean/sane logic can help a lot too
19:29 Tanta it could be, I use it in a strange way
19:30 Tanta but in a master environment this would be like putting a cron that fires every 5 minutes and runs the user state
19:30 MTecknology I'm about to roll a second salt master in my home environment. This new one is gonna handle laptops that only connect 1x/day if/when they run their highstate
19:30 dxiri joined #salt
19:31 hardyfresh joined #salt
19:31 cyborg-one joined #salt
19:33 ipmb not exactly sure what this means, "looking over to ensure clean/sane logic can help a lot too"
19:34 MTecknology looking over your setup*
19:34 nickabbe_ joined #salt
19:35 MTecknology don't have a 400 KB yaml file that constitutes 80% of your pillar data and write a custom module to iterate over that data multiple times for every request
19:36 nickabb__ joined #salt
19:36 hardyfresh my understanding of the listen requisite is that a state id should only be run if it's listen requisite runs and has changes. Is that not accurate?
19:36 hardyfresh https://gist.github.com/douglasmiller/b5895fd2cbd0434231af72083555e2eb
19:37 hardyfresh my clean-tomcat8-default-webapps state id is showing as running every time
19:37 hardyfresh even though the tomcat-packages state id indicates that there were not changes
19:38 hardyfresh do I just not have the listen requisite set up correctly?
19:39 hardyfresh I'm running 2016.3.4
19:40 hardyfresh and I see this in the requisite docs page: In version 2016.3.0, the state module name was made optional. If the state module is omitted, all states matching the ID will be required, regardless of which module they are using.
19:43 Illusioneer joined #salt
19:44 MTecknology hardyfresh: that listen directive says that when tomcat-packages changes, clean-tomcat8-default-webapps will be triggered
19:45 MTecknology hardyfresh: I stopped reading after the third line because it became a mess of words. What is your issue?
19:45 hardyfresh sorry for the wall of text
19:45 hardyfresh clean-tomcat8-default-webapps always runs
19:45 lws joined #salt
19:45 MTecknology it should, adding a listen directive doesn't magically restrict it from its usual execution
19:45 whytewolf hardyfresh: listen works with mod_watch.
19:45 hardyfresh the state output in the gist suggests that there were no changes in tomcat-packages
19:46 whytewolf you want onchanges
19:46 MTecknology cmd.wait is probably what you want
19:46 hardyfresh ah
19:46 sarcasticadm joined #salt
19:46 MTecknology I was thinking cmd.wait + -watch:
19:47 Sketch isn't cmd.wait deprecated in favor of cmd.run + onchanges
19:47 hardyfresh I see "Use cmd.run with onchange instead." in the docs
19:47 hardyfresh yeah
19:47 MTecknology ah, I wasn't aware
19:47 hardyfresh okay, but that makes sense
19:47 hardyfresh thanks for clarifying
19:48 Tanta onchanges is great
19:48 whytewolf yeah cmd.wait is deprecated because it isn't really a state. it literally only returns output with out doing anything. all the logic for it is in the mod_watch function
19:49 Tanta you can cascade an entire deployment sequence from a single git update, with onchanges
19:49 dxiri joined #salt
19:49 hardyfresh onchanges is exactly what I needed
19:49 hardyfresh thanks all
19:50 smcquay joined #salt
19:52 beardedeagle To enable these grains that pull from the http://169.254.169.254/latest metadata server set `metadata_server_grains: True`.
19:52 beardedeagle Where is that supposed to be set?
19:53 MTecknology Tanta: whatcha mean by cascade a deployment?
19:53 Tanta I mean, encode the git revision in a pillar value, and a highstate run updates a local Git, which then does all the deployment steps
19:54 MTecknology Tanta: my rule at home is *ALL* servers get deployed and fully configured by salt and the very first highstate *must* succeed without any errors
19:55 Tanta that's ambitious
19:55 MTecknology I actually tend to use require and require_in more than anything
19:55 Tanta not too hard though, roll a nice PXE boot installer that has Salt packages
19:56 Tanta I think I saw you talking about PXE booting yesterday
19:56 MTecknology I just recently rolled a pxe boot server (this week)
19:56 MTecknology yup, that was me
19:56 Tanta it's fun stuff
19:56 MTecknology my home network only has ~8 vlans and ~30 servers :P
19:57 Tanta I do all my automation within AWS these days, so a nice AMI image that has everything pre-loaded and into an autoscaled cluster
19:57 MTecknology The only AWS service I can stomache spending any money on is glacier
19:58 Praematura joined #salt
19:58 Tanta haha well it's not my money, it's my employers
19:58 druonysus joined #salt
19:58 whytewolf i wish i only had 8 vlans. i have 407 in my home enviroment. but i shouldn't count 400 of those
19:59 * MTecknology blinks
19:59 whytewolf [openstack self service networking setup with vlans]
20:00 lws joined #salt
20:02 hardyfresh beardedeagle: are you referring to this: https://docs.saltstack.com/en/develop/ref/grains/all/salt.grains.metadata.html
20:02 beardedeagle nevermind, I figured it out from gtmanfred's commit message
20:02 MTecknology authenticated users, guest wireless, windows boxes, production, lab 1, lab 2, dev, dmz ... I can't remember what else I have off the top of my head
20:03 sarcasticadmin joined #salt
20:03 Tanta at home I have the FIOS junk router and an iPad
20:03 beardedeagle ah, there were docs. Thanks hardyfresh, I have pretty much dropped the docs for just looking in the code.
20:03 MTecknology Tanta: did I share this with you, yet? http://imgur.com/a/fjdoE
20:04 nickabbey joined #salt
20:04 Tanta jeez man
20:05 gtmanfred MTecknology: we have very different things on imgur http://imgur.com/gallery/NpkX4
20:05 Tanta it's clever, but those are some ghetto racks
20:05 whytewolf gtmanfred's imgur looks tastier
20:06 hardyfresh indeed
20:06 gtmanfred heh
20:06 MTecknology I have one with some food in it too...
20:06 MTecknology http://imgur.com/a/L83yu
20:06 gtmanfred noice
20:06 gtmanfred https://www.instagram.com/p/BPWgAAmhcnO/
20:06 gtmanfred https://www.instagram.com/p/BOvSQUXDytf/
20:07 Tanta I don't do much computing at home
20:07 * MTecknology would eat
20:07 whytewolf i do to much computing at home. since i don't get to do things that intrest me at work.
20:08 MTecknology whytewolf: heh, same reason for me
20:08 gtmanfred I started trying to make everything from scratch once i started at salt, cause i enjoy what i do :P
20:08 gtmanfred I have yogurt culturing right now in my proofer
20:09 MTecknology plus, it's fun to be struggling with an overly-complicated clusterfuck at work, realize it would be cool if done well, go home and do it well, and then come back with a fresh understanding of what it /should/ look like
20:10 whytewolf MTecknology: thats actually how i started with my openstack setup. i hated what the venders we were using were doing so started designing and building my own deployment. [useing salt of coarse]
20:10 _Cyclone_ joined #salt
20:10 MTecknology coarse.. punny.. lol
20:10 gtmanfred a hoarse is a hoarse of coarse of coarse :P
20:13 _Cyclone_ joined #salt
20:18 Trauma joined #salt
20:23 dxiri joined #salt
20:25 Trauma joined #salt
20:27 beardedeagle gtmanfred: is there a reason that the metadata.py grain module was setup to farm grains from both ec2 and openstack rather than breaking them out into their own? I only ask because openstack has additional grain data that can be farmed from http://169.254.169.254/openstack/latest/meta_data.json that isn't captured by the grain module as it currently sits.
20:27 pipps joined #salt
20:29 gtmanfred there is not a reason, other than the server i wrote and tested against did not have meta_data.json
20:30 beardedeagle was it a openstack or ec2 server?
20:30 gtmanfred i don't remember
20:30 beardedeagle there should be a ec2/latest/meta-data.json and openstack/latest/meta_data.json depending on which you use
20:31 beardedeagle I don't have an ec2 instance for me to confirm unfortunately but it should be there
20:34 beardedeagle get's you additional data like this: http://docs.openstack.org/user-guide/cli-config-drive.html#openstack-metadata-format
20:34 beardedeagle below that shows the ec2 endpoint return data
20:38 pipps joined #salt
20:39 beardedeagle there is also openstack/latest/user_data and ec2/latest/user-data if they are passing --user-data in, which could be useful grain data as well. idk, just a thought. if you don't have the bandwidth to work on that let me know and I will add it to my backlog.
20:40 gtmanfred the user-data is in the meta-data from the tests I ran
20:41 gtmanfred it also should do an interation over everything in there
20:42 gtmanfred starting with latest
20:42 gtmanfred https://github.com/saltstack/salt/blob/develop/salt/grains/metadata.py#L45
20:42 gtmanfred so it should all be available
20:43 beardedeagle these don't fall under /lastest
20:43 beardedeagle they fall under PROVIDER/latest
20:43 gtmanfred ```there is also openstack/latest/user_data and ec2/latest/user-data```
20:43 gtmanfred those do
20:44 gtmanfred or is it really 169.../openstack?
20:44 beardedeagle yes
20:44 gtmanfred that is stupid
20:45 beardedeagle agreed
20:45 gtmanfred i will add it
20:45 om2 joined #salt
20:45 beardedeagle werd, thanks
20:51 Trauma joined #salt
20:55 snergster joined #salt
21:01 petong joined #salt
21:02 pipps joined #salt
21:03 dxiri joined #salt
21:03 wangofett joined #salt
21:06 amontalban joined #salt
21:06 amontalban joined #salt
21:11 om2 joined #salt
21:11 wangofett joined #salt
21:12 wangofett joined #salt
21:15 hemebond Seems to be some annoying inconsistency in the nagios.run/cmd.run return data :-(
21:20 teclator joined #salt
21:21 nickabbey joined #salt
21:22 wangofet1 joined #salt
21:23 sad3232 joined #salt
21:23 wangofett joined #salt
21:24 sad3232 hi everyone i have a question
21:25 sad3232 im trying to create a recipe to install openldap, but when I run ldapadd and de entry already exists the salt understand a error, how do you solve a problm like it
21:25 sad3232 ?
21:26 pipps joined #salt
21:29 necronian joined #salt
21:30 debian112 joined #salt
21:31 jaybocc2 joined #salt
21:31 gtmanfred have you looked at the salt-formula? https://github.com/saltstack-formulas/openldap-formula
21:31 gtmanfred doesn't look like it does user adds,
21:32 whytewolf sad3232: how are you doing user adds to your ldap?
21:32 whytewolf using https://docs.saltstack.com/en/latest/ref/states/all/salt.states.ldap.html ?
21:35 sad3232 yes
21:38 sad3232 im using ldappadd
21:40 whytewolf sad3232: since there is no ldapadd in salt i assume you mean you are using a cmd.run
21:40 sad3232 yes
21:41 djgerm joined #salt
21:41 djgerm is there an easy way to see what environment aminion thinks it's in?
21:42 whytewolf sad3232: please post a gist or pastebin of your state or what you are attempting. i posted the state that should be used to maintaina and add information into ldap.
21:45 pipps joined #salt
21:46 dyasny joined #salt
21:47 druonysus left #salt
21:47 druonysus joined #salt
21:48 debian112 joined #salt
21:50 dxiri_ joined #salt
21:57 petong how do I assign an IAM role to an EC2 instance that I create with salt-cloud?
21:58 ronnix joined #salt
21:59 petong I have been banging my head on this all morning :)
22:01 dxiri joined #salt
22:03 Brew joined #salt
22:05 sad3232 whytewolf: http://pastebin.com/jkXSAZHM
22:09 pipps99 joined #salt
22:12 whytewolf sad3232: okay. issue being cmd.run runs ever state run so that it tries running that everytime. i see a couple of work arouns. use onlyif and unless to make you cmd.run stateful. or switch your entire ldap setup to using ldap.manage instead of cmd.run
22:13 heaje joined #salt
22:15 djgerm petong: you assign the role to the instance (not via salt) and you put 'use-instance-role-credentials' for id and key in your provider config
22:15 djgerm ithink
22:16 xet7 joined #salt
22:16 petong hmm, ok. that gives me something to go on
22:18 petong like this? https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/iam-roles-for-amazon-ec2.html#launch-instance-with-role-console
22:27 dxiri joined #salt
22:29 djgerm yes
22:29 djgerm there's probably really smart people who assign roles via salt, but I'm not smart, let alone really smart ^_^
22:30 sarcasticadmin joined #salt
22:30 petong I've read over that page, and it seems like what I am trying to do is the equivalent of the command at the bottom of the page: aws ec2 run-instances --image-id ami-11aa22bb --iam-instance-profile Name="s3access-profile" --key-name my-key-pair --security-groups my-security-group --subnet-id subnet-1a2b3c4d
22:30 petong but with salt-cloud
22:32 Trauma joined #salt
22:35 sarcasticadmin joined #salt
22:37 lws joined #salt
22:39 netcho joined #salt
22:45 rakila joined #salt
22:48 CeBe hi, is there a way to see the status of a long running state?
22:48 dxiri joined #salt
22:54 ipmb joined #salt
22:56 Dan_ joined #salt
22:58 twellspring joined #salt
22:59 twellspring I have a aws-formula that I would like to be added to saltstack-formulas ( https://github.com/twellspring/aws-formula )
23:02 irated joined #salt
23:02 irated yoda... any way to ignore cert on sources?
23:03 irated in pkg.install
23:04 whytewolf you mean like a skip_verify?
23:04 irated let me check the docs on that
23:04 whytewolf or maybe some kind of verify_options
23:05 irated whytewolf: that looks like our good friend GPG
23:05 irated SO maybe in verify_options
23:06 mosen joined #salt
23:06 Vaelatern If my master changes, do I need to change anything on the minions?
23:08 dxiri joined #salt
23:09 jaybocc2 joined #salt
23:13 netcho joined #salt
23:15 s_kunk joined #salt
23:15 s_kunk joined #salt
23:16 Rumbles joined #salt
23:21 keimlink joined #salt
23:21 pipps joined #salt
23:23 lws joined #salt
23:23 beardedeagle joined #salt
23:27 irated whytewolf: looks like we can't even skip ssl validation on file.managed
23:27 irated the joys
23:34 jagguli hi is there a way to schedule runner functions ?
23:35 dxiri joined #salt
23:35 gtmanfred should be
23:35 gtmanfred yeah, i know you can
23:36 gtmanfred cause i have scheduled the queue process_all runner
23:36 whytewolf put a minion on the master and schedule saltutil.runner?
23:37 gtmanfred nah, i just did it directly
23:37 gtmanfred https://github.com/gtmanfred/predictive-orchestration/blob/master/config/master.d/scheduler.conf
23:37 xbglowx joined #salt
23:37 gtmanfred just don't specify a tgt, and it uses the runner module
23:37 gtmanfred schedule it on the master confi
23:38 whytewolf ahh. i typically try to avoid anything that changes a config, since reboots are needed :P
23:38 gtmanfred fair :P
23:47 mavhq joined #salt
23:53 aw110f joined #salt
23:54 MTecknology THIS!!! This is the repo I've been looking for!
23:59 Illusioneer joined #salt

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary