Time |
Nick |
Message |
00:01 |
|
alexlist joined #salt |
00:09 |
pcn |
just as some feedback, dockerng doesn't appear to work with the aws ecs authenticaton helper from https://github.com/awslabs/amazon-ecr-credential-helper |
00:09 |
hemebond |
I use dockerng with AWS ECS (I think). |
00:09 |
hemebond |
Pain in the arse. |
00:13 |
|
N-Mi_ joined #salt |
00:14 |
pcn |
How are you doing the auth? |
00:15 |
pcn |
I keep getting 401 errors when I've got everything set up. |
00:15 |
pcn |
At this point, I'm just going to call cmd.run, but I wish that wasn't required. |
00:16 |
|
abednarik joined #salt |
00:18 |
|
nZac__ joined #salt |
00:19 |
|
`chris joined #salt |
00:21 |
|
madboxs joined #salt |
00:25 |
|
alexlist joined #salt |
00:26 |
hemebond |
I think I authenticate manually to get the key. |
00:26 |
hemebond |
Lemme check my notes. |
00:28 |
|
nZac_ joined #salt |
00:28 |
hemebond |
Okay so I do the get-login |
00:28 |
hemebond |
Then I pass that token manually as a pillar to a state that does the `docker login` |
00:29 |
pcn |
Do you check the expiration on those? or how often do you run your states so that it doesn't lose auth? |
00:30 |
hemebond |
I run the states manually. |
00:30 |
hemebond |
My main docker state doesn't pull the image, just makes sure it's running. |
00:31 |
pcn |
OK. Makes sense. Then everything else is via the ECS agent I guess. |
00:32 |
hemebond |
Ah, the highstate will pull down the image. |
00:32 |
pcn |
For me I need to provide auth for another thing that wants to launch further containers (cog-relay, specifically) |
00:32 |
hemebond |
So if I want to update the docker image I manually do the authentication then highstate. |
00:32 |
pcn |
Got it |
00:33 |
hemebond |
I could probably do the authentication automatically using a script or something. Haven't bothered yet. |
00:55 |
|
dh joined #salt |
00:57 |
|
mikecmpbll joined #salt |
00:59 |
|
onlyaneg1 joined #salt |
01:03 |
|
aphor joined #salt |
01:06 |
dxiri |
hey guys, anyone familiar with salt virt? |
01:06 |
dxiri |
trying to deploy a vm using it |
01:06 |
|
flawi joined #salt |
01:07 |
|
oaken_chris joined #salt |
01:08 |
|
Kelsar joined #salt |
01:08 |
|
mswart joined #salt |
01:14 |
|
WesleyTech__ joined #salt |
01:19 |
|
Kelsar joined #salt |
01:22 |
|
cro joined #salt |
01:23 |
|
shoemonkey joined #salt |
01:24 |
|
riftman joined #salt |
01:26 |
|
ujjain joined #salt |
01:26 |
|
ujjain joined #salt |
01:52 |
|
jimklo joined #salt |
01:53 |
|
prg3 joined #salt |
02:00 |
|
bwellsnc joined #salt |
02:01 |
|
abednarik joined #salt |
02:13 |
|
abednarik joined #salt |
02:31 |
|
evle joined #salt |
02:46 |
|
gableroux joined #salt |
02:50 |
|
catpigger joined #salt |
02:51 |
|
DammitJim joined #salt |
02:54 |
DammitJim |
is there something special I should be doing to install mysql-server-5.7 on ubuntu 16.04? |
02:58 |
gnomethrower |
DammitJim: not that I can tell, why? |
02:58 |
gnomethrower |
should just be sudo apt install mysql-server |
02:58 |
gnomethrower |
(wait, wrong channel. yes, you should use the pkg module to install that package" |
02:59 |
|
desku joined #salt |
02:59 |
gnomethrower |
https://docs.saltstack.com/en/latest/ref/states/all/salt.states.pkg.html |
02:59 |
gnomethrower |
mysql-server: |
02:59 |
gnomethrower |
pkg.installed |
02:59 |
DammitJim |
I'm running into a problem where the debian-sys-maint 's credentials are not right |
02:59 |
gnomethrower |
oh. |
02:59 |
gnomethrower |
hmm. |
03:00 |
gnomethrower |
not sure, sorry |
03:00 |
gnomethrower |
maybe use MariaDB instead? ;) |
03:00 |
DammitJim |
no :( |
03:04 |
|
rdas joined #salt |
03:04 |
|
mpanetta joined #salt |
03:06 |
|
Nahual joined #salt |
03:06 |
|
shalkie joined #salt |
03:07 |
hemebond |
I seem to remember something about having to use dpkg to pre-configure MySQL. |
03:08 |
DammitJim |
yes, something like that |
03:08 |
hemebond |
Oh, I don't see anything in my config to do that so maybe not. |
03:08 |
hemebond |
mind you I think I'm using a formula now. |
03:09 |
hemebond |
Ah, the formula does the debconf for me. |
03:21 |
|
dps joined #salt |
03:28 |
DammitJim |
hmmmm |
03:30 |
|
dxiri joined #salt |
03:32 |
whytewolf |
DammitJim: yes. debconf. |
03:33 |
whytewolf |
which sets the root password |
03:33 |
|
Tanta joined #salt |
03:33 |
dxiri |
so, I was debuging a command and my ssh session ended, is there a way to recover that output if the salt command hasn't finished? |
03:34 |
dxiri |
I know its still running because the connection is still open between minion and master |
03:34 |
dxiri |
and the file size keeps on increasing |
03:34 |
DammitJim |
whytewolf, I'm passing the password twice for the install |
03:34 |
cmarzullo |
dxiri: you can look at the job queue |
03:35 |
whytewolf |
DammitJim: huh, strange. then the debian-sys-maint creds should come out good. unless there is something else going and changeing them |
03:35 |
dxiri |
cmarzullo: can you be more specific? I'm an uber noob :) |
03:35 |
DammitJim |
whytewolf, I narrowed it down |
03:35 |
whytewolf |
dxiri: https://docs.saltstack.com/en/latest/topics/jobs/ |
03:35 |
DammitJim |
it seems to happen only on certain servers |
03:35 |
DammitJim |
it's weird |
03:35 |
Tanta |
dxiri, use screen |
03:35 |
cmarzullo |
salt-run jobs.active |
03:36 |
Tanta |
if u have long-running terminals |
03:36 |
dxiri |
Tanta: yes! I forgot to start it first :) |
03:36 |
cmarzullo |
the link whytewolf provided has all the things |
03:36 |
dxiri |
awesome! that worked, thanks guys! |
03:37 |
whytewolf |
DammitJim: could it be servers that had mysql before then it was removed and readded? leaving the debian.cnf file there from the old server? |
03:37 |
DammitJim |
yeah, I think someone messed around with these servers |
03:37 |
DammitJim |
I'm changing the password |
03:47 |
DammitJim |
whytewolf, resetting the password worked! |
03:48 |
whytewolf |
yay |
04:00 |
Tanta |
this is why I lock down my servers |
04:00 |
|
ninjada joined #salt |
04:03 |
|
ivanjaros joined #salt |
04:07 |
dxiri |
ok, its been about 4 hours and the file is still being copied over, I have a 1Gbps link from one box to another so it shouldn't take this long |
04:07 |
|
ivanjaros joined #salt |
04:07 |
dxiri |
total size its 8GB, and right now I see file size on the minion its 5.3GB |
04:10 |
dxiri |
doing a regular scp of the same file takes about 2.5 hours to transfer the whole file, so its a pretty big difference |
04:11 |
dxiri |
is there anything I can do to improve this? |
04:32 |
|
scoates joined #salt |
04:37 |
|
preludedrew joined #salt |
04:42 |
|
ponyofdeath joined #salt |
04:52 |
|
scoates joined #salt |
04:55 |
|
nl joined #salt |
05:01 |
|
_JZ_ joined #salt |
05:06 |
|
ruxu joined #salt |
05:14 |
|
fracklen joined #salt |
05:24 |
|
Sammichmaker joined #salt |
05:52 |
|
jfelchner joined #salt |
05:58 |
|
ninjada_ joined #salt |
06:20 |
|
gableroux joined #salt |
06:24 |
|
madboxs joined #salt |
06:27 |
|
mpanetta joined #salt |
06:32 |
|
ivanjaros joined #salt |
06:39 |
|
jas02 joined #salt |
06:41 |
|
zulutango joined #salt |
06:41 |
|
eseyman joined #salt |
06:44 |
|
netcho joined #salt |
06:52 |
|
ramSeraph joined #salt |
06:55 |
|
onlyanegg joined #salt |
06:56 |
|
jas02 joined #salt |
06:58 |
|
bocaneri joined #salt |
06:59 |
|
scristian joined #salt |
07:00 |
|
felskrone joined #salt |
07:13 |
|
jas02 joined #salt |
07:14 |
iggy |
dxiri: you have an 8GB file in your salt tree? |
07:25 |
|
madboxs joined #salt |
07:30 |
|
saintpablos joined #salt |
07:31 |
MTecknology |
seems file.managed using an http source would be a better option, but I could be insane |
07:31 |
|
nidr0x joined #salt |
07:35 |
|
madboxs joined #salt |
07:37 |
|
pppingme joined #salt |
07:38 |
|
zulutango joined #salt |
07:42 |
|
delpa joined #salt |
07:45 |
|
madboxs joined #salt |
07:46 |
|
colttt joined #salt |
07:47 |
|
ReV013 joined #salt |
07:53 |
|
Inveracity joined #salt |
07:55 |
|
jas02 joined #salt |
07:55 |
|
madboxs joined #salt |
08:06 |
|
madboxs joined #salt |
08:09 |
gnomethrower |
On a general note - thanks for everyone who sticks around and helps people in this channel |
08:09 |
gnomethrower |
I'm still new to Salt, but it's been incredibly useful getting advice and help in here, so thank you |
08:10 |
hemebond |
???? |
08:10 |
whytewolf |
no problem |
08:11 |
whytewolf |
oh gnomethrower found an interesting project you might wanna take a look at. it is NO where near production ready. but they have an interesting idea that could move rdbms towards a more empherial idea |
08:11 |
whytewolf |
cockroachdb |
08:11 |
gnomethrower |
whytewolf: neat, I'll take a look |
08:13 |
gnomethrower |
huh. I wonder where it falls on CAP theorem. |
08:13 |
gnomethrower |
Okay, it's Consistency+PartitionTolerance, sacrificing Availability. nice. |
08:15 |
whytewolf |
yeap. |
08:16 |
whytewolf |
they do have some work in recovery still. like there is no way to make a cluster forget a node id |
08:16 |
whytewolf |
incase of a total falure of a node |
08:16 |
gnomethrower |
Not sure I can use this at my workplace |
08:17 |
gnomethrower |
as we rely too much on traditional SQL |
08:17 |
gnomethrower |
and it doesn't support the full set yet |
08:17 |
whytewolf |
yeah like i said not ready yet but it is interesting and something to keep an eye on |
08:17 |
gnomethrower |
yep |
08:17 |
gnomethrower |
definitely interested, and it's definitely worth watching :) thanks! |
08:17 |
whytewolf |
no problem |
08:18 |
|
samodid joined #salt |
08:25 |
|
o1e9 joined #salt |
08:27 |
|
impi joined #salt |
08:28 |
|
saintpabloss joined #salt |
08:35 |
|
Trauma joined #salt |
08:37 |
|
JohnnyRun joined #salt |
08:39 |
|
armyriad joined #salt |
08:40 |
|
alex-zel joined #salt |
08:40 |
alex-zel |
hello, I'm writing a salt state module, but some python modules require python3, is that an issue with salt? |
08:41 |
AndreasLutro |
yes |
08:42 |
whytewolf |
well, python3 is not officially supported yet. I have heard tail that is the big push for an upcoming release. |
08:43 |
whytewolf |
https://github.com/saltstack/salt/issues/11995 |
08:43 |
saltstackbot |
[#11995][OPEN] Python 3 Support | Salt is currently not compatible with python 3. Ubuntu trusty and above default to using python 3, so it would be really nice to be able to run salt in the default python version.... |
08:43 |
alex-zel |
I see |
08:48 |
|
teclator joined #salt |
08:56 |
|
onlyanegg joined #salt |
09:01 |
|
N-Mi_ joined #salt |
09:04 |
|
mikecmpbll joined #salt |
09:06 |
|
cyborg-one joined #salt |
09:12 |
X-K |
whiteinge_ : thank you for the answer, might be a configuration issues then as salt -a pam test.ping works but salt-run -a pam state.orchestrate orch.test does not work ([CRITICAL] Salt configured to run as user "root" but unable to switch.) |
09:13 |
|
fracklen joined #salt |
09:14 |
|
fracklen joined #salt |
09:29 |
|
candyman88 joined #salt |
09:30 |
|
s_kunk joined #salt |
09:31 |
hlub |
Am I right that it is possible to test {% if grains.osmajorrelease > 14 %} in pillar? |
09:32 |
gnomethrower |
hlub: I believe so, but don't count on my knowledge :) |
09:33 |
mage_ |
hello, can someone confirm that I can use __salt__['saltutil.cmd'](someminion, 'cmd.run', ...) in an external pillar, like I did on https://github.com/saltstack/salt/issues/39533#issuecomment-281510831 ..? |
09:33 |
saltstackbot |
[#39533][OPEN] external pillar with cmd.run | Hello,... |
09:34 |
mage_ |
if I understand correctly, saltutil.cmd cam only be executed on the minion where the master is running? |
09:34 |
mage_ |
as the doc says "Assuming this minion is a master, execute a salt command" .. dunno how to interpret this |
09:36 |
hlub |
gnomethrower: well, me too but it is not working :( and no complaining in any of the log files.. |
09:39 |
|
toanju joined #salt |
09:43 |
|
mswart left #salt |
09:44 |
|
Rumbles joined #salt |
09:46 |
|
netcho joined #salt |
09:46 |
|
gmoro joined #salt |
09:47 |
|
saintpablo joined #salt |
09:47 |
|
DanyC joined #salt |
09:48 |
Armadillo |
hey guys, I'm currently experimenting with a syndic master and a bunch of masters in our datacenters. Is there any way to use peer communication beyond the boundaries of a single salt-master to run a command on a minion which is connected to a different salt-master e.g. in another datacenter? |
09:52 |
|
achedeuzot joined #salt |
09:57 |
|
Mattch joined #salt |
10:00 |
|
onlyanegg joined #salt |
10:03 |
|
DanyC joined #salt |
10:04 |
|
inad922 joined #salt |
10:05 |
|
Mattch joined #salt |
10:07 |
|
hvn joined #salt |
10:07 |
|
hvn joined #salt |
10:11 |
|
evle joined #salt |
10:11 |
hlub |
"He stood up straight and looked the world squarely in the fields and hills. To add weight to his words he stuck the rabbit bone in his hair. He spread his arms out wide. "I will go mad!" he announced." |
10:12 |
hlub |
here is what I consider now as a perfect next move. |
10:13 |
hemebond |
hlub: Have you tried casting the grain to an `int` in your test? |
10:15 |
|
sriman joined #salt |
10:15 |
sriman |
Hi,after executing saltstack, how to use stdout as a variable |
10:16 |
sriman |
can anyone help me plz.. |
10:16 |
hemebond |
sriman: Executing how? |
10:16 |
|
madboxs joined #salt |
10:16 |
hlub |
hemebond: not really but the jinja rendering should fail verbosely enough to be noticed. at least another pillar sls does so on another machine. |
10:17 |
sriman |
i ran saltstate, the out put was like |
10:17 |
sriman |
client_routerOpenStack: ---------- ID: generate_hash Function: cmd.run Name: python -c 'import crypt; print crypt.crypt("sriman", "$6$random_salt")' Result: True Comment: Command "python -c 'import crypt; print crypt.crypt("sriman", "$6$random_salt")'" run Started: 15:43:27.602773 Duration: 23.672 ms Changes: ---------- pid: 14645 |
10:17 |
sriman |
i want to use stdout result as a variable |
10:17 |
Norrland |
sriman: it'd help with a pastebin of that. |
10:17 |
hemebond |
hlub: Why would it fail? |
10:18 |
sriman |
Norrland: sure |
10:18 |
hlub |
hemebond: ah, good point |
10:18 |
hlub |
:D |
10:19 |
sriman |
Norrland: http://paste.openstack.org/show/600005/ |
10:19 |
hlub |
so, is a non-empty string always greater than any integer... |
10:20 |
sriman |
Actually , i want to create a user using this, and my goal is to pass the password as a variable . and script should convert the password to hash and should create a user |
10:20 |
hemebond |
Seems to be. |
10:20 |
hemebond |
You can test via a Python console. |
10:21 |
sriman |
in ansible, we use register module and we can use register_name.stdout as a variable |
10:21 |
sriman |
so, searching for the same module in saltstack |
10:22 |
hemebond |
sriman: Salt already has modules and formulas for creating users. Do none of them fit your needs? |
10:23 |
hlub |
the answer to my question is: yes, in python 2 but not in python 3 |
10:23 |
sriman |
hemebond: nope... because we need to pass the hash password for that |
10:23 |
hemebond |
hlub: So you need a default value and a cast :-) |
10:24 |
hemebond |
sriman: "for that" for what? |
10:24 |
hemebond |
Is this not a regular user account? This something else? |
10:25 |
hlub |
a better and less confusing world is what I need. |
10:26 |
sriman |
hemebond: to create a user, we have modules. and this modules needs a hash password. my goal is to give a string as password. |
10:26 |
babilen |
sriman: This feels like a x/y problem in that you are down the road to what you perceive as the right solution whereas it would help more if you would tell us what you are trying to achieve in the end |
10:26 |
hemebond |
sriman: What kind of user? |
10:26 |
babilen |
You mean you want to pass the password in clear text? |
10:27 |
|
madboxs joined #salt |
10:27 |
AndreasLutro |
myuser: { user.present: [ password: {{ salt['shadow.gen_password'](password) | json }} ] } |
10:27 |
hemebond |
^ |
10:27 |
hemebond |
Nicccccccccccce ???? |
10:28 |
sriman |
babilen: yes. and u can go through this this link http://paste.openstack.org/show/600006/ |
10:29 |
sriman |
AndreasLutro: pastebin please. i think it would help me |
10:29 |
babilen |
sriman: That's exactly what I refer to by X/Y problem .. you wouldn't do it like that in SaltStack |
10:30 |
|
jhauser joined #salt |
10:30 |
sriman |
babilen: so, can u help me with a saltstate that create a user with the password we give and expiration |
10:31 |
babilen |
AndreasLutro just pasted an example |
10:32 |
babilen |
See the "expire" option for the latter requirement |
10:32 |
|
ruxu joined #salt |
10:32 |
sriman |
babilen: thanks for ur help :) |
10:32 |
babilen |
(or inactdays) |
10:32 |
babilen |
https://docs.saltstack.com/en/latest/ref/states/all/salt.states.user.html → user.present |
10:34 |
babilen |
https://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.shadow.html#salt.modules.shadow.gen_password generates the hash |
10:35 |
sriman |
babilen: http://paste.openstack.org/show/600009/ |
10:36 |
sriman |
can u check this |
10:37 |
sriman |
babilen: i generated password, getting hash code in stdout. but to send this hash code as a variable |
10:37 |
|
madboxs joined #salt |
10:37 |
babilen |
You don't |
10:37 |
hemebond |
quotes |
10:37 |
babilen |
You want 'sriman' |
10:39 |
sriman |
babilen: perfect |
10:39 |
sriman |
thanks a lot |
10:40 |
babilen |
In a way this highlights a difference in that salt is more of a self-contained system where you write 'proper' modules and adaptors rather than just replicate what you would do manually. |
10:40 |
|
mswart joined #salt |
10:41 |
babilen |
But to answer your question: You would use cmd.run in a SLS to execute your command, save that in a variable and then pass that variable as user.present parameter. It's just that this wouldn't be very idiomatic in Salt. |
10:43 |
|
rdas joined #salt |
10:47 |
|
madboxs joined #salt |
10:57 |
|
madboxs joined #salt |
10:57 |
|
watersoul joined #salt |
11:00 |
|
mavhq joined #salt |
11:03 |
|
salty_ joined #salt |
11:03 |
salty_ |
Hi |
11:03 |
|
mswart left #salt |
11:03 |
salty_ |
I am trying to use cherrypy salt-api |
11:04 |
salty_ |
documents mention making curl calls but it ask for username and password parameters |
11:04 |
salty_ |
where can I set re-set these username password ? |
11:07 |
|
madboxs joined #salt |
11:16 |
salty_ |
Hi I am trying to use cherrypy salt-api, documents mention making curl calls but it ask for username and password parameters. where can I set re-set these username password ? |
11:20 |
hvn |
base on which authentication system you use, often is PAM (user on *NIX and its password) https://docs.saltstack.com/en/latest/topics/eauth/index.html |
11:23 |
|
o1e9 joined #salt |
11:25 |
sriman |
babilen: how to save cmd.run in a variable? |
11:26 |
babilen |
Don't go there ;) |
11:29 |
salty_ |
hvn: the users mentioned in the docs |
11:29 |
salty_ |
are they system user ? |
11:30 |
salty_ |
theres no where mentioned anything about setting the password |
11:33 |
salty_ |
for example here https://wiki.jenkins-ci.org/display/JENKINS/saltstack-plugin |
11:33 |
salty_ |
curl -sSk https://<salt-master>:8000/login \ -H 'Accept: application/x-yaml' \ -d username=jenkins \ -d password=jenkins \ -d eauth=pam |
11:34 |
salty_ |
curl -sSk https://<salt-master>:8000/login -H 'Accept: application/x-yaml' -d username=jenkins -d password=jenkins -d eauth=pam |
11:34 |
salty_ |
How do I set the username and password ? |
11:36 |
mage_ |
any idea how are external pillars are loaded internally? |
11:36 |
mage_ |
I'm getting a 2017-02-22 12:30:44,936 [salt.pillar ][CRITICAL][55969] Pillar render error: Failed to load ext_pillar icinga_ticket_pillar: 'icinga.lan' |
11:38 |
|
N-Mi_ joined #salt |
11:44 |
hvn |
salty_: if you use PAM, it's system user |
11:46 |
|
oaken_chris joined #salt |
11:48 |
salty_ |
Is there any way to use non system user ? |
11:48 |
salty_ |
other than ldap |
11:48 |
salty_ |
hvn: ? |
11:51 |
|
abednarik joined #salt |
11:52 |
|
saintpablos joined #salt |
11:52 |
|
ninjada joined #salt |
12:01 |
|
onlyanegg joined #salt |
12:01 |
|
all joined #salt |
12:03 |
|
cryptolukas joined #salt |
12:03 |
sriman |
hi |
12:03 |
sriman |
can any one help me |
12:03 |
sriman |
http://paste.openstack.org/show/600033/ |
12:04 |
sriman |
while passing variable, i'm getting error |
12:04 |
sriman |
babilen: u can help me i hope |
12:05 |
|
zulutango joined #salt |
12:05 |
|
jespada joined #salt |
12:07 |
|
ninjada joined #salt |
12:07 |
sriman |
AndreasLutro: there?/ |
12:09 |
AndreasLutro |
no |
12:10 |
hvn |
salty_: you can use mysql or django auth https://github.com/saltstack/salt/tree/develop/salt/auth |
12:10 |
|
abednarik_ joined #salt |
12:18 |
|
madboxs joined #salt |
12:25 |
|
toanju joined #salt |
12:26 |
|
thebinary joined #salt |
12:28 |
|
madboxs joined #salt |
12:37 |
|
Nightcinder_ joined #salt |
12:37 |
|
colttt joined #salt |
12:38 |
babilen |
sriman: You have nested curly brackets |
12:38 |
|
pcdummy joined #salt |
12:38 |
|
Zaunei joined #salt |
12:39 |
|
dragon788 joined #salt |
12:39 |
|
TooLmaN joined #salt |
12:39 |
|
wonko21 joined #salt |
12:40 |
|
DanyC joined #salt |
12:40 |
Reverend |
I read that as "you have nested burly crackers" and thought it sounded tasty. |
12:40 |
* babilen |
haggises Reverend |
12:41 |
|
hillna joined #salt |
12:42 |
|
Hybrid joined #salt |
12:43 |
Reverend |
haggis? haggis is good. |
12:44 |
Reverend |
ugh it's 17 minutes till lunch and im fucking starving |
12:44 |
babilen |
I know, I love it |
12:44 |
Reverend |
black pudding is better tho |
12:44 |
Reverend |
i could eat that shit by the tonne |
12:44 |
Reverend |
and THIS is the reason I'm the world shittest vegetarian |
12:45 |
babilen |
heh |
12:48 |
|
madboxs joined #salt |
12:52 |
|
ninjada joined #salt |
12:53 |
dxiri |
iggy: its a vm image that I need to use to create new VMs |
12:54 |
|
gableroux joined #salt |
12:55 |
LotR |
Reverend: ok, I want to see you do that. make a video of you eating a tonne of that, and put in your will that it has to be put on youtube after :P |
12:57 |
Reverend |
hahhaa |
12:58 |
|
madboxs joined #salt |
12:59 |
sriman |
babilen: yes, nested curly braces |
12:59 |
sriman |
how to overcome that |
13:00 |
sriman |
babilen: password: {{ salt['shadow.gen_password']('{{ pillar['password'] }}') | json }} |
13:00 |
sriman |
this is taking {{ pillar['password'] }} as my password |
13:00 |
babilen |
I would suggest removing them |
13:01 |
sriman |
but not what is given to this variable |
13:01 |
babilen |
You don't have to nest |
13:01 |
babilen |
(nor quote the pillar call) |
13:02 |
|
chamunks- joined #salt |
13:03 |
|
valkyr2e_ joined #salt |
13:04 |
sriman |
babilen: tried this one |
13:04 |
sriman |
{{ salt['shadow.gen_password']("pillar['password']") | json }} |
13:04 |
babilen |
You still quote the pillar call |
13:04 |
|
muep__ joined #salt |
13:04 |
|
mrueg_ joined #salt |
13:04 |
babilen |
(which would make the password the literal string pillar['password'] |
13:04 |
babilen |
) |
13:05 |
|
oaken_chris joined #salt |
13:05 |
sriman |
yes, its working now |
13:05 |
|
cswang joined #salt |
13:05 |
sriman |
babilen: awesome |
13:05 |
|
nahkiss joined #salt |
13:06 |
|
Inveracity joined #salt |
13:07 |
|
eightyeight joined #salt |
13:10 |
|
gableroux_ joined #salt |
13:12 |
|
fracklen joined #salt |
13:14 |
|
denkijin joined #salt |
13:15 |
|
_KaszpiR_ joined #salt |
13:33 |
|
NV joined #salt |
13:44 |
|
dxiri joined #salt |
13:45 |
|
fracklen joined #salt |
13:47 |
|
fracklen joined #salt |
13:48 |
|
fracklen joined #salt |
13:50 |
|
numkem joined #salt |
13:51 |
|
TheoSLC joined #salt |
13:51 |
manji |
is there any way |
13:52 |
manji |
in a state to have something like |
13:52 |
|
numkem1 joined #salt |
13:52 |
manji |
{% if we are running on salt-ssh do blabal %} |
13:52 |
manji |
{% else %} |
13:52 |
manji |
? |
13:55 |
honestly |
that's a really good question |
13:56 |
honestly |
maybe try looking into the opts: https://docs.saltstack.com/en/latest/ref/internals/opts.html |
13:57 |
|
TheoSLC joined #salt |
13:58 |
|
fracklen joined #salt |
13:59 |
|
cryptolukas joined #salt |
14:01 |
|
TheoSLC joined #salt |
14:01 |
|
onlyanegg joined #salt |
14:07 |
|
Sarphram joined #salt |
14:09 |
|
fracklen joined #salt |
14:10 |
|
mikecmpbll joined #salt |
14:10 |
manji |
honestly, mm I am not sure what you mean |
14:10 |
manji |
unless I can check if eg a roster file is present |
14:15 |
aphor |
You can use opts @manjji to introspect the configuration defaults of the daemon/runner. Maybe there are clues in the opts map to determine if the execution is via salt-ssh? |
14:19 |
|
madboxs joined #salt |
14:21 |
|
DammitJim joined #salt |
14:29 |
|
madboxs joined #salt |
14:30 |
|
impi joined #salt |
14:31 |
|
brousch__ joined #salt |
14:32 |
|
Aleks3Y joined #salt |
14:35 |
|
ravenx joined #salt |
14:35 |
|
TheoSLC joined #salt |
14:35 |
|
XenophonF joined #salt |
14:35 |
|
aawerner joined #salt |
14:37 |
|
ssplatt joined #salt |
14:40 |
|
madboxs joined #salt |
14:42 |
|
tharkun joined #salt |
14:49 |
|
abednarik joined #salt |
14:50 |
|
madboxs joined #salt |
14:54 |
|
nickabbey joined #salt |
14:57 |
|
mpanetta joined #salt |
15:00 |
|
madboxs joined #salt |
15:02 |
|
Awesomecase joined #salt |
15:02 |
|
onlyanegg joined #salt |
15:03 |
|
numkem1 joined #salt |
15:04 |
|
numkem joined #salt |
15:04 |
|
cryptolukas joined #salt |
15:10 |
|
madboxs joined #salt |
15:11 |
|
xet7 joined #salt |
15:11 |
|
Tanta joined #salt |
15:11 |
|
raspado joined #salt |
15:15 |
|
tapoxi joined #salt |
15:15 |
|
petems joined #salt |
15:16 |
|
abednarik joined #salt |
15:16 |
tapoxi |
hey all, salt-cloud problems. I'm specifying the root ebs size but its ignoring that and creating a standard 10 gb volume: http://pastebin.com/raw/wP8Ra5LL |
15:16 |
tapoxi |
thoughts? |
15:26 |
|
N-Mi_ joined #salt |
15:28 |
|
mavhq joined #salt |
15:29 |
|
racooper joined #salt |
15:32 |
|
dps joined #salt |
15:33 |
|
hvn joined #salt |
15:33 |
|
hvn joined #salt |
15:35 |
|
edrocks joined #salt |
15:36 |
|
sarcasticadmin joined #salt |
15:42 |
|
dxiri joined #salt |
15:42 |
gableroux |
Hey there, I'm getting something strange with cmd.run module |
15:43 |
gableroux |
http://pastebin.com/bJHRsZdH |
15:43 |
gableroux |
Even if I specify the shell to use, it seems like it's always using zsh no matter what |
15:44 |
gableroux |
grains are showing sh, I tried with runas with a user that uses sh by default, still zsh. Also tried echo $0 |
15:44 |
|
alexlist joined #salt |
15:44 |
XenophonF |
tapoxi: block_device_mappings is not a grain |
15:45 |
tapoxi |
XenophonF: yeah I just realized I messed up the indentation :( |
15:45 |
tapoxi |
thanks! |
15:45 |
tapoxi |
I hate yaml |
15:45 |
XenophonF |
tapoxi: here's a working example if you still need it - https://github.com/irtnog/salt-states/blob/development/salt/files/cloud.profiles.d/irtnog.conf#L30 |
15:46 |
XenophonF |
gableroux: is sh a link to zsh? |
15:46 |
XenophonF |
what operating system are you using? |
15:47 |
gableroux |
hmm, it points to dash |
15:47 |
gableroux |
debian |
15:47 |
gableroux |
8 |
15:47 |
XenophonF |
ok /bin/sh is definitely dash, so that's right |
15:49 |
gableroux |
hmm, looks like it's echo $0 that is wrong |
15:49 |
XenophonF |
and the shell grain points to /bin/sh, right? |
15:49 |
gableroux |
yup |
15:49 |
gableroux |
noglob is only in sh, when I run it and specify it, it works |
15:51 |
DammitJim |
do I need to change the privileges of the debian-sys-maint user in debian/ubuntu to be able to create users? |
15:52 |
|
scoates joined #salt |
15:53 |
|
ivanjaros joined #salt |
15:54 |
|
tiwula joined #salt |
15:59 |
|
WesleyTech__ joined #salt |
16:02 |
|
fracklen joined #salt |
16:03 |
|
onlyanegg joined #salt |
16:07 |
|
scoates joined #salt |
16:08 |
|
scoates joined #salt |
16:10 |
|
oaken_chris joined #salt |
16:13 |
gableroux |
Ok I really don't get it |
16:13 |
gableroux |
http://pastebin.com/66xYc8e3 |
16:13 |
gableroux |
saltmaster doesn't give me same output as the minion, like if something's out of sync |
16:14 |
|
Shirkdog joined #salt |
16:14 |
|
Shirkdog joined #salt |
16:15 |
|
nickabbey joined #salt |
16:18 |
babilen |
gableroux: It's your SHELL env var |
16:19 |
babilen |
Just compare the output of a cmd.run "env" |
16:20 |
|
samodid joined #salt |
16:22 |
|
gmoro joined #salt |
16:24 |
gableroux |
maybe shell env var overrides everything here when running from master. When I run my highstate from the minion, everything works, when I do it from the master, it fails due to missing commands. |
16:25 |
gableroux |
I don't remember setting anything special manually in a shell env var tho |
16:26 |
gableroux |
Thanks for your help, I'll continue investigating and let you know what was wrong. my master was on 2016.11.1, upgraded 2016.11.2 just in case |
16:26 |
gableroux |
so it's now same version as all the minions :P |
16:27 |
|
onlyanegg joined #salt |
16:27 |
|
candyman88 joined #salt |
16:36 |
|
tkojames joined #salt |
16:37 |
|
tkojames left #salt |
16:37 |
|
tkojames joined #salt |
16:38 |
|
swills joined #salt |
16:38 |
|
bwellsnc joined #salt |
16:38 |
|
scoates joined #salt |
16:38 |
babilen |
gableroux: If you require a specific shell or environment then you have to provide that information in your state |
16:40 |
gableroux |
But I'm still confused about the saltmaster not giving the same result as from the minion itself |
16:41 |
gableroux |
I mean I want to always use bash, I don't want to pollute all of my states with a shell: /bin/bash |
16:41 |
gableroux |
If I can't manage to find what's overriding the value when running from the master, I'll go this way |
16:41 |
|
DammitJim joined #salt |
16:44 |
|
onlyanegg joined #salt |
16:44 |
Neighbour |
gableroux: maybe `salt minion test.get_opts` would shed some light on things...if there's anything overriding your results, it is probably in there |
16:46 |
gableroux |
Trying this, thanks :) |
16:47 |
|
bwellsnc joined #salt |
16:47 |
babilen |
gableroux: When you are logged into the minion your SHELL environment variable will be set to your interactive shell |
16:48 |
babilen |
In fact you are overriding the default of /bin/sh |
16:49 |
|
teclator joined #salt |
16:49 |
babilen |
What is the actual problem you encounter? |
16:49 |
|
zer0def joined #salt |
16:50 |
|
Brew joined #salt |
16:51 |
|
_JZ_ joined #salt |
16:53 |
gableroux |
oh babilen: that sounds right, a colleague here found an issue about this on github, I'm in a meeting right now, but I'll continue on this in ~1h. Thanks a lot for you help guys, really appreciated :) |
16:54 |
|
scsinutz joined #salt |
16:55 |
gtmanfred |
gableroux: when you use salt-call, it creates a new salt-minion instances that connects to the master to run the command, so it will have SHELL set to whatever your users shell is |
16:55 |
gtmanfred |
when you send it from the master, it uses whatever the shell is set to in the init service |
16:55 |
babilen |
Sure, it inherits the environment variables |
16:56 |
gableroux |
Ok that's definitely good to know :) |
16:56 |
|
gmoro joined #salt |
16:58 |
gableroux |
https://github.com/saltstack/salt/issues/32989 |
16:58 |
saltstackbot |
[#32989][OPEN] salt and salt-call do not return the same shell grain | Description of Issue/Question... |
16:58 |
gableroux |
So that would be a problem with debian not having a shell set by default or something like that |
16:59 |
|
WesleyTech_ joined #salt |
17:00 |
tkojames |
Is it possible to pass mutiple grains using grains.get? For example I want to run something like this, salt grains.get username virtual etc. And have it return all the grains I selected. Is there another way I should be doing this? Basically I want some of the data from grains.items for each minion but do not want most of it. |
17:01 |
gtmanfred |
gableroux: that is exactly the problem, but i agree with mike https://github.com/saltstack/salt/issues/32989#issuecomment-221120342 |
17:01 |
saltstackbot |
[#32989][OPEN] salt and salt-call do not return the same shell grain | Description of Issue/Question... |
17:02 |
|
cyborg-one joined #salt |
17:02 |
|
nickabbey joined #salt |
17:04 |
gableroux |
alright, I think we'll live with it and specify the shell each time so my highstate will work on the first run with salt-cloud <3 |
17:05 |
|
nickabbe_ joined #salt |
17:06 |
|
jas02 joined #salt |
17:14 |
|
debian112 joined #salt |
17:16 |
|
jas02 joined #salt |
17:19 |
|
shoemonkey joined #salt |
17:19 |
|
cryptolukas joined #salt |
17:20 |
|
abednarik joined #salt |
17:20 |
|
madboxs joined #salt |
17:21 |
babilen |
gableroux: Debian has a shell set by default, it's just that it differs from what you want. FWIW, you can use bash as /bin/sh if you want to rely on that. |
17:24 |
|
edrocks joined #salt |
17:26 |
|
keldwud joined #salt |
17:27 |
DammitJim |
is there something special I need to do to escape the symbol % in a state? |
17:28 |
DammitJim |
I'm bringing that % from pillar |
17:31 |
|
madboxs joined #salt |
17:36 |
|
jas02 joined #salt |
17:36 |
|
DanyC joined #salt |
17:39 |
|
Shirkdog joined #salt |
17:39 |
|
Shirkdog joined #salt |
17:41 |
|
madboxs joined #salt |
17:48 |
|
onlyanegg joined #salt |
17:50 |
|
hoonetorg joined #salt |
17:51 |
|
madboxs joined #salt |
17:58 |
|
nickabbey joined #salt |
18:01 |
|
madboxs joined #salt |
18:04 |
|
SpeeR joined #salt |
18:05 |
|
tkojames joined #salt |
18:06 |
|
jas02 joined #salt |
18:07 |
|
tkojames left #salt |
18:07 |
|
tkojames joined #salt |
18:11 |
|
madboxs joined #salt |
18:12 |
dxiri |
hi guys, quick question! If I want to manage a master using salt, do I just specify 'localhost' on the minion config file inside the master? |
18:12 |
dxiri |
or is there something special to do? |
18:13 |
gtmanfred |
nope, you can just specify localhost |
18:14 |
|
SpeeR joined #salt |
18:18 |
|
DanyC joined #salt |
18:21 |
|
madboxs joined #salt |
18:26 |
|
tkojames joined #salt |
18:28 |
|
mpanetta joined #salt |
18:28 |
|
hoonetorg joined #salt |
18:31 |
|
madboxs joined #salt |
18:42 |
|
fracklen joined #salt |
18:52 |
|
Rumbles joined #salt |
18:55 |
|
SpeeR joined #salt |
18:56 |
|
scsinutz joined #salt |
18:58 |
|
nidr0x joined #salt |
19:07 |
|
Inveracity joined #salt |
19:09 |
|
dyasny joined #salt |
19:09 |
|
Edgan joined #salt |
19:11 |
|
austin_ joined #salt |
19:13 |
|
bwellsnc joined #salt |
19:14 |
|
cyteen joined #salt |
19:14 |
austin_ |
what is the difference between the /srv/salt/_states dir and the extension_modules config and the module_dirs config on the master config ? |
19:14 |
austin_ |
seems there are several places to look for the same thing |
19:17 |
whytewolf |
_states dir is pushed with sync commands. extension_modules is a setting that reads a location. and module_dirs is for the master [not the minions] |
19:18 |
austin_ |
ok. a job that has a custom state that needs to run on a minion would look in _states and ext_mods dir ? |
19:19 |
whytewolf |
no it doens't look in _states. _states is just a stanging directory for when you use saltutil.sync_states which pushes the module into the minion cache in extmods directory |
19:19 |
|
SaucyElf joined #salt |
19:20 |
whytewolf |
honestly the settings for extension_modules and module_dirs can mostly be ignored now days |
19:20 |
|
DanyC joined #salt |
19:21 |
|
cyborg-one joined #salt |
19:22 |
whytewolf |
https://docs.saltstack.com/en/latest/ref/modules/ just replace _modules with _states |
19:23 |
austin_ |
ok so if i had custom runners, i would still want to drop that into $ext_mod_path/runners |
19:23 |
whytewolf |
custom runners can go in _runners and be synced with salt-run saltutil.sync_runners |
19:24 |
austin_ |
ah ok. so /srv/salt/_runners works jsut the same |
19:24 |
whytewolf |
yeah |
19:24 |
austin_ |
and really we just ignore those config settings in master |
19:24 |
whytewolf |
[just need to call the runner version of saltutil] |
19:24 |
austin_ |
right |
19:26 |
|
dyasny_ joined #salt |
19:26 |
|
icebal_ joined #salt |
19:30 |
|
dyasny joined #salt |
19:47 |
|
amcorreia joined #salt |
19:50 |
|
noaioa joined #salt |
19:56 |
|
cliluw joined #salt |
19:57 |
noaioa |
{% set iface = salt.network.ifacestartswith('10.0') %} {% set hostip = salt['network.interfaces']()['{{ iface }}']['inet'][0]['address'] %}. Not sure how to get {{ iface }} in the second line to work. |
19:59 |
|
Rumbles joined #salt |
20:00 |
whytewolf |
{% set iface = salt.network.ifacestartswith('10.0') %} {% set hostip = salt['network.interfaces']()[iface]['inet'][0]['address'] %} |
20:01 |
|
dps_ joined #salt |
20:02 |
whytewolf |
coarse ... salt.network.ipaddrs(cidr='10.0.0.0/16') does about the same thing |
20:02 |
whytewolf |
without the need to know what the ifaces is :P |
20:06 |
gtmanfred |
noaioa: you are already in jinja, so you don't have to wrap it in {{}} again, and also remove the '' like how whytewolf said |
20:14 |
|
ChubYann joined #salt |
20:14 |
noaioa |
The reason for iface is so I can use network.managed. Basically I am trying to create a state file that checks if host has an IP from dns then assign that IP to the host. If not then just use dhcp. |
20:15 |
|
oaken_chris joined #salt |
20:15 |
whytewolf |
ok |
20:16 |
|
Rumbles joined #salt |
20:16 |
|
netcho joined #salt |
20:17 |
|
DammitJim joined #salt |
20:21 |
|
raspado joined #salt |
20:21 |
|
DanyC joined #salt |
20:24 |
|
gmoro joined #salt |
20:25 |
|
Yoda-BZH joined #salt |
20:25 |
|
Yoda-BZH joined #salt |
20:27 |
|
onlyanegg joined #salt |
20:39 |
|
raspado joined #salt |
20:42 |
|
madboxs joined #salt |
20:53 |
|
madboxs joined #salt |
21:03 |
|
madboxs joined #salt |
21:03 |
|
onlyanegg joined #salt |
21:03 |
|
dps joined #salt |
21:06 |
|
jhauser joined #salt |
21:12 |
|
khorben joined #salt |
21:13 |
|
madboxs joined #salt |
21:18 |
|
onovy joined #salt |
21:20 |
|
numkem joined #salt |
21:22 |
|
DanyC joined #salt |
21:23 |
|
madboxs joined #salt |
21:32 |
|
mariusv joined #salt |
21:32 |
|
mariusv joined #salt |
21:33 |
|
madboxs joined #salt |
21:35 |
|
Rumbles joined #salt |
21:37 |
|
lunarlamp joined #salt |
21:38 |
|
scsinutz1 joined #salt |
21:42 |
|
scsinutz joined #salt |
21:43 |
|
madboxs joined #salt |
21:43 |
|
abednarik joined #salt |
21:45 |
|
fracklen joined #salt |
21:46 |
|
jas02 joined #salt |
21:51 |
|
teclator joined #salt |
21:59 |
noaioa |
https://gist.github.com/anonymous/7b77be732f93e9b85eaf40ba7ce4b217 Not sure why I am getting object has no element ['ens160'] if someone can help. |
22:03 |
hemebond |
Does salt.network.ifacestartswith return a list? |
22:03 |
|
WesleyTech_ joined #salt |
22:04 |
hemebond |
I'm still on 2016.3 so I can't test that function. |
22:07 |
noaioa |
it should just return a name |
22:07 |
|
frew joined #salt |
22:07 |
hemebond |
Looks like it's returning a list. Try referencing it as a list. |
22:07 |
noaioa |
it might be a list if you have multiple interfaces on the 10 network but not sure |
22:10 |
|
scsinutz1 joined #salt |
22:14 |
noaioa |
{% set iface = salt.network.ifacestartswith['10.0'] %} this would be a list right? |
22:15 |
whytewolf |
no |
22:15 |
whytewolf |
{% set iface = salt.network.ifacestartswith('10.0')[0] %} |
22:15 |
|
numkem joined #salt |
22:15 |
whytewolf |
or {% set iface = salt.network.ifacestartswith('10.0')|first %} |
22:16 |
|
ninjada joined #salt |
22:16 |
whytewolf |
or, you could just loop on the output and do it for every interface |
22:16 |
whytewolf |
really depends on what you want to do |
22:17 |
|
ninjada joined #salt |
22:17 |
mpoole |
hey guys, my salt-master is crashing when I run a highstate https://gist.github.com/reedox/4728be161507bc707195601120eba165 version: 2016.11.2 ubuntu debs any ideas? |
22:17 |
|
mikecmpbll joined #salt |
22:18 |
mpoole |
I tried stopping the master via the init script and running "salt-master -l debug" but I can't get it to crash in debug mode |
22:20 |
|
averell joined #salt |
22:23 |
|
DanyC joined #salt |
22:26 |
noaioa |
List seems to work but "The 'names' argument in state 'ens160' in SLS 'setup3' needs to be formed as a list". |
22:32 |
|
Awesomecase joined #salt |
22:38 |
|
heaje joined #salt |
22:38 |
|
Tanta joined #salt |
22:44 |
|
madboxs joined #salt |
22:44 |
|
gableroux joined #salt |
22:45 |
|
gableroux_ joined #salt |
22:49 |
|
patrek joined #salt |
23:02 |
|
jgarr joined #salt |
23:03 |
jgarr |
can someone remind me where the salt minion keys are stored? |
23:03 |
jgarr |
I think I need to delete all of them and re-accept |
23:04 |
jgarr |
nvm, I found them |
23:05 |
|
madboxs joined #salt |
23:11 |
|
scsinutz joined #salt |
23:11 |
|
dps joined #salt |
23:18 |
|
MasterNayru joined #salt |
23:20 |
MasterNayru |
I'm having difficulty debugging an issue with Salt API. I can auth and run commands fine, but when I specify expr_form as grain or grain_pcre, it seems like the request takes at least "timeout" + "gather_job_timeout" seconds to respond. Is this expected behaviour? It responds very quickly when I use "glob" or "pcre" as the expr_form, so I'm trying to understand what is causing the grain ones to take so long to respond |
23:21 |
MasterNayru |
The commands seem to work as I would expect when I use the "salt" command directly, so seems to be something related to Salt API (I'm using Salt 2016.11.2 + CherryPy for Salt API) |
23:22 |
|
teclator joined #salt |
23:22 |
|
abednarik joined #salt |
23:24 |
|
DanyC joined #salt |
23:25 |
|
armguy joined #salt |
23:25 |
gtmanfred |
yeah, that is not normal, but i am out for today. If you can do some research and make an issue on github, I will try and reproduce it tomorrow |
23:25 |
|
sarcasticadmin joined #salt |
23:25 |
* gtmanfred |
goes and celebrates national margarita day |
23:27 |
whiteinge_ |
That's not a real thing. |
23:27 |
* whiteinge_ |
googles |
23:27 |
* whiteinge_ |
heads out for the day |
23:29 |
MasterNayru |
Will do. Cheers. |
23:35 |
MasterNayru |
It also happens with the Salt python local client ... the plot thickens |
23:43 |
|
Edgan joined #salt |
23:48 |
|
abednarik joined #salt |
23:52 |
|
cyborg-one joined #salt |
23:52 |
|
oaken_chris joined #salt |