Perl 6 - the future is here, just unevenly distributed

IRC log for #salt, 2017-03-13

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:04 onlyanegg joined #salt
00:19 darix joined #salt
00:21 darix joined #salt
00:43 k_sze[work] joined #salt
00:51 onlyanegg joined #salt
01:06 ninjada joined #salt
01:06 edrocks joined #salt
01:06 bocaneri joined #salt
01:16 bocaneri joined #salt
01:36 ninjada joined #salt
01:40 alvinstarr joined #salt
01:47 mpanetta joined #salt
02:34 evle joined #salt
02:34 desku joined #salt
02:46 MTecknology Anyone wanna play with an experimental new feature?!
02:48 djgerm joined #salt
02:55 exegesis joined #salt
03:04 promorphus_home joined #salt
03:06 fracklen joined #salt
03:09 edrocks joined #salt
03:21 onlyanegg joined #salt
03:28 jerryc joined #salt
03:46 JPT joined #salt
03:48 mpanetta joined #salt
03:58 DEger joined #salt
04:00 Klaus_Dieter joined #salt
04:02 netcho joined #salt
04:05 eprice left #salt
04:17 shoemonkey joined #salt
04:23 Praematura joined #salt
04:38 Klaus_Dieter joined #salt
04:40 catpig joined #salt
05:02 netcho joined #salt
05:30 felskrone joined #salt
05:32 cowyn joined #salt
05:48 mpanetta joined #salt
06:10 edrocks joined #salt
06:11 ninjada_ joined #salt
06:13 cowyn joined #salt
06:18 shoemonkey joined #salt
06:20 ninjada joined #salt
06:26 DEger joined #salt
06:28 eseyman joined #salt
06:29 inad922 joined #salt
06:35 preludedrew joined #salt
06:42 ninjada joined #salt
06:54 duncanmv joined #salt
06:59 netcho joined #salt
07:02 colttt joined #salt
07:04 ninjada joined #salt
07:06 golodhrim|work joined #salt
07:08 om2 joined #salt
07:08 k_sze[work] joined #salt
07:13 fracklen joined #salt
07:14 fracklen joined #salt
07:22 ninjada joined #salt
07:23 fracklen joined #salt
07:28 ninjada joined #salt
07:28 golodhrim|work joined #salt
07:36 squig joined #salt
07:42 candyman88 joined #salt
07:43 squig im trying to test a my highstate before I deploy it to the whole system
07:43 squig how do I tell salt-call to run from a local directory
07:43 squig I tried -file-root=. from my dev directory but it didnt work.
07:49 fracklen joined #salt
07:49 mpanetta joined #salt
07:51 fracklen_ joined #salt
07:59 jhauser joined #salt
07:59 ReV013 joined #salt
08:11 xet7 joined #salt
08:17 scristian joined #salt
08:18 shoemonkey joined #salt
08:22 babilen squig: "salt-call state.apply test=True" on the minion
08:24 aldevar joined #salt
08:27 aldevar left #salt
08:28 squig thanks babilen
08:29 squig so im trying to test the osrelease_info grain in jinja
08:29 squig I am doing this. {% if grains['osrelease_info'[1]] >= '3' %}
08:31 AndreasLutro ['osrelease_info'][1]
08:31 squig I dont know how to access the list
08:31 karthyk joined #salt
08:31 karthyk hey guys
08:31 iggy anybody use atom (with the atom-salt package)?
08:36 aldevar joined #salt
08:36 aldevar left #salt
08:41 karthyk left #salt
08:41 dijit no I use vim with the salt-vim package.
08:46 JohnnyRun joined #salt
08:50 babilen emacs!
08:50 babilen But I guess that iggy has a problem and a question for those elusive atom users
08:51 iggy I don't have problems, I solve them
08:51 ebcz joined #salt
08:51 candyman88 joined #salt
08:52 iggy I made a patch I was going to see if anyone could try it to see if it broke anything
08:55 Reverend iggy: surely you need problems though, otherwise you wont' have anything to solve?
09:00 babilen Such as "No atom user to be found"
09:02 iggy there are 2 issues filed against the package, so there are at least 3 of us
09:04 rim-k joined #salt
09:04 mikecmpbll joined #salt
09:10 k_sze[work] joined #salt
09:10 me25de joined #salt
09:12 l0th1 joined #salt
09:12 l0th1 Hi guys!
09:13 edrocks joined #salt
09:14 me25de hey
09:14 inad922 joined #salt
09:22 ronnix joined #salt
09:23 Straphka joined #salt
09:23 teclator joined #salt
09:23 cowyn joined #salt
09:27 netcho joined #salt
09:29 ronnix_ joined #salt
09:31 s_kunk joined #salt
09:34 alex-zel joined #salt
09:35 DEger joined #salt
09:35 alex-zel hello, question, if I want a service to restart on file change, the service definition has to be in the same sls file right?
09:36 AndreasLutro alex-zel, no
09:36 alex-zel if I include another state that does has that definition will it restart the service on file change?
09:36 AndreasLutro it will if you set up the watch stuff appropriately
09:37 alex-zel can I watch another sls file?
09:37 AndreasLutro no
09:37 AndreasLutro you watch states, not files
09:38 schinken joined #salt
09:39 alex-zel let me rephrase that, say I have "rsyslog.fileA" and "rsyslog.fileB", can I watch for file changes in fileB from fileA?
09:40 alex-zel even if I only apply the second file and not the whole rsyslog state
09:40 AndreasLutro file states don't have watch functionality
09:41 l0th1 joined #salt
09:41 l0th1 Just wondering, is it possibile to insert a Jinja template as a pillar value?
09:41 babilen l0th1: As in defining the "source; .." bit in pillars? Yeah, that's perfectly gine
09:41 babilen *fine even
09:42 squig hi, so I have a pile of packages that depend on python-pip
09:42 squig but some where in the centos 7 release it was renamed to python2-pip
09:42 squig how can I install python-pip but still leave the downstream dependencies depending on python-pip
09:42 squig is there some way to alias it?
09:42 babilen squig: You can define requisites by, both, state id and state name argument
09:43 babilen Well ,, either :)
09:43 squig babilen, could you provide an example sorry
09:43 l0th1 @babilen Like having a pillar `test: {{ grains['ipv4'] }}` and inside a file managed with template: jinja, `"This is my value: {{ pillar['test'] }}"`
09:44 l0th1 So that it results in "This is my value: [192.168.1.1]" (or whatever)
09:44 babilen squig: https://github.com/saltstack-formulas/pip-formula -- https://github.com/saltstack-formulas/pip-formula/blob/master/pip/init.sls#L3 -- You can use "pkg: pip" as requisite or the value of the name argument there (which will be python-pip/python2-pip/...)
09:45 babilen l0th1: You could pass that as contents and build the string in the SLS
09:45 squig its a clients site and they dont want to change 'to much'
09:46 squig can I just use jinja to do this?
09:46 squig - require:
09:46 squig - pkg: <some jinja?>
09:48 me25de squig: i think you can even use a for loop  ... like {%  for package in ['vim', 'htop', 'telnet']  %} and then it will install all this packages.
09:48 squig i really just need to change this line,     - pkg: python-pip
09:48 squig to be different for each os? I can use a jina block to do it, but I have to do it in lots and lots of places
09:50 mpanetta joined #salt
09:50 mike25de squig: i used to have all this definitions in a big jinja file with different defintions based on OS +  version.  In the state file i was importing from that jinja file only the data needed for the specific OS of that minion.
09:51 babilen squig: How do you install pip at the moment?
09:52 squig can I do some thing like this. http://pastebin.com/1dJ1Kkug
09:53 squig this is the current method, http://pastebin.com/GDhAP6dD
09:54 squig this is a downstream dependency http://pastebin.com/83ZFYUF8
09:54 babilen http://paste.debian.net/919487/
09:55 l0th1 babilen sorry I didn't get it :) How can I pass the pillar value as content?
09:55 babilen squig: You could either break up that "Install all the packages"-state or define the requisite as "pkg: python-pkgs"
09:55 squig on the downstream yeah
09:55 squig that makes much more sense
09:55 mike25de babilen: your example is the easiest one
09:56 babilen l0th1: file.managers accepts contents as argument. You can build that string in the SLS using pillar values -- https://docs.saltstack.com/en/latest/ref/states/all/salt.states.file.html#salt.states.file.managed
09:57 babilen l0th1: As in "contents: - "First line with pillar: %s"|format(salt['pillar.get']( .... ))"
09:57 squig babilen, (and others) thanks for your help, just trying to get into salt thinking more
09:57 squig more==mode
09:58 mike25de squig: this might help as well ... this is how i did it with jinja macros
09:58 mike25de https://docs.saltstack.com/en/latest/topics/jinja/index.html#macros
09:58 babilen squig: The problem here is that you have that mega state that makes it tricky to define individual dependencies as the state ID "python-pkgs" is shared by more than one package.
09:59 babilen squig: What I would do is a generic state like the pip-formula where the "name" argument is based on the os_family (and other) grains. This would allow you to define stable requisites on the state id (i.e. "pip")
10:00 babilen https://github.com/saltstack-formulas/pip-formula/blob/master/pip/map.jinja
10:00 squig dancing around the fact client doesnt want me to write formulas
10:02 babilen What's the difference between a well written state and a formula?
10:03 squig that is a question for my client :) they are under the impression that all there salt was causing no errors, I am meant to be updating there os on a few machines, and I found that 30% of there existing salt states are failing
10:03 babilen :(
10:04 darioleidi joined #salt
10:05 squig its a living
10:05 l0th1 babilen thank you :)
10:06 Reverend the best ones are when they work currently... until you scale out a server and suddenly nothing works.
10:07 Rumbles joined #salt
10:14 max42 joined #salt
10:17 squig babilen, can you tell me why this doesnt work?
10:18 squig http://pastebin.com/SqZDHd86
10:18 squig I dont get why I cant referense python-pip,
10:19 shoemonkey joined #salt
10:25 babilen Readable version: http://pastebin.com/raw/SqZDHd86
10:25 babilen squig: Where is your reference?
10:26 babilen And some comments: 1. Using "pkg: - installed" has fallen out of favour and we recommend "pkg.installed:" these days. It would *really* be a lot easier/maintainable to maintain the os family dependent bits in a separate map (as in formulas) rather than introducing horrible logic into the SLS
10:26 squig let me show you the error that throws
10:27 squig I agree, im going to contact the client, but I also want to understand whats going on
10:28 squig babilen, on the pkg: -installed has falled out of favour, has any one made a linter yet?
10:29 babilen I mentioned/bemoaned the lack thereof on Friday
10:29 systeem joined #salt
10:30 babilen We were discussing https://groups.google.com/forum/#!topic/salt-users/VqYjdlWsNHU
10:30 squig http://pastebin.com/raw/SqZDHd86 -> causes this error http://pastebin.com/raw/WzpW99zN
10:31 squig which is what I dont get, didnt I just declare python-pip ?
10:31 squig does name: change its actual id?
10:32 DanyC joined #salt
10:32 squig Which is to say, the primary saltstack docs are currently good enough - I disagree with this so strongly
10:34 babilen squig: You still have a python-pip pkg.installed in the python-pkgs state
10:35 debian1121 joined #salt
10:40 fracklen joined #salt
10:49 Hybrid joined #salt
11:14 colttt joined #salt
11:17 squig aah there is a bug in salt that was causing my next problem
11:32 netcho joined #salt
11:34 ronnix joined #salt
11:37 ronnix_ joined #salt
11:37 babilen squig: Squish it!
11:38 babilen I love squashing them .. but sometimes that's a lot of work
11:40 squig aah some one else might have already, but also I dont know
11:40 squig I need to set up salt to install new salt minions
11:41 gmoro joined #salt
11:51 mpanetta joined #salt
11:52 evle1 joined #salt
11:57 ronnix joined #salt
12:00 jhauser joined #salt
12:00 _Cyclone_ joined #salt
12:01 impi joined #salt
12:15 edrocks joined #salt
12:19 johnkeates joined #salt
12:19 silver310 joined #salt
12:20 shoemonkey joined #salt
12:22 silver310 hello, I'm having some issues with a state, don't know why, I have another state configured just like this and it work, here it is https://gist.github.com/alex-zel/af636ceabae212450da50178aacb7e33
12:23 silver310 the error i get is "Rendering SLS 'base:rsyslog.config' failed: while parsing a block mapping in "<unicode string>", line 6, column 7: - text: |"
12:23 silver310 I have another state with exactly the same template (only different pillars) and it works just fine, can't seem to find the problem
12:25 stooj joined #salt
12:31 cyborg-one joined #salt
12:34 shoemonkey joined #salt
12:37 ronnix joined #salt
12:43 onmeac joined #salt
12:44 rylnd hey guys, is there a reason why the extensive kwargs in the requesting event were removed when deploying on vmware?
12:45 rylnd it seems that 2016.11.1 behaves differently than 2016.3.x. i was able to get IP addresses from a VMs vNIC and a lot more information
12:54 cdunklau silver310: you might need to do some escaping in that comment? i dunno
12:58 silver310 I figured it out
12:59 cdunklau silver310: https://bpaste.net/show/fec85f98fc05 comments don't work in blocks apparently
12:59 silver310 Either place a comment at the start and end (before and after jijna) or don't use jinja like this {%- -%}
13:00 silver310 this won't work "{% for service, filename in services.items() -%}", but this will "{% for service, filename in services.items() %}"
13:03 zer0def quick question: do commands specified in `unless:` have a timeout?
13:05 zer0def ok, nvm, just answered my question: https://github.com/saltstack/salt/issues/32272
13:05 saltstackbot [#32272][OPEN] cmd state and timeout parameter | `cmd.run` or `cmd.script` state functions support termination of executed commands or scripts after specified `timeout` is reached. In my opinion, this should also terminate/kill any processes executed from `onlyif/unless` conditions....
13:05 netcho joined #salt
13:11 inad922 joined #salt
13:14 scoates joined #salt
13:14 WKNiGHT joined #salt
13:17 edrocks joined #salt
13:22 ronnix joined #salt
13:29 cablekev1n joined #salt
13:31 MattP_ joined #salt
13:37 o1e9 joined #salt
13:38 ronnix joined #salt
13:39 ssplatt joined #salt
13:41 mpanetta joined #salt
13:41 Tanta joined #salt
13:43 wangofett Hey - I'm trying to use salt-cloud to deploy to a DigitalOcean droplet but it failed to actually stick salt on the VM
13:44 me25de joined #salt
13:44 me25de hi guys .. i am using salt-api for checking the status of jobs etc. I have enabled now the mysql returner for all vms - putting the salt-master option  master_job_cache: mysql in my salt-master config. The problem is that salt-api does not return now the same json as before.
13:44 wangofett I can't find a command to tell it to retry sticking the minion on there
13:45 wangofett oooh, maybe -b
13:46 mpanetta joined #salt
13:47 wangofett Hm. Gives me this: Cannot deploy Salt in a VM if the 'key_filename' setting is not set and there is no password set for the VM.
13:51 mikecmpb_ joined #salt
13:54 wangofett FWIW I'm following this guide: https://www.digitalocean.com/community/tutorials/saltstack-infrastructure-configuring-salt-cloud-to-spin-up-digitalocean-resources
13:55 PatrolDoom joined #salt
13:58 tercenya joined #salt
14:03 sh123124213 joined #salt
14:07 racooper joined #salt
14:08 sarcasticadmin joined #salt
14:13 cowyn joined #salt
14:16 catpig joined #salt
14:19 sh123124213 joined #salt
14:22 ninjada joined #salt
14:22 ronnix joined #salt
14:24 cachedout joined #salt
14:27 sh123124213 joined #salt
14:29 squig joined #salt
14:31 Inveracity joined #salt
14:37 wangofett Hm. It appears that salt-cloud isn't even copying my ssh keyfile over >_>
14:37 leonkatz joined #salt
14:39 onlyanegg joined #salt
14:40 Brew joined #salt
14:40 rem5_ joined #salt
14:43 xfernando joined #salt
14:44 afics joined #salt
14:44 DEger joined #salt
14:48 sh123124213 joined #salt
14:56 ronnix joined #salt
14:57 heaje joined #salt
14:57 shoemonkey joined #salt
15:02 fracklen joined #salt
15:03 sh123124213 joined #salt
15:03 Praematura joined #salt
15:07 AvengerMoJo joined #salt
15:08 sarcasticadmin joined #salt
15:12 sarcasticadmin joined #salt
15:14 sh123124213 joined #salt
15:14 whytewolf wangofett: salt-cloud doesn't add keys that are not a part of the cloud provider already. it will only tell the cloud provider to add the keys listed in ssh_key_names.
15:15 akoumjian joined #salt
15:16 rylnd gtmanfred
15:16 rylnd you there by any chance?
15:18 rylnd still trying to figure out if i hit a bug or if the feature was removed. Couldn't find anything in the release notes. just opened an issue https://github.com/saltstack/salt/issues/39982
15:18 saltstackbot [#39982][OPEN] VMware: "requesting" event does not contain kwargs data anymore | Description of Issue/Question...
15:18 fracklen_ joined #salt
15:20 debian112 joined #salt
15:22 swills joined #salt
15:23 sh123124213 joined #salt
15:25 yuhl______ joined #salt
15:27 gtmanfred rylnd: looks like techhat answered you
15:28 yuhl______ joined #salt
15:28 rylnd gtmanfred: yeah he did. thanks. though i am not really happy about this sudden change. i would have expected a more prominent deprecation warning :-(
15:29 * PatrolDoom mumbles about iterating over pillars
15:30 DEger joined #salt
15:31 wangofett whytewolf: well, the names and keys are there, and they're named in ssh_key_names. It looks like there might be other people having problems with images of ubuntu > 14.04 on DigitalOcean - at least in the comments on that post
15:33 gtmanfred I would stop trusting digital ocean articles, that article was written in 2015.  There have been 2 new releases of salt since then
15:33 gtmanfred https://docs.saltstack.com/en/latest/topics/cloud/digitalocean.html
15:34 sh123124213 joined #salt
15:36 brakkisath joined #salt
15:40 ronnix_ joined #salt
15:44 promorphus joined #salt
15:44 yuhl______ left #salt
15:45 Rumbles joined #salt
15:46 promorphus anybody use salt and hashicorp's vault together? I'm looking at the pillar module for it, and there's a part about setting the token in an env var that doesn't seem to work.
15:47 leonkatz joined #salt
15:50 ronnix joined #salt
15:52 brakkisa_ joined #salt
15:54 promorphus or does anyone know how to reliably get information OUT of vault?
15:54 wangofett gtmanfred: Definitely an old article (that was one of the first things I checked) but it doesn't look like there are any bits of conflicting information between that and the salt docs that I've *seen* so far
15:55 cablekev1n promorphus: getting info from vault is reliable
15:55 cablekev1n but you need to think very carefully about how you seal and backup the vaul
15:55 cablekev1n *vault
15:56 wangofett The only place that I found anything about the key_filename was on https://docs.saltstack.com/en/latest/topics/cloud/saltify.html
15:58 impi joined #salt
15:58 wangofett Is that just what salt-cloud works when you use `-b`?
16:00 promorphus cablekev1n: thanks, but im still a little stuck on how to get data out. I think i've gotten it setup properly (the salt master throws no errors), but what's the syntax to retrieve data from it? im trying the following:
16:00 promorphus 'sudo salt 'minion' pillar.get vault/path/in/vault
16:00 promorphus returns blank
16:01 KH joined #salt
16:01 Guest41609 Hello, I have a quick question
16:05 cyteen joined #salt
16:05 duncanmv joined #salt
16:10 Firewalll joined #salt
16:12 yuhl______ joined #salt
16:12 cachedout Guest41609: Go ahead with your question and if anybody has an answer, they'll jump in.
16:12 sh123124213 joined #salt
16:17 jimklo joined #salt
16:18 rem5 joined #salt
16:18 ry joined #salt
16:23 ninjada joined #salt
16:25 fracklen joined #salt
16:26 jauz If I wanted a minion-side returner to use a pillar value for an API key, would that be the best way to keep the key save from sitting plain-text on the minion-side and still work in the case of a returner sending job results to something like Slack?
16:26 jauz safe*
16:28 onlyanegg joined #salt
16:30 wangofett ah. Turns out that I'm just trying to get 2016.3.3 which doesn't exist
16:31 desku joined #salt
16:31 deskuu joined #salt
16:35 ronnix joined #salt
16:35 netcho joined #salt
16:36 wangofett let's find out how well it works when I use `v2016.3.3` for the tag \o/
16:37 duncanmv joined #salt
16:43 xet7 joined #salt
16:44 woodtablet joined #salt
16:46 blueelvis joined #salt
16:46 tom29739 joined #salt
16:58 shoemonkey joined #salt
17:01 jauz So it seems like when I put a jinja reference in my minion config, the service won't restart. Is there a restriction to that / not possible the way I'm trying? Example: https://bpaste.net/show/557d6acf75dd
17:02 onlyanegg joined #salt
17:02 fhh joined #salt
17:04 iggy you can't put jinja in your config
17:05 jauz So for a returner, or anything else like that where it needs to be in the minion config, how would I reference the data without it being plaintext?
17:06 dyasny joined #salt
17:06 iggy it would effectively be plaintext that way
17:08 pidydx joined #salt
17:08 pidydx Does anyone know what data is actually expected to be stored in the path being used here? https://docs.saltstack.com/en/latest/ref/pillar/all/salt.pillar.vault.html
17:09 pidydx I assume my_vault_config is actually supposed to be myvault per the example
17:10 pidydx but is path=secret/salt just supposed to be yaml data uploaded or something?
17:13 pidydx or is that a root of a pillars directory so salt knows how to traverse secret/salt/pillars/whatever/pillar/here
17:15 Edgan joined #salt
17:19 XenophonF isn't vault just a key-value store?
17:21 iggy you will probably have to get to know the code... I don't think many people use that pillar
17:23 whytewolf or, try it.
17:26 pidydx Playing with it now.  Was just hoping to find more documentation so it is less throw stuff against the wall and see what sticks :)
17:31 whytewolf honestly. it is really new. and defintly could use more documentation ... hint hint hint
17:32 ninjada joined #salt
17:32 nixjdm joined #salt
17:33 MattP_ joined #salt
17:34 MattP_ Hello all! Is there any way in a SLS to detect if it was call via an highstate of via a state.sls ?
17:36 ronnix joined #salt
17:37 cscf When starting a new minion, I'd like to harvest hardware details, and have the master push them to our inventory.  What's the best system?  Mine data, then a Reactor to push it?
17:39 PatrolDoom joined #salt
17:41 nixjdm joined #salt
17:45 bakins joined #salt
17:46 nixjdm joined #salt
17:46 promorphus pidydx if you didnt figure it out already, pm me, i just had the same issue
17:46 nixjdm joined #salt
17:48 hasues joined #salt
17:50 hasues I have a question concerning grains.  I note that I can target grains in the top.sls with G@{grain} and I can direct those matches to a salt state.  In that salt state, can I still use the same matches?  Or from there, do I have to use Jinja to do it.
17:51 iggy hasues: you only do matching in the top file
17:51 hasues Thank you.
17:56 whytewolf that being said it is possbale to do matching in a state file using jinja and the match exacution module. however it is frowned on as a state file should only go to the minion it is meant for in the first place. to save on processing time.
17:58 Tanta joined #salt
17:59 harkx joined #salt
18:04 aldevar joined #salt
18:08 KyleG joined #salt
18:08 KyleG joined #salt
18:09 mschiff I have three file.managed states that each have "onchanges_in: cmd: foo", and cmd.run with id foo only gets run if all three file.managed states have changed at the same time. How can I implement some ind or "OR" logic here?
18:14 cscf mschiff, do you need to use onchanges_in ? I think if you list 3 states with onchanges it's an OR
18:15 mschiff cscf: In this cas I create the file.managed via jinja for-loop, so yes, onchanges_in is better here I think
18:16 mschiff I can write another little loop for the onchanges list, but that would be less elegant ;)
18:16 systemexit joined #salt
18:16 cscf mschiff, could you possibly replace multiple file.managed with file.recurse?
18:16 mschiff its some dedicated files, so not really
18:17 aldevar left #salt
18:17 cscf are all these files are in the same directory?
18:18 mschiff yes
18:20 sarcasticadmin joined #salt
18:31 cyborg-one joined #salt
18:34 hasues whytewolf: Well, I'm essentially trying to use two grains to determine which configuration file to use.  I'm looking into using filter_by, but I'm still trying to determine what it is I'm setting.
18:36 DanyC joined #salt
18:36 onlyanegg joined #salt
18:40 whytewolf hasues: personally i don't use seperate config files. i build a config file using templating that can go in either place. but anyway like i said you can use matching in a state file with jinja. {% if salt.match.compount('G@grain') %}<thing if match>{%endif%}
18:40 keltim joined #salt
18:40 whytewolf grrr typo. salt.match.compound
18:42 s_kunk joined #salt
18:44 twb joined #salt
18:46 twb joined #salt
18:46 twb anyone know if there is an issue with the saltstack repo site?
18:47 jrgochan joined #salt
18:47 sjorge joined #salt
18:47 sjorge joined #salt
18:47 jrgochan Hello all. What's the best way to add a state.highstate to a kickstart script?
18:49 fracklen joined #salt
18:51 whytewolf jrgochan: personally i like the reactor approch. adding a highstate to this https://docs.saltstack.com/en/latest/topics/reactor/#syncing-custom-types-on-minion-start
18:51 Eugene I dunno about "best", but here's the curlbash abomination I call from cloud-init https://eugenekay.com/salt.sh
18:52 Eugene I manually accept & state.apply the minion afterwards. It works.
18:52 Eugene Reactor seems legit
18:52 hasues whytewolf: I thought about that, but I'm not savvy enough to know how to do that yet.
18:53 jrgochan haha. that's similar to my abomination as well, but it doesn't issue a highstate. Might just take the manual accept route
18:54 jrgochan Not sure my coworkers will want to deal with generate pre-seeded keys
18:54 whytewolf automate the generation of preseeding keys. :P
18:55 jrgochan aye. might take that route, although one coworker will be a bit finicky about it
18:55 whytewolf automate away his job ;)
18:55 whytewolf just kidding
18:55 whytewolf kind of.
18:55 jrgochan also, when deleting keys I found a bit of a typo, or a joke perhaps? "Key for minion <MINION NAME HERE!!!> deleteed"
18:55 jrgochan baleeted?
18:56 Praematura joined #salt
18:56 onlyanegg joined #salt
18:56 jrgochan oo. reactor seems to be just what i need
18:58 whytewolf humm. maybe that deleteed should be bananana
18:58 jrgochan or gazebo. or perhaps even tacocat
18:59 shoemonkey joined #salt
19:01 jauz Yeah, the deleteed thing still being there seemed like it might be intentional for some reason, no way they haven't noticed that one. :O
19:01 whytewolf you would be surprised what doesn't get noticed in the thousands of iterations
19:03 dariusjs joined #salt
19:03 ProT-0-TypE joined #salt
19:09 ahrs joined #salt
19:10 Trauma joined #salt
19:12 onlyanegg joined #salt
19:15 DanyC joined #salt
19:15 teclator joined #salt
19:15 jauz When I try to enable the master_job_cache, my --return tests give an error.... [CRITICAL] Could not deserialize msgpack message.This often happens when trying to read a file not in binary modeTo see message payload, enable debug logging and retry. Exception: unpack(b) received extra data.
19:16 Slimmons joined #salt
19:17 Slimmons took a long break from salt, and now can't remember how to run a single state.  only remember state.highstate to run it all.  found state.apply, but gives me an error every time, wanted to make sure that's the methnod of running a single state before I spend time troubleshooting
19:21 oaken_chris joined #salt
19:21 JPT state.sls?
19:22 fracklen Slimmons: state.apply and state.sls are aliases :)
19:22 JPT Oh, alright. *takes notes*
19:23 Slimmons awesome, thanks
19:23 Inveracity joined #salt
19:28 Trauma joined #salt
19:29 whytewolf well to be fair. state.apply is an alises for both state.highstate AND state.sls if a state is stated with state.apply it will run state.sls other wise state.highstate will run
19:33 ninjada joined #salt
19:34 giany joined #salt
19:34 giany hi, is there a way to encrypt salt cloud profiles?
19:34 gtmanfred what are you trying to encrypt? they key?
19:35 giany i.e AWS credentials
19:35 gtmanfred https://docs.saltstack.com/en/latest/ref/sdb/all/salt.sdb.keyring_db.html
19:35 gtmanfred i would use the keyring sdb in the salt config
19:35 gtmanfred instead of encrypting the whole profile
19:35 gtmanfred giany: https://docs.saltstack.com/en/latest/topics/sdb/
19:35 giany how safe is that sdb?
19:36 gtmanfred i mean, as safe as anything else
19:36 gtmanfred even when encrypting, you still have to store the key somewhere
19:36 giany right.
19:36 gtmanfred you could put the AWS credentials in to environment variables, and use the env sdb module
19:36 gtmanfred so you would have to export AWS_ID AWS_KEY, before running salt-cloud
19:37 gtmanfred https://docs.saltstack.com/en/latest/ref/sdb/all/salt.sdb.env.html
19:37 giany gtmanfred: thing is that I will have multiple clients..each client will have its own keys..so practically one profile+provider / client.
19:38 gtmanfred To really seperate them right now, you need seperate machines that run salt-cloud.  There are plans to add salt-cloud rbac seperation into the next version major release of enterprise from what I have heard.
19:40 gtmanfred But there is no model to truely seperate them in salt-cloud right now
19:40 promorphus hey guys, in the docs here https://docs.saltstack.com/en/develop/ref/pillar/all/salt.pillar.vault.html#module-salt.pillar.vault, it's stated you can use an environment variable instead of the token, anyone know how that works? I can't seem to get it to take manually (using export) or intrinsically (using salt to do the export). Any ideas?
19:40 giany ok, understood gtmanfred ,thx
19:40 amcorreia joined #salt
19:40 gtmanfred no problem :D
19:41 gtmanfred using sdb:// and env variable is probably the closet you will get right now
19:41 gtmanfred or other sdb module*
19:42 ChubYann joined #salt
19:44 edrocks joined #salt
19:47 * jauz starting to wonder if the Slack returner is just not working atm with master_job_cache...
19:48 cmarzullo I know the elastic returner for master_job_cache is still busted.
19:48 cmarzullo it makes me sad
19:49 leonkatz anyone seen this error SaltInvocationError: Invalid ip_protocol None specified in security group rule.
19:49 leonkatz in the boto.sec_group present
19:50 leonkatz o
19:50 leonkatz i'm providing the ip_protocol
19:51 dyasny joined #salt
19:52 leonkatz full error https://gist.github.com/anonymous/9b4bff0a4e3e5f80c488638cc4d33664
19:54 edrocks joined #salt
20:00 dendazen joined #salt
20:01 gtmanfred jauz: you cannot use the slack returner for the master_job_cache
20:01 gtmanfred jauz: the master_job_cache needs to be a database like thing, for storage, so that they can be looked up later
20:01 Slimmons joined #salt
20:01 gtmanfred it can only be a returner
20:06 Slimmons Having trouble getting mysql_user.present working.  https://gist.github.com/anonymous/02c5fca15ef87b2aebb5b26d8dae53b4
20:07 gtmanfred Slimmons: how do you have it specified to connect to localhost?
20:08 gtmanfred oh wait, i see
20:08 Slimmons Good, because I wasn't sure how to answer that :)
20:09 gtmanfred lol
20:09 gtmanfred yeah i didn't scroll down far enough
20:09 Slimmons Yeah, i should have put the config file at top
20:09 Slimmons I know this config was working several months ago, on an ubuntu 14.04 minion
20:10 Slimmons but, I haven't run it in a long time, and I'm on a 16.04 minion now
20:10 Slimmons not sure that would matter, though, can't think why it would
20:10 Slimmons but I remember it took me forever to get it working, and I havne't played iwth the mysql stuff much
20:10 gtmanfred so, doesn't ubuntu set some default mysql password on install?
20:10 DEger joined #salt
20:10 gtmanfred also, have you checked out the mysql formula? it is pretty good
20:10 MTecknology gtmanfred: Do you guys have anyone that plays with experimental/untested features and lets you know if they break?
20:10 * MTecknology needs one of those people
20:11 gtmanfred not really
20:11 MTecknology awe :(
20:11 gtmanfred Also, one day we will get to writing the tests for your debian ip things
20:11 MTecknology :D
20:12 gtmanfred we are about to have 40k issues/prs...
20:12 keltim joined #salt
20:12 MTecknology holy eff...
20:12 Slimmons gtmanfred: honestly, for someone who uses saltstack as infrequently as I do, I could use an introductory course to those default formulas on github.  Like, when I go to the mysql one https://github.com/saltstack-formulas/mysql-formula  and it has a bazillion files that I have no idea why you would need htem, it gets complicated
20:12 MTecknology I wonder how many of those are stale..
20:12 gtmanfred Slimmons: https://docs.saltstack.com/en/latest/topics/development/conventions/formulas.html
20:13 MTecknology stale .. as in, not relevant and/or present anymore
20:13 Slimmons bam, and instant document on what I asked for
20:13 jauz gtmanfred: Ah! Thanks for the heads up on the database requirement for the returner. Turned off for now and will stop trying until I setup a returner for that -- Slack is working for job results now at least. :)
20:13 gtmanfred :D
20:14 netcho joined #salt
20:15 msn joined #salt
20:17 dlloyd joined #salt
20:18 MTecknology gtmanfred: do you guys have any stats chart of bugs? Like, 22% are feature requests, 1.8% are regression, test cases provide 94.8% coverage, 80% of regression bugs are closed in 182 hours or less...
20:18 DanyC joined #salt
20:18 MTecknology (because.. that would be really neat)
20:18 gtmanfred cachedout: ^^
20:18 cachedout Yes but they aren't published currently. Ot
20:19 cachedout It's on my TODO but it will be a while.
20:19 gtmanfred dope
20:19 MTecknology Nice! I can't wait! :D
20:20 aldevar joined #salt
20:20 MTecknology I need to eventually get around to testing my proposed patch, I just haven't done anything against develop in so long it'll require setting up a fresh build environment.
20:20 jauz I feel like Salt is moving pretty fast and it's an exciting time to be getting into it. I'm learning Python at the same time so it's a fun challenge. :P
20:21 MTecknology jauz: heh... wanna help with some low hanging fruit?..
20:22 jrgochan whytewolf: the reactor worked quite well. it registered the minion and started a state.highstate. although... I'm not sure how to look at the progress, or have it block the kickstart script while it does its thing. any ideas on at least how to log the output of a reactor highstate run?
20:22 jauz MTecknology: Once I get my own core functions up and running, I'm sure I'll be wanting to help tinker with all sorts of things. :)
20:22 whytewolf jrgochan: check the job log. https://docs.saltstack.com/en/latest/topics/jobs/
20:22 MTecknology awe... swing and a miss; /me looks for the next potential victim
20:25 Topic for #salt is now Welcome to #salt! <+> Latest Versions: 2016.3.5, 2016.11.3 <+> Support: https://www.saltstack.com/support/ <+> Logs: http://irclog.perlgeek.de/salt/ <+> Paste: https://gist.github.com/ (please don't multiline paste into channel) <+> See also: #salt-devel, #salt-offtopic <+> Ask with patience as we are volunteers and may not have immediate answers
20:25 jrgochan hrm. not sure that helps with reactor output?
20:26 whytewolf well then the other way would be to use a returner to send the data to a third party system
20:28 jrgochan hrm. Looks like it would do the trick. reading this guy: https://docs.saltstack.com/en/latest/ref/returners/all/salt.returners.smtp_return.html#module-salt.returners.smtp_return
20:28 XenophonF hey all - i'm getting host key verification failures with gitfs, but ~root/known_hosts has the right public key ID
20:28 XenophonF what am I doing wrong?
20:28 DEger_ joined #salt
20:31 jauz Last time I had that problem, it was a formatting problem in my public key file copied out of putty, not sure what else might be going on there.
20:32 dariusjs joined #salt
20:34 XenophonF oh i forgot to disable strict host key checking!
20:35 gtmanfred I am just the worst user
20:35 gtmanfred $ tail -n 3 ~/.ssh/config
20:35 gtmanfred Host *
20:35 gtmanfred StrictHostKeyChecking false
20:35 gtmanfred UserKnownHostsFile /dev/null
20:35 gtmanfred >.>
20:37 XenophonF hah
20:37 gtmanfred When you build and delete 1000 servers in one day trying to reproduce a networking issue on a cloud provider... you just give up :P
20:38 XenophonF now i'm getting a salt.transport.ipc error, errno 0 success
20:38 XenophonF wtf?
20:50 XenophonF I wonder if it's SELinux.
20:55 shadoxx joined #salt
20:56 shadoxx anyone know why with salt cloud, when i spin up a new image, i endlessly get a confirmation that my host has permanently been added to known_hosts?
20:56 shadoxx i know it's a setting i misssed, but i can't find it for the life of me
20:57 shakalaka joined #salt
20:57 gtmanfred I think it is because we set the ssh_known host stuff to /dev/null and set stricthostkeychecking to false
20:58 raspado joined #salt
20:58 gtmanfred can you try setting `display_ssh_output: False` in /etc/salt/cloud?
20:58 shadoxx gtmanfred: sure thing. destroying my old minion now
20:59 jrgochan Hrm. I'm trying to whitelist the results of state.highstates from minions
20:59 jrgochan according to this https://docs.saltstack.com/en/latest/topics/event/master_events.html
20:59 jrgochan it would seem that my whitelist should be 'salt/job/*/ret/*'. correct?
21:00 shoemonkey joined #salt
21:00 gtmanfred what are you whitelisting it for?
21:01 jrgochan http://pastebin.com/vL8dBSwh
21:02 shadoxx gtmanfred: it looks like that solves my issue, but now I don't get any sort of output from 'salt-cloud -p'. But this works for now.
21:02 jrgochan trying to get an email sent after the results of a state.apply or state.highstate
21:02 gtmanfred shadoxx: yes, the stuff you were seeing before was from all the ssh connections opened for transfering the bootstrap script and minion configs
21:03 shadoxx gtmanfred: figured. i appreciate the help! just getting my feet wet with salt, so i'm sure i'll be in here more
21:03 gtmanfred :D
21:09 sh123124213 joined #salt
21:12 sarcasticadmin joined #salt
21:33 jrgochan hrm. yeah. can't figure out this whitelist thing
21:33 jrgochan event_return_whitelist:
21:33 jrgochan - salt/job/*
21:33 jrgochan - salt/job/*/ret/*
21:34 ninjada joined #salt
21:34 leonkatz joined #salt
21:45 jrgochan "salt/job/20170313154423814674/ret/<hostname goes here>" would be "salt/job/*/ret/*" correct?
21:46 leonkatz joined #salt
21:46 gtmanfred yeah
21:47 jrgochan hrm. not getting anything from my test.pings or state.applys
21:55 netcho gtmanfred: was this you talking on saltconf 16 beacons and reactors? :)
21:58 jfelchner joined #salt
21:58 promorphus_home joined #salt
22:00 impi joined #salt
22:03 gtmanfred The predictive orchestration one?
22:03 gtmanfred I did the predictive orchestration talk and the sdb talk
22:03 gtmanfred i actually wrote the predictive orchestration demo that morning
22:03 gtmanfred https://github.com/gtmanfred/predictive-orchestration
22:04 shadoxx ok, second question. how do i enable a service after i install it by applying a state? can't figure out the syntax
22:04 gtmanfred service.running:
22:04 netcho gtmanfred: Event-Driven Infrastructure with SaltStack Reactor and Beacons
22:04 gtmanfred - enable: True
22:04 pidydx joined #salt
22:04 gtmanfred netcho: yeah i think that was it
22:04 rylnd are all talks publicly available by now? didn't follow it closely. just heard they are online when they are online (i am paraphrasing)
22:05 pidydx Is there a way to match environment in a top file?
22:05 netcho nice one! and thank you for 'tmux -CC' hahah
22:05 gtmanfred rylnd: https://www.youtube.com/watch?v=OPqsIdV9g5Y&amp;list=PL9svBjLDUl_9E9x81vSMuqB20gxOEX7E9
22:05 gtmanfred netcho: :D
22:05 gtmanfred uhh
22:05 rylnd ooh nice. thanks gtmanfred
22:06 pidydx I could have sworn I had seen a way for the top.sls to check a minion's environment as part of the targeting
22:06 gtmanfred rylnd: there is a playlist with all of them in it...
22:06 gtmanfred pidydx: you put the environment at the top of the section?
22:06 gtmanfred {{saltenv}}?
22:06 rylnd gtmanfred: https://www.youtube.com/playlist?list=PL9svBjLDUl_-sVwcRliUQ-VGDb2qvwpx_this one has 48 videos in it
22:07 pidydx @gtmanfred: I mean like base:  'somethingthatmatchesenvironment': - state
22:07 pidydx Essentially I want minions that don't have an environment configured to not have some environment applied to them
22:08 gtmanfred 'environment: thing':
22:08 gtmanfred - match: grain
22:08 gtmanfred if you store the environment in grains
22:08 rem5 joined #salt
22:08 pidydx is environment: foo in /etc/salt/minion/minion.d/env.conf not a grain then?
22:08 gtmanfred no
22:08 gtmanfred that is in the minion config
22:09 gtmanfred put it in /etc/salt/grains
22:09 gtmanfred netcho: yup, that is me
22:09 ninjada joined #salt
22:11 netcho hah, we look alike :D i just have beard xD
22:11 Slimmons in an apache2 redirect file, I tried filling in the ip address using jinja2, with {{ salt['grains.get']('network.ip_addrs') }} , but the config file went to the server with that in it, instead of variable.
22:11 Slimmons I'm assuming I did something very basic incorrect.
22:11 gtmanfred i shaved this morning... but i can't grow a beard unfortunately
22:11 netcho :D
22:11 cyteen joined #salt
22:11 netcho i try hard also :D
22:11 netcho but... we blondes...
22:12 gtmanfred and mutant blonds
22:12 netcho lol
22:12 gtmanfred Slimmons: did you have template: jinja in the file.managed state?
22:12 whytewolf Slimmons: sounds like a. you didn't label the file.managed as template: jinja
22:12 pidydx @gtmanfred: If I set it in grains it behaves the same as if I set it in minion config?
22:12 Slimmons if I hadn't, would the jinja be working in other files with simple variables?
22:13 gtmanfred the default template is none, so it shouldn't work unless you put template: jinja in the file.managed state
22:13 gtmanfred Slimmons: https://github.com/saltstack/salt/blob/develop/salt/states/file.py#L1402
22:13 Slimmons that's exactly what I did wrong, thanks whytewolf and gtmanfred
22:13 whytewolf Slimmons: also. iirc network.ip_addrs is not a grain that exists by default
22:13 Slimmons didn't specify it
22:14 Slimmons the more you know _.-`'`'-._
22:14 Slimmons that's the best rainbow i could do
22:14 gtmanfred heh
22:14 Slimmons thanks though, that's definitely it
22:14 gtmanfred _.-`'`'-._
22:14 netcho i just finished my 500 lines cloud profile haha
22:14 gtmanfred there ya go
22:15 pidydx and shouldn't I be able to use salt-call grains.get environment after putting env.conf in /etc/salt/grains with environment: - foo
22:15 netcho is there a way to dynamically create cloud profiles? on the fly?
22:15 gtmanfred pidydx: once you do a saltutil.refresh_modules
22:15 gtmanfred oh wait, yeah that should work
22:15 gtmanfred you can also do a config.get
22:15 whytewolf netcho: file.managed through a salt minion on the salt-cloud system ;)
22:16 gtmanfred netcho: i wish, ^^ is the best away
22:16 gtmanfred way*
22:17 netcho i have 26 apps, 4 environemnts, and every ENV has 3 AZs on aws ... alomost every machine has different size
22:17 * whytewolf kind of wishes salt-cloud was drawn more into the folds of salt so that profiles and providers and all that could be done always directly through pillars
22:17 netcho YES!
22:17 DEger joined #salt
22:17 gtmanfred whytewolf: you can do it in pillars
22:17 gtmanfred you just have to use salt-call cloud.profile
22:18 whytewolf yeah but there isn't a cloud.map
22:18 gtmanfred you can do maps with cloud.profile
22:18 gtmanfred well, not cloud.profile
22:18 gtmanfred but you can do maps with it
22:18 whytewolf you can? last i looked it didn't support maps
22:18 gtmanfred lemme find it
22:18 Slimmons Any guesses as to why, with this line in an apache config, once jinja template is set, it would come out blank (just the spot where the jinja was is blank, nothing else)?  {{ salt['grains.get']('network.ip_addrs') }}
22:18 pidydx @gtmanfred: So I realized /etc/salt/grains is a file not a dir, but when I put environment: foo I can see it with salt-call grains.get environment, but salt-call config.get environment returns nothing and it acts as if environment is unconfigured
22:18 gtmanfred well, if it doesn't it would be super trivial to add it, because it just uses CloudClient
22:19 whytewolf or am i guessing i am confusing the state with the module
22:19 djgerm joined #salt
22:19 pidydx @gtmanfred: Is setting "environment" in grains really the same thing as environment or does it just create a grain called "environment"
22:19 whytewolf Slimmons: because network.ip_addrs is a module.function. not a grain?
22:20 netcho Slimmons: you need to specify interface
22:20 gtmanfred it creates a grain that is called environment, but we use config.get to find the environment configuration, so it can override whatever is in the minion config
22:20 netcho example:
22:20 candyman88 joined #salt
22:20 netcho {%- set interface = 'eth0' -%}
22:20 netcho {%- set addr = salt['network.interface_ip'](interface) -%}
22:20 Slimmons netcho: is there a way to do it without specifying the interfaces, now that the interfaces have changed from eth0 to craziness?
22:20 Slimmons I don't know in advance what the interface is going to be
22:20 whytewolf netcho: network.ip_addrs doesn't need an interface. or a cidr it will return all public networks with out anything
22:20 gtmanfred Slimmons: do you know what the cidr is going to be?
22:21 whytewolf Slimmons: do you know the subnet?
22:21 ninjada joined #salt
22:21 pidydx @gtmanfred: Is there something I am missing then because it shows up with grain.get environment, but config.get environment shows nothing
22:21 Slimmons whytewolf: sorry, I'm super noob, but are you saying something like this alone would work {{ salt('network.ip_addrs') }}
22:21 Slimmons I do know the subnet
22:22 Slimmons but, even that may change eventually
22:22 Slimmons but not for a long time
22:22 netcho ok, my bad then :) this is how i use it :)
22:22 whytewolf {{salt.network.ip_addrs(cidr='10.0.0.0/16')|first}}
22:22 Slimmons so it would be a good fix if it involved that
22:22 gtmanfred Slimmons: you could do {{salt['network.ipaddrs'](cidr='10.0.0.0/8'|first)}}
22:22 gtmanfred bah
22:22 gtmanfred )|first
22:22 gtmanfred {{salt['network.ipaddrs'](cidr='10.0.0.0/8')|first}}
22:25 Slimmons oddly enough, Whytewolfs example didn't return anything, and gtmanfred just put a couple of brackets in there.  Which I'm assuming is why the "first" was in there, to get the fist out of an array (that's a guess)
22:26 gtmanfred what is your subnet?
22:26 gtmanfred did you put the subnet into the cidr=?
22:26 Slimmons 192.168.0.0/24
22:26 gtmanfred and you put that in the cidr=?
22:26 gtmanfred make sure the |first is after the )
22:27 whytewolf does salt 'minion' network.ip_addrs 192.168.0.0/24 return correctly
22:27 gtmanfred cidr='192.168.0.0/24'
22:27 gtmanfred the first variable in network.ip_addrs is interface
22:28 whytewolf opps yeah
22:28 * whytewolf kinda tired
22:29 Slimmons that was it, I was looking at the end of an old example, my bad.  I had the parenthesis in the wrong spot
22:29 Slimmons thanks again
22:29 Slimmons #fail
22:29 gtmanfred \o/
22:29 whytewolf humm what version on you on?
22:29 pidydx Ok...so environment in minion config and environment in grains are totally separate things that just happen to be named the same and unclearly documented :(
22:29 Slimmons Carbon
22:30 Slimmons 2016.11.3
22:30 whytewolf odd. cause salt.module.function should work in carbon i use it often.
22:31 pidydx if you state.apply from the master against some remote minion will it use the minion's configured environment when deciding which files to serve?
22:31 gtmanfred works for me too
22:32 gtmanfred pidydx: yes, the minion compiles the top file
22:33 Slimmons If I had to guess, it was human error.
22:33 Slimmons and it does actually work
22:33 Slimmons I won't say which human errored.
22:33 Slimmons but it was me
22:33 gtmanfred lol
22:33 whytewolf lol
22:33 Slimmons or everyone is wrong but me......it could be either really
22:34 gtmanfred whytewolf: i am going to play with fixing the map stuff in the cloud runner and module tomorrow
22:34 gtmanfred so that you could specify a map file, or put it in the state file
22:34 whytewolf very nice!
22:35 jauz Would it be crazy to use Salt to install Chocolatey on Windows minions and then just invoke 'choco install...' for a bunch of stuff that isn't supported by winrepo?
22:36 whytewolf jauz: about this crazy https://docs.saltstack.com/en/latest/ref/states/all/salt.states.chocolatey.html
22:37 pidydx @gtmanfred: I'm not missing anything to tell the minion to use that grain for it's environment config am I?
22:37 gtmanfred no
22:37 jauz Clearly I missed that, thanks!
22:37 aldevar left #salt
22:37 gtmanfred it is the exact same as setting it in the minion config
22:37 pidydx @gtmanfred: Not according to the Salt Cookbook or the command outputs and highstate behavior I am getting
22:38 pidydx @gtmanfred:  When I set it in the grain and do salt-call grain.get environment I get the value, when I do salt-call config.get environment I get nothing
22:38 pidydx @gtmanfred:  When I highstate with the environment set as a grain it acts as if it has no environment set and applies all the environments in the top file
22:40 gtmanfred is environment specified in the minion config?
22:40 pidydx no
22:40 gtmanfred hrm, i thought this was added so it could be configured in grains
22:40 pidydx I get local: None when running config.get environment :(
22:41 gtmanfred sorry, nevermind, it is not set to be used in grains, scratch that, you will have to set it in the minion config if you want to hard code it
22:41 pidydx That would definitely be useful and FAR less confusing than the current state of having to set it in both places
22:43 gtmanfred you could make a custom grain, that just returns {'environment': __opts__.get('environment': 'base')}
22:43 gtmanfred and save it in your _grains directory
22:43 pidydx on the server or on the minion?
22:44 gtmanfred on the minion
22:44 gtmanfred well
22:44 whytewolf _grains is a directory in file_root.
22:44 gtmanfred put the _grains directory on your file_root
22:45 pidydx can you get the environment (grain or config) while processing the top file?
22:45 whytewolf basicly this https://docs.saltstack.com/en/latest/topics/grains/#writing-grains
22:47 rem5 joined #salt
22:47 gtmanfred if you made a custom grain for it, sure...
22:47 gtmanfred but not for a config
22:48 gtmanfred though there was a request
22:48 gtmanfred https://github.com/saltstack/salt/issues/39916
22:48 saltstackbot [#39916][OPEN] [Feature] compound matcher based on config.get | Description of Issue/Question...
22:48 gtmanfred so you could match on minion configs too
22:48 whytewolf ohhh, that would be intereting
22:49 gtmanfred agreed
22:49 pidydx I'm thinking if I have a prod and dev environment that should look exactly the same, but serve from different locations
22:49 pidydx can I write a top file that does {{ minions.environment }}: '*': -state
22:49 jimklo_ joined #salt
22:49 pidydx or do I have to have a full copy of each environment in top.sls
22:49 whytewolf {{saltenv}}: '*': - state
22:50 gtmanfred ^^
22:50 whytewolf I'm kind of working on a dynamic top that works on that principal. but it is no where near ready
22:50 pidydx so is {{ saltenv }} just a variable that is accessible from anywhere when a minion is processing?
22:51 gtmanfred it is available if you are running through the state renderer
22:51 gtmanfred and the top.sls is basically just another state file
22:51 gtmanfred i am not sure if it will be available in the jinja for file.managed
22:51 whytewolf i think it is
22:51 whytewolf https://docs.saltstack.com/en/latest/ref/states/vars.html
22:51 pidydx how would I write a custom grain that accesses the config environment?
22:52 gtmanfred literally
22:52 gtmanfred def whatever()
22:52 gtmanfred uhh
22:52 gtmanfred def whatever():
22:52 gtmanfred return {'environment': __opts__.get('environment', 'base')}
22:52 gtmanfred and put it in /srv/salt/_grains/whatever.py
22:52 gtmanfred and saltutil.sync_grains
22:52 gtmanfred and then it will be available
22:52 pidydx ah previously you had : and not , so I was super confused :)
22:54 pidydx "whatever" being the name of the grai?
22:54 pidydx grain?
22:55 gtmanfred no, just the name of the function
22:55 gtmanfred the grain is called environment, and is in the dictionary that is returned
22:55 whytewolf yeah the grains just merge the returned dics together
22:55 pidydx does it just call all of the functions it finds in all of the .py files in _grains?
22:55 gtmanfred yes
22:56 gtmanfred well all the stuff in /var/cache/salt/minion/extmods/grains
22:56 gtmanfred and /usr/lib/python2.7/site-packages/salt/grains/*.py
22:57 pidydx can salt-call grains.get environment on the minion access that grain?
22:57 whytewolf yes
22:57 pidydx ah, I just had to highstate it
22:57 whytewolf well highstate causes the _grains directory to sync. which is most likely the part that was missing
22:58 pidydx I have also noticed that if I have a state -foo in base: and in prod: it complains if the environment isn't set
22:58 pidydx duplicate ids or whatever
22:58 pidydx unless I am using gitfs, in which case it just applies both
23:00 shoemonkey joined #salt
23:06 MTecknology pidydx: I once brought up the idea of environments having the ability to override other environments to avoid that problem, but it opens up the doors for some pretty confusing executions.
23:13 LeProvokateur joined #salt
23:15 gtmanfred whytewolf:  that doc says that saltenv is only available in sls files
23:16 whytewolf oh, expecting me to read what i am posting now? what do you take me for? ;)
23:19 jfelchner_ joined #salt
23:23 gtmanfred :P
23:25 pidydx can you do a file.managed without a template and just declare the content in the file.managed?
23:26 whytewolf pidydx: yes.. the template is none if it isn't defined. so it is a copy of what ever is there
23:27 pidydx I don't have a template set, but I want to say something like content: "This is the content of the managed file"
23:27 pidydx and have it create a file with that string
23:27 cmarzullo yes you can
23:28 cmarzullo you can also use file.serialize to spit out json or yaml files
23:28 pidydx file.managed: -content: "foo" doesn't seem to do it
23:29 whytewolf - contents
23:30 norrit left #salt
23:31 whytewolf better example /tmp/test: file.managed: - contents: "foo"
23:32 whytewolf or you can use the value of a pillar or grain with contents_pillar: and contents_grains
23:33 heyimawesome joined #salt
23:41 DEger_ joined #salt
23:41 bezaban joined #salt
23:53 oaken_chris joined #salt

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary