Perl 6 - the future is here, just unevenly distributed

IRC log for #salt, 2017-03-23

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:03 pipps joined #salt
00:06 vegasq joined #salt
00:18 GP_MikeD left #salt
00:19 jagguli hi I've got a master behind a firewall although the relevant ports are open, the minions outside the firewall are unable to return after a while ... and it just hangs
00:20 jagguli I dont have control of the fire wall .. but is there some way to make the minion detect that its lost connection and reconnect ?
00:20 jagguli best solutoin i can think of is ssh port mapping
00:21 jagguli or salt-ssh which is painfully slow
00:34 pipps joined #salt
00:40 bigjazzsound joined #salt
00:55 jas02 joined #salt
01:03 nikdatrix joined #salt
01:04 DammitJim joined #salt
01:05 XenophonF I'd find out who does control the firewall and get their help to fix it.
01:07 XenophonF otherwise you might want to look through https://docs.saltstack.com/en/latest/ref/configuration/minion.html
01:07 ninjada joined #salt
01:09 ninjada yo, trying to state aws security groups, creating one with a port range eg. 1000-1200, in the from_port / to_port area. can't seem to figure out the syntax.. boto_secgroup documentation is vague on ranges, anyone know?
01:10 onlyanegg joined #salt
01:10 ashmckenzie joined #salt
01:12 jagguli XenophonF: yea no its actually the azure cloud firewall
01:13 jagguli i've opened the port .. but there is something about the firewall that seems to interfere with salt's operatoin .. i cant pinn it down
01:14 jagguli when the minion starts its all good .. but after a while it seems like the connection is dropped
01:15 jagguli or the connection is hung up ... not dropped
01:15 jagguli so salt does not try reconnection
01:24 nethershaw joined #salt
01:27 sp0097 joined #salt
01:29 masber joined #salt
01:31 bigjazzsound joined #salt
01:46 vegasq joined #salt
01:46 sp0097 left #salt
01:53 swa_work joined #salt
01:53 masber joined #salt
01:56 jagguli joined #salt
01:58 mpanetta joined #salt
01:58 XenophonF ninjada: hang on i can give you a port range example
02:00 XenophonF ninjada: https://gist.github.com/xenophonf/454cb791a0ee3382bedf4ad32826fceb
02:00 swa_work joined #salt
02:02 XenophonF at work I have an SLS that builds out a VPC
02:03 XenophonF let me know if you'd like to see it, as it will take some effort to clean up
02:03 XenophonF jagguli: hm, i don't really have any experience with azure
02:04 XenophonF you have both ports on the master open? 4505/tcp and 4506/tcp?
02:04 XenophonF i'd maybe set up a continuous packet capture and escalate to microsoft
02:04 _JZ_ joined #salt
02:05 XenophonF ninjada: sorry the port range in question is on line 22
02:12 jas02 joined #salt
02:14 jagguli XenophonF: thanks, any tips for setting up continuous packet capture
02:14 ninjada XenophonF: thanks yeh realised it was a silly question, its from/to by nature... for some reason i keep thinking its incoming port to outgoing port.
02:15 ninjada like the ELB
02:16 NightMonkey joined #salt
02:29 sh123124213 joined #salt
02:31 cucumber joined #salt
02:41 Tanta joined #salt
02:49 onlyanegg joined #salt
02:57 vegasq joined #salt
03:00 onlyanegg joined #salt
03:04 nikdatrix joined #salt
03:05 ninjada joined #salt
03:07 ninjada joined #salt
03:10 ninjada joined #salt
03:17 thebinary joined #salt
03:28 jas02 joined #salt
03:32 cswang joined #salt
03:34 blu_ joined #salt
03:36 Laogeodritt joined #salt
03:42 NightMonkey joined #salt
03:48 masber joined #salt
03:49 jagguli XenophonF: adding master_alive_interval: 10 seems to have solved it \o/
03:51 mpanetta joined #salt
03:53 Praematura joined #salt
04:12 raspado joined #salt
04:15 catpig joined #salt
04:23 Klaus_Dieter joined #salt
04:26 evle joined #salt
04:30 jas02 joined #salt
04:33 bocaneri joined #salt
04:37 bocaneri joined #salt
04:38 cyborg-one joined #salt
04:48 Vaelatern joined #salt
04:51 DEger_ joined #salt
04:55 rem5 joined #salt
05:03 sarcasticadmin joined #salt
05:05 nikdatrix joined #salt
05:18 hatifnatt Hello. Since version 2016.11.0 file.recurse have an option to set file_mode to 'keep'. I think both master and minion must be >= 2016.11.0, but for backward compatibility can I check this in state file and don't set file_mode if master or minion  version less than 2016.11.0?
05:18 impi joined #salt
05:18 hatifnatt Main question how to check both master and minion versions.
05:22 dknight87 joined #salt
05:34 hemebond hatifnatt: salt-run manage.versions
05:35 dknight87 hi guys, can someone please help me with the sls file for installing python packages from locally downloaded whl and tar.gz files?
05:37 jas02 joined #salt
05:37 dknight87 http://pastebin.com/eEDvJu2p
05:37 Tanta https://docs.saltstack.com/en/latest/ref/states/all/salt.states.archive.html
05:37 dknight87 the list of files is present in this link
05:38 Tanta https://docs.saltstack.com/en/latest/ref/states/all/salt.states.pip_state.html#salt.states.pip_state.installed
05:38 Tanta archive.extracted for tar
05:38 Tanta and pip.installed with syntax at https://github.com/saltstack/salt/issues/33410
05:38 saltstackbot [#33410][OPEN] Does pip.installed support local wheel packages? | Wheel package exists at C:\Program Files (x86)\Python 3.5\Scripts\pygame-1.9.2a0-cp35-none-win32.whl. It fails to install when using pip.installed......
05:39 Tanta for whl
05:39 dknight87 Tanta: will i have to follow a particular order?
05:39 Tanta whatever order you write the states in
05:40 Tanta I'd store the filenames in two arrays, one for tar and one for whl ie: {% set whl_list = ['1.whl', '2.whl'] or use pillar
05:40 dknight87 Tanta: cant i just write one line thatll install all of these?
05:40 Tanta you asked how to use salt
05:41 Tanta that is the proper answer
05:41 Tanta you can cmd.run anything you want
05:42 Tanta loop over the list, and deploy them with one single state function call
05:42 dknight87 Tanta: Im new to salt :(
05:42 hatifnatt hemebond: But how 'salt-run manage.versions' can be used in sls state?
05:42 Tanta one sec
05:44 armyriad joined #salt
05:50 Tanta http://pastebin.com/eKQd30ZE
05:50 Tanta dknight87, start with that
05:50 Tanta that is a rough framework you could use as an example
05:50 Tanta or use pillar instead to store those lists
05:51 hemebond hatifnatt: The grain saltversion
05:54 dknight87 thanks Tanta !
05:54 dknight87 what is the cwd and bin_env for?
05:54 Tanta read the links I sent
05:54 Tanta they are the docs for those functinos
05:54 Tanta archive.extracted and pip.installed
05:54 Tanta I dunno your env specifics man
05:57 Tanta give it a go and at least get an error message and then you can ask for more help I guess
05:57 dknight87 Tanta: okay, gotcha. However, where should the tar.gz and whl files reside on the minion? I will have to first transfer them right?
05:57 Tanta or look at formulas that deal wiht python packages
05:57 Tanta well you can store them elsewhere like S3 or maven
05:58 Tanta or whatever solution you have for artifacts and dependencies
05:58 Tanta you just have to make sure they end up on the minion, you can use the salt fileserver as a last resort
05:58 dknight87 Tanta: and how do I reference them? they have to be local on the minion as there's no internet access
05:58 Tanta then I would suggest using the master
05:58 arif-ali joined #salt
05:58 dknight87 and how do I reference the files on the master?
05:59 Tanta and store the files there under /srv/salt/something/files/file.tar.gz and serve it with salt://something/files/file.tar.gz
05:59 Tanta I usually do /srv/salt/modules/python-pkg-setup/ or something like that
05:59 calvinh joined #salt
06:00 dknight87 Tanta: can I put 'salt://something/files/file.tar.gz' line in the pip.installed section?
06:00 Tanta as the source? yes
06:00 Tanta the source will take any valid URL pattern that Salt supports
06:00 ninjada_ joined #salt
06:01 Tanta try it with one package to get the hang of it
06:01 Tanta then build up from there
06:01 Tanta that's how you learn
06:01 hatifnatt hemebond: Thanks, thats much better for my needs.
06:03 Tanta so salt:// is the 'scheme', it can be s3:// or https:// or whatever storage back-end you hgave
06:05 calvinh_ joined #salt
06:05 mauli_ joined #salt
06:06 dknight87 http://pastebin.com/cqBCUf0E
06:06 dknight87 Tanta: will that work?
06:06 dknight87 i have added source to both pip.installed and archive
06:08 chamunks joined #salt
06:08 majuscul1 joined #salt
06:09 demonkeeper joined #salt
06:09 nicotine joined #salt
06:10 sh123124213 joined #salt
06:10 oida_ joined #salt
06:11 Neighb0ur joined #salt
06:11 kalessin joined #salt
06:12 daks_ joined #salt
06:13 Tanta the salt fileserver is built-in so it's convenient
06:13 wendall911 joined #salt
06:13 xMopxShell joined #salt
06:13 Ssquidly joined #salt
06:18 djgerm joined #salt
06:22 masber joined #salt
06:25 Ricardo1000 joined #salt
06:27 Ricardo1000 joined #salt
06:35 felskrone joined #salt
06:41 snowtree joined #salt
06:43 netcho joined #salt
06:44 golodhrim|work joined #salt
06:49 jas02 joined #salt
06:55 Mykha joined #salt
06:56 jas02 joined #salt
07:01 Arendtsen joined #salt
07:04 chadhs joined #salt
07:04 jken joined #salt
07:04 AndreasLutro joined #salt
07:04 DarkKnightCZ joined #salt
07:05 funabashi joined #salt
07:05 nikdatrix joined #salt
07:06 TooLmaN joined #salt
07:08 nineteen joined #salt
07:13 alvinstarr joined #salt
07:20 newbiefromla joined #salt
07:20 newbiefromla hello -
07:20 newbiefromla anyone with experience spinning up ec2 instances using salt?
07:21 hemebond newbiefromla: Hello again.
07:22 newbiefromla currently I can spin up instances but they come without salt installed and so when i ping I get 'Minion did not return. [no response]
07:22 newbiefromla oh hey hemebond - I remember you
07:22 hemebond How are you creating them?
07:22 newbiefromla salt-cloud
07:23 newbiefromla when i ssh into my minion, i try to see /etc/salt
07:23 newbiefromla it is not there
07:23 hemebond You see /etc/salt but salt-minion isn't installed?
07:24 hemebond If you run salt-cloud with -l debug do you see any errors?
07:24 newbiefromla no, I mean I don't see salt directory at all
07:24 hemebond Oh.
07:24 hemebond Have you pulled down the bootstrap script?
07:24 newbiefromla when i ran debug - it got to 'INFO: Installing minion'
07:24 hemebond salt-cloud -u
07:25 newbiefromla the last thing from the debug was '*  INFO: Running install_ubuntu_stable_deps()'
07:25 newbiefromla and then I thought it was done
07:25 newbiefromla so I control C to quit
07:25 hemebond Oh
07:25 newbiefromla and try to ping
07:25 rawzone^ joined #salt
07:25 hemebond Well that's wrong :-D
07:26 newbiefromla then couldnt get a response
07:26 hemebond salt-cloud will exit when it's finished.
07:26 newbiefromla oh so i exited prematurely?
07:26 hemebond Yes
07:26 newbiefromla ahhhhh
07:26 newbiefromla that explains
07:26 newbiefromla do i need the bootstrap script? I am not using it
07:27 hemebond You're not using it?
07:27 hemebond How are you not using it?
07:27 newbiefromla just following this tutorial:
07:27 newbiefromla https://www.msolution.io/2015/11/24/use-salt-cloud-to-automatically-deploy-new-aws-instances/
07:27 hemebond salt-cloud will SSH onto the new server and use the bootstrap script to install Salt.
07:29 hemebond Yeah, salt-cloud is still using the bootstrap script,.
07:29 hemebond That's what is installing salt-minion for you.
07:29 newbiefromla oh ok - just wasn't apparent from the tutorial
07:29 newbiefromla i am trying it again
07:30 hemebond An old version of salt-cloud didn't have the bootstrap so I had to run that command to pull down the latest version.
07:30 hemebond Might be worth doing that to make sure you have the latest.
07:30 hemebond https://github.com/saltstack/salt-bootstrap/blob/develop/bootstrap-salt.sh#L2396
07:30 newbiefromla btw I was able to launch my instance into my VPC by specifying subnet ID and security group ID. Thanks for the tip yesterday.
07:30 hemebond 👍
07:31 hemebond The name works if you can get it to recognise the VPC, but I never got it to work.
07:33 newbiefromla This  INFO: Running install_ubuntu_stable_deps()
07:33 newbiefromla runs for a long time
07:34 hemebond yip
07:38 newbiefromla i am still waiting
07:38 newbiefromla is it normal
07:38 hemebond Depends on the VM specs and network.
07:39 newbiefromla when i tried to manually install minion before it was fast
07:39 newbiefromla now it is like 10 min into waiting
07:39 hemebond I don't have a config where I'm using it unfortunately.
07:39 hemebond Okay that's not normal.
07:39 newbiefromla debug is not printing anything
07:40 hemebond bootstrap might be installing from source or something.
07:40 hemebond Did you run salt-cloud -you to get the latest version?
07:41 newbiefromla not yet
07:41 newbiefromla you mean I should use the bootstrap-salt.sh from the github link?
07:42 hemebond salt-cloud -u
07:42 hemebond That will pull down the latest version to your salt master.
07:43 impi joined #salt
07:43 hemebond Looks like the default is to install from the repo.
07:43 hemebond So something is going wrong.
07:43 newbiefromla finally something was showing
07:43 hemebond You could check syslog or some other log on the new server.
07:43 newbiefromla Err http://us-west-2.ec2.archive.ubuntu.com trusty InRelease
07:44 newbiefromla and bunch of failed to fetch errors
07:44 hemebond ah
07:44 newbiefromla some index files faled to download
07:44 newbiefromla is it my network setup on aws?
07:44 hemebond trusty?
07:44 hemebond I've seen this before.
07:45 newbiefromla yes trusty
07:45 hemebond Not actually a problem with salt-cloud or the bootstrap but with the AMI using crap source.
07:46 newbiefromla should i just use xenial?
07:46 hemebond I would.
07:46 ReV013 joined #salt
07:46 newbiefromla Ok sounds good.
07:46 hemebond But that won't necessarily fix this issue.
07:46 newbiefromla About handling secrets in salt
07:47 newbiefromla where would i store my aws id - dont really want to save that info in git
07:47 newbiefromla i mean my aws secrey
07:47 newbiefromla secret
07:47 hemebond Isn't it in your master config?
07:47 hemebond Oh.
07:47 hemebond Can you machine actually get out to the internet?
07:48 hemebond Do any of the apt sources succeed?
07:48 newbiefromla Yeah master can get out to internet
07:48 hemebond Not master, the new EC2 server.
07:48 newbiefromla hmm good question
07:52 newbiefromla yeah you are right
07:52 newbiefromla minion can't
07:52 newbiefromla i need to fix it
08:09 fracklen joined #salt
08:11 newbiefromla hmm getting this issue [DEBUG   ] Waiting for VM IP. Giving up in 00:06:30.
08:11 newbiefromla it seems instances are spinning up but cannot get a public ip.
08:12 newbiefromla and then it gets stuck in a loop - keep retrying
08:12 newbiefromla seems to be happening before bootstrap part
08:12 kbaikov joined #salt
08:15 newbiefromla found a related post here
08:15 newbiefromla https://github.com/saltstack/salt/issues/15951
08:15 saltstackbot [#15951][MERGED] Salt-cloud stuck waiting for VM IP when using "ssh_interface: private_ips" | I'm attempting to have Salt-cloud bootstrap a VM using a private IP on Rackspace....
08:15 newbiefromla thanks hemebond - i am going offline. will try again in the morning
08:15 hemebond Okay, good luck.
08:16 fracklen joined #salt
08:16 toanju joined #salt
08:16 fracklen joined #salt
08:17 oyvindmo joined #salt
08:22 kiltzman joined #salt
08:23 sh123124213 joined #salt
08:25 JohnnyRun joined #salt
08:26 prions joined #salt
08:38 ronnix joined #salt
08:44 scristian joined #salt
08:45 JohnnyRun joined #salt
08:47 swa joined #salt
08:54 candyman88 joined #salt
08:57 it_dude joined #salt
08:57 candyman89 joined #salt
08:59 it_dude joined #salt
09:01 mikecmpbll joined #salt
09:03 dknight87 joined #salt
09:05 saintromuald joined #salt
09:06 nikdatrix joined #salt
09:16 Rumbles joined #salt
09:24 impi joined #salt
09:26 nikdatrix joined #salt
09:51 netcho joined #salt
09:55 s_kunk joined #salt
09:59 mike25de joined #salt
10:06 puzzlingWeirdo joined #salt
10:21 N-Mi joined #salt
10:21 N-Mi joined #salt
10:26 debian112 joined #salt
10:29 london1 joined #salt
10:30 london1 Hi all
10:30 london1 Is it possible to use custom minion grains when using salt orchestrate runner?
10:31 london1 so if your orchestrate runner calls another sls file can you then get a custom grain from the target minion?
10:35 Joy what would be the reason for salt util.refresh_pillar to return just False for a minion?
10:36 atmoz joined #salt
10:40 losh joined #salt
10:41 Reverend joined #salt
10:44 dps joined #salt
10:48 hemebond Joy: Either couldn't update or encountered an error when rendering.
10:48 hemebond Check the master log file for errors.
10:49 jas02 joined #salt
10:50 KaczuH joined #salt
11:06 gerhro joined #salt
11:07 dps_ joined #salt
11:08 onlyanegg joined #salt
11:13 gerhro is there a way to import the content of a file from a minon into a Variable?
11:14 gerhro something like this: {% set SINCE in salt['cmd.run']('cat {{ latest }}' ) %}
11:15 Kelsar joined #salt
11:17 atmoz joined #salt
11:17 ninjada joined #salt
11:22 Kelsar joined #salt
11:33 jas02 joined #salt
11:33 masber joined #salt
11:37 Rumbles joined #salt
11:38 dalt joined #salt
11:38 Kelsar joined #salt
11:41 Reverend are grains stored on the minion? i.e. if I take an image of a server, will it have the same grains as the server it was imaged from?
11:45 Kelsar joined #salt
11:50 Kelsar joined #salt
11:56 Kelsar joined #salt
12:00 eldad joined #salt
12:01 eldad Hi, is it possible to add json data returned by "http.query" into the pillars system from within a state?
12:02 eldad I came by https://docs.saltstack.com/en/latest/ref/pillar/all/salt.pillar.cmd_json.html but I don't think it can be used from within the state
12:03 swills joined #salt
12:21 Reverend why the fuck do you need to provide the value to remove a grain
12:21 Reverend that's retarded
12:21 Reverend grain = "my_key" "7"
12:21 ReV013 joined #salt
12:21 Reverend surely if I just specify the key, just fucking nuke it
12:21 Reverend holy shit
12:24 Reverend so I can set it to 0 with: `salt-call grains.set my_key 0`
12:24 Reverend but can't remoive it with `salt-call grains.remove my_key 7`
12:25 Neighbour use grains.delval
12:25 Reverend Neighbour, you may have just become todays hero. hand on
12:25 Reverend hang*
12:26 Reverend hmmmmmm. ish. I kinda just wanna nuke the grain, now I've got "my_key = None"
12:27 Reverend ohhhh fuck offffff. that'll have to do Neighbour. Thanks for the help gorgeous. <3
12:27 Neighbour use salt-call grains.delval(key, True)
12:27 Neighbour the 2nd argument (if True) also removes the key
12:27 Reverend ooooooooooo
12:27 Neighbour (it might help to just rtfm :P)
12:28 Reverend https://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.grains.html#salt.modules.grains.remove
12:28 Neighbour https://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.grains.html#salt.modules.grains.delval
12:28 Reverend so, wait... delval removes the grain... but remove removes teh grain value./
12:28 Reverend #logic
12:28 Neighbour remove is intended to remove an item from a grain that has a list as value
12:29 netcho joined #salt
12:29 Reverend oh so just removing stuff from a list
12:29 Reverend not removing the grain
12:29 Neighbour that's how I read it
12:29 Reverend my_key is now nuked.
12:30 Reverend love you Neighbour
12:30 Neighbour :)
12:31 DammitJim joined #salt
12:45 impi joined #salt
12:46 jas02 joined #salt
12:55 rem5 joined #salt
12:59 ksa joined #salt
13:01 evle1 joined #salt
13:08 remyd1 joined #salt
13:09 toanju joined #salt
13:10 armyriad joined #salt
13:14 DammitJim joined #salt
13:19 Tanta joined #salt
13:20 candyman88 joined #salt
13:21 brousch__ joined #salt
13:23 John_Kang joined #salt
13:24 John_Kang hi there
13:30 vegasq joined #salt
13:47 gmoro joined #salt
13:47 rahav joined #salt
13:47 silver_ joined #salt
13:48 Guest80383 hello, I have a custom grain module, and for some reason it throws error on a specific minion "[WARNING ] Failed to import grains sudoversion. Bad magic number. If migrating from Python2 to Python3, remove all .pyc files and try again."
13:48 Guest80383 the same module works fine on all other minions
13:50 Neighbour Guest80383: Does running the minion with -l debug provide additional insights?
13:52 Inveracity joined #salt
13:52 ronnix joined #salt
13:52 Guest80383 throws this error https://gist.github.com/alex-zel/e8961203df99d537c97b37c43a137815
13:53 Guest80383 I just noticed it uses python3.5, but why?
13:54 Hybrid joined #salt
13:57 racooper joined #salt
13:58 mpanetta_ joined #salt
14:01 kbaikov joined #salt
14:02 vegasq joined #salt
14:03 jas02 joined #salt
14:03 shoemonkey joined #salt
14:05 theblazehen joined #salt
14:08 armguy joined #salt
14:10 toanju joined #salt
14:13 tapoxi joined #salt
14:14 ssplatt joined #salt
14:15 mpanetta joined #salt
14:17 PatrolDoom joined #salt
14:23 fracklen joined #salt
14:28 sh123124213 joined #salt
14:28 impi joined #salt
14:38 fredvd joined #salt
14:42 cowyn joined #salt
14:42 fracklen joined #salt
14:43 art5005 joined #salt
14:44 art5005 Hi all, trying to manage some iptables with salt.. Is there a way to declare a range of ports for dports?
14:44 art5005 Trying to replicate something like this:  iptables -A INPUT -p tcp --match multiport --dports 1234:5678 -j ACCEPT
14:44 art5005 but using     - dports: {{ low_port }}:{{ high_port }}   doesn't seem to be working.
14:46 sarcasticadmin joined #salt
14:46 art5005 for that matter, neither does:   - dport: {{ low_port }}:{{ high_port }}
14:48 catpig joined #salt
14:50 zeromorphism http://synchron2014.inria.fr/wp-content/uploads/sites/13/2014/12/Beaugnon-report.pdf
14:53 kjsaihs joined #salt
14:57 fracklen_ joined #salt
14:58 _JZ_ joined #salt
15:01 armyriad joined #salt
15:04 jas02 joined #salt
15:07 Snow24 joined #salt
15:07 tiwula joined #salt
15:09 london1 Hi all, Is it possible to use custom minion grains when using salt orchestrate runner?
15:09 london1 so if your orchestrate runner calls another sls file can you then get a custom grain from the target minion?
15:11 Snow24 Hello, can we deffered a deployment with Salt-Master ? Will the computer have the package at his next connection to the private network if i launch the install command ?
15:16 babilen Snow24: "deffered" ?
15:16 babilen I understood that as "defer", but I'm not entirely sure what you are after
15:16 telx joined #salt
15:17 seanz joined #salt
15:18 muxdaemon joined #salt
15:19 Snow24 IF I use "pkg.install" and the minion isn't connect to the private network, is it possible to have the package on the connection of the minion automaticcally ?
15:21 Snow24 babilen:
15:22 DanyC joined #salt
15:23 XenophonF jagguli: glad to hear that master_alive_interval fixed your problem!
15:23 XenophonF ninjada: likewise, glad you got the security group ranges figured out
15:25 q1x .o/
15:26 q1x Is there a way for me to run salt commands on the master if I'm logged in as a user that is a member of a certain unix group?
15:29 ReV013 left #salt
15:29 CrummyGummy joined #salt
15:30 q1x external auth seems to require an addition password
15:35 CrummyGummy joined #salt
15:35 georgi_ joined #salt
15:36 theblazehen joined #salt
15:41 tsurko joined #salt
15:43 o1e9 joined #salt
15:44 Heartsbane joined #salt
15:44 Heartsbane joined #salt
15:46 concerti joined #salt
15:47 CrummyGummy joined #salt
15:50 jas02 joined #salt
15:57 netcho joined #salt
16:03 CrummyGummy joined #salt
16:04 bakins joined #salt
16:06 netcho joined #salt
16:09 scsinutz joined #salt
16:10 Praematura joined #salt
16:18 Praematura joined #salt
16:19 raspado joined #salt
16:20 toastedpenguin joined #salt
16:23 sarcasticadmin go 16
16:24 sarcasticadmin excuse that, mistyped in weechat haha
16:29 shoemonkey joined #salt
16:30 sh123124213 joined #salt
16:32 woodtablet joined #salt
16:33 atmoz joined #salt
16:33 woodtablet joined #salt
16:40 DarkKnightCZ joined #salt
16:42 gmoro joined #salt
16:43 onlyanegg joined #salt
16:55 theblazehen joined #salt
16:57 nomadlogic left #salt
17:00 DarkKnightCZ joined #salt
17:09 pipps joined #salt
17:09 cyborg-one joined #salt
17:10 jas02 joined #salt
17:13 sh123124213 joined #salt
17:15 impi joined #salt
17:16 Brew joined #salt
17:17 zackhsi joined #salt
17:19 pipps joined #salt
17:19 zackhsi Hey all, I am having an issue with failhard and onfail. Came across this issue: https://github.com/saltstack/salt/issues/20496.
17:19 saltstackbot [#20496][OPEN] Failhard and OnFail requisite interaction | This issue is for 3 things:...
17:20 zackhsi Does anyone have a suggested workaround?
17:20 zackhsi Goal is to run the virtualenv.managed state with a certain pip configuration. And if that fails, then run it with a different pip configuration.
17:20 zackhsi Turning off `failhard: True` in the minion config is not an option :/
17:22 iggy you can't gate which config you use on something other than failing?
17:22 iggy I don't see a way to make it work the way you are trying
17:22 catpig joined #salt
17:23 cachedout joined #salt
17:24 cachedout Hello friends. Exciting news from your friendly core dev team. We now have PRs in which bring all tests with Salt on Python 3 fully on pr with Py 2.
17:24 cachedout *par
17:24 cachedout We could very much use help for people who can run the develop branch on Python3 and help us find any remaining issues in the time remaining before the Nitrogen release.
17:25 k_sze[work] joined #salt
17:26 scsinutz joined #salt
17:27 zackhsi @iggy would like to try both. attempt one first, then fall back to the other
17:28 brakkisath joined #salt
17:28 iggy that's not going to work, so you're going to have to go to plan B
17:29 pipps joined #salt
17:34 DarkKnightCZ joined #salt
17:34 theblazehen joined #salt
17:36 censorshipwreck joined #salt
17:39 dxiri joined #salt
17:40 dxiri hello everyone
17:40 dxiri quick question, if I do this: http://pastebin.com/DFqZxhbD
17:41 tercenya_ joined #salt
17:41 dxiri will that unset my other settings not defined there?
17:41 dxiri or will it do just want I am telling it to do? I just want to have 2 dns servers used for all minions
17:41 swa_work joined #salt
17:42 The_Loeki joined #salt
17:46 vexati0n with salt-cloud --list-images, is there any way to filter the results? I can't very easily parse through 50,000 entries manually...
17:49 brakkisa_ joined #salt
17:53 Inveracity vexati0n, there's a few ways, 1. dump it all to a file and use something like Sublime Text to siphon the things you want, 2. use the python salt client api and code your way out of it or 3. set up a returner to mongodb or elasticsearch and sift through the data that way
17:54 PatrolDoom joined #salt
17:54 PatrolDoom joined #salt
17:54 brakkisath joined #salt
17:58 GMAzrael joined #salt
18:01 vexati0n thanks Inveracity . Now-- for Azure, --list-images only gives the name, and the fields sku, publisher, version, and offer
18:01 vexati0n which one of those corresponds to "image" in a cloud profile?
18:02 pipps joined #salt
18:02 vexati0n oh, nevermind. was reading outdated docs
18:02 vexati0n as you were
18:03 Edgan joined #salt
18:03 Inveracity http://i.imgur.com/hzWlOff.gif
18:07 muxdaemon joined #salt
18:18 vexati0n gah. now it's complaining that my account isn't allowed to perform "Microsoft.Network/virtualNetworks/subnets/read" on the virtual network
18:18 vexati0n even though... on Azure I can do whatever I want
18:19 vexati0n and the docs didn't tell me i need something called a "network_resource_group" or what that is in Azure since there's nothing called that
18:24 vexati0n docs say: "network_resource_group: optional". salt-cloud says: "the value network_resource_group needs to be set.", and if I set it (by specifying my resource group), salt-cloud says it doesn't exist.
18:25 cachedout joined #salt
18:34 vexati0n ok... finally got it to work.. you *must* specify network_resource_group, network, and subnet. but it doesn't matter, because salt-cloud hangs trying to wait for a public IP that Azure doesn't assign automatically anyway.
18:34 vexati0n so the whole thing is useless. yippee
18:37 dps joined #salt
18:40 dps_ joined #salt
18:50 pipps joined #salt
18:52 candyman88 joined #salt
18:55 sh123124213 joined #salt
19:04 impi joined #salt
19:06 DarkKnightCZ joined #salt
19:07 Trauma joined #salt
19:08 dxiri joined #salt
19:09 johnkeates joined #salt
19:13 N-Mi joined #salt
19:13 N-Mi joined #salt
19:17 englishm_llnw joined #salt
19:43 DarkKnightCZ joined #salt
19:44 nixjdm joined #salt
19:45 coval3nce joined #salt
19:46 Inveracity joined #salt
19:46 coval3nce Hi all!  Quick question on git_pillar with “__env__” as the branch name.  If the “environment” of the minion is set to “base”, will it look at the “master” branch in GIT?
19:48 ChubYann joined #salt
19:48 coval3nce Ah dang…accordig to https://github.com/saltstack/salt/blob/cfeda912f64a9deb841d39c11a1f9ae06498645f/salt/pillar/git_pillar.py#L575-L579 it does not.  I wonder what “gitfs_remotes” does these days.  That thing used to do the “base -> master” mapping.
19:49 pipps joined #salt
19:58 MTecknology gtmanfred: I don't know if anything I said had any value... sorry. :(
19:58 DoomPatrol joined #salt
19:59 gtmanfred MTecknology: no worries :D just know you were messing around in there, and might have wanted to fix this one too :P
20:00 gtmanfred and anyone with more knowledge about that module than me is helpful :P
20:00 gtmanfred coval3nce: it will, by default, base is the master branch
20:01 pipps joined #salt
20:01 gtmanfred coval3nce: the new gitpillar configurations uses the same code as the gitfs does
20:01 coval3nce @gtmanfred i had environment set on a minion to “base” and it didn’t seem to work. I switched the minion environment to “master” and it worked.
20:01 MTecknology It's definitely one of the more beastly modules!
20:02 gtmanfred how did you configure git_pillar?
20:02 gtmanfred ext_pillar:
20:02 gtmanfred - git:
20:02 gtmanfred - __env__ https://gitserver/git-pillar.git
20:02 PatrolDoom joined #salt
20:02 zackhsi joined #salt
20:03 coval3nce https://gist.github.com/dkiser/19a612f3e12d3d0e435bd3ba09694ba7
20:03 Inveracity joined #salt
20:03 gtmanfred that should work... if it doesn't please open an issue.
20:04 jgarr anyone ever seen the api showing this in the logs? My users in a group work just fine but individual users get this '[api_acl] Authentication not checked for user $user'
20:04 coval3nce According to that post above from the code, it won’t map an environmetn from the minion set as “base” back to a master branch unless i’m missing a code path.
20:04 gtmanfred coval3nce: if the code is wrong, that is ok, it should default to the master branch being base
20:05 coval3nce Gotcha, so maybe its a bug.
20:05 gtmanfred yeah, one second, lemme check
20:06 jgarr oh, it looks like that error is in the logs for successful users too. The master logs just shows 'Authentication failure of type "eauth" occurred.'
20:06 coval3nce If opts.get(‘environment’) and/or ‘pillarenv’ come back successful, just need a 2nd step to translate base—>master i’d think.
20:07 gtmanfred coval3nce: apparently there is a known issue with flapping and the master/base.
20:07 coval3nce oh nice…RTFM’ing github issues...
20:07 gtmanfred coval3nce: https://github.com/saltstack/salt/issues/39420
20:07 saltstackbot [#39420][OPEN] Inconsistent pillar data from git_pillar | Description of Issue/Question...
20:11 coval3nce @gtmanfred not sure this is exactly the same issue.
20:12 sh123124213 joined #salt
20:12 gtmanfred if you check his configs, they are the exact same, and sometimes they use master as base, and sometimes they do not
20:13 GMAzrael joined #salt
20:18 Sammichmaker joined #salt
20:22 ujjain joined #salt
20:22 ujjain joined #salt
20:22 coval3nce @gtmanfred yeah looking at salt/fileserver/gitfs.py, it has a whole PEER_REMOTE_OVERRIDES setup that i believe is doing the mapping from base—> master.  The salt/pillar/git_pillar.py code has a similar constructm but its missing “base” from the defaults.
20:22 coval3nce https://github.com/saltstack/salt/blob/d35c2f810cd35be980ae1703d022c1441b7581ea/salt/fileserver/gitfs.py#L51 vs https://github.com/saltstack/salt/blob/cfeda912f64a9deb841d39c11a1f9ae06498645f/salt/pillar/git_pillar.py#L492
20:23 saltsa te
20:23 coval3nce I’ll try monkey patching real quick, see if it changes this behavior i’m seeing
20:25 rschneberger joined #salt
20:28 cyborg-one joined #salt
20:30 brakkisath joined #salt
20:33 tyler joined #salt
20:35 smcquay joined #salt
20:35 ronnix joined #salt
20:39 fracklen joined #salt
20:52 Whissi joined #salt
20:55 jas02 joined #salt
21:01 pipps99 joined #salt
21:07 snarfy^ joined #salt
21:08 nikdatrix joined #salt
21:09 snarfy^ hey guys. I am a dingbat who has trouble understanding things like https://github.com/saltstack-formulas/template-formula/blob/master/template/map.jinja
21:09 snarfy^ can anyone point me in the direction of what I need to know? i am specifically confused by the data structures and how all the updating works and goes together
21:10 snarfy^ i dont even know what i dont know
21:10 hemebond snarfy^: https://docs.saltstack.com/en/latest/topics/development/conventions/formulas.html
21:10 jgarr gtmanfred: are there other modules needed for pam auth to work? I have two servers with identical config but I'm guessing one of them is missing packages because all I see is 'Authentication failure of type "eauth" occurred.' while the other shows LazyLoaded pam.auth with other output for pam_unix and pam_sss. Both have python-sss (same version) installed
21:10 jas02 joined #salt
21:11 snarfy^ jgarr, yeh its not really the 'formula' part that is troublesome to me, it's more the maps and defaults
21:12 snarfy^ like i get that it starts with defaults.yaml as a data structure, then adds in some other data, and init.sls 'imports map.jinja as defaults with context' or whatever
21:12 snarfy^ but I get really lost with all the data merging operations
21:12 snarfy^ I can't visualize what those data structures looks like in my head well enough to use them in the state
21:13 snarfy^ and wtf is 'lookup'
21:14 * snarfy^ sighs
21:14 pipps joined #salt
21:18 it_dude joined #salt
21:19 hemebond snarfy^: That page explains the lookup
21:19 hemebond And the map.jinja
21:19 hemebond map.jinja is a convention in formulas for "looking up" default settings based on, e.g., the operating system.
21:20 hemebond You'll usually see Debian and Redhat in there with different values.
21:20 hemebond This way you don't have, e.g., {% if grains['os'] == "Debian" %} throughout all your states.
21:20 snarfy^ again, iyeh i get filter_by
21:21 snarfy^ i'm having a hard time explaining what i dont get ...  :p
21:21 hemebond Have another go :-)
21:21 snarfy^ alright thanks for bearing with me.
21:22 snarfy^ I think it's really the translation between, say, how something looks in a yaml file, and what that would look like if I could see it before it gets applied to the state
21:22 snarfy^ like if i map.jinja loads defaults, the way defaults.yaml looks makes sense to me (sorta)
21:22 snarfy^ s/i/my/
21:23 snarfy^ but then it does {% do default_settings.template.update(os_family_map) %}
21:25 hemebond Okay so in https://github.com/saltstack-formulas/template-formula/blob/master/template/map.jinja
21:25 hemebond defaults.yaml is imported and becomes a regular Jinja dict.
21:25 hemebond Just like a Python dict.
21:25 hemebond In fact if you paste defaults.yaml into http://yaml-online-parser.appspot.com/
21:25 hemebond You will see the resulting structure.
21:26 snarfy^ oooh hot
21:26 hemebond Then we get an "os map" (as they've called it) which is just some defaults based on the OS.
21:26 hemebond Then, in Jinja, .update() is used to merge one dict onto another.
21:27 snarfy^ okay
21:28 hemebond (actually dict.update() is in regular Python)
21:28 hemebond So it's just the regular Python function.
21:28 hemebond So we've put the OS settings over the top of default_settings.
21:28 hemebond defaults_settings.template that is.
21:30 jauz joined #salt
21:30 hemebond Then we create a new variable, template, to hold what the user has put into their pillar data under "template"
21:30 hemebond But, we're merging here as well.
21:30 hemebond So default=default_settings.template
21:31 hemebond Means by default use what's in default_settings.template
21:31 hemebond And merge (=true) the pillar data over the top.
21:31 rpb joined #salt
21:31 hemebond And put it all into the `template` variable.
21:31 hemebond So I'm guessing in the states we'll see something like {% from "map.jinja" import template %}
21:32 hemebond Well, the comment in that map.jinja appears to be wrong.
21:32 hemebond It's _not_ getting values from template:lookup
21:32 hemebond It should, that's the convention (not sure how that convention came about or why).
21:32 snarfy^ sorry im here getting distracted
21:33 hemebond That's okay ☺
21:33 hemebond Oh wait, I missed a bit.
21:34 hemebond Okay, I messed up there.
21:34 hemebond The os_family_map pulls in the template:lookup pillar data, merging on top of the defaults they have there.
21:35 hemebond Then merges that on top of default_settings.template
21:35 hemebond Then merges pillar `template` on top of the defaults+os_family_map+template:lookup
21:35 hemebond That's a lot of merging.
21:36 scsinutz joined #salt
21:36 jas02 joined #salt
21:36 hemebond I'm guessing pillar->template is for configuring the app and pillar->template:lookup is used for configuring... the base install stuff?
21:36 hemebond Maybe that's the lookup convention.
21:38 pipps joined #salt
21:38 snarfy^ okay i got one a conversation about kubernetes.
21:38 snarfy^ im back
21:39 hemebond kubernetes? Has someone figured out what it's for? I'm still trying to figure that out.
21:39 ronnix joined #salt
21:40 snarfy^ i dont know. someone apparently wants to run like 800 containers on a schedule or something
21:42 whyzgeek joined #salt
21:44 jgarr did I hear someone say kubernetes? :)
21:44 snarfy^ k8s as the kids say
21:44 Mykha_ joined #salt
21:48 snarfy^ because i always pronounce 8 as ubernet
21:50 mavhq joined #salt
21:50 s_kunk joined #salt
21:52 pipps joined #salt
21:54 snarfy^ hemebond, so in that example, they are merging that 'os_family_map' (which they are also calling flavor_map in comments?) with a theoretical template:lookup dict? then merging the resulting os_family_map into default_settings.template and then setting all of that as 'template' which is fetched by init.sls (or rather by the included install.sls)
21:54 snarfy^ thanks for working through that with me. I think I get it a little better now
21:55 rawkode joined #salt
21:55 hemebond Yeap, I think you've got it.
21:55 rawkode Hey all :wave:
21:55 hemebond 👋
21:56 rawkode :o
21:56 rawkode Am I missing a magic unicode plugin for emoji?
21:56 hemebond Your font might not support that particular character.
21:56 jgarr snarfy^: https://medium.com/@rothgar/why-kubernetes-is-abbreviated-k8s-905289405a3c#.osvha3sry
21:56 hemebond It's just unicode.
21:56 rawkode I seen yours, just not sure how I type it :D
21:57 hemebond Ooh, I use text replacement plugin in Pidgin to do it.
21:57 snarfy^ jgarr, hrm by justin garrison huh :p
21:57 jgarr well of course. I wrote it because people were asking me in person
21:57 hemebond I type in exactly what you did ('wave' surrounded by colons) and Pidgin replaces it with the unicode character.
21:57 rawkode Does anyone here use SaltStack for their dotfiles?
21:58 snarfy^ notbad.jpg
22:00 rawkode OK, I have a weechat plugin for 👋  now :)
22:00 hemebond
22:00 ninjada joined #salt
22:01 rawkode So nobody using Salt for dotfiles then? Damn :sad:
22:01 jgarr rawkode: why not just git?
22:01 snarfy^ i have
22:01 rawkode Because Salt allows me to cater for Arch and Ubuntu
22:01 snarfy^ mostly just for the personal VPS tho
22:01 rawkode and I switch every month 😂
22:01 snarfy^ in case I need to reinstall the vps
22:02 hemebond rawkode: I think ttimo was doing that but he doesn't seem to be here today.
22:02 rawkode I've been doing it a while: https://gitlab.com/rawkode/saltstack-dotfiles
22:03 rawkode Problem is, I can't get gsettings to work under Salt
22:03 mikecmpbll joined #salt
22:03 rawkode because of some thing dbus stuff
22:03 rawkode It's annoying
22:03 rawkode Was hoping there was maybe another salt-dotfiles-gnome user about :D
22:10 ninjada joined #salt
22:15 jas02 joined #salt
22:15 The_Loeki joined #salt
22:21 nidr0x joined #salt
22:30 jgarr rawkode: I do a similar thing with ansible https://github.com/rothgar/ansible-workstation/blob/master/init.sh There's a gsettings module I use here https://github.com/rothgar/ansible-workstation/tree/master/roles/gnome
22:30 scsinutz joined #salt
22:40 NightMonkey joined #salt
22:41 nethershaw joined #salt
22:45 snc joined #salt
22:48 pipps joined #salt
22:49 shoemonkey joined #salt
22:50 pipps joined #salt
22:54 NightMonkey joined #salt
22:56 ahrs joined #salt
22:59 scsinutz joined #salt
23:01 ujjain joined #salt
23:01 ujjain joined #salt
23:08 nikdatrix joined #salt
23:16 jas02 joined #salt
23:29 dps joined #salt
23:31 swills_ joined #salt
23:34 scsinutz joined #salt
23:47 johnkeates joined #salt
23:48 censorshipwreck joined #salt
23:56 swills_ joined #salt
23:58 swa_work joined #salt

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary