Perl 6 - the future is here, just unevenly distributed

IRC log for #salt, 2017-03-31

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:01 alexlist joined #salt
00:03 XenophonF holy crap the orchestrate runner takes a pillarenv argument?
00:04 hemebond Apparently.
00:04 XenophonF that's awesome
00:05 XenophonF i've always wanted to use environments in pillar
00:05 * hemebond pats Salt Orchestrate on the back for a job well done
00:05 hemebond Pillars work pretty much the same as states. All my pillars are in different environments/scopes.
00:05 whytewolf i really don't use salt enviroments.
00:06 XenophonF oh wow state.apply takes a pillarenv argument, too
00:06 shoemonkey joined #salt
00:06 whytewolf never a hard enough seperation for me.
00:06 hemebond whytewolf: One master per datacentre?
00:06 whytewolf yeap
00:06 hemebond (or deployment or whatever it is that separates your minions)
00:06 hemebond Fair enough.
00:08 pipps joined #salt
00:08 whytewolf only one "datacenter" for me. in my bedroom
00:09 whytewolf :P
00:09 whytewolf but i do split dev,test,prod on it
00:09 hemebond Same environment?
00:09 hemebond Different masters?
00:10 whytewolf different masters for each. each handle different projects in openstack
00:10 hemebond Ah.
00:10 whytewolf then there is another master that builds openstack
00:10 hemebond Why did you go for separate masters instead of environments (I really want to use a different term, like scopes or something)
00:12 whytewolf because i want a hard seperation between them. I don't move an instance from one enviroment to another
00:12 onlyanegg joined #salt
00:12 whytewolf that and to themselves they are all just base
00:12 whytewolf all about that base base base
00:14 whytewolf that and after seeing all the problems everyone has with getting enviroments working i feel i dodged a bullet
00:15 hemebond Hmm. Most of the problems are because the name makes people think they work the same as, e.g., Puppet.
00:15 hemebond It is a bit of a misleading name.
00:16 whytewolf i have never used puppet. so meh
00:16 hemebond Basically a server belongs to an environment.
00:16 hemebond Depending on how you set it up.
00:17 hemebond Salt environments are more like scopes.
00:17 hemebond Or zones.
00:27 pipps joined #salt
00:27 renoirb joined #salt
00:35 bocaneri joined #salt
00:38 Tanta joined #salt
00:57 shoemonkey joined #salt
01:04 XenophonF scopes is a good description of an environment
01:11 renoirb_ joined #salt
01:30 renoirb joined #salt
01:31 renoirb joined #salt
01:41 renoirb_ joined #salt
01:47 ilbot3 joined #salt
01:47 Topic for #salt is now Welcome to #salt! <+> Latest Versions: 2016.3.6, 2016.11.3 <+> Support: https://www.saltstack.com/support/ <+> Logs: http://irclog.perlgeek.de/salt/ <+> Paste: https://gist.github.com/ (please don't multiline paste into channel) <+> See also: #salt-devel, #salt-offtopic <+> Ask with patience as we are volunteers and may not have immediate answers
01:49 stooj joined #salt
01:51 renoirb joined #salt
01:52 smcquay joined #salt
01:55 catpiggest joined #salt
02:11 edgr joined #salt
02:17 KyleG joined #salt
02:17 KyleG joined #salt
02:17 dxiri joined #salt
02:20 renoirb joined #salt
02:21 jas02 joined #salt
02:23 pipps joined #salt
02:25 N-Mi joined #salt
02:33 rem5 joined #salt
02:38 evle joined #salt
02:39 CmndrSp0ck joined #salt
02:43 shoemonkey joined #salt
02:46 leonkatz joined #salt
02:47 rem5_ joined #salt
03:00 strobelight joined #salt
03:00 Klaus_Dieter joined #salt
03:01 fooker_ joined #salt
03:06 Klaus_Dieter joined #salt
03:27 shoemonkey joined #salt
03:31 Pyro_ joined #salt
03:41 mpanetta joined #salt
03:47 Praematura joined #salt
04:01 raspado joined #salt
04:33 samodid joined #salt
04:35 dxiri joined #salt
04:49 inad922 joined #salt
04:56 cyborg-one joined #salt
05:05 jhauser joined #salt
05:17 preludedrew joined #salt
05:45 dendazen joined #salt
05:51 inad922 joined #salt
05:53 ninjada joined #salt
06:00 Ricardo1000 joined #salt
06:02 felskrone joined #salt
06:03 DarkKnightCZ joined #salt
06:06 golodhrim|work joined #salt
06:10 Ricardo1000 joined #salt
06:11 Ricardo1000 joined #salt
06:11 Ricardo1000 joined #salt
06:13 aldevar joined #salt
06:17 shoemonkey joined #salt
06:20 impi joined #salt
06:28 nafg_ joined #salt
06:29 nafg_ Hi, I want to set a machine's ssh port in salt
06:29 nafg_ I assume I would use file.line
06:29 nafg_ not sure how to use it though
06:30 candyman88 joined #salt
06:34 nafg_ anyone?
06:36 AndreasLutro I'd just file.managed the whole sshd config
06:36 AndreasLutro but if you don't want that, you can probably use file.replace
06:36 nafg_ AndreasLutro: i'd prefer not to
06:37 nafg_ AndreasLutro: curious, why .replace not .line?
06:37 nafg_ What I want to say is "if there is a line like Port \d+ or #Port \d+, then replace it, otherwise insert it at the top of the file"
06:38 AndreasLutro guess it doesn't matter, they're almost functionally equivalent
06:38 nafg_ ok I see replace has prepend_if_not_found
06:39 nafg_ AndreasLutro: is the pattern matched against the entire line or is it searched within it?
06:40 duncanmv joined #salt
06:40 nafg_ i.e. will pattern: Port work
06:40 nafg_ Is this right? "^(#\s*)?Port\s+.*$"
06:40 AndreasLutro the entire line I think. what you could do is that, yes
06:41 AndreasLutro but without the ^ $
06:41 afics joined #salt
06:43 Snow24 joined #salt
06:44 nafg_ Is the default to make a backup?
06:44 nafg_ it doesn't list a default value
06:45 nafg_ "Set to False to skip making a backup." implies default is to back up but where?
06:46 Trauma joined #salt
06:48 AndreasLutro probably the filename + .bak or something
06:53 bdrung_work joined #salt
06:53 sh123124213 joined #salt
07:00 colegatron joined #salt
07:00 colegatron left #salt
07:01 dyasny joined #salt
07:02 jas02 joined #salt
07:03 zulutango joined #salt
07:05 rem5 joined #salt
07:06 Inveracity joined #salt
07:07 jas02 joined #salt
07:08 samodid joined #salt
07:08 toanju joined #salt
07:11 rdas joined #salt
07:19 honestly gtmanfred: you around?
07:19 Praematura joined #salt
07:20 o1e9 joined #salt
07:29 JohnnyRun joined #salt
07:31 jas02 joined #salt
07:31 ronnix joined #salt
07:44 jas02 joined #salt
07:48 Rumbles joined #salt
07:57 it_dude joined #salt
08:03 raspado joined #salt
08:09 jas02 joined #salt
08:15 jas02 joined #salt
08:17 shoemonkey joined #salt
08:24 jas02 joined #salt
08:29 JohnnyRun joined #salt
08:29 jas02 joined #salt
08:32 s_kunk joined #salt
08:32 mikecmpbll joined #salt
08:34 Hydrosine joined #salt
08:34 N-Mi joined #salt
08:34 N-Mi joined #salt
08:34 Hydrosine joined #salt
08:45 candyman88 joined #salt
08:48 candyman89 joined #salt
09:02 aga_ joined #salt
09:09 ronnix joined #salt
09:10 inetpro joined #salt
09:10 yuhl______ joined #salt
09:13 mikecmpbll pah, salt returns True for service.enable when you try to enable a SysV style init script and the script doesn't have the correct executable permissions
09:13 mikecmpbll it runs /lib/systemd/systemd-sysv-install enable redis_6379 which returns: insserv: script redis_6379 is not an executable regular file, skipped!
09:14 mikecmpbll took me 3 hours to work out what's going on :p
09:17 inetpro joined #salt
09:21 do3meli joined #salt
09:23 do3meli joined #salt
09:32 inetpro joined #salt
09:35 rdas joined #salt
09:38 netcho joined #salt
09:43 onovy joined #salt
09:50 JohnnyRun joined #salt
10:08 nafg_ AndreasLutro: so yeah, it kind of messed up sshd_config :P
10:18 shoemonkey joined #salt
10:22 Electron^- joined #salt
10:31 Ricardo1000 Руддщ
10:31 Ricardo1000 Hello
10:33 Ricardo1000 I'm trying to group minions to the groups via nodegroup option on master, but get warnings [WARNING ] Key 'nodegroups' with value [{'some_group': ['minion1','minion2']}] has an invalid type of list, a dict is required for this value
10:34 Ricardo1000 What 's wrong
10:34 AndreasLutro looks like you set nodegroups to be a list in your master yaml config file
10:35 Inveracity a list is formed by having dashes infront of the names, remove the dashes and it should work
10:38 Praematura joined #salt
10:39 patrek joined #salt
10:41 Ricardo1000 Inveracity: Warning has disappeared, but group does not execute commands
10:42 Ricardo1000 example of list was taken from the docs
10:42 Ricardo1000 There using dashs
10:44 AndreasLutro definitely not: https://docs.saltstack.com/en/latest/topics/targeting/nodegroups.html
10:44 Ricardo1000 Yikes, -N option forgot :)
10:48 Ricardo1000 AndreasLutro: How you are grouping your minions ?
10:48 AndreasLutro I don't
10:56 Trauma joined #salt
11:15 Pyro_ joined #salt
11:22 lorengordon Does spm work on windows? i'm not seeing it in the install anywhere...
11:29 johnkeates joined #salt
11:31 dyasny joined #salt
11:43 cyborg-one joined #salt
11:47 inad922 joined #salt
12:00 netcho joined #salt
12:04 raspado joined #salt
12:07 shoemonkey joined #salt
12:10 fleaz1 joined #salt
12:12 numkem joined #salt
12:17 toanju joined #salt
12:20 Pyro__ joined #salt
12:25 nikdatrix joined #salt
12:34 abednarik joined #salt
12:40 ssplatt joined #salt
12:43 evle joined #salt
12:44 netcho joined #salt
12:51 megamaced Hi, which version of Saltstack introduced support for multiple gitfs file backends from the same repo using different tags/branch?
12:52 DarkKnightCZ joined #salt
12:55 ronnix joined #salt
13:12 DarkKnightCZ joined #salt
13:12 ssplatt if i salt-call grains.get ip4_interfaces and get a response of “eth0: - 192.168.2.2” then i should be able to grains.get ip4_interfaces[“eth0”][0] right?
13:14 ssplatt or in jinja grains[“ip4_interfaces”][“eth0”][0]
13:14 brousch__ joined #salt
13:15 edrocks joined #salt
13:21 ssplatt ok the jinja worked. i guess i had a typoe somewhere before
13:22 cmarzullo salt-call grains.get ipv4:0
13:23 cmarzullo ok that's not what you asked.
13:24 cmarzullo ok that's not what you asked. salt-call grains.get ip4_interfaces:bond0.2:0
13:24 nfahldieck joined #salt
13:24 nfahldieck hi everyone, is there a way in jinja of setting a default value, if a pillar key does not exist? :)
13:26 nfahldieck I'm using   {% for servername in salt['pillar'].keys('settings:openvpn:server') %}   to use my key as my servername. I want to set a default value for the case, said key is not existent.
13:34 q1x joined #salt
13:35 mariusv joined #salt
13:35 mariusv joined #salt
13:37 DammitJim joined #salt
13:38 mikecmpbll is there a reason why the service.running state tries to start before enabling? with SysV style init scripts and systemd, until they are enabled through update-rc they're not recognised as a service
13:39 mikecmpbll that seems to be the case for me anyway. running service.enable and then service.start makes it work.
13:44 AndreasLutro sounds like another systemd-sysv quirk
13:44 jas02 joined #salt
13:44 AndreasLutro I'd say the logic is you don't want to enable a service that can't start
13:45 Trauma joined #salt
13:49 whytewolf that is odd behavour. I start and stop services all the time on centos with systemd without having to enable them first
13:50 AndreasLutro does centos also have the weird systemd-sysv bridge?
13:50 AndreasLutro I wish debian could just enforce systemd unit files everywhere but alas
13:50 AndreasLutro I also think a lot of these quirks are fixed in later versions of systemd which haven't been brought to debian jessie
13:51 whytewolf it does have a weird bridge for init services, not sure if it is systemd-sysv
13:52 Tanta joined #salt
13:53 AndreasLutro it's so annoying we've actually considered replacing init scripts with our own systemd service unit files
13:53 cscf nfahldieck, {{ salt.pillar.get('common:user', "root") }}
13:57 nfahldieck cscf, that doesn't seem to work for salt['pillar'].keys() .. :(
13:58 cscf nfahldieck, I've never used keys(), sorry.  Are you sure that's what you want to use?
13:59 cscf nfahldieck, also, keys() returns a list, don't you want a single element? .keys('settings:openvpn:server')[0] ?
13:59 whytewolf cscf: he is in a for loop
13:59 nfahldieck cscf, i iterate over that list, that's why it is in a foor looüp
14:01 cscf right I forgot that.  But according to this http://www.tutorialspoint.com/python/dictionary_keys.htm  keys() doesn't take parameters
14:01 whytewolf it doens't
14:01 cscf Unless salt pillar overrides keys() as well
14:02 cscf So you'd want something more like: {{ salt.pillar.get('settings:openvpn:server').keys() }} ?
14:02 Pyro_ joined #salt
14:03 nfahldieck cscf, let me try this
14:04 JohnnyRun joined #salt
14:04 whytewolf have to also form the default in a way that .keys won't blow up
14:05 tapoxi joined #salt
14:05 racooper joined #salt
14:07 cscf {% for servername in salt.pillar.get('settings:openvpn:server', {'example.com': 'default' } ).keys() %} ?
14:07 whytewolf in thoery
14:07 cscf nfahldieck, ^
14:09 abednarik joined #salt
14:11 nfahldieck not quiet working yet
14:11 nfahldieck but it feels like the right way
14:13 kjb joined #salt
14:16 Pyro_ joined #salt
14:20 lorengordon nfahldieck: jinja also has a 'default' filter
14:21 lorengordon {{ salt.pillar.get('foo').keys() | default(['list','of','default','keys'], true) }}
14:21 whytewolf humm this did work for me nfahldieck {{salt.pillar.get('test',{'test':'go'}).keys()}} giving the same output with the test pillar as {{salt['pillar'].keys('test')}}
14:23 lorengordon {{ salt.pillar.get('foo', {}).keys() | default(['list','of','default','keys'], true) }}
14:26 whytewolf lorengordon: that second one is redundent. you have a default in pillar.get and a | default filter
14:26 nfahldieck all I'm getting with every approach is a "SaltRenderError: Jinja variable 'str object' has no attribute 'get'"
14:27 whytewolf nfahldieck: please show us what you have currently
14:27 nfahldieck {% for servername in salt['pillar'].get('settings:openvpn:server', {}).keys() | default(["foo"], true) %}
14:27 whytewolf that isn't right
14:27 lorengordon whytewolf: the second one ensures that you get a dictionary back, so ".keys()" doesn't throw key not found
14:27 sarcasticadmin joined #salt
14:28 amcorreia joined #salt
14:28 lorengordon nfahldieck: use either "salt['pillar.get']()" or "salt.pillar.get()"
14:29 PatrolDoom joined #salt
14:29 nfahldieck lorengordon: same error with that notation
14:29 whytewolf lorengordon: what i meant was because you have a default in pillar.get you will never trigger the | default
14:30 jas02 joined #salt
14:30 lorengordon whytewolf: it does trigger. that's what the second param to "|default" controls. if the input evaluates to false, apply the default
14:30 whytewolf but it won't be false
14:31 lorengordon {}.keys() evaluates to false
14:31 whytewolf does it?
14:31 PatrolDoom joined #salt
14:31 whytewolf I was wrong
14:31 lorengordon it's an empty list
14:32 whytewolf nfahldieck: {% for servername in salt.pillar.get('settings:openvpn:server', {}).keys() | default(["foo"], true) %}
14:33 whytewolf or {% for servername in salt.pillar.get('settings:openvpn:server', {'foo':'null'}).keys() %}
14:34 nfahldieck wont work ... i have a feeling that the problem lies somewhere else..
14:35 whytewolf nfahldieck: https://gist.github.com/whytewolf/259cd4b3406a8a6a65aa49c3b6b8debf
14:36 whytewolf I know it works, I JUST tried it
14:38 JohnnyRun joined #salt
14:38 hoonetorg hi
14:39 hoonetorg how would i do a reverse lookup of an ip 4 address in a pillar
14:39 whytewolf hummm actually. | default is not working
14:39 whytewolf {}.keys is returning []
14:39 Pyro_ joined #salt
14:39 whytewolf not false
14:39 cscf hoonetorg, you mean looking for a key that has a value of, ie, "192.168.1.1" ?
14:40 Pyro_ joined #salt
14:40 hoonetorg whytewolf  cscf i mean reverse dns lookup
14:41 whytewolf huh? I was working on another issue hoonetorg that wasn't for you
14:41 hoonetorg i could do a dnsutil.A for forward lookup
14:41 cscf hoonetorg, oh, so you get an ipv4 address from pillar, and you want to reverse dns it? k
14:41 hoonetorg or dig.A
14:41 hoonetorg but not reverse lookup like dig.PTR or so
14:41 hoonetorg is there a way to do it?
14:42 nfahldieck whytewolf: I use "servername" in a file.managed' default for a jinja template. I believe the error is originating from that jinja template. Your statement seems to work, but not in my context .. yet
14:43 whytewolf nfahldieck: okay
14:43 hoonetorg whytewolf: :) ok nvm
14:44 whytewolf lorengordon: trying a version of  {{ salt.pillar.get('foo', {}).keys() | default(['list','of','default','keys'], true) }} is returning [] not ['foo']
14:45 whytewolf or ['list','of','default','keys']
14:45 lorengordon is the 'foo' pillar an empty dict?
14:45 Drunken_Panda joined #salt
14:45 Flying_Panda joined #salt
14:45 whytewolf yes
14:45 lorengordon though, that should still eval to the default...hrm...
14:45 whytewolf no it is a missing dict it isn't there
14:45 Flying_Panda ot an example of runnering runner.salt.cmd in the reactor  and passing it a module such as git.cone
14:45 Flying_Panda ot an example of runnering runner.salt.cmd in the reactor  and passing it a module such as git.clone
14:46 whytewolf it seems {}.keys() returns []
14:46 Flying_Panda hey guys  anyone  example of runnering runner.salt.cmd in the reactor  and passing it a module such as git.clone
14:46 lorengordon well it's supposed to
14:46 whytewolf [] isn't false
14:46 whytewolf it is a valid blank list
14:46 lorengordon it _evaluates_ to false
14:47 whytewolf not enough to trigger a filter
14:47 lorengordon if []
14:47 lorengordon i'll test some, i was just playing with this yesterday
14:48 lorengordon it worked if the key was absent, defined as a dict with no value, or the value was ''
14:48 lorengordon lemme check []...
14:49 whytewolf it is like the difference between == and is
14:50 lorengordon the docs explicitly say "evaluate to false", so, it is surprising to me that it wouldn't work as an if
14:50 whytewolf 'if []' is not the same thing as 'if []  is false'
14:51 lorengordon of course not, but then "if '' is false" wouldn't work either and it definitely did
14:51 lorengordon neither would, "if None is false"
14:51 lorengordon but they do
14:53 whytewolf okay, here is what i am reading [] != False but bool([]) == False
14:54 whytewolf it can evaluate to false
14:55 whytewolf i think the issue is [] == False is false
14:55 whytewolf but if [] is also false
14:56 whytewolf so if the check for filter is using if {output} == False
14:57 whytewolf '' and None both do == False
14:59 gableroux joined #salt
14:59 lorengordon my test just worked
14:59 lorengordon {%- set baz = salt.pillar.get('baz', {}).keys() | default(['default'], true) %}
15:00 whytewolf humm it doesn't work for me.
15:00 lorengordon baz gets set to ['default']
15:00 whytewolf what versions are you using
15:00 lorengordon 2016.11.2
15:00 whytewolf not just salt
15:00 lorengordon centos6
15:00 whytewolf humm I'm on centos7
15:00 whytewolf with 2016.11.3
15:00 lorengordon if this doesn't work the same on centos7 i am going to throw a damn fit
15:02 whytewolf i got [] as the output which was not anything i should have gotten
15:03 lorengordon what jinja version do you have? mine is 2.8.1
15:03 whytewolf never mind.
15:03 whytewolf ugh. it must be morning
15:03 lorengordon somewhere it is for sure, lol
15:04 whytewolf i typoed pretty baddly and didn't catch it several times i looked
15:04 mikecmpbll i'm getting "Source file 'salt://certs/foo.pem' not found" when trying to do `salt '*' file.manage_file /home/deploy/foo.pem '' '' 'salt://certs/foo.pem' ...`
15:04 mikecmpbll the file is definitely there under /srv/salt/certs/foo.pem
15:05 lorengordon i hate when i'm troubleshooting something for a while just to find a typo that my eyes must have passed over somehow dozens of times
15:05 PatrolDoom lorengordon: been there :\
15:05 PatrolDoom atm i'm debugging why a state stopped working and i have no clue at this point :|
15:05 lorengordon fun times
15:05 PatrolDoom the actual pkg added a debian dialog thingy but idk why that would suddenly cause the state to break
15:06 whytewolf mikecmpbll: check cp.list_master
15:06 whytewolf mikecmpbll: also you might need to clear cache
15:06 whytewolf in the mean time i am going for coffee
15:07 abednarik joined #salt
15:07 mikecmpbll whytewolf : cp.list_master shows the file
15:07 mikecmpbll how do i clear cache? :D
15:08 lorengordon cp.clear_cache
15:09 mikecmpbll tbh i'd like to use cp.get_file instead of file.manage_file but i don't know how to set user and group with cp.get_file
15:09 mikecmpbll 'cp.clear_cache' is not available
15:10 mikecmpbll /shrugs. i give up
15:19 DammitJim joined #salt
15:20 mpanetta joined #salt
15:23 sjorge joined #salt
15:23 sjorge joined #salt
15:26 Rumbles joined #salt
15:26 Rumbles joined #salt
15:27 Rumbles joined #salt
15:28 Rumbles joined #salt
15:29 Rumbles joined #salt
15:30 Flying_Panda whenever I try and use the salt runner in the reator I get cmd takes at least 1 argument I thought this pwas passed with fun: ?
15:30 Rumbles joined #salt
15:31 Praematura joined #salt
15:34 whytewolf mikecmpbll: sorry was getting coffee. it is saltutil.clear_cache however there is also instructions on the function about it being safer to stopping the minion and wiping the cache directory then starting the minion again
15:34 mikecmpbll whytewolf : okay, thx :)
15:35 whytewolf mikecmpbll: also cp.get_file doesn't set permissions only transfers files. file.manage_file uses file.* functions after the transfer to change persmissions if they are different then root
15:35 samodid joined #salt
15:35 mikecmpbll whytewolf : yeah, that's why i was trying to use file.manage_file, but couldn't.
15:37 dxiri joined #salt
15:43 sjorge joined #salt
15:43 sjorge joined #salt
15:44 renoirb joined #salt
15:45 ronnix joined #salt
15:46 whytewolf Flying_Panda: are you using salt.cmd in a salt runner in a reactor?
15:46 aldevar left #salt
15:48 Flying_Panda yes
15:49 whytewolf https://github.com/saltstack/salt/issues/38977
15:49 saltstackbot [#38977][OPEN] saltutil.runner cannot pass required non-kwargs | Description of Issue/Question...
15:49 whytewolf [same thing with reactors]
15:50 hoonetorg regarding dns lookup from ^^^ i ended up with {% set interface_fqdn =  salt['cmd.run']('echo -e "import socket\ndef mylookup(addr):\n  try:\n    return socket.gethostbyaddr(addr)[0]\n  except socket.herror:\n    return None\nprint (mylookup(\'' ~ interface_ip[0] ~ '\'))"|python') %}
15:51 hoonetorg any better ideas ^^^???
15:51 Flying_Panda so thats why it dont like git.clone because you dont pass actual arguments
15:53 leonkatz joined #salt
15:53 Flying_Panda but could I not mass them like arg url kward: value ?
15:53 whytewolf Flying_Panda: yeap
15:53 Flying_Panda *pass
15:53 whytewolf didn't work when we tried tied it. kwarg isn't something that is accepted.
15:54 pipps joined #salt
15:54 whytewolf hoonetorg: unforchantly i know of no PTR method currently in place. would love a patch to both dnsutil and dig that added PTR
15:54 Flying_Panda what does it work for any examples :P
15:55 jimklo joined #salt
15:55 Flying_Panda cmd.run?
15:55 Flying_Panda as I can run salt-run salt.cmd cmd.run
15:55 Flying_Panda so sureley I can bung that in as a workaround for now ??
15:55 whytewolf Flying_Panda: couldn't get anything we tried working. i couldn't even get test.ping to work.
15:56 Flying_Panda yea was just trying that myself :p
15:56 Flying_Panda funny as it works on the cli :P
15:56 Flying_Panda for me just not in the reactor
15:56 whytewolf yeah, the cli you are not passing it through three different functions
15:57 Rumbles joined #salt
15:58 Rumbles joined #salt
15:58 Flying_Panda ahh anyother way of running commands locally on a master in the reactor without minion installed ?
15:59 whytewolf nope
15:59 Flying_Panda horay :D
16:00 whytewolf that was the whole purpase of the function. i guess wait till that bug is fixed.
16:00 Flying_Panda cant imagine it will take to long :D
16:01 whytewolf there is already a PR to it that needs testing so shouldn't be that long
16:01 hoonetorg whytewolf: maybe i'll find time soon for dnsutil.PTR
16:02 Flying_Panda the fix you have wyte is it a fix to the runner itself or some backend salt stuff ?
16:02 whytewolf Flying_Panda: I didn't write the fix :P
16:03 * whytewolf has no idea what it entails
16:03 Flying_Panda Heres hoping its module only as Ive pulled in the module as a custom module to bypass SUSE
16:03 whytewolf hoonetorg: I know not what this time thing is. I heard tails of people having it.
16:03 DammitJim joined #salt
16:06 _JZ_ joined #salt
16:06 raspado joined #salt
16:09 armyriad joined #salt
16:14 PatrolDoom weird, now i have to use debconf.set. ok yay changes.
16:14 Flying_Panda ahh wjyte looks like a fix to the salt_util.py :(
16:18 ponyofdeath hi, I started getting this error recently and am unsure how i can get more logging to debug. running salt-call state.apply -l debug failing with this Passed invalid arguments: 'NoneType' object is not iterable.
16:18 ponyofdeath https://bpaste.net/show/b5c052b13f09
16:19 ponyofdeath is right before that error
16:20 debian112 joined #salt
16:30 SaucyElf joined #salt
16:44 KyleG joined #salt
16:44 KyleG joined #salt
16:45 bionh joined #salt
16:45 swills joined #salt
16:46 raspado joined #salt
16:48 s_kunk joined #salt
16:49 Praematura joined #salt
16:52 gableroux joined #salt
16:53 eightyeight joined #salt
16:56 SaucyElf joined #salt
16:57 inad922 joined #salt
16:58 eightyeight joined #salt
16:59 gableroux joined #salt
17:06 Heartsbane joined #salt
17:06 edrocks joined #salt
17:18 renoirb_ joined #salt
17:21 gableroux joined #salt
17:21 abednarik joined #salt
17:27 gableroux joined #salt
17:30 mary33 joined #salt
17:30 nixjdm joined #salt
17:32 austin_ joined #salt
17:33 austin_ i need to handle multiple backends and multiple top files all for base dir. is this possible ?
17:33 austin_ the top files merging is fine by me
17:35 ChubYann joined #salt
17:37 mary33 left #salt
17:38 scoates joined #salt
17:43 s_kunk joined #salt
17:45 misconfig joined #salt
17:46 SaucyElf joined #salt
17:46 misconfig Does anyone have any experience with 'minion-specific pillar data'? I need to create data for some minions, but I also need to ensure this pillar data is loaded only on the minions that need the data. Would I create pillar files that match the id of the minion?
17:47 cyborg-one joined #salt
17:47 whytewolf misconfig: basicly pillar has a top file. you target which pillar file goes to which minion in their
17:48 misconfig Do you think a good strategy in the top file would have some logic to match the minion id to a sls file named the same as the minion?
17:49 misconfig Minion1 has an sls file named Minion1 that contains its personal pillar data
17:49 whytewolf thats up to you. just remeber if you use fqdn as minion id. dots don't translate well to sls files
17:50 misconfig thanks for the heads up -  no fqdn minion ids here.
17:50 misconfig Ansible has a concept called 'host_vars' and that's what I'm looking for
17:52 whytewolf i mean you can do something like base: '*': - {{grains['id']}}
17:52 whytewolf but you don't need to.
17:53 whytewolf and that would fail for any minion that you don't have a file for
17:53 whytewolf [like fail hard enough other pillars would fail]
17:54 Inveracity joined #salt
17:54 misconfig yeah that's what I was thinking. I'd have to ensure the file exists
17:55 misconfig because only a few machines will have these vars - they're literally specific to the minion.
17:55 whytewolf since pillars are rendered and built on the master only pillars targetted for the minion get sent to that minion.
17:55 whytewolf I typically just target on minion id
17:57 whytewolf such as 'base': 'salt01.wolfcloud.bad4.us': - salt-master - ntp-servers - test # i typically do testing with my salt master so almost always have a test pillar there
17:58 PatrolDoom joined #salt
18:01 misconfig Going to try something like this:
18:01 misconfig {% if salt['file.directory_exists'] ('minion_vars/{{ id }}') %}
18:01 misconfig - minion_vars.{{ id }}
18:01 misconfig {% endif %}
18:01 whytewolf that seems overly complicated
18:02 whytewolf but it is your setup.
18:02 misconfig I surely don't want to overcomplicate things
18:05 whytewolf well overly complicated is needed if you are not sure of a name for an instance
18:10 whytewolf honestly however you feel most comfortable works. me i don't get that complicated. i also don't call any of my pillars by a minionid. i go purly by functionality. and i target compleatly by minion id. pillars can be as limited or as wide as you want to target.
18:13 jrgochan left #salt
18:13 tapoxi joined #salt
18:17 it_dude joined #salt
18:20 Edgan joined #salt
18:20 pipps joined #salt
18:21 pipps joined #salt
18:21 bionh {% for server, hostinfo in salt.mine.get ('host', 'grains.items', expr_form='grain').items() %}  Is there something I am missing with the 'host'  part? 'osfinger:Ubuntu-16.04' works but I want it to give me a list of all hosts instead
18:23 whytewolf bionh: does salt -G 'host' test.ping return what you expect?
18:24 hoonetorg omg what file is edited for state network.system on debian system
18:24 hoonetorg on rhel it is /etc/sysconfig/network
18:24 Tanta joined #salt
18:24 hoonetorg it is not /etc/default/networking
18:25 hoonetorg on debian
18:25 bionh it's /etc/networking/interfaces maybe?
18:26 bionh @whytewolf don't have a minion called host. I was trying to get a list of all the minions using the grains.items host. Not sure how do it.
18:27 whytewolf bionh: that isn't the command i gave. -G 'host' = grains matching on host
18:28 edrocks joined #salt
18:28 whytewolf if you want all minions then salt.mine.get('*',grains.items)
18:28 whytewolf err 'grains.items'
18:29 hoonetorg bionh: no it's not ;)
18:30 hoonetorg reading source currently
18:30 bionh salt -G 'host' test.ping gives  no minions matched the target
18:31 whytewolf bionh: which is why it doesn't work as a target.
18:31 whytewolf use '*' if you want all minions [and remove the expr_form='grain']
18:32 whytewolf mine.get('target','mine_function to get from targetted minions','how to target')
18:32 woodtablet joined #salt
18:32 woodtablet left #salt
18:34 whytewolf if you need grains.items to return only host info then you need to change your mine_function to only return host
18:35 bionh okay thanks @whytewolf
18:36 bionh @hoonetorg In my salt environment we use network.managed and it's all debian machines
18:36 whytewolf hoonetorg: _DEB_HOSTNAME_FILE = '/etc/hostname'
18:36 whytewolf https://github.com/saltstack/salt/blob/develop/salt/modules/debian_ip.py#L140
18:37 edrocks joined #salt
18:40 promorphus joined #salt
18:41 ProT-0-TypE joined #salt
18:44 jas02 joined #salt
18:45 ronnix joined #salt
18:45 mikecmpbll joined #salt
18:50 jeffspeff joined #salt
18:51 jeffspeff what is the best way to push out something like a local password to all minions? this is in a windows environment. i found the module to perform the action but i'm concerned about the password being stored in plain text in the minions log file.
18:51 Shirkdog joined #salt
18:51 Shirkdog joined #salt
18:52 whytewolf don't have the minion in debug mode and use pillars.
18:53 mpanetta joined #salt
18:55 jeffspeff whytewolf, from what i was reading on the pillars page "Information transferred via pillar is guaranteed to only be presented to the minions that are targeted". is that the main advantage of using a pillar? if so, then is it really an advantage if you're targeting all minions?
18:56 cmarzullo yes. cause the secret won't be on the minion.
18:57 whytewolf jeffspeff: pillar also is one of the more secure items in salt. which i believe is your goal.
18:57 jeffspeff oh, so pillar configs aren't cached on the minions?
18:57 whytewolf they are. but only the admin user should have access to how they are cached
18:58 whytewolf everything in salt is cached in someway
18:58 jas02 joined #salt
19:00 Trauma joined #salt
19:03 whytewolf lunch!
19:04 desku joined #salt
19:06 Trauma joined #salt
19:07 wendall911 joined #salt
19:12 aldevar joined #salt
19:19 pipps joined #salt
19:19 DammitJim is it normal that I can't run highstate on more than 5 minions at a time?
19:19 DammitJim or so it seems
19:20 DammitJim I get a timeout error
19:20 DammitJim now, if I batch it, it's fine
19:21 jeffspeff DammitJim, from my experience, that issue is due to load on the master.
19:21 DammitJim jeffspeff, will more RAM or CPU help?
19:21 DammitJim what helps in that case?
19:22 jeffspeff run top and 'free -m' while pushing a highstate to more than 5 minions to confirm. might also want to run iftop to see if maybe the master has a network bottle neck.
19:22 DammitJim I have at least 146
19:22 jeffspeff 146 what?
19:23 jeffspeff in my case, my master is a virtual machine, so i just shut it down and ramped up the CPU and RAM and the problem went away.
19:25 jeffspeff my master has 2 sockets (4 cores each) and 16GB of RAM. it serves about 300 minions scattered across the US. only 4 of the minions are on the master's LAN, the rest are remote over the internet.
19:25 bionh {% set dnsip = salt['dnsutil.A'](grains['host'] + ".test.org")[0] %} Is there a cleaner way of using grain['host']? salt.dnsutil.A (grains.host +
19:29 jas02 joined #salt
19:39 DarkKnightCZ joined #salt
19:40 DammitJim minions
19:41 DammitJim thanks jeffspeff
19:41 sh123124213 joined #salt
19:41 DammitJim this monster is using right now (unless there is some kind of memory leak) 12G out of the 12G
19:42 DammitJim it's used 711KB of swap
19:42 DammitJim I'm going to restart the sucker
19:47 whytewolf that seems like you have some overly complicated setup. I know my own setup was able to push to a lot more then 5 machines when i was deploying off a old dual core 2gb box i had laying around before i upgraded. was the whole reason i started using salt to push my openstack because the mirantis fuel server refused to install on the system i was using for deploy
19:48 DammitJim yeah, i'm kinda surprised... the minions return time (in the summary) is a couple of miliseconds but it takes forever to return
19:50 SaucyElf joined #salt
19:52 IdoKaplan joined #salt
19:53 DammitJim so, this is interesting... why is it that when I run highstate, the master makes all these connections to a bunch of minions even though I'm only targeting one by name?
19:53 whytewolf master doens't make connections. minions do to the master
19:53 DammitJim oh
19:53 IdoKaplan Hi, I'm trying to install exe flie and it failed. retcode 1155. https://pastebin.com/t4Qrcvpk . I'm not sure how to debug. Can someone please help?
19:54 DammitJim hhmmmm....
19:54 whytewolf IdoKaplan: try your salt command on the minion with salt-call -l debug
19:55 IdoKaplan whytewolf: Already did,  Failed to install WinCollect retcode 1155
19:55 DammitJim when one gets the Minion did not return. [No response]
19:55 whytewolf oh, windows installer returned 1155...
19:55 DammitJim is one dead?
19:55 DammitJim lol
19:56 DarkKnightCZ joined #salt
19:57 whytewolf IdoKaplan: if windows it's self is returning that 1155 not a lot of help can be found in salt land.
19:58 whytewolf https://community.flexerasoftware.com/showthread.php?182679-Error-1155-Cannot-find-PRODUCT-NAME-msi i did find this though.
19:59 whytewolf DammitJim: that error could mean the minion timed out before it returned. is set to not return to the master [has a returner setup differently] or didn't think that the master meant it so didn't do anything
19:59 pipps joined #salt
19:59 whytewolf could also be network issues
20:00 brakkisath joined #salt
20:02 IdoKaplan whytewolf: If i'm installing (slient) the exe from cmd it's working, but via Salt it's not working.
20:03 whytewolf IdoKaplan: from the description of the error it sounds like it can't be found ...
20:04 IdoKaplan whytewolf: IS it possible to see what is the command that salt is running?
20:04 whytewolf yes, with -l trace
20:04 renoirb joined #salt
20:04 XenophonF i'm running into kind of a strange error
20:05 XenophonF on windows if i run pkg.install blah test=True, it correctly says that it will install blah
20:05 XenophonF but if i run state.single pkg.installed name=blah, i get an error about the package not being found in the repository
20:05 XenophonF both the minion and the master are running salt 2016.11.3
20:06 XenophonF oh wait
20:06 XenophonF environments
20:06 keldwud joined #salt
20:06 XenophonF huh that's weird
20:06 DammitJim actually, I just got this: SaltReqTimeoutError, retrying. (1/3)
20:07 keldwud joined #salt
20:07 DammitJim I neabled debug on one minion
20:07 XenophonF oh that's really weird
20:07 XenophonF ok so state.single pkg.installed name=blah saltenv=development throws the "package not found" error
20:07 XenophonF but state.single pkg.installed name=blah works
20:08 XenophonF presumably b/c /srv/salt/win/repo* live in the base environment
20:08 XenophonF but not in my other environments
20:08 XenophonF hmm...
20:08 XenophonF isn't stuff in the base environment supposed to be available in other environments?
20:10 XenophonF do i have to explicitly set env_order in the master configuration?
20:10 whytewolf XenophonF: only when targetting a base enviroment.. if you hard lock a minion to an enviroment then no
20:10 XenophonF or is that just for top-file merging?
20:11 XenophonF hm
20:12 whytewolf if you have a state called tuckish. everything that turkish calls needs to be in the same enviroment. because the minion will only look in that enviroment for things it calls.
20:12 XenophonF right that makes sense
20:12 XenophonF i hadn't expected that to apply to the winrepo_source_dir
20:13 whytewolf to quote guy oldmen "EVERYYYYTHIIINNGGGGG"
20:13 whytewolf gery oldman even
20:13 XenophonF can i set winrepo_source_dir to something like salt://win/repo?env=base ?
20:13 * whytewolf shrugs
20:14 whytewolf I don't do windows :P
20:14 XenophonF LOL
20:14 XenophonF this is one of the few times I _don't_ want to use environments
20:15 DarkKnightCZ joined #salt
20:15 jeffspeff ok, trying to learn pillars... i have /srv/salt/pillar which contains top.sls and a directory called 'pass'. /srv/salt/pillar/pass contains init.sls which has 1 line "admin_pass: '1234'". in /srv/salt/pillar/top.sls i have https://gist.github.com/jeffclay/71eafa236d431532644a4613da647203  when I run pillar.items it doesn't list the key 'admin_pass'. suggestions?
20:16 XenophonF i think that i might add /srv/salt to both the development and production environments in file_roots
20:16 XenophonF which is a super ugly hack but oh well
20:16 pipps joined #salt
20:16 whytewolf XenophonF: read the next to last comment here https://github.com/saltstack/salt/issues/24134
20:16 saltstackbot [#24134][MERGED] Issue with winrepo when custom file_roots is used | The issue I have here is that when I am using custom file_repos locations winrepo does not get searched. winrepo is only searched if my state file is in base....
20:16 XenophonF yeah
20:17 XenophonF ok i am going to hack up file_roots and hope it ends up Doing The Right Thing
20:17 XenophonF just a sec
20:18 Inveracity jeffspeff, have you set your pillar_roots to be /srv/salt/pillar yourself? the default pillar path is /srv/pillar
20:18 whytewolf jeffspeff: first/ /srv/salt is the state base directory. you do not want your pillars there. as that will mean anyone who can run salt can get your pillar tree. the default path for pillars is /srv/pillar
20:18 * XenophonF crosses his figners
20:19 * whytewolf crosses his toes
20:20 toastedpenguin for pillar files, is it possible to config the top.sls so pillar data is only presented to a minion when 2 conditions are met, e.g. name & kernel: ?
20:20 XenophonF toastedpenguin: yes
20:20 XenophonF use a compound match
20:20 whytewolf toastedpenguin: match: compound
20:20 XenophonF hang on i might have an example somewhere
20:21 StolenToast does anyone know why these file.symlink states seem to take a long time?  Even if the links are already there
20:21 XenophonF toastedpenguin: this is for the salt states top.sls, but targeting in pillar works pretty much the same way
20:21 XenophonF toastedpenguin: https://github.com/irtnog/salt-states/blob/master/top.sls#L354
20:22 onlyanegg joined #salt
20:22 DammitJim what is the right way of running sysctl -p in a state?
20:22 DammitJim cmd.run ?
20:22 jeffspeff whytewolf, thanks, moving the dir now
20:22 toastedpenguin ok, thanks for the link! I am finding that as I expand our use of pillar simple matches are allowing data to be available to minions I dont accessing the data
20:22 whytewolf StolenToast: I would say check salt-call -l trace and see what is happening
20:23 StolenToast ok
20:24 XenophonF ok so adding /srv/salt to my other environments in file_roots seems to have fixed this issue with win_pkg
20:24 XenophonF so yay
20:24 XenophonF thanks whytewolf
20:24 XenophonF now if i can just get the package to install correctly ;)
20:25 onlyanegg Are job returns from jobs initiated by salt-call published on any of the Unix domain sockets?
20:26 whytewolf DammitJim: for -p yeah, there really isn't a "load only this file" in the sysctl modules.
20:26 RabidCicada joined #salt
20:26 whytewolf onlyanegg: i don't think so but you could writer a returner that does [as that is a returner function]
20:26 DammitJim thanks whytewolf
20:26 StolenToast whytewolf: can you make any sense of this? https://pastebin.com/zFDDLRFf
20:26 DammitJim so, how do I run that cmd.run after I change a file?
20:27 whytewolf DammitJim: a second state that uses an onchanges?
20:28 DammitJim oh ok, onchanges. I don't know why I kept thinking require
20:28 DammitJim my logic is messed up
20:28 whytewolf StolenToast: looks like it is trying to check the group permissions using 2 different methods
20:28 onlyanegg thx, whytewolf
20:28 utFoill joined #salt
20:29 StolenToast I'm wondering if this being an nfs mount causes that lookup to take a long time
20:29 whytewolf it might. NFS can be annoying slow for permissions checks
20:29 whytewolf esp. if NIS is kind of there but not really
20:29 utFoill is it possible to use salt-cloud without installing minion (ie deploy a vm for use with salt-ssh)?
20:29 StolenToast I should see if it's not some other issue on the fileserver though
20:29 pipps joined #salt
20:31 whytewolf utFoill: you could write a "bootstrap" script that just returns true
20:31 whytewolf instead of actually installs anything
20:31 whytewolf utFoill: https://docs.saltstack.com/en/latest/topics/cloud/deploy.html
20:32 * whytewolf sits down
20:33 utFoill ah cool thanks
20:33 whytewolf it is difficult helping here while in a meeting :P
20:33 DammitJim https://pastebin.com/P9BUCZ6x
20:33 utFoill presumably then run a post install script to execute salt-ssh
20:33 DammitJim does this look right?
20:33 whytewolf DammitJim: - file: /etc/sysctl.conf
20:34 DammitJim oh, duh!
20:34 whytewolf utFoill: yeap
20:34 DammitJim I just saw I had done this in the past LOL
20:34 DammitJim thanks
20:35 pipps joined #salt
20:36 Shirkdog joined #salt
20:37 heyimawesome joined #salt
20:43 prg3 joined #salt
20:46 leonkatz joined #salt
20:53 sp0097 joined #salt
21:00 leonkatz joined #salt
21:04 leonkatz joined #salt
21:12 jeffspeff I have a state file local_passwds.sls https://gist.github.com/jeffclay/b0c85bc8aca3013924d52951b8637e17   i get the error "Rendering SLS 'prod:all.local_passwds' failed: Jinja variable 'salt.utils.context.NamespacedDictWrapper object' has no attribute 'pass'"
21:13 jeffspeff my pillar is built as /srv/pillar/pass/init.sls and has 1 line "admin_pass: '1234'"
21:14 jeffspeff running pillar.items shows admin_pass and its value.
21:14 hemebond jeffspeff: The directory name does not become an actual pillar.
21:14 whytewolf pillar['admin_pass']
21:14 whytewolf don't need the pass
21:14 jeffspeff ah, thanks
21:17 leonkatz joined #salt
21:18 seanz joined #salt
21:18 seanz left #salt
21:27 nikdatrix joined #salt
21:28 renoirb joined #salt
21:35 XenophonF toastedpenguin: here are some different top.sls match examples - https://github.com/irtnog/salt-pillar-example/blob/master/top.sls
21:36 jas02 joined #salt
21:47 jas02 joined #salt
21:47 prg3 joined #salt
21:51 leonkatz joined #salt
21:55 PatrolDoom joined #salt
22:06 edrocks joined #salt
22:24 Tanta joined #salt
22:27 mikecmpbll joined #salt
22:50 dendazen joined #salt
22:51 PatrolDoom joined #salt
23:01 zulutango joined #salt
23:02 tercenya joined #salt
23:16 Trauma joined #salt
23:19 yidhra joined #salt
23:21 teratoma joined #salt
23:23 pipps joined #salt
23:28 nikdatrix joined #salt
23:31 DEger joined #salt
23:45 prg3 joined #salt
23:46 leonkatz anyone know why grains['id'] is one value when i run salt-run
23:46 leonkatz but something else when I run salt-call
23:46 hemebond salt-run is run on the master
23:47 leonkatz but i'm running both commands on the master
23:47 hemebond Don't try to use grains in runners.
23:47 hemebond I mean it's run in the context of the master
23:47 hemebond Not run by a minion.
23:48 hemebond So there aren't really any grains.
23:48 whytewolf grains in the master context uses the grains in the grain cache
23:49 whytewolf it trys mapping to the minion it thinks you are talking about
23:49 leonkatz thank you i think I get it
23:49 leonkatz i was running a state as a runner instead of a state

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary