Perl 6 - the future is here, just unevenly distributed

IRC log for #salt, 2017-04-06

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:01 woodtablet yep, its not reading the render: 2017-04-06 00:00:47,438 [salt.loaded.int.pillar.stack][DEBUG   ][9579] YAML: basedir=/srv/stack, path=/srv/stack/minions/minion2.yml
00:01 alexlist joined #salt
00:02 woodtablet while the working pillar says this
00:03 woodtablet dont want to spam, but in effect, render using yaml, then it reads gpg keys, and uses the gpg render
00:04 XenophonF right
00:05 woodtablet the levels of pain of trying to setup one machine on salt for the first time lol
00:05 XenophonF :)
00:05 XenophonF i didn't try using gpg until recently, and i started using salt back in 2014
00:06 woodtablet thank you for your help
00:06 XenophonF there's a bunch of europeans on early in the morning
00:06 woodtablet ya, i might ask them for alternate plan, perhaps a quick question
00:06 XenophonF you might want to ask then, like around 8:00-04
00:06 woodtablet how do you make pillars for a specific host ?
00:06 XenophonF a guy named babilen helped me a lot
00:07 XenophonF but there's a whole bunch of helpful people on that are way more clueful than me
00:07 XenophonF :-D
00:07 woodtablet i have tried host_files and stacks, both have limitations
00:07 XenophonF that it isn't trying to run the gpg renderer is weird
00:08 XenophonF oh wait
00:08 XenophonF wait
00:08 XenophonF stop
00:08 woodtablet go on
00:08 woodtablet lol
00:08 woodtablet i am about to head out to pick up the kids from day care, but do tell
00:09 XenophonF the non-functional file is minion1.yml
00:09 woodtablet ya
00:09 XenophonF the functional one is cert.sls
00:09 woodtablet ya
00:09 XenophonF yml/yaml files don't get run through a renderer
00:09 XenophonF the shebang is ignored
00:09 XenophonF rename it to .sls
00:09 woodtablet ohhh
00:09 XenophonF i bet it will work
00:09 woodtablet wow
00:09 woodtablet ok
00:09 woodtablet i didnt think of that
00:09 bmurphy96 joined #salt
00:10 XenophonF i have to get my son to bed myself! (am on the east coast)
00:10 woodtablet no luck
00:10 XenophonF rename it to .sls and assign it via top.sls like the cert.sls file probably is
00:10 XenophonF i'll bet it works
00:11 woodtablet i put it in the stack.cfg like this : minions/{{ minion_id }}.sls
00:11 woodtablet and renamed it
00:11 woodtablet it still not rendering right
00:11 XenophonF unfortunately i don't know how pillarstack works
00:12 woodtablet i will return to tomorrow, thanks again XenophonF
00:12 woodtablet night
00:13 woodtablet left #salt
00:13 XenophonF according to https://github.com/bbinet/pillarstack/blob/master/README.rst, all files in pillarstack get rendered using jinja and then parsed as yaml
00:14 XenophonF i bet pillarstack doesn't support gpg, or requires you to enable it a different way
00:14 XenophonF good night!
00:16 XenophonF woodtablet: in case you search the logs, here's a closed issue on the pillarstack repo referencing gpg - https://github.com/bbinet/pillarstack/pull/21
00:16 saltstackbot [#21][MERGED] decrypt gpg encrypted values |
00:27 onlyaneg1 joined #salt
00:35 nikdatrix joined #salt
00:38 kiltzman joined #salt
00:47 bmurphy96 joined #salt
00:54 bmurphy96 joined #salt
00:55 Praematura joined #salt
01:15 ahrs joined #salt
01:16 jas02 joined #salt
01:16 spicyJalepeno joined #salt
01:16 spicyJalepeno does anyone ever see this process take a while when restarting a master? [salt.transport.zeromq][INFO    ][27785] Setting up the master communication server
01:33 bmurphy96 joined #salt
01:35 rpb joined #salt
01:47 ilbot3 joined #salt
01:47 Topic for #salt is now Welcome to #salt! <+> Latest Versions: 2016.3.6, 2016.11.3 <+> Support: https://www.saltstack.com/support/ <+> Logs: http://irclog.perlgeek.de/salt/ <+> Paste: https://gist.github.com/ (please don't multiline paste into channel) <+> See also: #salt-devel, #salt-offtopic <+> Ask with patience as we are volunteers and may not have immediate answers
01:50 catpigger joined #salt
01:52 DEger joined #salt
02:01 netcho joined #salt
02:14 neilf__ joined #salt
02:21 icebal joined #salt
02:22 mpanetta joined #salt
02:28 mpanetta joined #salt
02:35 speedosasquatch joined #salt
02:36 nikdatrix joined #salt
02:36 Tanta joined #salt
02:42 pipps joined #salt
02:43 gmoro_ joined #salt
02:50 Klaus_D1eter_ joined #salt
02:57 icebal joined #salt
03:07 onlyanegg joined #salt
03:09 evle joined #salt
03:18 beardedeagle joined #salt
03:37 jas02 joined #salt
03:42 beardedeagle joined #salt
03:42 Senthil joined #salt
03:45 Senthil Hi
03:45 Senthil I am using salt 2016.11.x where I am not able to profile salt-master using https://docs.saltstack.com/en/latest/topics/troubleshooting/master.html#live-salt-master-profiling
03:46 Senthil step mentioned here. Any known issue with profiling salt-master with 2016.11.x salt ?
03:48 beardedeagle joined #salt
03:48 Praematura joined #salt
03:54 Gareth joined #salt
03:56 beardedeagle joined #salt
03:57 beardedeagle joined #salt
03:59 beardedeagle joined #salt
04:00 raspado joined #salt
04:01 beardedeagle joined #salt
04:02 Rubin_ joined #salt
04:04 hillna_ joined #salt
04:04 _KaszpiR__ joined #salt
04:05 icebal_ joined #salt
04:09 Derailed_ joined #salt
04:09 stooj_ joined #salt
04:09 Clo joined #salt
04:12 theblazehen joined #salt
04:12 beardedeagle joined #salt
04:13 sjorge joined #salt
04:20 justan0theruser joined #salt
04:23 pipps joined #salt
04:30 onlyanegg joined #salt
04:33 GnuLxUsr joined #salt
04:37 nikdatrix joined #salt
04:47 GnuLxUsr joined #salt
05:23 rdas joined #salt
05:24 preludedrew joined #salt
05:29 jfelchner joined #salt
05:32 GnuLxUsr joined #salt
05:33 prg3 joined #salt
05:44 tuudik joined #salt
05:45 pipps joined #salt
05:47 armyriad joined #salt
05:51 jas02 joined #salt
06:08 Bock joined #salt
06:09 DarkKnightCZ joined #salt
06:12 DEger joined #salt
06:17 Ricardo1000 joined #salt
06:17 aldevar joined #salt
06:21 netcho joined #salt
06:26 aarontc joined #salt
06:37 ashmckenzie joined #salt
06:38 nikdatrix joined #salt
06:52 Trauma joined #salt
06:53 tuudik joined #salt
06:57 ReV013 joined #salt
07:08 jas02 joined #salt
07:13 jas02 joined #salt
07:15 onlyanegg joined #salt
07:16 netcho joined #salt
07:17 prototux joined #salt
07:18 dariusjs joined #salt
07:19 prg3 joined #salt
07:20 dariusjs joined #salt
07:21 ronnix joined #salt
07:22 ozux joined #salt
07:37 Ricardo1000 Hello
07:37 Ricardo1000 I have some strange with cmd.run module
07:37 JohnnyRun joined #salt
07:38 Ricardo1000 When I execute date command on 50 minions, at one or two minions command has executing twice. What is it ?
07:39 hemebond Ricardo1000: Do those minions have multiple salt-minions running?
07:39 hemebond Would need to see some output, including the command,.
07:41 Ricardo1000 hemebond: No, only one minion per host. Also twice execution, has randomly
07:41 hemebond Very strange.
07:41 Ricardo1000 hemebond: I agree
07:41 Ricardo1000 hemebond: always randomly minion
07:41 hemebond And it is definitely executing twice, not just returning output twice?
07:42 Ricardo1000 hemebond: How I can determine that ?
07:42 hemebond Depends on the command.
07:42 Ricardo1000 hemebond: I ran simple commands like date and uname
07:43 hemebond Can you share the command and an example of the double-execution?
07:45 Ricardo1000 https://pastebin.com/AzgKCr1f
07:45 hemebond Master and minions are the same version?
07:46 Ricardo1000 Yep
07:46 Ricardo1000 2016.11.3
07:46 hemebond All cmd.run does is collect the output and return it.
07:46 hemebond So somehow it's getting output.
07:48 dario joined #salt
07:49 prg3 joined #salt
07:50 Ricardo1000 hemebond: When I add time command before comannd like 'time uname', in the output => twice execution has disappeared
07:51 Ricardo1000 hemebond: Strange
07:53 dariusjs joined #salt
07:54 q1x what would be the best solution to share credentials (from pillar) between two hosts? I'm thinking mysql passwords and users here.
07:56 dyasny joined #salt
07:57 nikdatrix joined #salt
08:00 Rumbles joined #salt
08:00 hemebond q1x: Just put the credentials in a file and apply that file to both via top.sls?
08:01 hemebond "best" is subjective.
08:01 pbandark joined #salt
08:02 q1x hemebond: I was thinking matching pillar on groups, but that doesn't scale well as I'd need a group per mysql client host (that contains said host and the central server instance)
08:02 dario joined #salt
08:03 hemebond q1x: If I need to share information between different types of minions I use a share file; a jinja file that gets imported as a global dict for anything that needs it.
08:03 q1x hemebond: I'm not familiar with this concept, is there a doc page on it?
08:04 hemebond Nope. It's just a regular Jinja file.
08:04 hemebond http://jinja.pocoo.org/docs/2.9/templates/#import
08:05 hemebond So it's just a big {% load_yaml as g %} around some YAML
08:06 hemebond Then in other files I have {% from "globals.jinja" import g %}
08:06 hemebond Then I can just use {{ g.my.var }}
08:06 q1x hemebond: ah, but that means all minions can access that data?
08:07 hemebond No. Pillars are only available to the minions you specify.
08:07 hemebond They're compiled on the master.
08:07 q1x oh, sorry. I thought you were doing this in states
08:07 q1x my mistake
08:07 hemebond All done in the pillar to share data.
08:07 hemebond I don't put any data into states.
08:08 q1x hemebond: Up to now I've only been using jinja to build states based on pillar and grain data
08:08 hemebond Sounds good.
08:08 q1x hemebond: I hadn't realized I could use Jinja to render pillar yaml as well
08:09 hemebond Oh I see,
08:09 hemebond On of the main things I like about Salt is that all files are treated through similar pipelines.
08:09 hemebond You can even use Jinja in some master files.
08:11 q1x I'm loving the fact I can use jinja to create the states. So much better than the Puppet DSL :)
08:11 hemebond Agreed :-)
08:11 q1x I've used jinja to build config templates for switches and routers before, so it was pretty quick to pickup on.
08:12 hemebond Neat. Were those templates used directly by the switch/router or did you compile them?
08:12 q1x coming from Hiera it just never 'clicked' I could use jinja in pillar as well
08:12 CrummyGummy joined #salt
08:13 q1x hemebond: compile via pyhton script and then manual deploy from USB stick
08:13 hemebond Neat.
08:14 DEger joined #salt
08:14 q1x hemebond: thanks for the idea, I'll ponder a bit on it to see if I can thinkup of a way to solve my problem :)
08:15 ReV013 joined #salt
08:15 sh123124213 joined #salt
08:18 dariusjs joined #salt
08:18 yuhl______ joined #salt
08:22 netcho joined #salt
08:26 felskrone joined #salt
08:29 Mattch joined #salt
08:36 pfallenop joined #salt
08:37 jdipierro joined #salt
08:38 gnomethrower joined #salt
08:38 dariusjs_ joined #salt
08:38 ozux joined #salt
08:40 aldevar joined #salt
08:43 uli_ joined #salt
08:47 Guest46 joined #salt
08:47 pfallenop joined #salt
08:48 prg3 joined #salt
08:48 s_kunk joined #salt
08:50 Ricardo1000 hemebond: Can you help me to understand how to group minions by diffrent groups/roles
08:51 Ricardo1000 hemebond: I wanna do that dynamically, to avoid every time to restart salt-master
08:52 Ricardo1000 hemebond: As I understand correctly, I have to use pillar like external source
08:52 hemebond Ricardo1000: Do you have to reload the master if you change the groups via a file in master.d?
08:53 Ricardo1000 hemebond: I wanna avoid this
08:53 Ricardo1000 hemebond: I wanna generate this data in third party tool
08:54 jas02 joined #salt
08:54 Ricardo1000 hemebond: and each time when data has updating, salt-master update it info without restart
08:54 hemebond Sure but are you 100% sure it requires a restart of the master?
08:54 hemebond I know some stuff seems to be available without a restart.
08:55 Ricardo1000 hemebond: it needs if I am using nodegroup dunction
08:55 ReV0131 joined #salt
08:55 Ricardo1000 function
08:55 hemebond I see.
08:55 hemebond I don't use nodegroups myself because of the restarting.
08:56 hemebond It's also fairly easy for me to group minions without explicit lists.
08:58 etnbrd joined #salt
09:01 pfalleno1 joined #salt
09:16 mavhq joined #salt
09:23 GnuLxUsr joined #salt
09:24 berto- joined #salt
09:24 impi joined #salt
09:31 scc I am reading 2016.11.4 release notes, but not seeing 2016.11.4 our there anywhere :)
09:31 scc uor/out
09:49 jas02 joined #salt
09:49 Ricardo1000 hemebond: How you are grouping minions ?
09:50 hemebond Ricardo1000: Based on hostnames.
09:50 hemebond (i.e., minion IDs)
09:50 hemebond I haven't had to group them any other way so far.
09:51 Ricardo1000 hemebond: I also want to group minions by hostname
09:51 hemebond What are you using groups for?
09:51 hemebond So far I only need to "group" them based on the type they are.
09:51 Ricardo1000 hemebond: Can you provide your config top.sls and group file, to understand how do you do that
09:51 hemebond And that type is reflected in their hostna,e.
09:52 hemebond dc9*: < that's an environment
09:52 hemebond dc9slr*: < that's the Solr servers in the dc9 datacentre
09:58 GnuLxUsr joined #salt
10:06 prg3 joined #salt
10:12 prg3 joined #salt
10:13 mikecmpbll joined #salt
10:17 onlyanegg joined #salt
10:19 dariusjs joined #salt
10:19 prg3 joined #salt
10:26 N-Mi joined #salt
10:26 N-Mi joined #salt
10:29 GnuLxUsr joined #salt
10:30 Trauma joined #salt
10:38 prg3 joined #salt
10:40 netcho hi all, i am trying to setup this formula for mysql installation woth master-replica setup https://github.com/salt-formulas/salt-formula-mysql
10:41 ulrich joined #salt
10:41 netcho but i get this error https://hastebin.com/fefafazimu.cs
10:42 dendazen joined #salt
10:42 hemebond netcho: Have you specified something in your pillar as a float (e.g., 4.0) without quotes?
10:48 netcho hemebond: yep i did :) i found it already :) it was version, but now i have other error which i am investigating :)
10:48 ozux joined #salt
10:49 prg3 joined #salt
10:54 pbandark how to use list from pillar in state file? I have specified list of packages to install in pillar and trying to for loop to install the packages. But, it fails. https://paste.fedoraproject.org/paste/TwZeIeLzvpyS1Ak-yW3eEl5M1UNdIGYhyRLivL9gydE=
10:54 hemebond {% for item in list %}
10:55 hemebond Your state is wrong.
10:55 hemebond mv pkgs: outside the loop
10:55 * pbandark checking
10:55 hemebond You can install multiple pkgs in a single state using pkgs:
10:56 hemebond Inside the loop you can write out the "- {{ I }}"
10:56 pbandark you mean:   {% for i in salt['pillar.get']('tomcat:java_packages') %}
10:56 pbandark {{ i }}:
10:56 pbandark pkgs:
10:56 pbandark - {{ i }}
10:56 pbandark {% endfor %}
10:57 pbandark ?
10:57 hemebond No, you have to move `{{ I }}: pkgs ` outside of the loop.
10:57 hemebond Or you will end up with those repeated too.
11:00 DEger joined #salt
11:01 prg3 joined #salt
11:01 om2 joined #salt
11:03 dariusjs joined #salt
11:07 pbandark hemebond: https://paste.fedoraproject.org/paste/jxjebOOPJKd5DiWfGZQsBF5M1UNdIGYhyRLivL9gydE=  worked
11:07 pbandark thanks :)
11:07 hemebond ????
11:07 hemebond Wait... that worked?
11:07 pbandark yeah
11:08 pbandark i can see packages are installed on the client
11:08 hemebond I still think you should move that pkgs: outside the loop.
11:08 hemebond It might work but that might get fixed.
11:08 hemebond *work now
11:08 pbandark let me try
11:08 hemebond Just move it above the {% for I ....
11:09 hemebond `1 targeted package`
11:09 hemebond It only installed one package
11:09 hemebond I'm guessing your list had multiple items.
11:10 pbandark that worked too
11:10 pbandark yes i have list of packages
11:11 pbandark hemebond: can you suggest any good documentation to understand it better? how to use jinja with salt or something similar which will help to perform such operation in better way
11:12 hemebond Jinja2 is not a Salt thing it's its own thing and has a good website for documentation.
11:12 hemebond You can play with it outside of Salt.
11:12 pbandark ok
11:12 hemebond You just need to keep in mind what you want to write (the YAML structure) and then write the Jinja to cerate that.
11:13 pbandark ok
11:13 hemebond So understanding YAML properly, and the structure of a Salt state, then learning Jinja2 to write it for you.
11:14 hemebond Maybe it's not the case for you, but a lot of people seem to think Jinja and YAML are a Salt thing.
11:14 hemebond I personally also struggled to understand YAML and state structures. They seemed quite complex, like a DSL.
11:15 hemebond But they're really quite basic.
11:15 pbandark so it seems i need to throughly understand yaml first then jinja
11:15 hemebond It's a dict (SLS file) with dicts (states) with a list of parameters (e.g., - force: True)
11:15 hemebond At least the basics of YAML, yeah.
11:16 hemebond i.e., the indentation, writing lists, what makes a dict, etc.
11:16 megamaced joined #salt
11:16 pbandark ok
11:16 hemebond http://yaml-online-parser.appspot.com/ is great for understanding YAML.
11:16 * pbandark checking
11:17 pbandark thanks a lot for quick reply and information. hemebond++  :)
11:18 hemebond Good luck ☺
11:23 jas02 joined #salt
11:30 amcorreia joined #salt
11:42 kbaikov joined #salt
11:43 LeProvokateur joined #salt
11:52 jdipierro joined #salt
11:54 evle joined #salt
11:59 __number5__ joined #salt
11:59 ozux joined #salt
12:07 cyborg-one joined #salt
12:07 justanotheruser joined #salt
12:08 prg3 joined #salt
12:13 dendazen joined #salt
12:18 onlyanegg joined #salt
12:22 lorengordon joined #salt
12:30 numkem joined #salt
12:34 dariusjs joined #salt
12:51 ronnix joined #salt
12:51 yuhl______ hi, I have already a *normal* installation of saltstack with states/pillar on the master and many minions. Everything works well. Now others sysadmins from different department would like to use my *expertise* on salt. Can they use salt-ssh with their own pillar and use the state as defined on the master ?
12:51 jas02 joined #salt
12:52 ozux joined #salt
12:52 Roelt left #salt
12:53 prg3 joined #salt
12:57 manji yuhl______, you put "normal" and "saltstack" in the same sentence
12:58 babilen yuhl______: There is no reason why they wouldn't be able to use the same states, but salt-ssh would not get them from the master. You'd therefore have to make them available to salt-ssh somehow (e.g. common datasource)
12:59 yuhl______ babilen: you mean that I should share by nfs (for example) the state ?
12:59 manji yuhl______, since it is salt-ssh, forking from the repo should be fine
12:59 manji ori create branches
12:59 babilen I was rather thinking of a local git checkout on the boxes that run salt-ssh, but sure a networked filesystem would work too
12:59 yuhl______ ok
13:00 Praematura joined #salt
13:00 yuhl______ many thanks to you !
13:00 yuhl______ I'll try
13:00 babilen I don't like mounting NFS on my laptop (for example)
13:00 yuhl______ babilen: prefer sshfs for the win :)
13:00 babilen I mean the easiest way would be to have a local checkout of the same states .. you can also use GitFS
13:01 babilen You can see them as a completely separate master
13:01 DEger joined #salt
13:01 babilen They can do whatever they want .. just make sure that your respective changes don't clash
13:02 yuhl______ babilen: thanks for the informatin
13:02 daxroc argh really hard fail doesn't fail when a defined statefile is not found ?
13:02 yuhl______ I'll will simply do a rsync to test the combination of salt-ssh with my states
13:03 * daxroc bangs head of untestable salt-wall
13:03 mvensky joined #salt
13:03 brokensyntax joined #salt
13:04 mvensky_ joined #salt
13:05 abednarik joined #salt
13:06 GMAzrael joined #salt
13:06 LondonAppDev joined #salt
13:06 candyman88 joined #salt
13:07 babilen yuhl______: If they are exactly the same states running a highstate with salt-ssh after the state has already been applied from the master should be a no-op
13:07 babilen This does, however, assume that salt-ssh is not doing crazy shit or requires you to use all sort of crazy workarounds to get your states to work
13:07 brousch__ joined #salt
13:08 babilen I have found that salt-ssh is the fastest way to convince your team that salt is shit
13:08 babilen (which it really isn't)
13:08 prg3 joined #salt
13:08 babilen But salt-ssh vs Ansible is .. well .. no match for salt-ssh
13:10 netcho joined #salt
13:11 yuhl______ But, will I be able to full provision a machine with salt. Could I use openstack, to create a machine on the fly, and then configure it ?
13:11 XenophonF isn't salt-ssh just a temporarily installed masterless salt-minion?  or is there more to it?
13:11 XenophonF (or less to it?)
13:13 daxroc Any way to have salt state.show_high/lowstate fail when a missing sls is encountered ?
13:14 daxroc Anyone continuously testing salt states here ?
13:14 babilen XenophonF: That's more or less it
13:15 babilen yuhl______: https://docs.saltstack.com/en/latest/topics/cloud/openstack.html
13:16 babilen XenophonF: The creation of the tar file that is being uploaded is quite buggy and error prone unfortunately
13:16 babilen And you lose everything that's cool about salt (i.e. access to the message bus and therefore beacons, reactors, ...)
13:17 XenophonF because it's masterless, right?  that's too bad
13:17 prg3 joined #salt
13:18 babilen yeah
13:18 bakins joined #salt
13:21 ACz 13:36:44 <    ACz > hello, i've got master and minion 2016.11.1 (carbon), what do I have to do to activate execution modules?
13:21 ACz 13:37:15 <    ACz > i wrote one, unlocked the option module_dirs: /var/cache/salt/minion/extmods
13:21 ACz 13:37:25 <    ACz > in master config file
13:21 ACz 13:38:18 <    ACz > the connection between master and salt normally exists, and after doing saltutil.sync_modules the module is
13:21 ACz visible, but after running the command again, it disappears
13:21 XenophonF i guess the tarball creation would be equivalent to cross-compiling
13:21 ACz 13:38:50 <    ACz > and of course is unavailable to run thru master's command
13:21 ACz 13:39:40 <    ACz > between master and minion, of course :)
13:21 XenophonF yikes, dude
13:22 mbologna joined #salt
13:23 babilen ACz: I think you simply want to place it in _modules/ somewhere in your file_root rather than extmods
13:23 XenophonF what babilen said is what you want to do
13:24 Ricardo1000 hemebond: When I make manual creation custom field role, in grains for minion. Where is info has storing ?
13:24 XenophonF ACz: here's an example if you need one - https://github.com/irtnog/salt-states/tree/development/_modules
13:24 ACz XenophonF: thanks
13:24 XenophonF that installs a patched version of Salt's win_useradd.py module
13:25 XenophonF it happens to apply to minions in my development environment
13:26 ACz babilen: XenophonF: do i ned to unlock something in master config besides file_root ?
13:26 XenophonF no
13:26 ACz need*
13:28 XenophonF if your setup is simple, just drop the file into /srv/salt/_modules
13:29 babilen XenophonF: https://github.com/saltstack/salt/issues/26585 is the bug that was driving us nuts
13:29 saltstackbot [#26585][OPEN] salt-ssh not providing jinja file for salt-formula | When bootstrapping\setting up a VPS using salt-ssh, I use [salt-formula](https://github.com/saltstack-formulas/salt-formula) to properly configure the minion after the bootstrap script has done its job....
13:29 babilen It's impossible to enjoy using salt if you have to maintain a list of "extra filerefs"
13:30 ozux__ joined #salt
13:30 XenophonF oh man
13:30 abednarik joined #salt
13:32 babilen And it's been quite a while
13:33 XenophonF I bookmarked that issue
13:33 dariusjs joined #salt
13:37 racooper joined #salt
13:37 candyman88 joined #salt
13:44 Tanta joined #salt
13:46 debian112 joined #salt
13:54 prg3 joined #salt
13:58 DammitJim joined #salt
13:58 brasko I'll ask another time, hoping for some great advice -- does anyone know if salt can be used to distribute thousands of tests over hundreds of machines ?
13:58 aldevar joined #salt
14:02 Drunken_angel dont see why not
14:02 ACz lame question: why square brackets are used in e.g. pkg.installed: []
14:03 ACz because the same procedure works w/o it
14:03 numkem joined #salt
14:04 Drunken_angel [] is start of a list declaration
14:05 jdipierro joined #salt
14:05 ACz Drunken_angel: to pass some keyargs?
14:05 Drunken_angel ['pkg1' , 'pkg2']
14:05 ACz oh, thanks
14:05 ACz Drunken_angel: thank you
14:06 mihait joined #salt
14:06 shambat I have a state where I want to delete some files if they don't exist in a pillar list, how can I do this? I can't seem to tally up a list of names in jinja, and then remove those file names. It is basically this problem: https://bpaste.net/show/fe4d4f3ecbeb
14:06 Morrolan_ joined #salt
14:07 felskrone joined #salt
14:07 chron0 joined #salt
14:07 babilen ACz: It's essentially a matter of style. The community decided to use the "pkg.installed" rather than "pkg: - installed" style and to *also* make empty lists explicit by adding ": []"
14:09 zzzirk joined #salt
14:10 doglike joined #salt
14:10 doglike joined #salt
14:11 rickflare2 joined #salt
14:11 bergei joined #salt
14:11 chutz joined #salt
14:13 jijiki joined #salt
14:13 CustosLim3n joined #salt
14:16 dragon788 joined #salt
14:18 djural joined #salt
14:22 sjorge joined #salt
14:23 onlyanegg joined #salt
14:26 jas02 joined #salt
14:26 ssplatt joined #salt
14:27 ReV0131 left #salt
14:27 Sketch joined #salt
14:28 mpanetta joined #salt
14:29 mpanetta joined #salt
14:30 speedlight joined #salt
14:32 speedlight joined #salt
14:33 XenophonF babilen: like this? https://github.com/irtnog/salt-states/commit/bba8cfa984da69ed7d8aca676167e3498973f095#diff-9e355a71b0972334306b4a42b3426642
14:34 jdipierr_ joined #salt
14:34 speedlight joined #salt
14:34 tapoxi joined #salt
14:34 speedlight joined #salt
14:35 babilen XenophonF: Yeah
14:35 onlyanegg joined #salt
14:35 babilen The "yum/init.sls" change is different though
14:35 XenophonF i'm trying to compile a comprehensive style guide for writing jinja and sls files
14:36 XenophonF yeah for the yum sls i decided to collapse the two states into one
14:36 XenophonF prob should have committed that separately
14:38 Brew joined #salt
14:38 mikecmpb_ joined #salt
14:39 nikdatrix joined #salt
14:42 abednarik joined #salt
14:43 mikecmpbll joined #salt
14:44 Reverend joined #salt
14:44 Reverend hey chaps
14:44 Reverend i has a derpo
14:44 Reverend Transaction check error:
14:44 Reverend file /etc/salt/master from install of salt-master-2016.11.3-1.el7.noarch conflicts with file from package salt-2016.11.0-1.el7.noarch
14:44 Reverend whut
14:46 DammitJim joined #salt
14:46 monjwf joined #salt
14:46 fartface joined #salt
14:47 raspado joined #salt
14:50 speedlight joined #salt
14:51 Rumbles joined #salt
14:51 XenophonF LOL
14:51 XenophonF which OS?
14:52 q1x I'm guessing centos
14:58 monjwf joined #salt
15:02 DEger joined #salt
15:04 brakkisath joined #salt
15:04 Miouge joined #salt
15:11 candyman88 joined #salt
15:11 sp0097 joined #salt
15:12 sarcasticadmin joined #salt
15:13 mikecmpb_ joined #salt
15:19 jmedinar joined #salt
15:20 jmedinar Question. How can I force a state being called as include to be executed after another state is completed? I tried adding a require statement but not working.
15:20 jmedinar - admin.stop.ihs
15:20 jmedinar - require:
15:20 jmedinar - file: ihs.conf
15:21 Drunken_angel orchestration jmedinar
15:21 jdipierro joined #salt
15:21 PatrolDoom joined #salt
15:21 Drunken_angel when you can a normal state all the includes and stuff is complied into 1 giant state and ran at the same time where as orchestration lets you run one state after another
15:22 Inveracity joined #salt
15:22 it_dude joined #salt
15:22 jmedinar reading about it...
15:25 mikecmpb_ joined #salt
15:27 dezertol joined #salt
15:28 XenophonF Reverend: you might need to clear your yum cache
15:28 XenophonF might be a packaging bug - i had no problems installing 2016.11.3 from the offical repos on debian/redhat
15:29 Heartsbane joined #salt
15:29 Heartsbane joined #salt
15:30 toastedpenguin joined #salt
15:33 tiwula joined #salt
15:38 seanz joined #salt
15:41 schemanic_ joined #salt
15:42 DarkKnightCZ joined #salt
15:43 aldevar left #salt
15:48 cachedout joined #salt
15:48 Praematura joined #salt
15:48 jmedinar I fixed it mostly with the order statement... but will be nice to be able to use it in the include as well
15:52 _JZ_ joined #salt
15:53 Reverend XenophonF: that's a fucking good shout
16:01 pipps joined #salt
16:03 pipps99 joined #salt
16:05 pipps_ joined #salt
16:06 btorch joined #salt
16:07 btorch is something like {{ grains['xxxxx'] }} no longer available on 2016.11.3 ?
16:07 Reverend XenophonF: it didn't work :(
16:07 btorch master on 2016.11.3 and minion on 2015.5.3
16:08 brasko left #salt
16:09 whytewolf that should still work. also if it is in a state it is rendered on the minion anyway.
16:09 ToeSnacks joined #salt
16:11 bVector joined #salt
16:12 jdipierro joined #salt
16:14 btorch yeah very strange, grains.item works fine but running the state is blowing it up
16:14 btorch with "Rendering SLS 'base:haproxy.files' failed: Jinja variable 'builtin_function_or_method object' has no attribute 'cluster_environment'"
16:18 leonkatz joined #salt
16:18 impi joined #salt
16:24 woodtablet joined #salt
16:25 pbandark I am trying to create nested directories but the operation is failing.  https://paste.fedoraproject.org/paste/jwkPyM25dzStQLcc6qHcO15M1UNdIGYhyRLivL9gydE=
16:26 cyborg-one joined #salt
16:27 leonkatz your not using file.directory
16:27 whytewolf yeah he is
16:27 whytewolf he is just using a lot of them in the same state which would never work
16:28 pbandark whytewolf: what I need to correct in state file ?
16:28 leonkatz also how are these nested?
16:29 leonkatz is a2 supposed to be in a1?
16:29 whytewolf i think he means laterally. /root/a1 root/a2
16:29 pbandark leonkatz: i am expecting "/root/a1", "/root/a2" so onn
16:29 whytewolf ect
16:30 leonkatz so why not just put the loop outside the state
16:30 leonkatz sorry function
16:30 leonkatz and have a function for each aX
16:31 leonkatz {% for i in salt['pillar.get']('dir1') %}
16:31 pbandark let me check
16:31 leonkatz create dir (i):
16:31 leonkatz file.directory:
16:32 leonkatz - name: /root/ {{ i}}
16:32 whytewolf https://gist.github.com/whytewolf/3f67cef65b7e69bdfb9ba3f5fa076541
16:32 whytewolf 2 different ways
16:33 brakkisa_ joined #salt
16:33 leonkatz i had a quetion too about creating a master from a main master, that is a minion of the main master
16:33 leonkatz its key doesn't automatically get accepted
16:34 leonkatz like regular minions do
16:34 leonkatz wondering if there is an easy fix, other then writing a reactor
16:35 onlyanegg joined #salt
16:37 brakkisath joined #salt
16:38 whytewolf humm, never tested it but i thought that the master that is pointed at in the minion part of the config in an salt-cloud deplyment was the one made to create the keys.
16:39 whytewolf i think it defaults to the minion being a minion of it's self if it is a master
16:39 whytewolf i could be very wrong
16:40 pbandark thanks whytewolf leonkatz
16:41 jdipierro joined #salt
16:41 pbandark i was not aware of "names"   :)  I was using "name" with file.directory
16:41 whytewolf pbandark: you also were looping the directory part which would not have worked. can't have more then one function of the same module in a single state
16:42 pbandark yeah. you are right
16:42 brakkisa_ joined #salt
16:44 chowmein__ joined #salt
16:47 woodtablet hello
16:49 woodtablet Does anyone know why pillar stacks dont work with !#yaml|gpg render requests ?
16:50 woodtablet Or am I doing something wrong, which could be easily the case lol
16:50 whytewolf because it is hard coded to jinja and yaml? least that is what the docs say
16:51 woodtablet ya i saw that it was going to render as yaml, but thought it *might* be able to also use the gpg render if requested
16:51 woodtablet thanks for confirm whyte
16:51 woodtablet time for a feature request ^_~
16:59 prg3 joined #salt
17:01 ChubYann joined #salt
17:02 XenophonF woodtablet: hang on let me get you the pillarstack issue that explains what's going on
17:02 XenophonF i found it after you logged off last night
17:03 XenophonF woodtablet: https://github.com/bbinet/pillarstack/pull/21
17:03 saltstackbot [#21][MERGED] decrypt gpg encrypted values |
17:03 XenophonF woodtablet: https://github.com/ivarmedi/pillarcrypt
17:09 mikecmpbll joined #salt
17:09 woodtablet back, sorry doctor called
17:09 woodtablet ohhh man
17:09 woodtablet you rock!
17:10 woodtablet thanks XenophonF!!!
17:10 woodtablet closing my feature request lol
17:14 woodtablet btw, if anyone wants minion specific pillar data, pillarstack works great for it. previously i was using file_tree, but pillarstack is much much easier.
17:16 whytewolf normal pillars work for me for that so really don't need it. but then again i also don't do much that a single minion handles a single task.
17:16 schemanic_ joined #salt
17:19 nixjdm joined #salt
17:19 brakkisath joined #salt
17:21 s_kunk joined #salt
17:21 s_kunk joined #salt
17:22 pipps joined #salt
17:23 XenophonF woodtablet: it'd be nice to see an example of what you mean if you have time to put together a publicly accessible proof-of-concept
17:23 XenophonF i'm with whytewolf - regular pillar works well enough for me
17:23 XenophonF but i'm always curious to see how other people do things
17:26 woodtablet XenophonF and whytewolf: maybe i am doing this the wrong way, and maybe i need to change how my mind works, so i am very open to simplify this because this has been a journey.
17:27 woodtablet so i have a few hundred machines running cfengine, and each is a stupid snowflake
17:27 woodtablet i envisioned that i could use roles to define a type of node, and that node would get its own specific pillar
17:28 debian112 joined #salt
17:28 woodtablet like a tomcat or apache node
17:28 woodtablet some times those apache nodes needed specific data to itself like ssl certs and keys, and specific firewall rules
17:29 LeProvokateur joined #salt
17:29 woodtablet i needed an ext_pillar to render the roles pillar first, so that my already defined pillars and salt states worked
17:31 woodtablet previously i vaguely remember setting up a pillar that folder for minions, but if a minion didnt have already defined pillar it would error out
17:31 woodtablet so thats why i went back to an ext_pillar for specific minions, so I didnt have to define one for each minion
17:32 woodtablet i still have no minions in production with this, just a dozen formulas, and various other things to setup the core things each minion needs in my environment.
17:34 austin_ joined #salt
17:34 morissette joined #salt
17:35 chutzpah joined #salt
17:35 chutzpah joined #salt
17:36 woodtablet and thats it.. if i get this to work, maybe i write a blog post lol
17:41 censorshipwreck joined #salt
17:42 abednarik joined #salt
17:43 XenophonF woodtablet: take a look at https://github.com/irtnog/salt-pillar-examples
17:43 XenophonF that's how i use pillar in my server role implementations
17:43 woodtablet 404
17:43 XenophonF er sorry it's https://github.com/irtnog/salt-pillar-example
17:44 prg3 joined #salt
17:46 XenophonF i use pillar to assign the minion environment/role plus the service-specific configs
17:46 XenophonF the environment/role assignment controls SLS assignment in .../salt-states/top.sls
17:47 woodtablet your role files are links to a template.sls
17:47 XenophonF i happen to key off the minion ID when making those environment/role assignments, but one doesn't have to
17:47 XenophonF right - template.sls uses a little jinja magic
17:48 XenophonF the file name becomes the value of the `role` pillar key
17:48 XenophonF same for environment/template.sls
17:49 woodtablet how does your roles work for the salt state ? if you reference the role in the salt state before pillar is rendered ?
17:49 woodtablet that was my issue
17:49 XenophonF i'm not following you
17:49 XenophonF pillar data gets rendered on the master well before state data gets rendered on the minion
17:49 XenophonF pillar data is available (along with grains data) to the renderer on the minion
17:49 woodtablet if you have a pillar that defines the roles, and you reference that pillar in a salt state, i had chicken and egg problem
17:50 woodtablet hmm.. let me see if i can show you an example
17:50 jdipierro joined #salt
17:50 XenophonF the pillar refresh (and assignment) happens before the Salt state's top.sls gets processes
17:50 XenophonF s/processes/processed/
17:51 woodtablet maybe this was a problem for an older version of salt, but this was how i was using roles:
17:51 woodtablet {% if minion_id in salt.pillar.get('roles:tomcat-server') %}
17:51 woodtablet and that pillar wasnt built before my salt state made the call
17:52 XenophonF where are you putting that code?
17:52 XenophonF if in a Pillar SLS then no, that won't work
17:52 woodtablet yes
17:52 woodtablet that was what i was doing
17:52 woodtablet i was trying to say if you have this role, give this pillar to said minion
17:52 debian1121 joined #salt
17:52 woodtablet you are right i was putting in another pillar
17:52 XenophonF TBH that's what Pillar's top.sls does, right?
17:53 woodtablet sorry, it was a long time ago
17:53 tapoxi joined #salt
17:53 woodtablet tbh ?
17:53 Rumbles joined #salt
17:53 XenophonF hah sorry "to be honest"
17:53 woodtablet my top.sls (pillar for tomcat):
17:53 woodtablet 'I@roles:tomcat-server':
17:53 woodtablet - match: compound
17:53 woodtablet - tomcat
17:54 XenophonF here, let me give you a somewhat real example of what i mean
17:54 XenophonF let's say i have a minion named uxeprdlnxidp01.example.net
17:54 woodtablet ok
17:55 XenophonF this PCRE match sets `environment: production`: https://github.com/irtnog/salt-pillar-example/blob/master/top.sls#L43
17:55 XenophonF and this PCRE match sets `role: shibboleth-idp`: https://github.com/irtnog/salt-pillar-example/blob/master/top.sls#L60
17:56 XenophonF and this PCRE match pushes all of the settings that configure a server to act like "login.example.com": https://github.com/irtnog/salt-pillar-example/blob/master/top.sls#L95
17:56 XenophonF all of that happens at the master
17:56 spicyJalepeno does anyone run anything that restarts the salt-minion service if it is unable to run a scheduled job or highstate for a periord of time? I seem to have minions lose connection to the master sometimes and the only way to recover is by restarting the minion service
17:57 whytewolf spicyJalepeno: generally i investigate why they are losing connection. it isn't normally to lose the connection to the master.
17:57 XenophonF later on in the highstate, the minion processes top.sls and runs these O/S specific Salt states first: https://github.com/irtnog/salt-states/blob/master/top.sls#L583
17:58 XenophonF that's the base production config for all RedHat-family minions in my environment
17:58 XenophonF and then the minion runs these role-specific Salt states: https://github.com/irtnog/salt-states/blob/master/top.sls#L633
17:58 spicyJalepeno whytewolf: unfortunately it is hard for me to do that as my only access to the box is via salt
17:59 whytewolf spicyJalepeno: + centerlized logging and setting log level to debug
17:59 XenophonF woodtablet: by the time the minion gets around to processing the Salt states top.sls, it will have the Pillar data compiled by the master
18:00 censorshipwreck joined #salt
18:02 woodtablet XenophonF: what does pcre match mean ? your example minion doesnt end in prd or have *idp in it. but i see how you do roles
18:02 sjorge joined #salt
18:02 XenophonF spicyJalepeno: i vaguely remember coming across some settings in the minion config file that controlled how it tried to (re-)connect to the master
18:02 woodtablet XenophonF: and settings in the top.sls, thank you
18:03 XenophonF well the first PCRE match is (?i)...prd.*\.example\.net
18:03 woodtablet spicyJalepeno: i used these options to help:
18:03 woodtablet master_alive_interval: 10
18:03 woodtablet acceptance_wait_time: 10
18:03 woodtablet acceptance_wait_time_max: 10
18:03 woodtablet auth_tries: 7
18:03 woodtablet retry_dns: 2
18:03 XenophonF the (?i) means "perform a case-insensitive match"
18:04 XenophonF ... means the first three letters of the minion ID can be anything
18:04 woodtablet XenophonF: ahh
18:04 XenophonF (I use UN LOCODEes.)
18:04 XenophonF you got it now :)
18:04 woodtablet soo much metadata in that host name, nice ^_~
18:05 woodtablet i thought it random junk, but now i am realizing it isnt
18:06 XenophonF nope
18:06 XenophonF minion naming convention: https://github.com/irtnog/salt-pillar-example/blob/master/top.sls#L14
18:07 XenophonF unfortunately it doesn't really scale beyond about 100 servers/role/operating system/location
18:07 XenophonF at that point you'd need to ask the guys who managed 20000+ instances in a data center how they do things ;)
18:08 XenophonF my environment scales out horizontallly, not vertically
18:08 XenophonF we have lots of small, regional data centers, offices, and labs, with less than 200 servers total (physical and virtual) per data center
18:08 XenophonF so YMMV!
18:09 whytewolf well lots of ways to fit metadata into a hostname
18:09 XenophonF yup
18:09 XenophonF mine adapts the one described by http://www.mnxsolutions.com/devops/a-proper-server-naming-scheme.html
18:10 XenophonF only i dropped the stupid-codename-for-your-servers thing
18:12 jas02 joined #salt
18:12 whytewolf codenames for servers keep up moral. isn't meant to be for the non automatic system it is meant for puny human minds :P
18:13 XenophonF LOL
18:13 jas02 joined #salt
18:15 TOTALLYNOTAROBOT I ALSO PREFER TO USE HOSTNAMES CALCULATED TO MAXIMIZE HUMORS RESPONSES IN HUMAN SYSOPS
18:16 whytewolf one i will use in my smaller enviroment is just <function><server iteration>.<env>.<domain> such as osctrl001.cloud.wolfcloud.bad4.us which would be openstack controler 001 in the cloud enviroment [cloud would be the hardware used to build openstack] and the domain wolfcloud.bad4.us is my home networks domain.
18:16 XenophonF wolfcloud.bad4.us is the coolest domain name ever
18:17 whytewolf lol, thanks
18:18 woodtablet indeed
18:18 woodtablet i am jealous
18:18 woodtablet mine was mooo.com didnt renew so that is gone i am sure
18:18 woodtablet oh no its still free lol
18:19 whytewolf I own bad4.us and bad4.biz ... still trying to figure out exactly what i want to do with them.
18:19 woodtablet sell them to the highest hacking bidder ^_~
18:19 seanz joined #salt
18:19 whytewolf lol. they are also my main email addresses so ... yeah not selling them
18:20 whytewolf although merrymaids was not happy and refused me service when i told them my email address is merrymaids@bad4.us
18:21 DammitJim joined #salt
18:22 whytewolf personally i think it is one of the best spam filter email addresses ever
18:22 morissette joined #salt
18:28 Rumbles joined #salt
18:30 whytewolf ohhhhh, they tagged 2017.5 we should get rc's soonish
18:32 aldevar joined #salt
18:32 seanz1 joined #salt
18:35 aldevar left #salt
18:41 dfwerw joined #salt
18:41 RabidCicada joined #salt
18:41 spicyJalepeno woodtablet: thanks, sorry was away for a while and just came back
18:43 babilen whytewolf: I'm still partial to babilen5.org :)
18:44 whytewolf okay, that is good
18:44 babilen Your's is great too .. :)
18:47 woodtablet anyone have experience with pillarcrypt ?
18:47 woodtablet https://github.com/ivarmedi/pillarcrypt
18:49 Tanta is there a line-length limit for a pillar file?
18:49 Tanta I'm doing "cat ...file.sls" as an external pillar
18:49 Tanta and it picks up most of the keys but not all of them
18:49 onlyanegg joined #salt
18:49 XenophonF OMG babilen5.org? that's _brilliant_!!!!
18:50 woodtablet am i not pronouncing babilen right ? i dont get it
18:50 woodtablet baby lens ?
18:50 whytewolf woodtablet: https://en.wikipedia.org/wiki/Babylon_5
18:50 saltstackbot [WIKIPEDIA] Babylon 5 | "Babylon 5 is an American science fiction television series created by writer and producer J. Michael Straczynski, under the Babylonian Productions label, in association with Straczynski's Synthetic Worlds Ltd. and Warner Bros. Domestic Television. After the successful airing of a test pilot movie on..."
18:50 woodtablet OHHHHHHHH
18:50 babilen whytewolf: Nooo! bah-bee-len
18:50 whytewolf :P
18:51 woodtablet babilen: wow quite cleaver
18:51 pbandark joined #salt
18:51 woodtablet i googled babilen and i am getting some weird stuff lol
18:52 babilen Wasn't me ;)
18:52 woodtablet ( i foolishly clicked images)
18:52 whytewolf lol Suure it wasn't babilen
18:54 rem5 joined #salt
18:56 XenophonF and now i feel said
18:56 XenophonF sad
18:57 babilen How come?
18:58 woodtablet the show got a full run, i wouldnt be that sad
18:59 whytewolf I'm sad the fifth season was a little weak, and the follup series was a flop
19:00 mpanetta There was a followup series?
19:01 pbandark joined #salt
19:01 whytewolf https://en.wikipedia.org/wiki/Crusade_(TV_series)
19:01 saltstackbot [WIKIPEDIA] Crusade (TV series) | "Crusade is an American spin-off TV show from J. Michael Straczynski's Babylon 5. Its plot is set in AD 2267, five years after the events of Babylon 5, and just after the movie A Call to Arms. The Drakh have released a nanovirus plague on Earth, which will destroy all life on Earth within five years if..."
19:01 babilen Son't mention it
19:03 DEger joined #salt
19:03 raspado i have a cron file that is manages via file, we need to temporarily remove it until an issue is resolved
19:04 whytewolf raspado: file.absent to remove a file [comment out your file.manage]
19:04 raspado whats the best way to remove the managed file
19:04 Trauma joined #salt
19:04 raspado ahh ok thx whytewolf
19:05 filippos joined #salt
19:06 armyriad joined #salt
19:06 raspado whytewolf: https://pastebin.com/bXsGsgj8 this is how we manage the file, should I just replace managed for absent in this case?
19:06 tercenya joined #salt
19:07 whytewolf not sure if it will throw an error. the only thing file.absent takes is name
19:09 spicyJalepeno is there a way to have a master fire an event to itself for a reactor without having a minion on the master pointing to itself?
19:10 raspado ah ok so basically like this? https://pastebin.com/hUJaXJzF
19:10 whytewolf raspado: yeap although i would say file.absent: [] just to be safe
19:11 raspado ah k
19:12 whytewolf spicyJalepeno: https://docs.saltstack.com/en/latest/ref/runners/all/salt.runners.event.html#salt.runners.event.send
19:12 pipps joined #salt
19:17 renoirb joined #salt
19:19 amcorreia joined #salt
19:21 lclemens joined #salt
19:23 Edgan whytewolf: Even worse were the following movies
19:24 Edgan whytewolf: Watching The Expanse?
19:25 whytewolf yeah i do. pretty decent so far
19:25 babilen remember the cant!
19:29 prg3 joined #salt
19:31 raspado whytewolf: , what is the empty array for?
19:34 babilen raspado: It's making it obvious that the state takes no further arguments
19:35 whytewolf also it is used because of this. so it is generally a good idea to be in the habbit of useing it https://docs.saltstack.com/en/latest/topics/troubleshooting/yaml_idiosyncrasies.html#yaml-does-not-like-double-short-decs
19:38 netcho joined #salt
19:44 Praematura joined #salt
19:44 Rumbles joined #salt
19:45 leonkatz joined #salt
19:53 nikdatrix joined #salt
19:57 KyleG joined #salt
19:57 KyleG joined #salt
20:00 pipps joined #salt
20:06 spicyJalepeno whytewolf: thanks again
20:07 Edur joined #salt
20:09 icebal joined #salt
20:09 icebal44 joined #salt
20:12 icebal- joined #salt
20:12 pipps joined #salt
20:17 jas02 joined #salt
20:18 prg3 joined #salt
20:20 schemanic_ joined #salt
20:22 woodtablet btw, The Expanse is awesome
20:23 woodtablet can anyone tell help me figure out why my extension module doesnt seem to be read in ? I have turned my saltstack in debug
20:23 woodtablet https://docs.saltstack.com/en/latest/ref/configuration/master.html#extension-modules
20:24 whytewolf woodtablet: don't use extension_modules. use the dunder directories. much easier. what kind of module are you trying to use?
20:24 woodtablet whytewolf: dunder directories ?
20:24 woodtablet whytewolf: i am trying to use pillarcrypt
20:24 whytewolf _modules, _states, _grains, _runners, ect, ect, ect
20:25 raspado is it safe to comment out tasks for example in init.sls   # - solr: ?
20:25 woodtablet whytewolf: so this one is a pillar module
20:26 pcn gtmanfred: can you peek at what I'm doing here and let me know what you think?  https://github.com/pcn/salt/blob/slack-client-features/salt/engines/slack.py
20:26 woodtablet whytewolf: i change my master salt file to have a directory, like it says in the docs. the docs say that the new default is /var/cache/salt/master/extemods
20:27 woodtablet whytewolf: this is the module i am trying to use https://github.com/ivarmedi/pillarcrypt
20:27 pcn gtmanfred: I'm interested in whether the direction I'm going with; adding targeting options, multiple groups, and querying groups from pillar data makes sense and could be useful otherwise?
20:27 pcn I mean in other modules
20:29 whytewolf woodtablet: ok, then put it where salt://_pillar/decryt.py is valid. then run salt '*' saltutil.sync_all && salt-run saltutil.sync_all
20:30 woodtablet whytewolf: since i am not familar with dunder directories, how do i figure out or configure a valid _pillar dir ?
20:31 whytewolf then you don't have to worry about the master config for extension_modules [which is the old way of doing extensions]
20:31 whytewolf woodtablet: _pillar is just a directory in the root of your state tree
20:31 woodtablet that would be awesome
20:31 woodtablet ohh
20:32 woodtablet ok, trying
20:33 whytewolf the sync_all functions [one for minions run through salt and one of the master run through runner] sync the modules in that directory or any other supported directory into the place where the minion or master can find them
20:34 whytewolf once you get the base line of how it works. it is SO much easier to manage then the messing with config files and pointing all over the place of the old way
20:35 whytewolf plus you can use it with gitfs. which you can't do with the config file options
20:38 whytewolf also, I know i call them dunder even though tehnicaly they are single under :P
20:38 Edur joined #salt
20:40 pcn I didn't want to be that guy...
20:42 jas02 joined #salt
20:42 foundatron joined #salt
20:49 rschneberger joined #salt
20:49 woodtablet whytewolf: so i put _pillar here (/srv/salt/_pillar).with this in my master: file_root: base: - /srv/salt
20:49 whytewolf okay
20:50 toastedpenguin anyone used Salt to pull files from AWS S3 onto WIndows instances?
20:50 rem5 joined #salt
20:50 woodtablet whytewolf: when i ran the sync one of hte minions shows it but not hte other, maybe it already go it
20:51 whytewolf yeah if it doens't show it it must already have it.
20:51 tapoxi joined #salt
20:51 whytewolf it won't sync the same file over itself
20:51 whytewolf for a pillar you should also run the runner sync also
20:52 whytewolf since pillars are done on the master
20:52 woodtablet whytewolf: bleh, i put the salt-master in debug mode, and it says Could not LazyLoad decrypt.ext_pillar: "decrypt.ext_pillar" is not available. Specified ext_pillar interface decrypt is unavailable
20:52 Trauma joined #salt
20:53 leonkatz I'm trying to run state.sls_id 'my_sls' 'my_module_id_in_sls_file'
20:53 leonkatz is that correct?
20:53 pbandark1 joined #salt
20:55 whytewolf think that is backwords leonkatz
20:55 leonkatz yup your right
20:55 leonkatz the docs are wrong
20:55 leonkatz CLI Example:
20:55 leonkatz .. code-block:: bash
20:55 leonkatz salt '*' state.sls_id my_state my_module
20:56 whytewolf yeah they call the state file name module in that for some reason
20:57 Trauma joined #salt
20:57 whytewolf i think cause sls called them mods first
20:57 leonkatz thanks for the help
20:58 whytewolf woodtablet: did you run the runner version of saltutil.sync_all
20:59 ry joined #salt
21:00 whytewolf [the master looks in a different place for sync_ed modules then a minion. so running the minion version even on a master doesn't put them where the master is expeting them]
21:01 schemanic_ joined #salt
21:01 woodtablet whytewolf: salt '*' saltutil.sync_all && salt-run saltutil.sync_all <= i ran this on the master
21:02 woodtablet whytewolf: how do i do the runner version ?
21:02 whytewolf oh you did
21:02 whytewolf salt-run saltutil.sync_all
21:02 woodtablet whytewolf: ahh the logs are slow
21:02 woodtablet whytewolf: it now see the the decrypt.py in the /var/cache
21:03 woodtablet whytewolf: and there is some python issues.. that i know how to deal with lol. thanks for your help =D
21:04 whytewolf lol, no problem :)
21:04 Trauma joined #salt
21:04 DEger joined #salt
21:08 Trauma joined #salt
21:14 seanz joined #salt
21:20 Trauma joined #salt
21:30 tapoxi anyone know when 2016.11.4 is out?
21:31 tapoxi I noticed release notes, but no release...
21:31 Trauma joined #salt
21:31 Ch3LL We are shooting for the end of this month. Still haven't tagged though
21:32 Ch3LL as a side note we always create the release notes after every release anyways.
21:32 Ch3LL for example: when 2016.11.3 was released the day after we created the 2016.11.4 release notes
21:32 Ch3LL so just nto a telling sign as to when it will be released
21:33 pipps joined #salt
21:37 tobiasBora joined #salt
21:37 tobiasBora Hello,
21:37 tobiasBora I've a problem to talks between two servers with public IP.
21:37 tobiasBora from B, I can ping A
21:37 tobiasBora However, I set up the minion on B to follow A,
21:38 tobiasBora restart it
21:38 tobiasBora and the master on A does not see anything when I use "salt-key"
21:38 tobiasBora While I did the same thing on the master with a minion set to localhost, and it worked without any problem
21:39 hemebond tobiasBora: Ping is different to actually connecting.
21:39 hemebond Can you telnet from B to A on 4505 and 4506?
21:39 tobiasBora hemebond: Yes I know
21:40 tobiasBora oh
21:40 tobiasBora Trying
21:41 tobiasBora Hum... Strange:
21:41 tobiasBora $ telnet 185.107.80.186 4505
21:41 tobiasBora Trying 185.107.80.186...
21:41 tobiasBora telnet: connect to address 185.107.80.186: No route to host
21:41 tobiasBora While ping the ip works
21:41 hemebond So you haven't opened the ports.
21:41 hemebond Because all ping does is test that the IP has something there.
21:41 tobiasBora hemebond: But in iptable I dont see anything blocked
21:42 tobiasBora how would I open the port then
21:42 hemebond Are they both in the same network?
21:43 tobiasBora I'm not sure, but I think yes
21:43 tobiasBora well
21:43 tobiasBora I took them thouth a server provider
21:43 tobiasBora So I don't know exactly how they are linked together
21:43 sh123124213 joined #salt
21:44 tobiasBora It is dedicated server, that's all I know
21:44 hemebond Is there a network engineer you can ask?
21:44 hemebond Or sysadmin?
21:46 Praematura joined #salt
21:49 woodtablet left #salt
21:49 tobiasBora hemebond: I'll ask
21:50 tobiasBora Is there any way to check that on the server A everything is working fine?
21:50 hemebond telnet localhost 4505
21:50 hemebond telnet localhost 4506
21:50 hemebond salt-run manage.versions
21:52 tobiasBora Ok, even telnet <ip> 4505 works
21:52 hemebond From a different server
21:52 hemebond ?
21:52 tobiasBora no
21:52 tobiasBora from the same server
21:53 hemebond That just that it's listening.
21:53 tobiasBora And is there any way to check that the port is not closed outside
21:53 hemebond telnet <ip> 4505 from another server.
21:53 tobiasBora hemebond: Well here it could be a firewall between the two servers no?
21:53 hemebond Yip
21:54 tobiasBora Because no telnet <ip> 4505 does not work for now
21:54 nikdatrix joined #salt
21:54 tobiasBora And to be sure that it's not a firewall on the server if I don't have a server with no firewall between them?
21:54 tobiasBora I don't know if it can help; but I'm running Centos 7
21:55 hemebond You could very well have a firewall on the server itself.
21:55 hemebond iptables or something.
21:56 hemebond I can't help you with that I'm afraid.
21:57 tobiasBora It's quite hard to read, I have one line REJECT     all  --  anywhere             anywhere             reject-with icmp-host-prohibited
21:57 tobiasBora in Chain INPUT (policy ACCEPT)
21:57 tobiasBora but above this line I've also the line:
21:57 tobiasBora ACCEPT     all  --  anywhere             anywhere
22:00 mpanetta joined #salt
22:00 tercenya joined #salt
22:02 JoeJulian left #salt
22:11 tercenya joined #salt
22:19 smcquay joined #salt
22:23 pipps joined #salt
22:24 DEger joined #salt
22:25 DEger joined #salt
22:33 mavhq joined #salt
22:38 DEger_ joined #salt
22:50 KyleG joined #salt
22:50 KyleG joined #salt
23:01 pipps joined #salt
23:12 pipps99 joined #salt
23:30 pipps joined #salt
23:42 Tanta joined #salt
23:44 leonkatz joined #salt
23:48 tobiasBora I solved my problem
23:48 tobiasBora Now, a little question
23:48 tobiasBora I configured my system to use formulas
23:48 tobiasBora using:
23:48 tobiasBora *
23:48 tobiasBora And I'd like to use the formula https://github.com/saltstack-formulas/postgres-formula
23:49 tobiasBora However I can't find the option that, for example postgres.server would accept
23:49 tobiasBora How can I get them?
23:51 tobiasBora Oh, it's though pillar...
23:52 tobiasBora Will try it
23:55 nikdatrix joined #salt

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary