Perl 6 - the future is here, just unevenly distributed

IRC log for #salt, 2017-05-03

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:06 rlatimore joined #salt
00:10 speedlight joined #salt
00:15 edrocks joined #salt
00:25 anthonyshaw joined #salt
00:26 anthonyshaw hey how do I get the docs.saltstack.com to be rebuilt?
00:26 anthonyshaw its 7+ days old
00:26 anthonyshaw in develop
00:33 Sketch joined #salt
00:35 woodtablet left #salt
00:40 sp0097 joined #salt
00:42 druonysus joined #salt
00:43 Tantagel joined #salt
01:00 antpa joined #salt
01:11 thinkt4nk joined #salt
01:23 snc joined #salt
01:25 DEger joined #salt
01:30 anthonyshaw joined #salt
01:32 Praematura joined #salt
01:34 dezertol joined #salt
01:48 ilbot3 joined #salt
01:48 Topic for #salt is now Welcome to #salt! <+> Latest Versions: 2016.3.6, 2016.11.4 <+> Support: https://www.saltstack.com/support/ <+> SaltStack Webinar on Carbon, Nitrogen, and Enterprise 5.1 on May 18, 2017 https://goo.gl/PvsOvQ <+> Logs: http://irclog.perlgeek.de/salt/ <+> Paste: https://gist.github.com/ <+> See also: #salt-devel, #salt-offtopic <+> We are volunteers and may not have immediate answers
01:50 Tantagel joined #salt
01:53 exegesis joined #salt
02:00 zerocool_ joined #salt
02:04 Zachary_DuBois joined #salt
02:09 edrocks joined #salt
02:10 wangofett joined #salt
02:16 antpa joined #salt
02:19 mntnman joined #salt
02:24 anthonyshaw joined #salt
03:07 PatrolDoom joined #salt
03:17 tapoxi joined #salt
03:25 antpa joined #salt
03:29 miruoy joined #salt
03:32 exegesis joined #salt
03:35 nicksloan joined #salt
03:55 Praematura joined #salt
04:00 evle joined #salt
04:02 hemebond I thought docs.saltstack.com showed the latest release, not develop.
04:03 whytewolf hemebond: there are three different versions up at a time. devel, and the 2 latest versions
04:04 hemebond Oh yeah.
04:04 hemebond I forgot about that extra button.
04:06 jas02 joined #salt
04:11 DEger joined #salt
04:11 edrocks joined #salt
04:18 druonysus joined #salt
04:23 exegesis joined #salt
04:27 wangofett joined #salt
04:32 wangofett joined #salt
04:41 tharkun joined #salt
04:50 wangofett joined #salt
04:58 mosen joined #salt
05:01 wangofett joined #salt
05:04 MTecknology Can somebody pretty please tell me they have a lab set up w/ develop?
05:09 Bock joined #salt
05:09 golodhrim|work joined #salt
05:12 wangofett joined #salt
05:13 Tantagel joined #salt
05:14 mosen MTecknology not recently?
05:17 wangofett joined #salt
05:18 antpa joined #salt
05:18 rdas joined #salt
05:28 paant joined #salt
05:34 MTecknology I need to build a profile that deploys salt dev boxes.
05:44 raspado joined #salt
05:51 raspado joined #salt
05:53 mosen MTecknology for hacking on salt?
05:54 MTecknology yup
05:55 MTecknology https://docs.saltstack.com/en/latest/topics/development/hacking.html <-- this thingy
05:55 mosen yup thats what i thought
05:55 mosen gonna deploy it with salt? hehe
05:56 impi joined #salt
05:58 MTecknology ya, I want to deploy it w/ for i in {2..22}; do salt-cloud -p prox.saltdev sdev$i.lustfield.net; done
05:58 masber joined #salt
06:02 DEger joined #salt
06:06 evle joined #salt
06:09 anthonyshaw btw, little bit of work on multicloud https://medium.com/@anthonypjshaw/using-salt-to-boss-your-clouds-around-de2edb2f793d
06:13 preludedrew joined #salt
06:15 fracklen joined #salt
06:19 do3meli joined #salt
06:19 do3meli left #salt
06:21 yuhl______ joined #salt
06:21 aneeshusa joined #salt
06:22 MTecknology that looks more like aws than anything else
06:23 whytewolf anthonyshaw: how is libclouds openstack support? last i tried it, it sucked with modern versions.
06:23 anthonyshaw how modern?
06:23 whytewolf Mitaka and newer
06:24 whytewolf was meh on icehouse though
06:24 whytewolf basicly anything that moved to keystone api 3.0
06:25 anthonyshaw good points
06:25 anthonyshaw not many openstack users leverage libcloud at the moment
06:26 anthonyshaw I’ll see whether openstack support can be improved
06:26 anthonyshaw novaclient has been the main use case for OS users
06:26 sjorge joined #salt
06:27 anthonyshaw libcloud is good for AWS, GCP, Azure ARM (just recently), OnApp, Aliyun, Vultr, Digital Ocean
06:28 anthonyshaw vSphere and openstack not
06:28 Tantagel joined #salt
06:28 whytewolf novaclient hasn't been the default lib for openstack for a few releases now.
06:28 whytewolf openstacklib is the new default hotness with shade gaining popularity
06:30 anthonyshaw the problem has been that openstack is more of a vision than a concrete API :-)
06:31 anthonyshaw I’m behind though. maybe we should just adopt openstacklib and be done with it. the API is harder to pin down than AWS
06:32 aldevar joined #salt
06:33 anthonyshaw openstacklib is Ruby tho?
06:33 whytewolf no, it is python
06:33 whytewolf https://docs.openstack.org/user-guide/sdk.html
06:36 anthonyshaw ah, shade
06:36 anthonyshaw techhat told me about that last saltconf. I should have been paying more attention
06:37 anthonyshaw gah, requirements.txt much!?
06:43 MTecknology apparently weird math stuff happens when you try to use partition with low numbers and try to come up with integers.
06:44 MTecknology like.. 20% of six is still one at a time
06:46 whytewolf well after rounding....
06:49 MTecknology I mean, if you use math, it makes sense.
06:50 whytewolf have a simalar problem dealing with warnings and criticals on large drives. after all 99% of 500tb is still enough to not worry about anything for at least another 4 tb
06:52 MTecknology I wonder if I should include a notice that safe batching was triggered...
06:52 whytewolf yes.... that is a yes.
06:53 Ricardo1000 joined #salt
06:53 whytewolf other wise we are going to get a ton of people in here wondering why things are not happening concurrently
06:54 Rumbles joined #salt
07:04 MTecknology heh, looks like I  need to use print_cli()
07:04 felskrone joined #salt
07:06 N-Mi__ joined #salt
07:10 chowmein__ joined #salt
07:11 fracklen joined #salt
07:15 o1e9 joined #salt
07:16 jas02 joined #salt
07:17 ProT-0-TypE joined #salt
07:18 taylorbyte joined #salt
07:28 jas02 joined #salt
07:32 MTecknology I think I may have just found a weird bug in salt..
07:33 JohnnyRun joined #salt
07:34 pbandark joined #salt
07:39 fracklen joined #salt
07:39 wangofett joined #salt
07:39 fracklen joined #salt
07:44 wangofett joined #salt
07:54 jas02 Hello, how can I read some value from one server (read from file, or ENV variable) and pass that information to the second server? Preferably using salt.orchestrate.
07:56 MTecknology crap! I accidentally dropped 8 commits into a branch I didn't want them on
07:58 haam3r ahh the wonders of git :D
07:59 masber joined #salt
07:59 MTecknology I don't think I can fix this without blowing it away, but it's already a PR
08:03 Electron^- joined #salt
08:04 vlebo joined #salt
08:07 geomacy joined #salt
08:08 DEger joined #salt
08:08 Ricardo1000 joined #salt
08:09 impi joined #salt
08:10 ronnix joined #salt
08:11 Ricardo1000 joined #salt
08:11 mikecmpbll joined #salt
08:14 Ricardo1000 joined #salt
08:17 Ricardo1000 joined #salt
08:18 Miouge joined #salt
08:18 Ricardo1000 joined #salt
08:28 babilen MTecknology: You can force push into PRs -- No harm done if they haven't been merged
08:30 asyncsec joined #salt
08:31 MTecknology I probably screwed something up when I was trying. github was telling me to buzz off, I can't overwrite history
08:32 MTecknology babilen: I decided I'd completely screwed it when it said "commits into saltstack:develop from unknown repository'
08:34 MTecknology I need a wrapper around ssh and git that just turn off after midnight
08:35 bdrung_work joined #salt
08:43 cyborg-one joined #salt
08:44 babilen MTecknology: I'd like a "--cure-idiocy" switch for all programs
08:48 cyteen joined #salt
08:51 DEger joined #salt
08:52 nutcase_ joined #salt
08:52 Mogget joined #salt
08:52 AvengerMoJo joined #salt
08:53 Xenophon1 joined #salt
08:54 DanyC joined #salt
08:54 nutcase_ Good afternoon everyone.
08:57 nutcase_ I am trying to get this formula to work: https://github.com/saltstack-formulas/sudoers-formula
08:58 nutcase_ My top.sls file: https://gist.github.com/anonymous/e22ed22f0b60c8ae7954b0311904cc6b#file-top-sls
08:59 nutcase_ Error i get     Data failed to compile: ----------     No matching sls found for 'sudoers' in env 'base'
08:59 nutcase_ Spent hours on this but cant figure out what is wrong.
09:00 antpa joined #salt
09:00 N-Mi__ joined #salt
09:01 haam3r nutcase: shouldn't the file_roots be defined in the master config?
09:05 nutcase_ my master config file: https://gist.github.com/anonymous/03ab697fea28d639522c7dbf29fc1cf4#file-master
09:05 antpa joined #salt
09:05 Rumbles joined #salt
09:06 haam3r okey and remove the file_roots definition from top.sls
09:06 antpa joined #salt
09:06 darioleidi joined #salt
09:06 haam3r and you have to restart salt-master after chaning the master config
09:07 paant joined #salt
09:07 nutcase_ I have not changed the master config so it should be ok.... but ill restart it anyway
09:08 nutcase_ still the same:     Data failed to compile: ----------     No matching sls found for 'sudoers' in env 'base'
09:10 haam3r can you update your top.sls file gist?
09:11 nutcase_ sure
09:11 nutcase_ here: https://gist.github.com/anonymous/fb25461ef5182afd8b240e99db916ae6#file-top-sls
09:14 haam3r in your master config, try and change '/srv/formulas' to '/srv/formulas/sudoers-formula' at least I'm guessin you git cloned and that is a subdirectory of /srv/formulas
09:17 nutcase_ pwd: /srv/formulas/sudoers-formula-master
09:17 auzty joined #salt
09:17 haam3r okey..then the file_roots definition would be '/srv/formulas/sudoers-formula-master'
09:17 nutcase_ downloaded as a ZIP file and extracted it
09:18 haam3r okey
09:19 haam3r without chaning your file_roots the other option would be to reference the state file in your top.sls would be 'sudoers-formula-master.openssh' I'm guessing
09:20 nutcase_ Something is diffrent... testing.... Give me a moment
09:23 lazybear joined #salt
09:23 aarontc joined #salt
09:24 aarontc joined #salt
09:26 mbologna joined #salt
09:28 nutcase_ It seems to be working but its not reading the pillar file. I ve looked at the code and it would seem that the name of the pillar file should be sudoers.
09:29 nutcase_ sudoers is located in /srv/pillar folder
09:29 babilen nutcase_: You can structure your pillar in whatever way you want as long as the *data inside* is in the expected format
09:29 babilen It might be that you have /srv/pillar/sudoers.sls but that you don't include "- sudoers" in /srv/pillar/top.sls
09:30 babilen (i.e. assign to the minion in question)
09:31 AvengerMoJo joined #salt
09:31 nutcase_ babilen: /srv/pillar/sudoers not /srv/pillar/sudoers.sls
09:32 nutcase_ I actually dont have a top file in my pillar... hmmm
09:32 cyborg-one joined #salt
09:33 babilen nutcase_: You want /srv/pillar/sudoers.sls and /srv/pillar/top.sls -- The top file would target data (i.e. "- sudoers") to the respective minions, while sudoers.sls contains data in the format exemplified in https://github.com/saltstack-formulas/sudoers-formula/blob/master/pillar.example
09:34 babilen I would also consider using the users-formula for user management and https://github.com/saltstack-formulas/users-formula/blob/master/pillar.example#L36 for granting sudo rights
09:34 babilen (depends on your needs -- both approaches are viable)
09:37 nutcase_ Now it seems to be working... Thank you
09:37 babilen You can then refresh your pillar data by running, for example, 'salt "*" saltutil.refresh_pillar' and check that the data in question has been assigned correct with 'salt "someminion" pillar.get sudoers"
09:38 babilen Great
09:55 wangofett joined #salt
09:58 nutcase_ So it seems like its working on all my test minions.... But not on the Debian 6 installation..... Comment: Failed to commit change, permission error
09:59 nutcase_ Checked it and it does have the same permissions as other files...... hummmm
09:59 babilen nutcase_: Could you paste the complete error to one of http://paste.debian.net, https://gist.github.com, http://sprunge.us, … ?
10:00 nutcase_ https://gist.github.com/anonymous/32a054a5e2743cf4d2791928eba6d439#file-error
10:01 babilen nutcase_: Could you run the state on the minion direcly with "salt-call -ldebug state.apply sudoers" and paste the output of that?
10:02 candyman88 joined #salt
10:02 Reverend babilen you'll know...
10:02 Reverend if
10:03 Reverend if I have two staates uynder one name.,.. can I requisite the same way...
10:03 Reverend like "- file: <-name: of other state>" ?
10:04 Reverend answer: yes.
10:04 babilen Reverend: The requisite is a tuple that consists of the state module name (e.g. 'file') and the state ID/name. That means that you can uniquely identify every state
10:04 Reverend sick. I take it two states can't have the same "- name:" then?
10:05 Reverend if not, that's upsetting... cus I have two with the same name XD
10:05 rubenb Hi, I'm looking at managing (windows) scheduled tasks in salt states. Is that possible somehow?
10:05 babilen They can as long and they belong to different state modules
10:05 Reverend oh nice
10:05 Reverend yueah I have a file and a git state
10:05 Reverend that's nice.
10:05 Reverend let me just try it and see what happens xD
10:06 ravenx joined #salt
10:06 ravenx is it possible to pass in defaults.yaml params on the command line to override what is in the file?
10:06 ravenx i know you can do it with pillars, but i'm interested in the case for defaults.yaml
10:06 wangofett joined #salt
10:06 babilen ravenx: I haven't encountered that yet
10:07 ravenx encountered the overriding of defaults.yaml?
10:07 babilen That is: I haven't encountered a way to selectively override parts of the file_root tree
10:07 ravenx i see
10:08 ravenx what about map.jinja?
10:08 permalac joined #salt
10:09 nutcase_ babilen: Sorry for taking some time... Just want to make sure that there is nothing in this output that is confidential.
10:10 fannet joined #salt
10:10 babilen nutcase_: IRC is asynchronous, no worries ;)
10:11 * babilen is an event based user support persona implemented with Salt reactors and tensorflow
10:11 ravenx https://github.com/saltstack-formulas/bind-formula/issues/60  this doesn't really give me a how-to, on a command line bases on overriding map.jinja vars
10:11 saltstackbot [#60][MERGED] How do I override map.jinja values? | I currently cannot get this module to see the zones_source_dir on RedHat (CentOS) because it is configured with a leading slash. If I edit the module source and remove the leading slash I can get it to deploy a file from "/srv/salt/base/srv/salt/zones/", which is quite ugly....
10:12 Electron^- joined #salt
10:13 babilen ravenx: The generic idea is that you have data that can be overridden via pillars. You can then pass in that pillar data on the command line. That would, however, require the data to be merged in somewhere in the codebase (e.g. in map.jinja)
10:13 fannet hi everyone - if we deploy a multi-active/hot master  architecture and issue commands from one of the X number of salt-masters, how will the minions know to respond the that particular master
10:14 ravenx babilen: how can i do that?
10:14 babilen ravenx: What do you want to override?
10:14 ravenx cuz in my init.sls i have something like: - minute: {{ cron.minute }}
10:14 ravenx and the cron.minute is coming from map.jinja
10:15 ravenx do i do something like this on the command line?  pillar='{"cron": {"minute": "01"}}'
10:15 waroy joined #salt
10:15 babilen That would work as long as the pillar data is merged into cron.minute somewhere
10:16 ravenx how do i specify "merging" somewhere?
10:16 ravenx is it like a flag where i go:  Merge: true
10:16 ravenx or?
10:16 edrocks joined #salt
10:17 babilen https://github.com/saltstack-formulas/salt-formula/blob/master/salt/map.jinja#L190 that's the bit that does what you are after in the salt formula
10:19 babilen It retrieves the value of the 'salt' key in they pillar (which will be what you provided on the command line) and merges it (cf. L193) into the datastructure that has been compiled from default values (in defaults.yaml) and the os_family specific map (L43-L184)
10:20 babilen The comment on line 189 is exactly wrong as the salt:lookup merging does in fact happen in the os_family map construction by passing in the merge option on L183
10:20 ravenx so in my case, i need to change the word 'salt' to minute?
10:21 babilen No, I would expect you to build up the "cron" datastructure in your map.jinja and you would merge in 'cron'
10:21 ravenx aaaah
10:21 ravenx yup, so i have made the cron datastructure in my map.jinja as a json thingy.
10:21 ravenx and changed the 'salt' to 'cron'
10:22 ravenx though with this: pillar='{"cron": {"minute": "01"}}', i know how to pass in one value
10:22 ravenx how can i add more, via the command line
10:22 ravenx do i specify pillar= again?
10:22 nutcase__ joined #salt
10:22 nutcase__ Im back... Browser crashed :/
10:22 babilen No, you add more data to the dictionary -- pillar='{"cron": {"minute": "01", 'foo': 1}}'
10:23 ravenx aaah
10:23 wangofett joined #salt
10:23 ravenx beautiful,
10:23 ravenx thanks, let me try :D
10:23 babilen yw
10:24 ravenx hmm
10:24 ravenx i got this:  Rendering SLS 'base:sample' failed: Jinja variable 'default_settings' is undefined
10:24 babilen nutcase_: If it helps: I'm specifically looking for the command (and the respective output) that results in the error
10:24 ravenx babilen:  that was from the line of 192
10:25 babilen ravenx: If you want to follow that example you have to adapt your entire structure to the one exemplified there
10:25 babilen default_settings is defined on L36 and results from importing the (default) data defined in defaults.yaml
10:27 ravenx hm
10:27 ravenx if i don thave a defaults.yaml
10:27 ravenx do i need it?
10:27 babilen You don't. The important bit is that you merge the 'cron' pillar data into whatever datastructure you have by then
10:28 babilen (whatever you called it)
10:28 wangofett joined #salt
10:28 ravenx so right now i have this:  https://paste.debian.net/930528/
10:29 ravenx and somewhere in my init.sls i have:  - minute: {{ cron.minute }}
10:29 ravenx and i'm running the command via:   sudo salt 'one' state.sls reviewprecomp pillar='{"restart": "", "cron": {"minute": "11"}}'
10:29 ravenx however, that "11" didn't seem to take effect on my cronjob
10:29 ravenx is there an obvious error i'm doing?
10:32 babilen Yeah -- Try something like https://paste.debian.net/930530/ -- You weren't using the 'salt_settings' anywhere. In the SLS in which you want to use that data you would import cron_settings as cron (or similar)
10:34 wangofett joined #salt
10:35 ravenx ah okay
10:35 ravenx thank you
10:35 ravenx so now i see that instead of getting rid of the dfeault settings, now i need to create a default.yaml?
10:36 nutcase__ babilen: is there a way i can send you a private message with this?
10:36 babilen You don't .. the "default_settings" dictionary is defined on the first line in my paste
10:36 babilen nutcase__: Sure, feel free to /msg me
10:36 ravenx AAAAH
10:36 ravenx babilen: i see it now.
10:37 babilen ravenx: The defaults.yaml is simply used as people prefer to specify that data in YAML rather than JSON
10:37 babilen The data is the same
10:38 ravenx babilen: gotcha
10:38 ravenx babilen:  https://paste.debian.net/930534/
10:38 ravenx this is a weird error, it says that cron is undefined when in fact that is what we just defined in that paste no?
10:38 babilen ravenx: Make that 'cron' (i.e. a string, not a variable reference)
10:38 asyncsec joined #salt
10:40 ravenx so i did just that:  https://paste.debian.net/930535/
10:40 ravenx however, it says my line 3 threw an error, what i did was tried to solve it by changing that cron to 'cron' on line.
10:41 ravenx then that error seemed to get angrier, so i assumed that that's not the way to go
10:41 babilen The variable is "cron_settings" not "cron"
10:41 babilen I mentioned that earlier
10:41 nutcase_ joined #salt
10:42 ravenx omfg
10:42 ravenx it works!
10:42 ravenx true, you did :)
10:42 ravenx i guess i was in a hurry and didn't realize to change it in my init.sls
10:42 ravenx babilen: thank you _SO MUCH_ for your time and patience
10:42 babilen yw
10:47 zerocoolback joined #salt
10:52 Miouge left #salt
11:01 Ssquidly joined #salt
11:01 bvcelari joined #salt
11:01 bvcelari hi guys!! I need a small help
11:02 bvcelari I wish to obtain in a salt state file, like .sls ones, the list of grains that match with a certain query
11:03 bvcelari any clue how to do it?
11:04 bvcelari I wish to do something like:
11:05 bvcelari the list of grains that fit this search:
11:05 bvcelari salt   -C 'G@Roles:class_a'
11:07 bvcelari {% for server in salt['pillar.get']('roles:class_a:ip_interfaces:', []) -%}
11:07 bvcelari server {{ server }};
11:07 bvcelari {% endfor %}
11:07 bvcelari somebody ever did something similar?
11:11 darvon joined #salt
11:11 Praematura joined #salt
11:11 tikhoa joined #salt
11:17 lorengordon joined #salt
11:22 zerocoolback joined #salt
11:25 tapoxi joined #salt
11:26 fannet you want the list of grains or the list of values of a particular grain?
11:32 amcorreia joined #salt
11:33 cyborg-one joined #salt
11:34 fannet you may want to look at salt['grains.filter_by']  - filter_by(lookup_dict, grain='os_family', merge=None, default='default', base=None)
11:34 michaelb joined #salt
11:39 Reverend what's this "find_job" shit that gets blurted out during highstates ? O.o
11:39 bvcelari I need a property (ip in my case) of a list of grains filtered by a grain item
11:39 bvcelari @fannet will look into that
11:41 bvcelari thank you very much
11:43 aldevar joined #salt
11:45 jas02 joined #salt
12:06 Tantagel joined #salt
12:07 watersoul joined #salt
12:07 babilen bvcelari: My recommendation would be to target single purpose SLSs by grain value rather than keeping "does this apply to me" logix in the SLS
12:08 babilen I'm also not fond of using grains for roles, but that's beside the point
12:08 babilen What do you want to do exactly?
12:08 bvcelari is not intented to use like "does this apply to me" ... will explain
12:09 bvcelari I am generating a AWS set of servers with terraform... after, I am using saltstack to provision the software and it's configuration
12:09 fannet why would you not use grains for roles ?
12:10 bvcelari there are different kind of servers in the AWS infra, and I use to tags from AWS to identify them
12:10 bvcelari so I can salt them using the roles
12:10 babilen fannet: Basically two reasons: 1. They are insecure (minions can claim to have whatever roles they want) and 2. I see no point in maintaining that data in a distributed manner
12:10 bvcelari the numbers will change
12:10 bvcelari so... at some point, I need a list of the current Ips with that role
12:11 bvcelari If I could do something like
12:11 bvcelari {% for server in salt['grains.filter_by']
12:11 bvcelari ({
12:11 bvcelari 'ec2_tags:Roles','application'
12:11 bvcelari }, default='')
12:11 bvcelari -%}
12:11 bvcelari server {{ server }};
12:11 bvcelari {% endfor %}
12:11 bvcelari would give me nice formulas from salt, easy to maintain
12:11 babilen bvcelari: My recommendation would be to get maintain that information in the salt mine and then query the mine with that grain
12:11 babilen Let me paste something
12:14 fannet if someone is on your minion changing roles you have a bigger problem as salt-call requires root :)
12:14 babilen fannet: Just because someone has root on a single box doesn't mean that they should be able to request whatever state they want
12:15 babilen And .. in the end .. you also have to maintain those grains as well. If you do that with salt you are back at square one.
12:15 babilen What's the advantage of using grains?
12:15 jas02_ joined #salt
12:16 fannet convenience
12:16 babilen bvcelari: http://paste.debian.net/930552/ something like that
12:16 babilen fannet: More convenient than what?
12:16 fannet how else are you defining a server's  'state tree'
12:17 fannet by hostname?
12:17 babilen fannet: My recommendation would be to use pillars for roles. In particular external pillars (ensure they are rendered first) such as pillarstack.
12:18 fannet so your state top file is matching on pillars ?
12:18 babilen Yeah
12:19 babilen Centralised, easy to change, secure, ...
12:19 fannet and how does your pillar top file determine
12:19 fannet which pillars to which servers
12:19 babilen In exactly the same manner
12:20 fannet isn't that circular ?
12:21 babilen How so?
12:22 babilen The key to making this work for pillars is to use external pillars that are rendered first
12:23 fannet ah I got it
12:23 babilen https://docs.saltstack.com/en/latest/ref/configuration/master.html#ext-pillar-first
12:23 bvcelari @babilen , checking
12:23 bvcelari but yes, something like that is what I need
12:24 fannet babilen: have you had any experience with a multi-hot master environment
12:24 bvcelari do you guys have any nice tutorial about how to "merge" Terraform with Saltstack?  I had everything in salt, and now move it to AWS is more painfull than what I expected
12:25 babilen fannet: Unfortunately not
12:25 ronnix joined #salt
12:26 fannet darn . can't seem to find anyone
12:28 babilen bvcelari: Please note that my example might contain errors .. just wanted to show the "general idea"
12:29 bvcelari yeah.. it fails
12:29 bvcelari :(
12:29 bvcelari in the saddest way of salt does
12:29 bvcelari TypeError: get() takes at least 2 arguments (2 given)
12:29 bvcelari
12:29 bvcelari ; line 1
12:29 bvcelari
12:29 bvcelari ---
12:29 bvcelari {% set foo_ips = salt['mine.get']('ec2_tags:Roles:application', expr_form=grains) %}    <======================
12:29 bvcelari with 2 arguments, 2 give (sad)
12:29 babilen bvcelari: You might be able to get the CIDR programmatically or you might even just be interested in "private" or "public" addresses which you can query with the "type='private'" / "type='public'" option to network.ip_addrs
12:30 numkem joined #salt
12:30 bvcelari I am interested in this context in private Ips address only, but need to check that the minion belong to that role
12:31 babilen bvcelari: You want that to be "salt['mine.get']('ec2_tags:Roles:application', '10_network_addrs', expr_form='grains') I think
12:32 babilen Then write a mine function alias for network.ip_addrs type='private' -- https://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.network.html#salt.modules.network.ip_addrs
12:33 bvcelari I was willing to get the information from: ip4_interfaces:eth0
12:33 bvcelari in the same way I can query:    salt '*' grains.get ip4_interfaces:eth0
12:33 bvcelari that would be enough
12:33 thinkt4nk joined #salt
12:34 babilen What will you do if the interface name changes?
12:34 bvcelari will be right always, is created when I build the instance
12:34 babilen The mine option allows you to specify the information you are *really* after (i.e. the ip address in a specific network/network type) rather than hardcoding an implementation detail (the interface name)
12:35 bvcelari the eth0 is always the interface of the subnetwork where it should opperate
12:35 babilen bvcelari: Don't say that .. https://www.freedesktop.org/wiki/Software/systemd/PredictableNetworkInterfaceNames/ might happen to you
12:35 bvcelari yeah.. you are right
12:35 bvcelari I am prototyping
12:36 babilen Or something else .. we had a customer who had * a lot * of work because they had to adapt their code to remove all those "eth0" and "eth1" references
12:36 bvcelari and... build a function that will return the right interface sounds add more complexity...
12:36 babilen Use network.ip_addrs for getting the address as it gives you the information you care about
12:36 babilen Using the mine also allows you to get the information from *other* minions which is, I believe, what you are after
12:37 babilen You essentially say "Give me the private IPv4 address of all minions with role:application"
12:37 bvcelari Yes!
12:37 bvcelari that is waht I am looking for
12:38 babilen Define the mine function alias (cf. https://docs.saltstack.com/en/latest/topics/mine/#mine-functions-aliases) in the minions pillar, refresh pillar, update the mine and then play around with mine.get on the command line
12:39 babilen That will show you which data you can retrieve and work on your targetting expression
12:39 thinkt4n_ joined #salt
12:39 antpa joined #salt
12:39 edrocks joined #salt
12:40 babilen *you can work
12:40 bvcelari I thought that there would be an easy way with filter_by :(
12:41 bvcelari thanks a lot @babilen
12:41 babilen You essentially have to use the mine if you want information from other minions
12:41 babilen This is really quite easy/simple once you've grok'ed the idea
12:47 thinkt4nk joined #salt
12:47 cgiroua joined #salt
12:52 thinkt4n_ joined #salt
12:55 ssplatt joined #salt
13:07 fannet just hope our mine data never gets wiped out or CHAOS can ensue ;)
13:09 hemebond Or the grains cache :-)
13:10 hemebond (when possible)
13:13 gmoro joined #salt
13:14 edrocks joined #salt
13:17 ssplatt joined #salt
13:29 brousch__ joined #salt
13:34 jdipierro joined #salt
13:40 nutcase_ Anyone know if there is a good way to verify if a symlink exists and if so remove it?
13:43 haam3r file.absent should remove a symlink and the state should only attempt a removal if it exists
13:46 exegesis joined #salt
13:47 _JZ_ joined #salt
13:47 Sketch unless he wants to remove it if it's a symlink, but not if it's a file
13:48 cgiroua joined #salt
13:49 Sketch in which case he could probably use file.find .. doesn't look like there's anything else which will tell you if a file is a symlink or not
13:50 Sketch and wrap the file.absnet in a {% if salt['file.find]('some_options') %}
13:51 Sketch https://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.file.html#salt.modules.file.find
13:51 LeProvokateur joined #salt
13:52 Sketch seems like it would be easier just to make the file managed and set follow_symlinks: False, though
13:52 haam3r quite right...good catch
13:58 amcorreia joined #salt
13:59 babilen .oO( Reading tea leaves )
14:00 nutcase_ Thing is that I want it to remove a symlink and replace it with a file that is generated by salt. So using file.absent is not a great idea.
14:01 Sketch nutcase_: so use file.managed and set follow_symlinks: False?
14:01 impi joined #salt
14:02 mpanetta joined #salt
14:02 londo joined #salt
14:02 rlatimore joined #salt
14:04 Miouge joined #salt
14:06 Brew joined #salt
14:09 exegesis joined #salt
14:09 nutcase_ Sketch: Thank you i will try it
14:10 zerocoolback joined #salt
14:11 wavded joined #salt
14:11 ssplatt joined #salt
14:13 brent_ joined #salt
14:13 AvengerMoJo joined #salt
14:13 Praematura joined #salt
14:14 wavded joined #salt
14:15 mpanetta joined #salt
14:16 andrei_ joined #salt
14:21 wavded joined #salt
14:26 shambat left #salt
14:29 chadhs joined #salt
14:34 wavded joined #salt
14:35 fracklen joined #salt
14:36 fracklen joined #salt
14:37 zerocoolback joined #salt
14:42 evle1 joined #salt
14:48 greyeax joined #salt
14:50 zerocoolback joined #salt
14:50 brent_ joined #salt
14:53 tercenya joined #salt
14:53 PatrolDoom joined #salt
14:55 fracklen joined #salt
14:56 sarcasticadmin joined #salt
14:57 englishm_llnw joined #salt
15:00 pipps joined #salt
15:01 pipps joined #salt
15:03 aneeshusa joined #salt
15:06 mpanetta joined #salt
15:06 sp0097 joined #salt
15:06 antpa joined #salt
15:09 Electron^- joined #salt
15:09 sp0097 left #salt
15:18 antpa joined #salt
15:25 LeProvokateur joined #salt
15:26 censorshipwreck joined #salt
15:28 zerocoolback joined #salt
15:29 fracklen joined #salt
15:29 tapoxi joined #salt
15:30 ronnix joined #salt
15:33 wavded joined #salt
15:34 Praematura joined #salt
15:34 exegesis joined #salt
15:39 jdipierro joined #salt
15:40 nixjdm joined #salt
15:41 Electron^- joined #salt
15:46 tercenya joined #salt
15:49 Rumbles joined #salt
15:52 matti joined #salt
15:52 matti joined #salt
15:58 dezertol joined #salt
15:58 gord0 joined #salt
16:01 raspado joined #salt
16:02 mpanetta joined #salt
16:03 onlyanegg joined #salt
16:04 aldevar left #salt
16:05 cyborg-one joined #salt
16:06 jas02 joined #salt
16:06 amcorreia joined #salt
16:08 Trauma joined #salt
16:09 tercenya joined #salt
16:09 swills does salt have any way to schedule state changes?
16:09 swills like, i want state X until a certain time, then state Y
16:10 pipps joined #salt
16:10 whytewolf swills: clever use of https://docs.saltstack.com/en/latest/topics/jobs/#scheduling-jobs
16:10 ssplatt you could jsut schedule a highstate every so often, and push your code but wait for the highstate to kick itself
16:11 whytewolf or you could use the sceduler to push state X then at time z run state Y
16:11 swills ssplatt: that requires not accidentally merging too early
16:11 * brd waves to swills
16:11 swills which was what just happened
16:11 swills brd: hi there
16:12 ssplatt well if you don’t have the code deploy automatically. and it gets puled with a highstate
16:12 whytewolf don't have to use the highstate ... you can run states independently.
16:12 swills true
16:12 swills but i'm looking for something that doesn't require changing how we do things now
16:13 swills running highstate on thousands of boxes manually isn't practical
16:13 whytewolf who said anything about running states manually?
16:14 swills even scheduling the highstate so it only runs say hourly doesn't work, because there are some changes that can go out quickly and some that that need to wait for change window
16:14 swills i'm not sure how running the specific state independently works automatically?
16:15 whytewolf same way states do
16:15 whytewolf err highstates
16:15 swills i guess i don't understand your idea then
16:15 keldwud joined #salt
16:15 keldwud joined #salt
16:17 whytewolf your original question was setting up a time to run a different state at a different time.
16:18 swills well, sorta
16:18 tom29739 joined #salt
16:18 swills like if i have pkg.installed somepackage 2.1.0 and i want it to change to 2.1.1 next thursday at noon when the change window happens
16:21 whytewolf okay, then have the pkg.installed on the highstate not declare a version. have allow_updates: true. then create another state that has the version info. that runs at your change window [only that state not the full highstate.
16:23 swills been looking at the jobs page you linked above
16:23 swills was also thinking i could have two states and two jobs
16:24 swills so one job would run until the start of the change window, which specifies the package and version
16:24 swills and the other job would run after the start of the change window, which specifiews the new version and package
16:24 whytewolf that is also possable. and was kind of the original idea i was trying to pass off
16:25 swills that works too because in this case the package name changes
16:25 brasko joined #salt
16:25 brasko hi! what's the correct way to run 1000 jobs in parallel with 100 minions with salt?
16:25 brasko Does it handle queuing of those jobs, etc?
16:25 swills (the package name is like foo210-2.1.0 and foo211-2.1.1, because the repo requires unique package names)
16:25 brasko I'm having trouble finding an example yaml file (if that's the right way) to do this
16:27 whytewolf swills: that is a strange repo. most detect that foo-2.1.0 and foo-2.1.1 would be different "names" but the same package.
16:27 brd whytewolf: it is so both can exist at the same time
16:28 whytewolf ugh. most distros have a slotting method for that
16:28 brd whytewolf: slotting?
16:28 swills whytewolf: sorry to disappoint you
16:29 brd whytewolf: you mean like provides/requires?
16:29 whytewolf well i knew gentoo did. maybe thats just something i always took for granted when i ran gentoo.
16:30 whytewolf brd no i mean having multiple versions of the same pkg installed with out having to resort to silly naming
16:30 swills i have no idea how you can have multiple versions of the same package installed or what that looks like. odd.
16:31 whytewolf most of the time it involoves versioned directories
16:31 brd whytewolf: assuming no files conflict and having to do symlinks for libs or so..
16:31 seanacais joined #salt
16:31 whytewolf never said it was clean.
16:32 brd whytewolf: yeah, it is kinda complicated and we (FreeBSD) haven't gotten there yet
16:32 whytewolf in linux symlinks in lib is common.
16:34 khaije1 joined #salt
16:35 whytewolf but with like gentoo they went a step further and actually have full packages that can be "slotted" so that you could have say java 1.7 and java 1.8 installed at the same time. then just an alt picker to set which is actually the system version. but you can use either version directly
16:35 brd whytewolf: yeah, that is what we have been thinking about doing
16:36 seanacais Hi.  New to salt and I'm seeing something I don't quite understand.  test.fib against os:CentOS doesn't return a fibonacci series.
16:36 whytewolf looks like redhat does do the naming thing with that though so i do take that back.
16:37 swills brd: we're basically there with the java stuff at least
16:37 Upswell joined #salt
16:37 swills registervm/unregistervm/javavm etc
16:37 brd swills: yeah
16:38 whytewolf seanacais: what do you get?
16:38 khaije1 Hey all, I just saw a totally unexpected minion name show up in my 'salt-key -l un' pending keys list. What info is available on where keys come from and how can I get to it?
16:39 seanacais test.fib 10 returns 55.
16:39 Trauma_ joined #salt
16:39 seanacais 100 never returns.  1000 gives me a recursion depth error
16:40 whytewolf humm 10 would be 55 if it didn't start at 0
16:41 seanacais test.fib 15 returns 610
16:41 seanacais I only have CentOS and Raspbian
16:41 seanacais Raspbian is acting as expected.
16:41 whytewolf 15 would be 60 again if it doesn't start at 0
16:42 whytewolf sounds like it is skipping the first one
16:42 swills hmm, ok, so until and after solves part of the problem
16:42 whytewolf sorry 15 would be 610 i mean if it didn't start at 0
16:42 seanacais understood.
16:43 seanacais that makes sense.
16:43 swills so if the scheduled job is calling some state, and i basically want it to run until a certain time, but it looks like scheduled jobs have to have some sort of schedule and i'm not sure how to say "run this whenever you run highstate"
16:43 impi joined #salt
16:44 swills or does it do that if i leave the schedule out?
16:44 whytewolf there isn't a schedule for that. they are indapendent of state
16:44 wavded joined #salt
16:45 swills i guess i could just set the schedule to the same as the highstate schedule
16:45 whytewolf which would work well if you have no splay
16:45 swills yeah
16:45 antpa joined #salt
16:50 deuscapturus joined #salt
16:50 tercenya joined #salt
16:53 whytewolf sometimes i think head hunters don't actually read a resume or the job descriptions they are peddling. i just had one hit me up about "graphic designer"
16:53 brd whytewolf: yeah, that is my experience too.. "Spray and pray"
16:54 seanacais So is the test.fib issue a problem?  I'm not sure why it's different between the OS's
16:57 Trauma_ joined #salt
16:57 whytewolf seanacais: it isn't a major problem. although i would file a bug about it. they technically are both correct.  but are handaling the difference between which is first 0 or 1 differently
16:58 whytewolf are they different versions?
16:58 wavded joined #salt
16:58 whytewolf cause the code i am seeing shouldn't change per os
16:58 tercenya joined #salt
16:59 jdipierro joined #salt
16:59 seanacais The return is even different in style
16:59 seanacais $ sudo salt '*' test.fib 5
16:59 seanacais pi01:
16:59 seanacais |_
16:59 seanacais - 0
16:59 seanacais - 1
16:59 seanacais - 1
16:59 seanacais - 2
16:59 seanacais - 3
16:59 seanacais - 3.91006469727e-05
16:59 seanacais pi02:
16:59 jas02 joined #salt
16:59 seanacais |_
16:59 seanacais - 0
16:59 seanacais - 1
16:59 seanacais - 1
16:59 seanacais - 2
16:59 whytewolf please do not paste in here
16:59 seanacais - 3
16:59 seanacais - 4.50611114502e-05
16:59 cmarzullo cccc combo breaker
17:00 seanacais myapps:
17:00 seanacais - 5
17:00 seanacais - 7.15255737305e-06
17:00 seanacais ciao:
17:00 seanacais - 5
17:00 seanacais - 7.86781311035e-06
17:00 seanacais my apologies
17:00 dezertol use paste bin or equiv
17:00 dezertol https://pastebin.com/
17:01 whytewolf gist would be better. pastebin uses flash ads and is blocked at some work sites
17:01 seanacais will do.  (still learning)
17:01 Trauma_ joined #salt
17:02 whytewolf seanacais: can you run test.versions on both. and put that in your paste
17:03 noobiedubie joined #salt
17:03 antpa joined #salt
17:04 whytewolf although i can already tell you the rasbian version is WAY behind. test.fib hasn't posted the full seq in  a long while
17:05 seanacais https://gist.github.com/anonymous/3d7c1e24b5453c471ce3068451e34e2b
17:05 whytewolf yeah
17:06 tobiasBora joined #salt
17:06 tobiasBora Hello,
17:06 dezertol that's a big version gap
17:06 whytewolf thats the problem
17:06 tobiasBora I don't understand why, I've this error: Specified SLS postgresql-big-server.init_postgresql-big-server in saltenv base is not available on the salt master or through a configured fileserver
17:07 tobiasBora while the following file exists:
17:07 tobiasBora /srv/pillar/pillar_postgres_big_server/init_pillar_postgres_big_server.sls
17:07 seanacais So I shouldn't be expecting the full sequence at all then.
17:07 wangofett joined #salt
17:08 whytewolf seanacais: kind of. the behavour was changed i think in 2015.x for fib to just be the number not the full seq
17:08 whytewolf tobiasBora: that error looks like you are putting a pillar file in a state top
17:09 seanacais That's fine, but the 2016 versions on CentOS are the ones having issues with recursion depth.
17:09 whytewolf seanacais: yes they are and that is a bug report
17:09 tercenya joined #salt
17:09 edrocks joined #salt
17:10 seanacais Fair enough.  I'll go ahead and file it.  Thank you for the help.
17:10 whytewolf tobiasBora: also pillar_postgres_big_server/init_pillar_postgres_big_server.sls  !=  postgresql-big-server.init_postgresql-big-server
17:11 Brew joined #salt
17:12 Trauma_ joined #salt
17:16 jas02 joined #salt
17:17 edrocks joined #salt
17:22 jas02 joined #salt
17:28 pipps joined #salt
17:29 ChubYann joined #salt
17:35 LeProvokateur joined #salt
17:39 Rumbles joined #salt
17:44 LeProvokateur joined #salt
17:49 Praematura joined #salt
17:53 cyborg-one joined #salt
17:59 lorengordon joined #salt
18:00 Rumbles joined #salt
18:04 brasko can anyone help me know what command to run, to queue commands for the salt minions?
18:05 asyncsec joined #salt
18:08 asyncsec joined #salt
18:12 Xenophon1 brasko: that's kind of generic - what specifically do you want to do?
18:12 Xenophon1 i mean, that's basically what the salt(1) CLI does
18:13 nick123 joined #salt
18:13 brasko I want to run 1000 command line commands across 100 machines
18:13 brasko so there is more commands than machines
18:13 brasko so i'd like to use the queuing part of salt
18:13 brasko I just can't figure out from the help, yet, what command or yaml sequence does that
18:13 cro joined #salt
18:13 XenophonF OK so do you have 1000 commands that will run on each of the 100 machines?
18:14 brasko hmmm, so, i'd like salt to load balance, such that each machine runs about 10 jobs
18:14 brasko if that makese sense
18:14 XenophonF do the 10 commands need to run in order?  can you put them into a single script?
18:14 brasko yes, single script, order doesn't matter
18:15 brasko I'd like them run in parallel obviously, every agent running a command if it can
18:15 XenophonF OK so the simplest thing to do, probably, is to write a script, save it to somewhere in file_roots on the master, let's say /srv/salt/do_stuff.shs
18:16 MTecknology that sounds more like a job for ansible or salt-ssh than the salt command itself.
18:16 XenophonF then use something like `salt <target-criteria> cmd.script salt://do_stuff.sh`
18:16 XenophonF man salt
18:16 XenophonF there's ways to limit how many jobs go out at once
18:16 XenophonF nah salt's up to the task
18:17 MTecknology I think I misunderstood the use
18:18 brasko i'm basically trying to automate our QA automation jobs
18:18 brasko jenkins can't run thousands of jobs at once
18:18 brasko so i'm hoping that salt can play that role
18:18 brasko so the jobs will run for a while, 20 minutes each
18:18 XenophonF if you only want to run 10 machines at a time, you can use `salt -b 10 <target> cmd.script salt://do_stuff.sh`
18:18 whytewolf well, given a large enough box and jenkins CAN run thousands of jobs at once
18:18 tercenya joined #salt
18:19 XenophonF you might need to tweak the timeout (-t) or use the --async option
18:19 Garo_ left #salt
18:19 brasko whytewolf: we have a great machine, but jenkins creats a thread, for each queued job
18:19 brasko not scalable
18:19 brasko XenophonF: the jobs are all slightly different
18:19 XenophonF if the latter case, you'll get a job ID, whose status you can monitor via API or via the jobs runner CLI
18:19 brasko or parameterized
18:20 XenophonF that's not a problem - you can make your shell script a Jinja template
18:20 XenophonF or you can write a salt state that calls cmd.run and friends
18:20 XenophonF or what have you
18:20 brasko is it possible to briefly explain 'salt state'
18:20 XenophonF it's probably simpler to point you at the tutorial
18:20 brasko yeah
18:21 XenophonF https://docs.saltstack.com/en/getstarted/fundamentals/
18:21 XenophonF the tutorial actually starts with remote execution
18:21 brasko instead of this:
18:21 XenophonF so you can probably skip to this page
18:21 XenophonF https://docs.saltstack.com/en/getstarted/fundamentals/remotex.html
18:22 fracklen joined #salt
18:22 brasko thanks, ill read!
18:22 XenophonF come back if you have questions
18:22 XenophonF or need clarification
18:24 jas02 joined #salt
18:25 keltim joined #salt
18:26 keltim I'm having an issue trying to associate an elastic ip in AWS with the execution module, but AWS returns that it does not belong to me, as if the region were set wrong perhaps? details here https://bitbucket.org/snippets/tkelley_iseatz/aLajp
18:27 raspado should salt-cloud -d <hostname> return a confirmation with a list of host(s) that will be terminated as a result of the command?
18:29 dezertol it should..
18:29 dezertol it does for me
18:29 raspado hmm ok
18:29 raspado thx dezertol
18:29 LeProvokateur joined #salt
18:30 keltim this works fine in one region but not in another
18:32 keltim is it maybe because my master is in a different region??
18:33 keltim doesn't the execution module execute on the minion?
18:34 dezertol keltim can you run the command from the aws cli from the salt master?
18:34 cro joined #salt
18:35 dezertol the aws cli command i.e. can you confirm that it's not permissions
18:35 mikecmpbll joined #salt
18:37 chowmeined joined #salt
18:37 jhauser joined #salt
18:39 mpanetta joined #salt
18:40 mpanetta joined #salt
18:40 brasko XenophonF: I guess I'm wondering, if I wanted to run N jobs, each slightly differenet (parameterized), can a single YAML file do the trick?
18:40 woodtablet joined #salt
18:40 brasko or do I run N salt commands?
18:41 keltim hold up I'm not sure what it'd be atm, but the master is not in the same region as the minion (or the eip) - I don't think that would work
18:43 keltim dezertol, no it doesn't work on the master, which is in us-east-1 ... do I really need multiple masters in each region just for this??!?
18:43 bvcelari joined #salt
18:44 keltim maybe I can fix this with iam
18:44 geomacy joined #salt
18:45 jdipierro joined #salt
18:46 XenophonF brasko: it depends on how you do the parameterization
18:46 XenophonF you could write a single SLS file, with the relevant parameters coming from Pillar data
18:47 XenophonF at the command line, you can call the state with the `pillar=` argument and pass Pillar data to the state that way
18:47 XenophonF or you can assign the Pillar data per minion the normal way
18:48 Inveracity joined #salt
18:48 XenophonF Salt Pillar works like Salt States, in that you have a directory containing SLS files, with a /top.sls that assigns the SLS files to different minions
18:49 XenophonF only it's a key-value store
18:49 XenophonF (in a nutshell)
18:49 XenophonF might be easier if you post an example script with parameters or something
18:50 XenophonF I can show you lots of examples out of my own personal GitHub repos but nothing exactly like what you're doing
18:50 brasko right! I guess I'm trying to misuse salt a bit
18:50 XenophonF no not at all!
18:50 XenophonF i mean it's all about remote exec
18:50 XenophonF i just can't read your mind from here
18:50 XenophonF ;)
18:51 brasko yeah, i think that's because I don't understand salt well enough to ask the proper questions
18:51 brasko it was trivially to set it up on windows/linux
18:51 brasko and run 'ls' on all the minions
18:51 XenophonF hah right
18:51 XenophonF that's pretty easy
18:51 brasko which was impressive
18:51 XenophonF OK so let's ramp up the complexity a bit - but only a little
18:51 keltim brasko, I like to organize the pillar by dns, such that the top file exposes the right pillars based on the fqdn of the minion. Very simple
18:51 XenophonF put that ls command into a shell script, copy the shell script to /srv/salt on your master
18:52 brasko ok
18:52 XenophonF then get comfy running that script on all of your minions
18:52 brasko great, that's what i'll do next
18:52 XenophonF small, incremental changes FTW
18:52 brasko keltim: ok.
18:52 cscf keltim, if you're only doing it by fqdn, why bother with a top.sls? use file_tree
18:52 brasko are pillars similar to jenkins labels? ie. the ability to say what jobs run on what minions?
18:52 cscf keltim, or do you mean globbing/subdomains/etc?
18:53 keltim my pillars like: tld/qa/1/something.sls so a minion with fqdn miion.1.qa.tld would just see that
18:53 cscf brasko, the pillar is a key-value store that gets compiled into a set of variables per-minion
18:53 XenophonF brasko: Pillar is just a key-value store, arranged like Salt States
18:53 XenophonF let's worry about that later
18:53 brasko yup, incremental!
18:53 XenophonF for now, get your ls command into a script
18:54 XenophonF then to run it on all your minions: salt * cmd.script salt://ls.sh (or whatever you call the file you copied to /srv/salt)
18:54 keltim cscf, no actual domain matches  in top.sls, what is file_tree ?
18:54 keltim I mean, there's other sorts of matches as well, but that's the majority of it
18:55 cscf keltim, file_tree is a feature where you make a directory such as pillar/file_tree/, then you make directories file_tree/hosts/<fqdn>/
18:55 XenophonF brasko: cmd.script is just a convenient way to download said script to a temp file and execute it
18:55 cscf keltim, then any file contents you put in there can be accessed in Pillar as the filename
18:56 cscf keltim, it's very handy when you need binary blobs as pillar data, because that's not fun at all in YAML
18:56 tobiasBora whytewolf: great, thank you !
18:56 XenophonF brasko: https://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.cmdmod.html#salt.modules.cmdmod.script
18:56 XenophonF there's a link to TFM if you need it
18:56 Miouge joined #salt
18:57 cscf keltim, https://docs.saltstack.com/en/latest/ref/pillar/all/salt.pillar.file_tree.html
18:57 XenophonF brasko: now let's say your script is just `ls`
18:58 XenophonF which is no different, really, than `salt * cmd.run ls`
18:58 XenophonF here's where we can start changing things up
18:58 brasko XenophonF: super helpful, i'm working on it, i've got to head to a meeting :(
18:58 brasko bbl, and will follow up with this for sure
18:58 XenophonF in the script, you can replace `ls` with `ls {{ salt.pillar.get('path') }}`
18:59 XenophonF and then the salt command could be `salt * cmd.script salt://ls.sh template=jinja pillar='{path: "/"}'`
18:59 XenophonF meetings, bloody meetings!
19:00 aldevar joined #salt
19:02 thinkt4nk joined #salt
19:07 jas02 joined #salt
19:08 schemanic_ joined #salt
19:09 jeward joined #salt
19:12 eseyman joined #salt
19:17 DammitJim joined #salt
19:18 edrocks joined #salt
19:24 wangofett joined #salt
19:28 aboe joined #salt
19:29 tobiasBora Hello again,
19:30 tobiasBora I would like to create a state that pull a git repository
19:30 tobiasBora however, this git repository needs a key
19:30 tobiasBora and I put a password on this key because I want to avoid that anyone can download my code
19:30 tobiasBora hum
19:30 tobiasBora modify my code*
19:31 tobiasBora (and since this repo can contains sensitive data, indeed it may be better if I need a password to download some stuff)
19:31 tobiasBora The thing is that I don't want to hardcode the password
19:32 tobiasBora I'd like to be able to manually enter the password when I run the commands
19:32 tobiasBora how could I do that ?
19:36 Trauma joined #salt
19:36 nixjdm joined #salt
19:36 paant joined #salt
19:42 druonysus joined #salt
19:44 hashwagon joined #salt
19:44 jas02 joined #salt
19:47 cmarzullo you have run into the managing secrets problem.
19:47 cmarzullo At some point, something has to be authorized to do the git pull. You can try to automate around it. But you just gonna create a monster.
19:48 cmarzullo If you are pushing code regularly, you should package your code and distribute it as a package.
19:49 saltazure joined #salt
19:51 Praematura joined #salt
19:51 Pyro_ joined #salt
19:52 Pyro_ Hey all.  I have a cmd.run state that executes every time.  I'm trying to change it so that it only runs if /dev/xvdb1 does not exist.   Thoughts?
19:53 cmarzullo you'll want to setup a check.
19:53 whytewolf Pyro_: unless: test -f /dev/xvdb1
19:53 cmarzullo ^^
19:53 Pyro_ Thanks, I was looking at the requires and that wasn't quite working the way I expected.  Thanks whytewolf!
19:54 whytewolf note not 100% sure about that test. but the idea is the way forward
19:55 whytewolf opps that should be test -b /dev/xvdb1
19:55 jas02 joined #salt
19:55 Pyro_ Ah, right.
19:56 mmmm joined #salt
19:57 Pyro_ Looks like it worked.  "unless execution succeeded"
19:57 fracklen joined #salt
19:58 hashwagon Anyone have salt and tomcat experience?
19:59 Pyro_ Thats what I'm running on the majority of my minions.
20:00 mmmm Hey! Is anyone here using salt-cloud (salt 2017.5.0) with OpenStack and Nova driver? I keep getting "Missing dependency: 'python-novaclient'." which I have installed.
20:00 mmmm After some debugging I discover that problem is here: import novaclient.auth_plugin
20:01 mmmm As far as I can see there's no such thing auth_plugin in novaclient (checked source on GH)... Any ideas?
20:01 whytewolf mmmm: believe it needs an older copy of novaclient before novaclient got rid of novaclient v1.1
20:02 mmmm whytewolf: I tried '2.6.1' which is used as NOVACLIENT_MINVER in the same file and the result was the same...
20:02 mmmm but maybe it was my mistake, I'll try again to confirm
20:03 whytewolf humm, 2.6.1 should have v1_1
20:05 mmmm Actually... "Could not find a version that satisfies the requirement python-novaclient==2.6.1". So I think I tried 2.6.10. But...
20:06 mmmm But looking at https://github.com/openstack/python-novaclient/tree/2.6.1/novaclient
20:06 mmmm I can't see anything like auth_plugin either
20:07 nixjdm joined #salt
20:08 mmmm OK, I can actually see it in 3.*
20:08 mmmm I'll just pick the latest version that has it, I guess :-)
20:08 whytewolf wait 2017.5.0? that isn't even released yet
20:08 mmmm Thanks whytewolf !
20:10 mmmm Yes, correct. I wanted to play with Nova driver and docs say it's only available in unreleased versions (or something like this, can't remember now)
20:10 sc250024 joined #salt
20:10 mmmm Oh, here it is whytewolf : "This module currently requires the latest develop branch of Salt to be installed."
20:10 whytewolf both the novadriver and openstack driver have been around for a while now acctually
20:10 bvcelari joined #salt
20:11 mmmm OK, good to know, I might check the released version in that case :-) I'm completely new to salt, so just trying to find my way through the darkness ;-)
20:11 whytewolf ahhh most likely some of GT's code needed things that are coming up.
20:12 mmmm GT?
20:12 whytewolf gtmanfred:
20:13 keltim I'm trying to use boto_ec2.associate_eip_address with the master in one region and the eip and target minion in another ... I specified the region in the sls but the master is not setting it right ... it needs to switch it's region to run the command and it fails. The cli works fine, so long as I change the region. details: https://bitbucket.org/snippets/tkelley_iseatz/aLajp
20:13 cgiroua joined #salt
20:13 gtmanfred whytewolf:
20:13 whytewolf :P
20:13 jas02 joined #salt
20:14 gtmanfred whytewolf: https://github.com/saltstack/salt/issues/41042
20:14 saltstackbot [#41042][MERGED] For CentOS minions test.fib runtime increases exponentially or returns recursion depth error | Description of Issue/Question...
20:14 gtmanfred mmmm: that is probably old...
20:14 gtmanfred that message in the docs is probably no longer true
20:15 gtmanfred i still have not written any new code for nova driver in like a year and a half
20:15 mmmm Ah, thanks for clarification! :-)
20:15 gtmanfred that was all back when i was first moving stuff into salt.utils.openstack to make it work more consistently
20:15 gtmanfred but now, i am working on throwing all that away, and moving to useing openstack shade
20:16 * whytewolf can't wait for shade.
20:16 keltim n/m I think I got this
20:16 SaucyElf joined #salt
20:16 whytewolf really can't wait till the libcloud stuff is gone. or they actually support openstack correctly
20:17 gtmanfred i just made my shade branch for salt today, and deleted the openstack driver
20:17 whytewolf which ever hell freezes over first
20:18 whytewolf so are we going to get it in oxygen?
20:18 whytewolf or fluorine?
20:19 mmmm gtmanfred: whytewolf: LOL, I thought that using nova will mean using the bleeding edge tech, but apparently it's legacy already :D
20:19 gtmanfred oxygen
20:19 mmmm Anyway, thanks for help guys, I'll see what I can do with nova and will have a read about shade to be prepared ;-)
20:19 gtmanfred mmmm: openstack is older
20:19 gtmanfred yeah, it is all just a nightmare to deal with
20:20 gtmanfred shade should be better because the developers of shade promise not to break backwards compatibility
20:20 gtmanfred and also provide built in caching
20:20 whytewolf mmmm: openstack driver was libcloud, nova is novaclient based. what he is working on should be shade based. which honestly should be the better option of the three
20:21 gtmanfred whytewolf: http://ix.io/sBR now i just have to remember how to write a cloud driver.
20:21 gtmanfred http://ix.io/sBR
20:23 saltazure hi, anyone have a experience with azurearm?
20:23 whytewolf I'm sure you can do it. can't be any worse then the jumble of spegetti that is clouds.openstack
20:23 mmmm gtmanfred:  whytewolf: Cool, got it - I'm new to all that stuff, so I really appreciate the explanations :-)
20:25 gtmanfred ok, back to work o/
20:25 whytewolf o/
20:25 dezertol joined #salt
20:25 Rumbles joined #salt
20:26 SalanderLives joined #salt
20:26 SalanderLives joined #salt
20:27 DammitJim joined #salt
20:27 brasko XenophonF: ok, great, got that working, although on windows it failed, doesn't know where sh is
20:28 brasko so now I can run a sh script on many machine
20:34 Trauma joined #salt
20:38 hashwagon joined #salt
20:39 brasko XenophonF: although I haven't been able to parametize it yet with pillar and jijna
20:40 Avery[m] left #salt
20:44 hashwagon anyone recommend a linux markdown editor?
20:45 onlyanegg joined #salt
20:46 geomacy joined #salt
20:48 brasko hashwagon: probably not what you want, but https://github.com/joeyespo/grip is great
20:49 brasko renders the markdown the way users would see it in github, and it does so in real time
20:49 asyncsec joined #salt
20:49 hashwagon brasko: thanks I'll check it out
20:49 brasko you use your own editor though, which is what i like
20:53 brasko XenophonF: does the pillar not work because it's a sh file
20:53 brasko ?
20:53 brasko instead of sls?
20:54 hashwagon left #salt
20:55 hashwagon joined #salt
20:55 lorengordon joined #salt
20:55 candyman88 joined #salt
20:56 brasko XenophonF: OK, never mind, got pillar working, had to remove the salt. in the sh file
20:56 brasko XenophonF: OK, so now I have a script executing on several nodes. And it can be parameterized
20:57 brasko Since I have 2 machines, can I ask salt to run 10 jobs, and wait until they are all done?
20:57 brasko Do I do that in 1 invocation or 10? 1 would be preferable
21:01 saltazure once again, does anyone have experience with salt-cloud and azurearm? if yes then we can proceed privately 1:1, i'm in stuck and i'd like to find the reason :(
21:02 whytewolf if you need 1:1 troubleshooting. you would be better off paying for salt support
21:02 tapoxi joined #salt
21:03 lorengordon joined #salt
21:06 Zachary_DuBois joined #salt
21:08 nixjdm joined #salt
21:08 saltazure_ joined #salt
21:09 saltazure_ sure :) I thought I would save chat with my questions
21:17 brd saltazure_: no such thing as saving chat, it helps everyone learn
21:20 izrail joined #salt
21:20 Ch3LL saltazure: i saw you ping me on irc about azure issue, looks like you logged off but if you are logged in as another nic i would love to help
21:20 Ch3LL sorry i missed it originially
21:21 viq joined #salt
21:22 asyncsec joined #salt
21:23 saltazure_ Ch3LL: I used this manual https://docs.saltstack.com/en/latest/topics/cloud/azurearm.html to get to work salt vs azure
21:24 saltazure_ but seems i missed something or there is a bug, as i got error like:
21:24 _JZ_ joined #salt
21:24 saltazure_ WARNING ] The cloud driver, 'azurearm', configured under the 'azure' cloud provider alias, could not be loaded. Please check your provider configuration files and ensure all required dependencies are installed for the 'azurearm' driver. In rare cases, this could indicate the 'azurearm.get_configured_provider()' function could not be found.
21:25 saltazure_ in provider conf i have: cat cloud.providers.d/azurearm.conf  azure:   driver: azurearm
21:26 saltazure_ and in profile cat cloud.profiles azure-debian:   provider: azure
21:26 Ch3LL saltazure: can you check that you can import all the required dependencies
21:26 Ch3LL if you look here: https://github.com/saltstack/salt/blob/v2016.11.4/salt/cloud/clouds/azurearm.py#L57-L89
21:27 Ch3LL and you just loop through those imports and try `python -c "import <name>"`
21:27 Ch3LL that will tell you which dependency you are missing
21:27 Ch3LL thats the first thing i usually try to verify
21:27 Ch3LL also take note there is a known issue i am actually diving into as we speak here: https://github.com/saltstack/salt/issues/38907
21:27 saltstackbot [#38907][OPEN] Salt Cloud | [ERROR   ] Error creating <VM> on Azure | Description of Issue/Question...
21:28 Ch3LL but you should be able to get past that error
21:28 Ch3LL you paste
21:29 saltazure_ ok, i will try...let's see is there something missed
21:29 Ch3LL k perfect. I know that i ran into those dependency issues when i was first setting it up and i had to install the exact version stated in the document
21:30 quay joined #salt
21:30 aldevar left #salt
21:33 MTecknology hm.. What's the right way to include a static IP address and a vlan tag into salt-cloud?
21:34 Trauma joined #salt
21:35 Trauma joined #salt
21:36 J0hnSteel joined #salt
21:37 quay hi, i'm trying to upgrade from 2015.5.10 to 2016.11.3.  i've upgrade the master.  the minion is still running 2015.5.10, and it's failing to do a highstate
21:37 quay the error in the master shows the following: 2017-05-03 14:35:38,963 [salt.config      ][DEBUG   ][10539] Reading configuration from /etc/salt/master 2017-05-03 14:35:39,003 [salt.loader      ][WARNING ][10539] Failed to import grains database. Bad magic number. If migrating from Python2 to Python3, remove all .pyc files and try again. 2017-05-03 14:35:39,003 [salt.loader      ][DEBUG   ][10539] Failed to import grains database: Tracebac
21:38 quay File "/usr/lib/python2.7/site-packages/salt/loader.py", line 1332, in _load_module     mod = imp.load_module(mod_namespace, fn_, fpath, desc) ImportError: Bad magic number in /srv/modules/grains/database.pyc 2017-05-03 14:35:39,665 [salt.loaded.ext.grains.datacenter][INFO    ][10539] Unable to determine the vlan for salt001.dev.sjc1.ckint.io in _grains/datacenter.py 2017-05-03 14:35:39,693 [salt.utils.lazy  ][DEBUG   ][10539] LazyLoade
21:38 prg3 joined #salt
21:38 quay any suggestions?
21:38 wangofett joined #salt
21:42 nick123 joined #salt
21:50 seanz joined #salt
21:52 Praematura joined #salt
21:54 Trauma joined #salt
21:57 sjorge joined #salt
22:02 hemebond quay: Minion should be the same version.
22:02 hemebond or at least the same major version.
22:06 hashwagon Hello, I'm very new to SaltStack and I'm running into an issue deploying .war files with Tomcat8. I've written up a stackoverflow question if anyone cares to chime in: https://stackoverflow.com/questions/43770756/saltstacktomcat-deployment-tomcat-war-deployed-error
22:06 Trauma joined #salt
22:07 PatrolDoom joined #salt
22:07 nixjdm joined #salt
22:08 noobiedubie joined #salt
22:09 edrocks joined #salt
22:12 jas02 joined #salt
22:18 michaelb saltazure - I'm currently doing salt & Azure but without azurearm stuff - happy to have a chat about
22:19 tercenya joined #salt
22:19 michaelb basically using salt to manage a Powershell box! - its the best way to get the full breadth of ARM, without bashing against incomplete features and bugs (imo of course)
22:20 Nahual joined #salt
22:21 VR-Jack3-H joined #salt
22:22 Zaunei joined #salt
22:22 seanz1 joined #salt
22:24 mrueg_ joined #salt
22:25 hashwagon_ joined #salt
22:25 englishm_llnw_ joined #salt
22:25 capn-mor1an joined #salt
22:25 Vye_ joined #salt
22:25 legreffi1r joined #salt
22:26 Qlawy_ joined #salt
22:26 kaushal_ joined #salt
22:26 rmc3 joined #salt
22:26 Micromus_ joined #salt
22:27 ZombieTwiglet joined #salt
22:27 tongpu_ joined #salt
22:28 Xevian joined #salt
22:29 jesusaur joined #salt
22:29 Trauma joined #salt
22:30 JPT_ joined #salt
22:31 Dev0n joined #salt
22:31 demize joined #salt
22:31 lastmikoi joined #salt
22:34 brent_ joined #salt
22:34 Nahual joined #salt
22:34 niknakpaddywak joined #salt
22:36 Savemech joined #salt
22:41 anthonyshaw joined #salt
22:42 nick123 joined #salt
22:44 keldwud joined #salt
22:48 fracklen joined #salt
22:52 Pydude joined #salt
22:52 drags joined #salt
22:53 theanalyst joined #salt
22:54 jab416171 joined #salt
22:56 adongy joined #salt
22:57 onlyanegg joined #salt
23:05 pipps joined #salt
23:07 nixjdm joined #salt
23:07 pipps joined #salt
23:10 edrocks joined #salt
23:20 renoirb joined #salt
23:24 asyncsec joined #salt
23:29 DEger joined #salt
23:38 quay thanks @hemebond.  I've update the salt minion to be the same version....  but now it looks like jinja isn't working properly
23:38 quay 2017-05-03 16:34:05,263 [salt.pillar      ][CRITICAL][31867] Rendering SLS 'rsyslog.config.centos7' failed, render error: Jinja variable 'remote_syslog_server' is undefined
23:38 hemebond Ceeeeeentoooooooooos!!! /me shakes fist at the sky
23:38 hemebond There's some error in the SLS.
23:39 hemebond If that's your SLS, you need to fix it :-)
23:39 quay hmm, older version doesn't have this issue
23:39 hemebond That you know of :-)
23:39 quay let me find the sls
23:41 quay {% if grains.get('datacenter_name', '') == 'yeast' and grains.get('environment', '') == 'ck' -%}     {% set remote_syslog_server = '10.5.60.120:5544' -%} {% elif grains.get('datacenter_name', '') == 'ywest' and grains.get('environment', '') == 'ck' -%}     {% set remote_syslog_server = '10.4.60.120:5544' -%} {% elif grains.get('datacenter_name', '') == 'yeast' and grains.get('environment', '') == 'tk' -%}     {% set remote_syslog_server
23:42 hemebond You shouldn't paste code in here.
23:42 quay has the jinga syntax change
23:42 hemebond Paste it somewhere proper that retains formatting.
23:43 quay https://paste.ubuntu.com/24508260/
23:44 hemebond Right, so none of the conditionals matched.
23:45 sarcasticadmin joined #salt
23:45 nidr0x joined #salt
23:46 hemebond All that code could be cleaner too, but that's separate.
23:46 quay where are the grains configuration located at?
23:48 hemebond salt minionid grains.items
23:51 quay many thanks.  i'll continue to look
23:52 quay are you aware of any other gotcha for upgrade from 2015.5.10 to the 2016.11.4 version
23:52 quay ?
23:52 Felgar joined #salt
23:52 hemebond I haven't upgraded yet because of a bug in the cloud module.
23:53 quay do you know if it uses a different python version?
23:53 hemebond It does not.
23:53 quay what is the bug in the cloud module...
23:54 hemebond Someone tried to add templating support to the cloud-init file and botched it which meant I couldn't provision new instances in aws.
23:54 Praematura joined #salt
23:55 antpa joined #salt
23:58 masber joined #salt

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary