Perl 6 - the future is here, just unevenly distributed

IRC log for #salt, 2017-05-12

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:13 noobiedubie joined #salt
00:31 cliluw joined #salt
00:42 Praematura_ joined #salt
00:44 patrek joined #salt
00:48 miruoy joined #salt
00:49 diagnostuck left #salt
00:51 Trauma joined #salt
01:02 jas02 joined #salt
01:24 cliluw joined #salt
01:38 zerocoolback joined #salt
01:48 ilbot3 joined #salt
01:48 Topic for #salt is now Welcome to #salt! <+> Latest Versions: 2016.3.6, 2016.11.4 <+> Support: https://www.saltstack.com/support/ <+> SaltStack Webinar on Carbon, Nitrogen, and Enterprise 5.1 on May 18, 2017 https://goo.gl/PvsOvQ <+> Logs: http://irclog.perlgeek.de/salt/ <+> Paste: https://gist.github.com/ <+> See also: #salt-devel, #salt-offtopic <+> We are volunteers and may not have immediate answers
02:03 jas02 joined #salt
02:04 edrocks joined #salt
02:15 dendazen joined #salt
02:21 nikdatrix joined #salt
02:28 XenophonF how do people normally upgrade salt-minion on Windows?
02:29 dps joined #salt
02:32 xiengu joined #salt
02:32 whytewolf with a shotgun?
02:33 XenophonF no, that's how you do a solaris upgrade
02:47 whytewolf solaris upgrades are done with a crane and a pair of tweezers
02:48 XenophonF LOL
02:53 noobiedubie joined #salt
02:58 sp0097 joined #salt
03:02 sp0097 joined #salt
03:03 pipps joined #salt
03:13 jas02 joined #salt
03:22 DEger joined #salt
03:39 keldwud joined #salt
03:43 onlyanegg joined #salt
03:44 miruoy joined #salt
03:45 Praematura joined #salt
03:59 mpanetta_ joined #salt
04:01 Praematura joined #salt
04:06 edrocks joined #salt
04:08 Deliant joined #salt
04:09 zerocool_ joined #salt
04:10 Diaoul joined #salt
04:23 evle joined #salt
04:26 hoonetorg joined #salt
04:26 jas02 joined #salt
04:28 zerocool_ joined #salt
04:41 jarvis_ joined #salt
04:42 onlyanegg joined #salt
04:57 grawity joined #salt
04:59 grawity does salt have some sort of ... warm-up period? if I haven't touched salt in a while, then even something like test.ping will timeout on half of the hosts
04:59 grawity the 2nd try however will work immediately
04:59 hemebond grawity: That seems odd.
05:00 hemebond Maybe you have something on your network killing idle connections.
05:02 grawity completely idle?
05:02 hemebond Dunno.
05:02 grawity well there's iptables with its default conntrack timeout, which I think is ... 120 hours?
05:03 grawity but if the connection was dead, then the 2nd, 3rd, ... commands probably wouldn't have worked either
05:04 hemebond What if you increase the timeout?
05:04 hemebond on your command
05:04 hemebond Do they _never_ return or are they just not returning before the default timeout?
05:05 grawity I'm not sure
05:06 grawity although, the ones which *do* return do it very slowly; I see "foo-host: True" coming in one by one every few seconds
05:06 grawity so I *guess* the remaining ones just take longer than the timeout
05:08 grawity almost as if the minions get swapped out ._.
05:08 hemebond How many minions you got?
05:08 hemebond Any errors on the master>
05:08 hemebond ?
05:10 grawity nine (mainly debian jessie/squeeze) and no, it has only logged two lines back when I was setting up keys
05:10 hemebond https://docs.saltstack.com/en/latest/ref/configuration/master.html#worker-threads
05:10 iggy sounds like a firewall issue
05:11 iggy what version of salt?
05:12 grawity 2016.11.2 on the master, "whatever is on distro repositories" on minions
05:12 grawity (2014.1, 2015.5, 2016.11)
05:13 hemebond And is there any correlation between the minion version and the minion timeouts>?
05:14 grawity hmm
05:15 grawity the 2016.11 ones *did* reply the fastest, but that's only today's attempt
05:15 grawity need to wait a few hours and test again
05:40 hasues joined #salt
05:41 felskrone joined #salt
05:46 rdas joined #salt
05:49 jas02 joined #salt
06:06 gnomethrower joined #salt
06:08 edrocks joined #salt
06:18 aldevar joined #salt
06:23 nikdatrix joined #salt
06:34 do3meli joined #salt
06:34 do3meli left #salt
06:42 mavhq joined #salt
06:43 sjorge joined #salt
06:44 Ricardo1000 joined #salt
06:45 mavhq joined #salt
06:46 golodhrim|work joined #salt
06:52 taylorbyte joined #salt
06:53 yuhl______ joined #salt
06:55 taylorbyte I'm new to salt and was wondering why my users/init.sls isn't creating the extra user when i run sudo salt '*' state.highstate https://github.com/taylorbyte/salt_taylorbyte
07:02 ronnix joined #salt
07:05 iggy grawity: 2014.* (and possibly 2015.5) definitely had issues with tcp keepalives not being set (so firewalls would drop connections too easily)... it was fixed at some point, not sure how far back it was backported though
07:05 iggy grawity: your best bet is to upgrade all your minions to something that's not 3 years old
07:05 iggy taylorbyte: do the minions all show the proper pillar data?
07:06 taylorbyte im not sure what you mean, im new
07:08 zerocoolback joined #salt
07:08 iggy salt '*' pillar.get users
07:08 iggy does that show you the data you expect?
07:08 taylorbyte actually it shows nothing just the <host name>:
07:09 iggy that means your pillar data isn't setup correctly or you don't have your config setup correctly
07:09 iggy from what I can see, the pillar looks right, so I'm guessing config
07:10 taylorbyte the /etc/salt/master ?
07:10 iggy yeah
07:11 iggy make sure `pillar_roots` is correct
07:11 hasues If i want to make a list of items for a key pair in pillar, do I simply use YAML to space them indented under that heading item?
07:13 tikhoa joined #salt
07:13 taylorbyte iggy: thanks, i left most of that file default, had a look, the default is pillar no 's'
07:13 tikhoa Hi All! Is there a way to run few states inside sls file concurrently?
07:13 iggy easy fix :)
07:14 taylorbyte yeah
07:14 iggy tikhoa: nope
07:15 tikhoa :(
07:15 zerocoolback joined #salt
07:15 Trauma joined #salt
07:17 toanju joined #salt
07:17 ronnix joined #salt
07:18 Elsmorian joined #salt
07:19 hasues Does your terminals support colors when you read pillar.items?  If so, is there something of concern when I see some list items in yellow and others in green?
07:22 Trauma joined #salt
07:23 DEger joined #salt
07:24 iggy hasues: I believe green is string, yellow is int/bool
07:24 iggy but I could be wrong
07:27 hasues Ah, that makes sense, thanks iggy
07:30 ronnix joined #salt
07:30 Trauma joined #salt
07:31 nikdatrix joined #salt
07:34 preludedrew joined #salt
07:34 gmoro joined #salt
07:35 hasues left #salt
07:41 aneeshusa joined #salt
07:55 Rumbles joined #salt
07:58 Trauma joined #salt
07:58 pbandark joined #salt
07:59 oida joined #salt
08:01 mikecmpbll joined #salt
08:05 onlyanegg joined #salt
08:09 chowmeined joined #salt
08:09 edrocks joined #salt
08:14 taylorbyte is there a way to make salt '*' state.show_highstate  list everything by order ?
08:18 chowmeined joined #salt
08:19 taylorbyte1 joined #salt
08:20 neilf__ joined #salt
08:21 geomacy joined #salt
08:25 zulutango joined #salt
08:26 N-Mi joined #salt
08:26 N-Mi joined #salt
08:26 impi joined #salt
08:28 rgrundstrom Good morning
08:41 ntropy taylorbyte: what do you mean "by order"?
08:42 taylorbyte when the list of states get displayed they had an order: number
08:43 taylorbyte have*
08:45 ntropy oh, i don't think you can do that with salt cli utilities
08:45 taylorbyte oh ok
08:45 ntropy you could use the python api, show_highstate returns a dictionary, and you should be able to get what you want with some parsing
08:49 babilen You might be able to output to json and sort the data with jq by defining a suitable sort key
08:50 babilen Running state.apply test=True will also give you the order (and a lot more)
08:56 taylorbyte1 joined #salt
09:02 Trauma joined #salt
09:09 Tantagel joined #salt
09:10 valkyr2e joined #salt
09:12 tobiasBora joined #salt
09:21 gmoro joined #salt
09:25 Elsmorian joined #salt
09:25 taylorbyte joined #salt
09:27 Trauma joined #salt
09:27 flebel joined #salt
09:28 DEger joined #salt
09:28 lorengordon joined #salt
09:34 Elsmorian joined #salt
09:39 Elsmorian joined #salt
09:40 Rumbles joined #salt
09:48 Elsmorian joined #salt
09:53 DEger joined #salt
09:53 taylorbyte1 joined #salt
09:56 ronnix joined #salt
09:56 vlebo joined #salt
09:57 o1e9 joined #salt
10:00 wych42 joined #salt
10:06 onlyanegg joined #salt
10:06 treaki joined #salt
10:07 rgrundstrom Can i set arguments in salt/top.sls and then put if states the same way you fetch pillar data? Ex: {% if args['admin_only'] == True %}
10:10 jhauser joined #salt
10:11 edrocks joined #salt
10:12 HanFeng joined #salt
10:13 Rumbles you can set arguments using {% set arg = "value" %}
10:13 Rumbles the {% if arg == "value %}
10:14 Rumbles then*
10:14 Rumbles not sure if you can put an argmument in the top file which will be passed through to the state
10:15 Rumbles I tend to put that logic in the state not the top file
10:15 Rumbles rgrundstrom, ^^
10:27 treaki joined #salt
10:48 Elsmorian joined #salt
10:49 anotherhowie joined #salt
11:00 fracklen joined #salt
11:03 mavhq joined #salt
11:17 amcorreia joined #salt
11:19 lorengordon joined #salt
11:22 Elsmorian joined #salt
11:22 Trauma joined #salt
11:29 riftman joined #salt
11:35 cyteen joined #salt
11:35 Praematura joined #salt
11:45 amcorreia joined #salt
11:46 JohnnyRun joined #salt
11:48 Trauma joined #salt
11:56 onlyanegg joined #salt
11:56 taylorbyte i can't seem to get multiple ssh_auth keys to be written to each users authorized_keys   every time i do `salt '*' state.highstate` only the first key is written. https://github.com/taylorbyte/salt_taylorbyte
11:58 JPT Not sure if it's a good idea to throw those password hashes into a public place
11:58 rubenb Jup, very bad practice.
11:59 taylorbyte im not sure either thought since they were only public keys it didnt matter?
11:59 JPT Public keys don't matter
11:59 rubenb I would personally revoke them immediately, as there are soms gits that  harvest those things.
11:59 JPT The password hashes do matter
11:59 taylorbyte oh ok all good then
11:59 JPT password: $6$SHI5a1/V$eT06Z3qahItxw5zRJJpX5.mKfu4AMtAwhyOlSVQAVos4HD0GV/40l00Utxua0yL25e/Es7kXTDQ1VrZAN0oK9/
11:59 rubenb s/gits/bots/
12:00 JPT You can throw this into hashcat and brute force the hell out of it.
12:00 taylorbyte how long does that take to crack?
12:00 JPT Not sure, but cloud resources are cheap
12:00 babilen 0.3 GHCQ
12:00 taylorbyte oh ok guessill be changing my password later
12:00 JPT Would be a good idea
12:01 JPT (And don't publish such stuff on public places) :D
12:01 babilen s/on public places//
12:01 JPT +1
12:01 Trauma joined #salt
12:01 taylorbyte its there now so ill just leave it for now
12:02 rubenb taylorbyte: If you want to publish it on git, try using the gpg renderer
12:02 taylorbyte yea, im new to salt and i find it easier to learn / explain things with context so i just synced my whole /srv
12:03 taylorbyte rubenb: thanks
12:04 pbandark I am fetching ip address with grains(url: http://{{ __grains__['fqdn_ip4'] }}:8787) and using "url" to append some text. but, when the text is written its writing in following format (http://['192.168.122.33']:8787). How I can remove "[]" brackets surrounded to IP address ?
12:06 rubenb taylorbyte: However, I cannot see why your state is not working.
12:07 rubenb pbandark: _grains__['fwdn_ipv4'][0]
12:07 rubenb pbandark: _grains__['fqdn_ipv4'][0]
12:07 pbandark ahh. right
12:08 pbandark thanks rubenb
12:08 rubenb IP-addresses and some other grains are a list. appending [0] gets the first item in that list.
12:08 hatifnatt Hello, i can't make test.check_pillar working. https://gist.github.com/hatifnatt/98c70af3dc17501ff100ee19fc048697
12:11 Elsmorian joined #salt
12:11 rubenb hatifnatt: check for pillar haproxy_csync2.master and haproxy_csync2.slave
12:12 rubenb Or rename pillars :)
12:13 felskrone does anyone know have any documentation on how to write tests for custom modules? all salt documentation is focused on modules that come with salt itself, but i cant seem to find anything regarding tests for custom modules
12:14 hatifnatt rubenb: same result: "Pillar key "haproxy_csync2.slaves" is missing."
12:15 dendazen joined #salt
12:16 rubenb hatifnatt: If you run 'salt-call pillar.items', do you see the pillar being present? (ie: is the pillar being applied to that machine?)
12:18 rubenb hatifnatt: Ok, tried it myself and did not work.
12:19 rubenb The correct syntax should be haproxy_csync2:slaves
12:19 hatifnatt rubenb: sure pillar data is here, also pillar data used later in this state
12:20 rubenb hatifnatt: The correct syntax should be haproxy_csync2:slaves and haproxy_csync2:master
12:22 hatifnatt rubenb: Thanks "haproxy_csync2:slaves" works fine. May be it's obivious for somebody, but not for me. I think documentation need some more examples / clarification.
12:23 zerocoolback joined #salt
12:23 rubenb hatifnatt: That should have had more examples/documentation.
12:27 demize Hmm, seems PyCrypto or PyCryptodome aren't available in the CentOS 7 repos, so the ec2 driver doesn't work.
12:27 demize Does anyone know if there's any repo that does have them?
12:28 demize Though.. apparently the saltstack repo has python-pycryptodome-debuginfo but not python-pycryptodome o.O
12:29 noobiedubie joined #salt
12:32 Trauma joined #salt
12:32 demize ah, apparently it's called python-crypto now there.  Still a bit weird that the debuginfo exists, but not the package itself.
12:34 ronnix joined #salt
12:38 mavhq joined #salt
12:40 Inveracity joined #salt
12:40 ssplatt joined #salt
12:45 edrocks joined #salt
12:46 mbologna joined #salt
12:48 KingOfFools How can I comment jinja lines? So in target files that lines would look like legit jinja statements. I want to generate templates, if that make sense.
12:52 KingOfFools oh, i guess {% raw %} {% endrow %} should help. Nevermind :P
12:52 KingOfFools endraw*
12:53 pratch joined #salt
12:57 Kelsar salt-run virt.hyper_info -> 'virt.hyper_info' is not available.
12:57 Kelsar what could be missing?
12:57 Kelsar libvirt runs, python-libvirt is installed
12:57 Kelsar libvirt-python
12:58 pratch joined #salt
12:59 taylorbyte joined #salt
13:00 numkem joined #salt
13:00 Kelsar nvm, seems like the last update brought another problem. need to fix that 1st
13:01 cro joined #salt
13:02 babilen Have been search, but haven't found something so far
13:03 babilen Is there a way to influence the reactor behaviour if the orchestration (or state run) that is being triggered by it is still running when the same event is fired again?
13:04 Kelsar hmm, my minion is suddenly thnking it is in a multi-master setup... where do i need to look?
13:06 Kelsar https://gist.github.com/RealKelsar/e3192f21d9dc89349bc3ee86e6a7710b
13:06 Kelsar does that over and over again, that master is reachable
13:07 rgrundstrom Hmm this is odd.... i setup roles according to http://www.saltstat.es/posts/role-infrastructure.html.. I have also the salt/top.sls to target the systems but that does not work. How ever when i run "salt -G 'roles:admin-only' state.apply" it works... Anyone that can tell me why?
13:09 N-Mi joined #salt
13:09 N-Mi joined #salt
13:09 rgrundstrom my top.sls file: https://justpaste.it/16kgh
13:11 Elsmorian joined #salt
13:12 riftman1 joined #salt
13:14 c_g_ joined #salt
13:15 Trauma joined #salt
13:20 Kelsar why can't that minion speak with my master...
13:22 cro joined #salt
13:23 Kelsar 2016.11.4 works, 2016.11.5 does not
13:27 fredvd joined #salt
13:30 Trauma joined #salt
13:31 Elsmorian joined #salt
13:34 brousch__ joined #salt
13:35 noobiedubie joined #salt
13:36 Kelsar hmm, the master only binds to an v4 socket...
13:37 Praematura joined #salt
13:38 Kelsar ipv6 socket does not help :(
13:38 cro joined #salt
13:39 racooper joined #salt
13:42 taylorbyte rubenb: i tried the gpg renderer. and i get "Rendering SLS 'users' failed. Please see master log for details" when running salt '*' pillar.items pillar_enc=gpg
13:42 taylorbyte followed instructions on https://docs.saltstack.com/en/latest/ref/renderers/all/salt.renderers.gpg.html  my sls file now looks like: https://github.com/taylorbyte/salt_taylorbyte/blob/master/pillar/users/init.sls
13:43 colegatron joined #salt
13:43 colegatron Hi
13:44 colegatron I'm going to move my vagrant+ec2+salt environments to saltcloud+docker. Just playing with salt cloud and it make me confused.
13:45 colegatron documentation says "When creating a key pair with this function, the return data will contain a copy of the private key." but a "salt-cloud -f create_keypair ec2 keyname=mytest" does not returns the private key
13:45 colegatron it only shows " vpc-development: {'ec2': ([], 'https://ec2.us-east-1.amazonaws.com/?Action=CreateKeyPair&amp;KeyName=mytest2&amp;Version=2014-10-01')} "
13:46 colegatron any clue where the private key is?
13:46 colegatron btw: salt-cloud 2016.11.4 (Carbon)
13:47 XenophonF hang on - let me try that with my salt-cloud setup
13:48 rubenb taylorbyte: do you need the pillar_enc=gpg parameter?
13:49 XenophonF smae here on 2016.11.3
13:49 XenophonF s/smae/same/
13:49 taylorbyte rubenb: don't think so but tried it and doesnt help
13:49 colegatron XenophonF, curious. how do you create your instances and log in?
13:49 XenophonF colegatron: it was created, too
13:50 concerti joined #salt
13:51 concerti Hello, does anyone have a recommendation for using Salt to manage adding / updating DNS zone files using ubuntu Bind server?
13:51 colegatron XenophonF, I mean, how you get the .pem file?
13:51 puzzlingWeirdo joined #salt
13:52 XenophonF colegatron: here's my salt-cloud config - https://github.com/irtnog/salt-states/tree/production/salt
13:53 XenophonF colegatron: and here's what the pillars behind that might look like - https://github.com/irtnog/salt-pillar-example/blob/master/salt/example/com/init.sls
13:54 XenophonF I generate keymat locally (in this case an SSH2 RSA 2048-bit key, the max allowed by AWS)
13:54 XenophonF then I push to the master and upload to AWS EC2
13:55 babilen How can I prevent concurrent executions of reactor triggered actions? (in particular orchestration runs)
13:55 colegatron currently with vagrant I create them locally, but I expected salt-cloud to do what doc says :-(
13:56 XenophonF colegatron: this is your chance to contribute back to the SaltStack community by filing a clear and detailed bug report!
13:56 XenophonF fellow Salt user, I salute you!
13:56 colegatron sure.
13:57 colegatron I'm just asking to ensure it is a bug and not a dumb(me) :)
13:57 babilen Why not both? ;)
13:57 XenophonF :-D
13:57 colegatron babilen, more than possible.
13:57 colegatron :)
13:59 colegatron babilen, just a double check: did you tried to create a keypair with " salt-cloud -f create_keypair ec2 keyname=testkeypair " and got back the private key?
13:59 colegatron did you (ever)
13:59 babilen I have not (tried)
14:00 colegatron Ok I will (file) a bug later then.
14:00 XenophonF the docs look a little thin on that function
14:00 afics joined #salt
14:00 colegatron yup. but if it would have worked it would be enough :)
14:01 colegatron have been. damnenglish
14:01 tapoxi joined #salt
14:01 colegatron see you later mates
14:01 XenophonF cheers!
14:02 kwork joined #salt
14:03 cyteen joined #salt
14:03 Elsmorian joined #salt
14:03 XenophonF ugh speaking of bug reports, recent changes to the archive state broke a bunch of my stuff :(
14:04 kwork joined #salt
14:04 ivanjaros joined #salt
14:12 Trauma joined #salt
14:13 Trauma joined #salt
14:14 johnkeates joined #salt
14:14 taylorbyte rubenb: how did my sls file look?
14:14 Trauma joined #salt
14:15 Trauma joined #salt
14:15 rgrundstrom Ill try to ask again.... I set roles according to http://www.saltstat.es/posts/role-infrastructure.html but my salt/top.sls does not seem to target the minions. How ever a "salt -G 'role:admin-only' state.apply" works perfectly. Any ideas why?
14:15 rgrundstrom My top file https://justpaste.it/16kgh
14:18 babilen rgrundstrom: What happens instead?
14:18 rgrundstrom babilen: Nothing.. It seemed to just skip the wor...
14:18 babilen You might also want to consider storing roles in pillars (much easier to maintain update and also secure (grains aren't secure))
14:18 rgrundstrom row*
14:18 rgrundstrom I found the problem
14:19 babilen What was it? I can't immediately spot something wrong
14:19 rgrundstrom There was a <space> missing in  - match:grain... coreect syntax  - match: grain
14:20 babilen Maybe you want roles to be a list also
14:20 babilen Well, 'role' in your case
14:20 babilen Ah, that pastebin makes it tricky to see whitespace
14:21 rgrundstrom Yeah i started out with roles... i changed it to make sure that there was no problem with using the roles grain. Might change that back.
14:21 babilen How do you manage those role grains?
14:21 taylorbyte1 joined #salt
14:22 rgrundstrom Manually atm... adding them to /etc/salt/grains ..... Im open to suggestions.
14:22 babilen Gnarly
14:22 babilen Well, my suggestion would be to use pillars
14:22 PatrolDoom joined #salt
14:23 _JZ_ joined #salt
14:23 babilen I'm sure you can write some states with grains.append and target those based on ... ;)
14:23 rgrundstrom A pillar with a * for default and only admin-only when specified?
14:23 nicksloan joined #salt
14:24 babilen No, keeping the "roles: - role1 - role2" data in pillars and using I@ for top.sls targeting
14:24 Elsmorian joined #salt
14:24 rgrundstrom babilen: Ok thank you. Ill keep that in mind :)
14:28 Minion_ joined #salt
14:31 rdas joined #salt
14:36 Trauma joined #salt
14:37 evle1 joined #salt
14:37 greyeax joined #salt
14:39 cro joined #salt
14:41 heaje_ joined #salt
14:41 taylorbyte joined #salt
14:43 Tantagel joined #salt
14:46 brd in the top file can I have patterns that match multiple times? i.e. '*' that matches every host and applies some states and 'foo*' that matches foobar1 & foobar2 and applies other states?
14:47 cscf brd, yes, that's very common
14:48 brd cscf: I thought so, but I have one that doesn't seem to be working
14:48 golodhrim|work joined #salt
14:48 cscf brd, and put the broader matches at the top.  ie, my first entry is '*':
14:48 dps joined #salt
14:48 brd cscf: so I feel like I am taking crazy pills :)
14:48 brd cscf: does the order matter?
14:48 cscf brd, upload top.sls to a pastebin?
14:48 cscf brd, in Pillar's top.sls, later ones will override earlier ones, so it matters there.  And naturally it is sane & best practice to follow the same with State top.sls
14:49 brd cscf: http://slexy.org/view/s2068TKRd9
14:50 cscf brd, so which ones aren't working?
14:50 brd cscf: the bottom one ps3.ty3
14:50 brd cscf: er, not bottom
14:51 cscf brd, ok, so if you run: salt 'ps3.ty3*' test.ping, do the correct minions answer?
14:51 brd yep
14:51 brd cscf: I am testing by running: salt 'ps3.ty3.*' state.highstate
14:53 cscf brd, and what happens?  No states are applied?
14:53 brd cscf: the other states are applied, but not time/customers
14:53 brd cscf: which is time/customers.sls on the filesystem
14:53 babilen brd: You might want to use "." as separator rather than / (but that shouldn't™ cause this)
14:54 cscf right, I just noticed that
14:54 babilen So - time.customers
14:55 brd babilen: oh, that worked in other states so I kept using it :)
14:55 babilen It's rather uncommon
14:55 brd babilen: ok, I'll switch
14:55 brd is there a state that doesn't do anything that I could add to my sls file?
14:55 cscf :%s#/#.#g
14:56 brd like... echo or something
14:56 babilen I see that you have "prod:" at the top .. are you using environments?
14:56 brd babilen: not really, *Everything* is in the prod env
14:56 babilen brd: There's https://docs.saltstack.com/en/latest/ref/states/all/salt.states.test.html#salt.states.test.succeed_without_changes
14:57 babilen brd: Okay, and you configured file_tree and all that? (just checking to rule out some peskiness where salt is looking in base or somesuch)
14:57 fracklen joined #salt
14:58 brd babilen: ok, let me try that state
14:58 brd babilen: for pillar?
14:59 brd oo, that worked, so my if defined in my state is the problem
14:59 brd derp
14:59 babilen Pillar?
15:00 babilen Feel free to paste your state if you want us to take a look
15:00 brd babilen: for file_tree this page came up: https://docs.saltstack.com/en/latest/ref/pillar/all/salt.pillar.file_tree.html
15:01 brd aha, I missed defining one of the pillars I needed
15:01 brd babilen: thanks!
15:01 babilen https://docs.saltstack.com/en/latest/ref/configuration/master.html#file-roots is what I was trying to refer to :)
15:03 cscf Is there a good way in jinja to check if a file exists?
15:03 brd babilen: oh yes
15:03 brd thanks babilen and cscf !
15:04 * brd really need to switch to gitfs
15:04 heaje_ joined #salt
15:04 cscf brd, I find gitfs not very useful
15:04 brd cscf: no?
15:04 cscf Just reduces iteration time, unless maybe you have many masters using the same dirs
15:04 cscf er, increases
15:05 brd yeah
15:05 brd I can see that, but I like version control for tracking changes
15:06 Praematura joined #salt
15:06 brd I am really liking using pillar and templating states and files with it
15:06 cscf brd, Oh I use git, I just track my state dir and pillar dir in git repos
15:06 cscf but they are really there on the filesystem
15:07 babilen brd: That's the spirit!
15:07 cscf All changes available locally, git push is basically backups
15:08 brd cscf: yeah, you just have to be diligent about it
15:08 cro joined #salt
15:09 brd babilen: I have been fixing little doc nits as I learn more :)
15:10 cscf brd, thanks, docs are good
15:10 brd yeah, they are very important
15:13 dps joined #salt
15:18 LondonAppDev joined #salt
15:25 gtmanfred hemebond: i do not remember
15:26 aneeshusa joined #salt
15:31 raspado joined #salt
15:31 tiwula joined #salt
15:34 thinkt4nk joined #salt
15:38 pheonix991 joined #salt
15:41 exegesis joined #salt
15:42 pratch joined #salt
15:44 johnkeates joined #salt
15:47 pratch joined #salt
15:47 fracklen joined #salt
15:48 toanju joined #salt
15:51 babilen I'd like to restart a number of webservers in reaction to an event. This has to be done batched as I don't want all webservers behind the LB to go away at the same time.
15:52 dunz0r babilen: Hmm, you could add a random delay before the startup-command, perhaps?
15:52 gtmanfred i am pretty sure i added that so that you could pass batch to an orchestrate runner in the reactor, not sure about local though
15:53 babilen I have the following now: http://paste.debian.net/932164/
15:54 babilen gtmanfred: Yeah, you are thinking of https://github.com/saltstack/salt/pull/26355
15:54 saltstackbot [#26355][MERGED] add batch to orchestrate runner | closes #12556...
15:54 gtmanfred that was a long time ago
15:54 babilen gtmanfred: I tested this and it appears to work well when I test it locally, but I have no indication if it is executed in batch mode
15:55 dezertol joined #salt
15:55 babilen I'm also wondering if I really need the orchestration there or if I could call that execution function directly in the reactor definition
15:55 gtmanfred if it executed in batch mode, you should have multiple job ids in the cache for minion returns
15:55 babilen So .. my question is: How can I make sure that batch'ed mode works and is there an easier way to do it?
15:55 jrklein joined #salt
15:55 babilen gtmanfred: Okay, let me check the event bus
15:55 gtmanfred as for telling, check the salt-run state.event pretty=True, and see if it has multiple events
15:56 GMAzrael_ joined #salt
15:56 gtmanfred and i think you can use it with local.service.{{action}}, and pass batch there, but i am not 100%, like 80% sure
15:58 aldevar left #salt
15:58 exegesis joined #salt
16:02 babilen gtmanfred: I see the following: http://paste.debian.net/932167/
16:03 babilen To me this doesn't really look as if it is running batched, but I'm not sure how it should look
16:03 gtmanfred it is not being run batched
16:03 gtmanfred if you have batch: 2
16:03 gtmanfred it should have one event that has two of those servers in there
16:03 gtmanfred and then another event with just one
16:03 gtmanfred iirc
16:03 babilen That is what I expected in one way or another, but I never used to run batched from reactors :)
16:04 gtmanfred but it looks like batch is set to None?
16:04 babilen Argh, so it is .. one second
16:04 gtmanfred it also might look different for the runner object in the event
16:05 gtmanfred but there should be two events that are sent out from the runner
16:05 babilen I had renamed batch_size to batch there ..
16:05 babilen Let me clean that and paste again
16:06 gtmanfred kk
16:06 gtmanfred I also might need to test it and get back to you, i am working on some unit tests right now
16:07 shanth anyone manging files such as rc.conf that have lot of different values for each host. trying to figure out if i need to look into using an external pillar database
16:07 shanth for freebsd
16:08 shanth gtmanfred were you in gentoo / arch channels back in the day?
16:08 babilen gtmanfred: http://paste.debian.net/932170/
16:08 gtmanfred shanth: yeah
16:08 shanth cool, you helped me with a question back in 2006 lol
16:08 gtmanfred i wasn't around back then
16:09 gtmanfred i used to be an archlinux TU, and like 2011-2014 i was in #archlinux a lot
16:09 shanth oh maybe getting you confused with a regular from then
16:09 shanth do you work for salt?
16:09 gtmanfred yes
16:09 shanth neat
16:09 rem5 joined #salt
16:10 gtmanfred babilen: that is batching i think
16:10 gtmanfred [DEBUG   ] Published command details {'tgt_type': 'list', 'jid': '20170512160641667690', 'tgt': ['foo-st-web3.test'], 'ret': '', 'user': 'sudo_vagrant', 'arg': ['apache2'], 'fun': 'service.stop'}
16:10 babilen gtmanfred: So, that looks as if it is being run batched
16:10 babilen Yeah
16:10 gtmanfred yay
16:10 babilen Just wasn't sure how to check
16:10 babilen Thanks :)
16:10 shanth i feel dumb for not being able to form the question properly but, im really struggling to manage files such as rc.conf that have tons of different data and i have hundreds of hosts :( a jinja map becomes too large and unmaintainable
16:10 gtmanfred no problem
16:11 gtmanfred shanth: i haven't used rc.conf since archlinux switched to systemd, which was before I started using salt, so i am not sure i will be much help
16:11 babilen gtmanfred: I'll try the local.service.{{action}} suggestion. No need to use orchestration here if that supports batch'ed execution also
16:11 gtmanfred i know that there are freebsd.service states that can enable stuff
16:12 gtmanfred babilen: i am like 80% sure it will
16:12 gtmanfred shanth: https://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.freebsdservice.html#salt.modules.freebsdservice.enable
16:12 gtmanfred which should automatically be used from the service.enabled states
16:12 gtmanfred shanth: what exactly are you trying to configure in rc.conf?
16:12 babilen gtmanfred: Yeah, I have the strong feeling that it *should* work, but I tried some invocations and didn't quite get it right
16:12 babilen Enjoy your Friday evening, pals!
16:12 shanth then there's settings like ifconfig and vlan settings gtmanfred, not sure how to have salt map these to pillars or some external data source
16:13 gtmanfred oh right, i forgot about those things
16:13 shanth i cant quite describe my problem :( but im essentially trying to manage a large amount of variables and can't figure out a solution to store them on a backend somewhere
16:14 gtmanfred did rc.conf have an include option?
16:14 gtmanfred so that you could include configurations in other files?
16:14 shanth the little jinja loops and jinja maps work fine for easy stuff, but what about when i have 50 variables per hosts
16:14 shanth you can put stuff in rc.conf or rc.local gtmanfred
16:14 shanth or it may be rc.conf.local
16:14 gtmanfred ahh lame, i wish there was a dropin directory like rc.conf.d/
16:15 gtmanfred then i would just split them all apart
16:15 shanth hmmm
16:15 c_g joined #salt
16:15 gtmanfred shanth: i would say, checkout file.block_replace
16:15 gtmanfred and keep each jinja seperate for the rc.conf
16:15 shanth then wont i end up with dozens of jinja maps to maintain? what happens when i have to add 10 new hosts, then i must add them to all these map files :(
16:16 gtmanfred hrm, what information are you storing in map.jinja files?
16:16 shanth i wish i had a white board to demonstrate what im asking lol
16:16 gtmanfred send me an email
16:16 gtmanfred dwallace@saltstack.com
16:16 shanth ok thanks gtmanfred
16:16 gtmanfred also
16:16 shanth im sure what im asking is easily solved, but i havent ran across an example in my reading of the docs, or several salt stack books
16:17 gtmanfred it might be useful to check out the salt-users mailing list
16:17 gtmanfred https://groups.google.com/forum/#!forum/salt-users
16:17 shanth great thanks :)
16:17 gtmanfred there are a few freebsd users on that mailing list that I know of, hopefully they will pop up
16:18 shanth at the heart of my problem it should be platform agnostic, im even struggling to manage things like sshd_config, where the Listen IP is different for 100 hosts, and the ip on each host is not always on the same adaptor. i tried making a pillar with all 100 hosts but it becomes so large so fast
16:19 gtmanfred do
16:19 gtmanfred so
16:19 gtmanfred what I would do there
16:19 gtmanfred is checkout the augeaus state
16:19 gtmanfred https://docs.saltstack.com/en/latest/ref/states/all/salt.states.augeas.html
16:20 gtmanfred and you can set the listen to {{ salt['network.ip_addrs'](type='public')[0] }}
16:21 gtmanfred https://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.network.html#salt.modules.network.ip_addrs
16:22 Elsmorian joined #salt
16:23 shanth i'll check that out gtmanfred
16:25 edrocks joined #salt
16:27 shanth gtmanfred: where are you getting the (type='public') part from?
16:28 gtmanfred salt.modules.network.ip_addrs(interface=None, include_loopback=False, cidr=None, type=None)
16:28 gtmanfred If 'type' is 'public', then only public addresses will be returned. Ditto for 'type'='private'.
16:28 shanth ah
16:29 shanth most of my hosts have several private ip's. some up to 5
16:29 shanth does the 0 indicate a list that it's picking the first one?
16:29 gtmanfred yes
16:29 gtmanfred if you want to have all of them on a listenaddress
16:29 gtmanfred you can do that too
16:29 shanth but how does it decide to order them?
16:30 gtmanfred i only have 1 ip on my servers, so that [0] works for me, it might not for you
16:30 shanth yeah most of my hosts have a bunch of ip's and vlan adapters
16:30 johnkeates if you use a loop it always works
16:31 gtmanfred do you have to set multiple listenaddrs for ssh, or can they be all on the same line
16:31 gtmanfred because i could see {{ salt.network.ip_addrs(type='private')|join(' ') }}
16:31 shanth gtmanfred: i only want it to listen on one ip, but each host has mutliple adaters. it wont always be adapter 0 or 1 on each host, it might be hte third or fourth
16:32 gtmanfred how do you make that decisoin? is it always the same cidr?
16:32 shanth depends on the vlan
16:32 shanth some hosts will listen on their vlan40 adaptor, some their 50 or 60
16:33 gtmanfred is there a reason to not just let it listen on all interfaces, and use pf to block?
16:33 shanth im going to write up some examples and email you gtmanfred
16:34 gtmanfred please email the salt-users list instead, i watch that
16:34 gtmanfred and will give more people eyes on it
16:34 shanth ok
16:34 shanth the pf thing is only really a band aid. basically if i can solve this problem i can solve how im going to manage most of my more complicated files
16:34 shanth i dont know if it will be a one sized solution or multiple smaller ones
16:37 nicksloan joined #salt
16:43 whiteinge joined #salt
16:59 speedlight joined #salt
17:00 LondonAppDev joined #salt
17:09 seanz joined #salt
17:10 slcoud joined #salt
17:11 slcoud left #salt
17:13 pcn Wow, lots of salt ppl on all of a sudden.  Welcome!
17:14 gtmanfred well, they were on before, i just added them to the access list
17:18 taylorbyte1 joined #salt
17:20 spiette i'm evaluating salt for configuration management and there is two features I couldn't find good information about. First is the execution model: is there either a scheduler on the master side or a phone-home feature on the client-side to get minions to apply their configuration on a regular basis?
17:20 gtmanfred there is a scheduler in both the master and minion
17:21 gtmanfred https://docs.saltstack.com/en/latest/topics/jobs/
17:21 gtmanfred but that is not really the salt model.  You should only have to apply salt states once
17:21 gtmanfred we don't follow the model of puppet or chef which do eventual consitency
17:21 whiteinge left #salt
17:21 whiteinge joined #salt
17:22 gtmanfred The way I do my states is when I do a git push to the states or pillars directory, git hooks triggers a salt webhook, which calls a highstate in the environment through the reactor
17:22 spiette gtmanfred: with splay, nice!
17:22 gtmanfred spiette: https://docs.saltstack.com/en/latest/topics/reactor/
17:23 gtmanfred spiette: https://blog.gtmanfred.com/masterless-reactor.html
17:23 spiette gtmanfred: i'd like to avoid to push my changes manually, this is a pain for us with ansible
17:23 gtmanfred you don't have to push the changes manually
17:23 gtmanfred have them triggered when you update the repository
17:23 gtmanfred there is no reason to run a highstate every hour
17:23 spiette ah, git push based
17:23 gtmanfred just run it when the states are changed
17:23 gtmanfred yeah
17:24 gtmanfred that blog post is able doing it on a masterless minion (which requires some stuff that is in the next major release of salt)
17:24 gtmanfred you can already do everything in that post with a master/minion setup in 2016.11
17:24 spiette I don't mind the master at all
17:24 gtmanfred yeah, i prefer the master as well
17:24 gtmanfred but for my blog
17:24 brd gtmanfred: but eventual consistency is good when your deps aren't setup correctly ;)
17:24 gtmanfred i only need one server
17:24 gtmanfred </trollface> :P
17:25 spiette we have some here
17:25 brd :D
17:25 gtmanfred spiette: here are the docs about the salt api, https://docs.saltstack.com/en/latest/ref/netapi/all/salt.netapi.rest_cherrypy.html
17:25 gtmanfred you can check for webhook information on there
17:25 spiette gtmanfred: and then, i do you make sure that the salt runs went fine? You surely don't read all the log files...
17:26 gtmanfred i store my jobs in postgres
17:26 gtmanfred you could do that and then write an app that displays the output on a tv in the office
17:26 gtmanfred or use the smtp returner that sends users an email with the output
17:26 gtmanfred s/users/stake holders/
17:27 hashwagon joined #salt
17:27 gtmanfred spiette: i also have my travis-ci setup that tests the salt states in docker, and will only send the job to the server if the states pass https://github.com/gtmanfred/blog-sls/blob/master/.travis.yml
17:27 gtmanfred https://github.com/gtmanfred/blog-sls/blob/master/salt/.kitchen.yml
17:30 spiette gtmanfred: is there something similar to puppetboard (sorry I was doing a lot of puppet a couple of years ago)? https://github.com/voxpupuli/puppetboard I actually wouldnt mind if it was a command line, but it's really the information about success/failures/changes/unresponsive that i'd like to have
17:31 gtmanfred there is the enterprise salt ui + enterprise api
17:31 gtmanfred I have heard good thing about saltpad, but i have never set it up https://github.com/Lothiraldan/saltpad
17:32 spiette : / development is stalled
17:32 spiette so you get your salt server to store its reports in a database?
17:32 gtmanfred or it is feature complete
17:32 gtmanfred spiette: https://docs.saltstack.com/en/latest/topics/jobs/job_cache.html
17:33 gtmanfred https://docs.saltstack.com/en/latest/topics/jobs/external_cache.html#external-job-cache
17:37 spiette excellent
17:37 SaucyElf joined #salt
17:38 gtmanfred everything is a plugin!
17:38 fracklen joined #salt
17:38 gtmanfred one day i will have time to port the pillar_cache system over to using the salt cache subsystem
17:39 Trauma joined #salt
17:42 spiette i didn't what was the purpose of cherrypi, is it to have a REST api over your salt master?
17:42 spiette *didn't get*
17:42 ivanjaros joined #salt
17:42 gtmanfred yes
17:43 gtmanfred also, that is where you will get the webhooks so that git push can trigger highstates
17:43 spiette ah, yes. instead of being ssh-triggered
17:44 gtmanfred right
17:44 gtmanfred and if you check that blog post, i include information about matching the X-Hub-Signature from the github Post
17:44 gtmanfred so that you know the webhook was signed by the secret key you provided github
17:49 nethershaw joined #salt
17:51 spiette neat
17:51 spiette thanks for the pointers
17:51 gtmanfred no problem
17:53 englishm_work joined #salt
17:56 pipps joined #salt
17:57 pipps joined #salt
17:59 nixjdm joined #salt
18:01 wendall911 joined #salt
18:02 pheonix991 joined #salt
18:03 impi joined #salt
18:03 edrocks joined #salt
18:07 taylorbyte1 left #salt
18:10 felskrone joined #salt
18:11 sjorge joined #salt
18:13 noobiedubie joined #salt
18:17 icebal joined #salt
18:19 Tantagel joined #salt
18:21 Renich joined #salt
18:33 rmelero joined #salt
18:40 DammitJim joined #salt
18:41 pipps joined #salt
18:42 pipps99 joined #salt
18:51 rmelero does anyone have good advice/links on how to efficiently debug a state? I come from ansible where it has inline debug statements to spit out vars and a runtime debugger kinda like pdb.
18:52 cscf rmelero, debug in what way?  Doesn't run, or doesn't do what you expect?  Debugging your use of a state, or the code itself?
18:53 GMAzrael_ Has anyone done an Ubuntu Snap install with Salt?
18:54 rmelero Not working as expected. I'm trying to get a jenkins state working. I'm getting an incorrect password error on some api calls, can't seem to find where the hell it's pulling it's password variable from
18:54 gtmanfred rmelero: the easiest way is to use salt-call -l debug on the minion, that will show the commands of what it is actually doing
18:55 rmelero Tried that, it's using http calls through a python jenkinds module https://gist.github.com/rmeleromira/7a30f8276317e08005e42c14625f77b3
18:57 gtmanfred https://github.com/saltstack/salt/blob/develop/salt/modules/jenkins.py#L87
18:57 gtmanfred if the jenkins.Jenkins() doesn't work, then i am not sure
18:58 pipps joined #salt
18:59 Kelsar i am reading that https://docs.saltstack.com/en/latest/topics/tutorials/cloud_controller.html as i understand virt.keys should create and manage the libvirt keys, but for me it just says: "'virt.keys' is not available."
18:59 Kelsar what am i not getting?
18:59 gtmanfred do you have the libvirt python module and the certtool cli binary installed?
19:01 Kelsar gtmanfred: gues certtool could be missing, is that usually a pkg on its own?
19:01 gtmanfred ¯\(°_o)/¯ i don't know
19:02 gtmanfred also, virt.keys is a state, so it isn't available on the commandline, and looks like it only needs the libvirt python module installed
19:02 Kelsar gtmanfred: all i find about certtool is for macos
19:02 gtmanfred does python -m libvirt return an error?
19:03 gtmanfred an importerror?
19:03 cscf The Ubuntu pkg is python-libvirt
19:05 ChubYann joined #salt
19:05 Elsmorian joined #salt
19:06 pipps joined #salt
19:06 kal-el joined #salt
19:06 Kelsar wuhuu, yes, putting it into a sls seems to made it
19:07 Kelsar atleast it states all keys are correct
19:07 mikecmpbll joined #salt
19:07 Kelsar aside there seems to be no keys...
19:08 cyborg-one joined #salt
19:10 wangofett joined #salt
19:11 kal-el hey folks, just starting out and having an issue with network.managed.  IP address is already present on the machine, but I need to set dns-nameservers in /etc/network/interfaces
19:11 kal-el if i use network.managed and don't include ip, netmask, gateway then it doesn't include them
19:12 kal-el what's the best way to use a machine's existing ip and assign it to the ipaddr key for network.managed?
19:14 pipps joined #salt
19:14 nixjdm joined #salt
19:15 Tantagel joined #salt
19:16 gtmanfred get the ip from grains
19:16 gtmanfred or from the network module
19:16 Elsmorian joined #salt
19:16 gtmanfred {{salt.network.ip_addrs(interface='eth0')}}
19:16 gtmanfred {{salt.network.ip_addrs(interface='eth0')[0]}}
19:18 racooper having a weird (to me) issue with jinja inserting data into a file, based on pillar value. https://gist.github.com/racooper/6218dd1e5b07bd69a97c2caaa29589e6
19:18 kal-el awesome, I knew I could return it with network.interface_ip eth0, but wasn't sure how to inject it into the value for the ipaddr key.  Thank you so much.
19:19 racooper basically, my fail2ban.sls sets "f2bpath" based on value of pillar vhost_server. in this case, it doesn't seem to read the value correctly.
19:19 gtmanfred kal-el: https://docs.saltstack.com/en/latest/topics/jinja/index.html
19:21 racooper I'll admit to using a very old version of salt...2015.5.10, the last one from EPEL
19:21 kal-el thank you, gtmanfred!
19:21 gtmanfred no problem
19:21 gtmanfred racooper: that shouldn't be a problem with the version
19:22 gtmanfred afaik
19:22 racooper I wouldn't think so. I thought this was working previously, but I haven't needed to trigger that state in a while so this was a bit surprising to me
19:23 Neighbour I find it odd that a state would influence the value of a pillar (it's not impossible, but rare)
19:23 gtmanfred it shouldn't be able to modify it
19:24 candyman88 joined #salt
19:25 gtmanfred aight, i gotta go grab a late lunch, then i think i need to be offline for the rest of the day o/
19:25 racooper I don't think the state is modifying the value. I guess I need to run some debug logging to see if I can find the full transaction.
19:26 Xenophon1 joined #salt
19:31 LeProvokateur joined #salt
19:31 shanth can a salt expert be hired to help write or consult writing complex states? https://saltstack.com/services/
19:35 Kelsar certtool is from gnutls, good to know
19:37 racooper gtmanfred, I just figured it out. I was including another pillar that was changing the value.  I had forgotten that the generic 'webserver' pillar was included with this minion's own.
19:39 Kelsar salt-run virt.hyper_info still says not available...
19:41 ahrs joined #salt
19:46 Kelsar but creating VMs seem to work
19:54 edrocks joined #salt
20:01 sjorge joined #salt
20:04 yidhra joined #salt
20:08 sp0097 joined #salt
20:08 Tantagel joined #salt
20:13 saltyotter joined #salt
20:14 nixjdm joined #salt
20:16 saltyotter Hi, just starting out with salt in a mixed environment with Windows. Successfully initialized winrepo and installed the awscli package on a win7 minion as a test. But now I can't pkg.remove it... I've tried salt-call pkg.remove awscli and the equivalent salt command targeting this minion from the master. Both minion and master report the package as installed. pkg.remove generates are trace.
20:17 saltyotter c:\salt\var\cache\salt\minion\files\base\win\repo-ng\salt-winrepo-ng>salt-call p kg.remove name=awscli version=1.11.85 [ERROR   ] An un-handled exception was caught by salt's global exception handler : KeyError: u'1.11.85' Traceback (most recent call last):   File "C:\salt\bin\Scripts\salt-call", line 11, in <module>     salt_call()   File "C:\salt\bin\lib\site-packages\salt\scripts.py", line 379, in salt_call     client.run()   Fi
20:17 saltyotter Any ideas? What am I missing here?
20:18 saltyotter better traceback:     The minion function caused an exception: Traceback (most recent call last):       File "c:\salt\bin\lib\site-packages\salt\minion.py", line 1420, in _thread_return         return_data = executor.execute()       File "c:\salt\bin\lib\site-packages\salt\executors\direct_call.py", line 28, in execute         return self.func(*self.args, **self.kwargs)       File "c:\salt\bin\lib\site-packages\salt\modules\win_pkg
20:19 saltyotter uninstaller = pkginfo[target].get('uninstaller')     KeyError: u'1.11.85'
20:28 pipps joined #salt
20:39 thetroof joined #salt
20:42 thetroof Any idea what could cause 'salt-run jobs.active' to run really slow? This one's been going for about 10 minutes, not sure what is typical.
20:49 pipps joined #salt
20:51 impi joined #salt
20:58 SalanderLives joined #salt
21:05 pipps joined #salt
21:05 nineteen joined #salt
21:07 rmelero thetroof: we had someone yesterday with the same complaint, make sure all your minions are responding
21:07 delpanto93 joined #salt
21:07 rmelero their call was stuck on waiting for the non responsive minion
21:08 thetroof Ah, thanks. Yeah, seems odd to take so long because we only have about 30 minions
21:08 whytewolf also check how many saved jobs there are.
21:09 thetroof Will do, thanks. I just changed keep_jobs to 1 because our cache has been getting huge. We are running on Helium and Halite and things are just getting worse and worse. Really coming time to upgrade and roll our own frontend (we basically only utilizie Salt for remote execution)
21:10 whytewolf Halite? wow someone actually used that thing?
21:10 thetroof well, when we set it up initially, it was cool and new!
21:12 justan0theruser joined #salt
21:12 whytewolf hehe just pullin your leg. but even salt enterprise figured out hilite was not designed very well and killed off dev on it. currently i hear good things about saltpad or molten. but i can't attest to either as i have used niether
21:13 thetroof Ok, interesting... right after a restart of the master service, I can get salt-run jobs.active to return. But after it's been running for a few minutes, doesn't look like it's going to happen.
21:13 thetroof 39,610 files under /var/cache/master/jobs
21:14 thetroof errr, with a /salt/ added in there
21:14 whytewolf also, i do hear good things about the new hotness in salt enterprise.
21:15 whytewolf that is a lot of jobs.
21:15 pipps joined #salt
21:15 thetroof Yeah but most of those interfaces are overkill for us. We are just trying to perform remote executions across 30 nodes, so I figure I should be able to roll my own Javascript frontend for the CherryPy API and be ok
21:15 thetroof yeah is that a lot? logs seems to be completely flooded with 'find_job' calls. Which I assume is from Halite, somehow
21:16 whytewolf for 30 minions... that is a lot
21:17 thetroof yeah, does seem high
21:24 lorengordon joined #salt
21:40 SalanderLives joined #salt
21:43 pipps joined #salt
21:45 censorshipwreck joined #salt
21:54 pipps joined #salt
21:58 dps joined #salt
21:58 taylorbyte joined #salt
22:01 edrocks joined #salt
22:05 thetroof appears problem is just that we have a few Windows minions that are offline, and it is just spamming find_job commands... 153k times since an hour ago
22:09 fracklen joined #salt
22:10 c_g joined #salt
22:12 rmelero remove the key from the salt-master if feasible?
22:18 XenophonF joined #salt
22:20 pipps joined #salt
22:20 dendazen joined #salt
22:22 pipps_ joined #salt
22:24 pipps joined #salt
22:32 hackel joined #salt
22:43 censorshipwreck joined #salt
22:47 ssplatt joined #salt
23:01 coredumb hey there
23:01 XenophonF hi
23:01 coredumb I have my salt master behind a not so good internet line
23:02 coredumb when I lose conenctivity, I lose connection to my minions, and I can't seem to get it back until I restart the minion
23:02 coredumb any idea how to make th minion more prone to restart connection ?
23:03 XenophonF i vaguely recall a minion config option that could change that
23:07 coredumb XenophonF: master_tries maybe ?
23:10 XenophonF maybe?
23:11 coredumb I've set it to -1 let's see how it goes
23:12 aneeshusa joined #salt
23:14 Sas_ joined #salt
23:15 dendazen joined #salt
23:16 pipps joined #salt
23:18 Sas_ Salt gurus need help for implementing multiple application and database .sls file and directory structure under /srv/salt
23:21 zulutango joined #salt
23:25 coredumb XenophonF: as a test I've restarted my master 5mn ago
23:25 coredumb master_alive_interval: 30
23:25 coredumb master_tries: -1
23:25 coredumb ping_interval: 1
23:25 coredumb tcp_keepalive: True
23:25 coredumb tcp_keepalive_idle: 60
23:25 coredumb with these minion settings
23:25 coredumb I lost 2 of my minions and they don't seem to recover :(
23:26 Sas_ [root@S-ORA12-RHEL6 salt]# tree . ├── database │   ├── hana │   │   ├── config_hana.sls │   │   └── install_hana.sls │   └── oracle11g │       ├── 10oracle.conf │       ├── archive_log.sh │       ├── bashprofile.rsp │       ├── dbca.rsp │       ├── files │       │   └── readme │       ├── init_oracle.rsp │
23:27 Sas_ need advice to define top.sls file for state files used for multiple database installation
23:29 XenophonF joined #salt
23:33 coredumb ah they got back ü
23:33 coredumb !!
23:46 coredumb XenophonF: grains_refresh_every seems to make the reconnection faster
23:53 pipps joined #salt
23:53 dps joined #salt
23:58 impi joined #salt

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary