Perl 6 - the future is here, just unevenly distributed

IRC log for #salt, 2017-06-06

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:08 edrocks joined #salt
00:10 woodtablet left #salt
00:13 masber joined #salt
00:22 Bock joined #salt
00:22 KevinAn2757 joined #salt
00:42 DammitJim joined #salt
00:49 mavhq joined #salt
01:07 buskatoon joined #salt
01:18 c_g joined #salt
01:26 brousch joined #salt
01:34 wangofett joined #salt
01:34 sh123124213 joined #salt
01:40 wangofett joined #salt
01:48 ilbot3 joined #salt
01:48 Topic for #salt is now Welcome to #salt! <+> Latest Versions: 2016.3.6, 2016.11.5 <+> Support: https://www.saltstack.com/support/ <+> Logs: http://irclog.perlgeek.de/salt/ <+> Paste: https://gist.github.com/ <+> See also: #salt-devel, #salt-offtopic <+> We are volunteers and may not have immediate answers <+> The call for speakers for SaltConf17 is now open: http://tinyurl.com/SaltConf17
01:53 wangofett joined #salt
02:02 wangofett joined #salt
02:07 zerocoolback joined #salt
02:07 wangofett joined #salt
02:26 wangofett joined #salt
02:26 niall_ joined #salt
02:29 niall_ left #salt
02:31 niallyoung joined #salt
02:32 niallyoung G'day, anyone familiar with salt-call and its default location for Salt states?
02:33 niallyoung I'm using Vagrant with the Salt provisioner, so I'm trying to avoid using a custom /etc/salt/minion configuration - just want to make our Salt states available in the VM like I'm doing with the pillar, but the docs don't explain what the default location is, and I haven't been able to figure it out through trial-and-error or looking at source
02:33 niallyoung --local
02:35 niallyoung salt-call state.highstate --retcode-passthrough  --log-level=debug --force-color
02:36 niallyoung Stdout from the command:  local: ----------           ID: states     Function: no.None       Result: False      Comment: No Top file or external nodes data matches found.
02:37 niallyoung https://docs.saltstack.com/en/latest/topics/tutorials/standalone_minion.html#tutorial-standalone-minion doesn't explain this
02:39 niallyoung I've successfully made pillar available at /srv/pillar, and have tried making states available at /srv/salt, /srv/states, /srv/state, or our whole salt repo (state and pillar) at /srv/salt ....
02:39 niallyoung I'm guessing it needs to be explicit in /etc/salt/minion
02:39 niallyoung #file_roots: #  base: #    - /srv/salt
02:39 niallyoung and salt-call doesn't have a default..?
02:51 fritz09 joined #salt
02:58 schemanic joined #salt
02:58 schemanic heya
02:59 schemanic Anyone have any success with states.blockdev.formatted?
02:59 schemanic I'm getting a 'Failed to format block device' message'
03:23 zinzinzin joined #salt
03:31 xet7 joined #salt
03:44 MTecknology Anyone happen to know of a module that checks to make sure a configuration variable is set and/or a particular python module can be loaded before allowing the module to be loaded?
03:47 mosen other than the virtual func?
03:47 dxiri joined #salt
03:51 Praematura joined #salt
03:54 sp0097 joined #salt
03:54 sp0097 left #salt
03:57 dxiri joined #salt
04:01 dxiri_ joined #salt
04:02 dxiri joined #salt
04:13 Tantagel joined #salt
04:13 dxiri_ joined #salt
04:17 dxiri joined #salt
04:22 94KAAWNIX joined #salt
04:28 MTecknology mosen: I was asking for help jumping to a module already doing that...
04:28 mosen MTecknology my bad
04:33 dxiri_ joined #salt
04:34 mosen mysql state might be relevant
04:34 mosen ive got the source here somewhere...
04:35 MTecknology yup! that's what I was after
04:36 MTecknology def _virt_: if good: return true; else: return (false, 'err')
04:37 whytewolf don't forget some log.debug spread here and there
04:38 wangofett joined #salt
04:46 MTecknology If I'm writing a custom execution module for pillar sls files to use and the module needs a config variable present to load, is that going to be a master or a minion config option?
04:47 mosen id say itll be rendered server side.. is that by calling config.get ?
04:47 MTecknology dumb question
04:47 MTecknology ya, master config
04:47 mosen ya
04:47 whytewolf depends
04:47 whytewolf if it is masterless then it goes on the minion. if not then master
04:48 MTecknology This seems relevant- https://github.com/saltstack/salt/blob/develop/salt/modules/saltutil.py#L1402
04:52 niallyoung looks like salt-call requires file_roots to be explicitly configured, no defaults :( Onto the next poorly documented feature *sigh*
04:53 hemebond niallyoung: https://docs.saltstack.com/en/develop/topics/tutorials/standalone_minion.html#running-states-masterless
04:59 mosen whytewolf yeah i dont like relying on something that has a different behaviour depending on the setup :)
05:00 niallyoung yep see above, it doesn't help to answer the question I had - the interaction of Vagrant and Salt, and the documentation of Vagrant's Salt Provisioner, doesn't cover anything but the most simple use-case
05:01 niallyoung thanks for the reply though, I do appreciate the response!
05:01 mosen niallyoung: I use vagrant to provision salt locally but yeah.. theres not much to read about
05:02 niallyoung yep, even the standard options aren't really documented, let alone their interactions and which options depend on each other - have to just trial-and-error it one step at a time
05:02 niallyoung ah well, thanks gys
05:03 dxiri joined #salt
05:11 holyzhou joined #salt
05:19 holyzhou joined #salt
05:19 mavhq joined #salt
05:37 inad922 joined #salt
05:38 fxhp joined #salt
05:42 impi joined #salt
05:48 buhm joined #salt
05:50 nafg joined #salt
05:59 do3meli joined #salt
05:59 do3meli left #salt
06:00 fracklen joined #salt
06:01 MTecknology Are custom modules not available from pillar?
06:06 iggy after you sync them
06:07 jerry__ joined #salt
06:07 candyman88 joined #salt
06:08 hemebond joined #salt
06:10 vlebo joined #salt
06:10 nafg Is there some way to make pillar data that most machines can only see its own but one machine can see all?
06:10 nafg I want to install collectd on a bunch of machines and prometheus collectd_exporter on one server
06:11 nafg so each target machine should have configured credentials to authenticate with,
06:11 nafg and the prometheus server needs to have all the credentials
06:12 nafg So the prometheus config needs to iterate over all the collectd pillars, but the targets need to have one config that for each machine will get the right one
06:12 hemebond1 joined #salt
06:13 aldevar joined #salt
06:15 MTecknology hm..
06:16 preludedrew joined #salt
06:16 MTecknology I get what I expect from 'salt-call mt_netbox.get_nodes' but 'salt-call refresh_pillar' gives me "Jinja variable 'salt.utils.templates.AliasedLoader object' has no attribute 'mt_netbox.get_nodes'"
06:17 MTecknology (restarted services too)
06:18 whytewolf salt-run saltutil.sync_modules?
06:19 whytewolf not sure if that will help. but it couldn't hurt
06:19 iggy I think even on masterless you need to sync things
06:19 MTecknology Seems to have reported changes :)
06:19 iggy (although I've never used it)
06:19 MTecknology this isn't masterless
06:19 iggy oh
06:20 iggy I misread some stuff
06:20 cb joined #salt
06:21 MTecknology no more errors
06:22 MTecknology WOOHOO1!
06:22 MTecknology s/1/!/
06:27 c_g joined #salt
06:28 c_g joined #salt
06:28 golodhrim|work joined #salt
06:30 cb joined #salt
06:31 nafg anybody??
06:33 whytewolf nafg: nothing explicitly in salt. however salt doesn't stop you from assigning all of the pillars to a single minion and others piecemeal.
06:33 nafg whytewolf: I'm trying to figure out how to implement that in the pillar
06:34 whytewolf through top.sls
06:34 nafg If I put each collectd auth under a machine's key, then how can I share a state that reads it?
06:34 nafg Is there some way for a state to say pillar[mykey].collectd.username?
06:34 nafg (in jinja)
06:34 nafg what would mykey be
06:35 nafg OTOH I could have a common key and in the pillar each machine only gets its credentials so the state is identical
06:35 nafg But then how could the prometheus server iterate over them?
06:36 nafg Maybe have pillar prometheus.sls include each of the collectd files under an array?
06:36 nafg err list ;)
06:37 whytewolf sooo. does it have to be pillars. can it be say a grain .... and then you could setup a mine to grab that grain from the servers
06:37 nafg whytewolf: not familiar with grains and mines. Where would they be defined, when/how would the password get generated?
06:37 MTecknology BAM!!! PERFECT!!!!! :D HOO RAAAH!!!
06:38 nafg whytewolf: mine docs say "This data is then made available to all Minions" -- sounds insecure
06:38 whytewolf i never said it was secure
06:38 nafg :D
06:38 whytewolf you didn't say it had to be
06:39 nafg I don't want machine A to know machine B's credentials. For that price I could just use the same credentials
06:39 nafg one set of credentials for all collectd instances
06:39 whytewolf well then no mine
06:39 nafg ok
06:39 colttt joined #salt
06:39 nafg so pillar? how can I arrange it?
06:40 whytewolf so many ways that they are to many to unumerate here.
06:40 nafg whytewolf: give me just one that will work for my constraints above
06:41 nafg I gave two options I thought of and why both won't work
06:41 nafg I can't think of any other
06:41 nafg that would
06:42 whytewolf well, lets see. could have a directory that holds each minions key in pillar. and assign those keys out to minions. and on the collectd server you could have a seperate pillar file that iterates over the yaml files and imports them into a single pillar that has them all
06:43 nafg Ok I see my second option *might be possible* using `include` with a custom `key`. Actually I'm not so sure -- I'm assuming include must be top level, in which case I can't create a list
06:43 fxhp joined #salt
06:43 whytewolf https://docs.saltstack.com/en/latest/topics/jinja/index.html#include-and-import
06:44 whytewolf or https://docs.saltstack.com/en/latest/ref/renderers/all/salt.renderers.jinja.html#salt.utils.jinja.SerializerExtension
06:44 whytewolf import_yaml
06:45 nafg whytewolf: does jinja import substitute in place? Or it just goes into a variable that needs a {{ ... }} ?
06:45 nafg Also I see import, I don't see include?
06:47 armyriad joined #salt
06:47 whytewolf import imports into a variable, include puts in file [not nessiserrily in place]
06:47 nafg whytewolf: is there some way for me to test all this locally? like a salt command to just render yml files?
06:47 nafg Anyway I'm not seeing how those options will work
06:48 nafg ok  I missed import_yaml
06:48 whytewolf render render render
06:48 nafg ?
06:49 nledez joined #salt
06:50 nafg Do you mean slsutil.render?
06:51 nafg renderer
06:51 whytewolf cp.get_template [you cna use it to find a generic version of what a pillar file will look like.]
06:51 Neighbour joined #salt
06:52 whytewolf anyway i need to heard to bed. i think i have sun fatigue
06:52 nafg :D
06:52 nafg Ok thanks
06:52 nafg You seem to be the only one around here that knows things
06:52 whytewolf iggy knows tons.
06:53 whytewolf MTecknology: is top notch also
06:53 nafg well somehow every time I come on here you're the one that helps :)
06:53 whytewolf it is because I am insane
06:53 nafg Maybe one of them can weigh in over here, because I'm not satisfied
06:53 whytewolf anyway good night
06:53 nafg Good night
06:54 ronnix joined #salt
06:54 wangofett joined #salt
06:55 zer0def joined #salt
07:03 jas02 joined #salt
07:04 nafg There doesn't seem to be any way to locally test https://docs.saltstack.com/en/latest/topics/pillar/index.html#including-other-pillars ?
07:15 ronnix joined #salt
07:16 jas02 joined #salt
07:18 ronnix joined #salt
07:20 nafg ok so I FINALLY found *include* (as opposed to import) which does substitute in place
07:21 nafg But can't figure out how to make a list of include-d things
07:22 ronnix joined #salt
07:22 JohnnyRun joined #salt
07:23 xet7 joined #salt
07:24 ronnix joined #salt
07:29 Hybrid joined #salt
07:29 hemebond1 left #salt
07:30 hemebond joined #salt
07:30 nafg ok I thought of another approach
07:31 nafg One pillar file with a key for each target each of which contains collectd credentials for said target
07:31 nafg Only the prometheus server references it directly in the top file
07:32 nafg The targets then need to import their key from it
07:32 Yoda-BZH joined #salt
07:32 nafg not sure the best way to do that though
07:32 Yoda-BZH joined #salt
07:33 hojgaard joined #salt
07:34 felskrone joined #salt
07:39 vlebo joined #salt
07:43 cyteen joined #salt
07:49 pbandark joined #salt
07:50 dograt joined #salt
07:51 Guest73 joined #salt
07:56 xet7 joined #salt
07:58 mikecmpbll joined #salt
08:01 impi joined #salt
08:04 cablekev1n joined #salt
08:11 Rumbles joined #salt
08:12 inad922 joined #salt
08:12 oida joined #salt
08:18 Trauma joined #salt
08:20 ronnix joined #salt
08:25 mikecmpb_ joined #salt
08:26 xet7 joined #salt
08:31 darioleidi joined #salt
08:35 fracklen joined #salt
08:39 Mattch joined #salt
08:41 SaltyVagrant_ joined #salt
08:42 vlebo joined #salt
08:48 bdrung_work joined #salt
08:49 o1e9 joined #salt
08:56 nafg I think this line:
08:56 nafg {% if pillar.pillar_id and pillar[pillar.pillar_id].collectd %}
08:56 nafg is failing with
08:56 nafg Jinja variable 'salt.pillar object' has no attribute 'pillar_id'
08:56 Inveracity joined #salt
08:56 nafg Unless {{ ... }} inside the if is evaluated regardless? That seems wrong
08:57 nafg I guess python is different than JS
08:57 nafg I guess this would be ok?
08:57 nafg {% if pillar.get('pillar_id') and pillar[pillar.pillar_id].get('collectd') %}
08:58 nafg Is there any better way to write it?
08:59 nku_ joined #salt
09:01 sh123124213 joined #salt
09:06 wangofett joined #salt
09:06 sh123124213 joined #salt
09:07 gmoro joined #salt
09:08 nku_ left #salt
09:08 hoonetorg joined #salt
09:09 ronnix joined #salt
09:09 hemebond nafg: I can't tell what you're actually trying to do.
09:10 LondonAppDev joined #salt
09:10 Inveracity I think the problem lies in the pillar file itself, of course it depends, but I think you could structure the pillar data differently to avoid doing pillar[pillar.pillar_id]
09:11 nafg hemebond: only include some stuff if there is pillar for it
09:11 nafg Inveracity: yeah... see earlier discussion about that :D
09:11 Inveracity I only just logged in, so I am sorry I don't have the history :(
09:11 Inveracity but yeah if you've discussed it already, nevermind me :)
09:11 nafg I need to have some config that is common in structure but different in value on each monitored machine,
09:12 hemebond Why can't you just import it via Jinja?
09:12 nafg and on the prometheus server iterate over all those configs
09:12 nafg hemebond: import what?
09:12 sh123124213 joined #salt
09:12 hemebond Whatever it is you're trying to include?
09:12 hemebond I don't have much info to go on.
09:12 hemebond I have no idea what "pillar_id" is.
09:13 candyman88 joined #salt
09:14 nafg hemebond: I'm just not sure which part of what I was saying you were referring to :)
09:15 nafg Let me start from the beginning.
09:15 hemebond Okay.
09:15 hemebond But paste somewhere outside IRC please.
09:15 hemebond I know you said/pasted some stuff before but I had to reconnect and lost it.
09:15 nafg Why
09:16 hemebond Why what?
09:16 nafg ok I'll gist actual examples
09:16 hemebond Yes please.
09:16 shortdudey123 joined #salt
09:19 wangofett joined #salt
09:20 sh123124213 joined #salt
09:20 nafg hemebond: https://gist.github.com/nafg/88d62a490fe9dc5f562f22187d0fb228 is what I'm doing currently
09:21 nafg So I have a common state file that expects certain pillar data
09:21 nafg for all the machines being monitored
09:21 nafg The point here is that collectd sends data authenticated
09:22 nafg and on the monitoring server, it has to have the same auth info
09:22 nafg Except that one machine needs ALL the infos
09:22 nafg So my master-collectd-passwords.txt.jinja is iterating over them
09:22 hemebond What is "pillar_id" referring to? What does the value mean? Anything in particular?
09:23 nafg hemebond: yes, it's the key 2 lines below it
09:23 hemebond Sure... but does it have any meaning except that it matches a pillar key?
09:23 nafg All my pillar files have a top level key unique to that server
09:23 nafg hemebond: no
09:23 nafg Exactly that
09:23 hemebond Ah, so it's the minion ID
09:23 hemebond No?
09:23 nafg No
09:23 nafg But kind of corresponds
09:24 nafg The minion id ends up being something funny (in GCP)
09:24 nafg like gitlab.c.gitlab-163123.internal
09:24 fracklen joined #salt
09:24 hemebond Okay so what's the problem?
09:24 nafg And writing `pillar['gitlab.c.gitlab-163123.internal']...` in states would be crazy :D
09:24 hemebond Doesn't work?
09:25 nafg hemebond: "something" is working, i'm not sure if it's working correctly... but (1) that explains the `if` I was asking about, (2) I really don't like this setup, because the pillar_id thing feels hacky
09:26 hemebond I agree.
09:26 nafg Another thing I don't like is that it requires the prometheus server to include ALL pillars
09:26 hemebond But it might not be possible to get around unless you want to do a proper register with minion IDs.
09:26 nafg the pillar "include" thing might have been helpful but it's not documented well
09:26 hemebond Well... what else does the gitlab pillar branch contain?
09:27 nafg lots of things... everything needed to set up gitlab ;)
09:27 hemebond Why is collectd under it?
09:27 hemebond Just to put a name to it?
09:28 nafg Well I would prefer each machine to have its own credentials
09:28 nafg So I need it to go somewhere
09:28 nafg and if it was top level then the prometheus server couldn't iterate over them
09:29 nafg they would get overwritten
09:29 nafg overwrite each other
09:30 nafg One thing my current setup is doing wrong
09:30 nafg DUH
09:30 nafg So now the prometheus server is getting a pillar_id of gitlab
09:30 nafg :(
09:30 nafg I guess I could add another pillar file to overwrite its pillar_id
09:31 nafg it should have anyway so it can monitor itself
09:31 hemebond I'm pretty sure there's an easier way.
09:32 nafg I would certainly like to believe so
09:32 nafg I would like even more to know what it is :D
09:32 hemebond I'll be back in a few minutes, but I think I've achieved something similar to what you're trying to do.
09:34 wangofett joined #salt
09:35 nafg Good to know
09:37 fracklen joined #salt
09:40 wangofett joined #salt
09:45 nafg Just realized I forgot that I could have used the `in` operator for my `if` question. Too late... :)
09:46 hemebond Okay, back.
09:46 zulutango joined #salt
09:46 hemebond Okay, so just to clarify what you're trying to do/solve...
09:46 hemebond Each minion has collectd credentials, yes?
09:47 hemebond Or are there different credentials for each check>?
09:50 nafg hemebond: no, just per minion
09:50 kedare joined #salt
09:50 nafg wdym check?
09:50 hemebond I don't really know what collectd is. I thought it was metrics or something.
09:51 hemebond I thought maybe you were trying to define something like monitoring checks in a shared way... anyway.
09:51 hemebond Here's what I would do.
09:51 nafg hemebond: correct. All that matters though is that it is sending stuff over UDP to a single listening server
09:52 hemebond Oh... I just realised you didn't want to do it the way I'm thinking of.
09:52 hemebond Well, the way _I_ would do it, is to have a YAML file that contains all the minion IDs with the credentials underneath.
09:53 hemebond Then pull those values into the minion pillars.
09:53 nafg hemebond: how would I do that? Let's say we have such a file in pillar, creds.yml
09:53 nafg What would I write in gitlab.sls
09:54 nafg (in pillar)
09:54 nafg The only options I saw were too repetitious for my liking
09:57 hemebond https://paste.debian.net/969941/
09:57 wangofett joined #salt
09:57 hemebond You could put that into its own pillar file and apply it to all minions.
09:57 nafg Oh that's a really good idea
09:58 hemebond Oops, the code is a little wrong.
09:58 hemebond Check the ( ) if you copy+pate.
09:58 nafg That file itself is a bit less DRY than I would prefer but as long as it only needs to be written once
09:58 hemebond What's not DRY about it?
09:59 sh123124213 joined #salt
09:59 nafg Ideally I could just say "substitute key X from file Y into here"
10:00 nafg instead of having to import_yaml into a variable, do stuff, and then re-inject the pieces back together
10:00 nafg But I'm being a little perfectionist ;)
10:00 hemebond Well you're transforming the data.
10:00 nafg how?
10:00 hemebond You can't really just pull it out of the YAML file.
10:01 nafg well, a certain location within it
10:02 hemebond Oh....
10:02 nafg the { username: String, password: String } part is verbatim, yet has to be re-constituted
10:02 hemebond Actually, maybe not.
10:02 nafg Anyway I like this approach much better. Thanks!
10:03 hemebond I'm just trying something.
10:03 sh123124213 joined #salt
10:03 nafg I think I should get some sleep before I implement it
10:03 wangofett joined #salt
10:05 hemebond I thought I had a neat idea on shrinking the code but it wouldn't work because you'd have hanging leaves.
10:05 hemebond Best to have the tests in there.
10:05 nafg hemebond: ok it's fine
10:05 nafg Thanks
10:06 nafg I better get some sleep :)
10:06 hemebond g'night
10:08 candyman88 joined #salt
10:10 wangofett joined #salt
10:16 wangofett joined #salt
10:24 wangofett joined #salt
10:28 fracklen joined #salt
10:29 garphy`aw left #salt
10:30 zerocoolback joined #salt
10:32 wangofett joined #salt
10:32 garphy joined #salt
10:37 wangofett joined #salt
10:48 dcpc007 joined #salt
10:52 afics joined #salt
10:52 dstensnes adding PPAs to ubuntu with pkgrepo.managed doesn't properly install the keys for the PPA
10:53 dstensnes I have done some testing, and added some comments on this case: https://github.com/saltstack/salt/issues/32294
10:53 dstensnes can someone please read through them, and tell me if i'm there is something I have forgotten?
10:54 dstensnes quite frankly, i'm growing a bit tired of having to find workarounds for issues in saltstack....
11:03 _KaszpiR_ try puppet, then ;D
11:08 amcorreia joined #salt
11:13 dstensnes for now, i'm stuck... I'm not going to implement all the recipees i have made right now...
11:15 dstensnes i'm hired to run servers, but I do spend quite a lot of time figuring out salt stuff. Sometimes it's just the documentation that's wrong, other times it's something that clearly haven't been tested before ending up in saltstack
11:21 yuhl joined #salt
11:27 dcpc007 hi, i opened a bug for a package problem on debian 7 salt repo. How can i check if the repo has change, even if issue not answered ?
11:28 dcpc007 maybe it could have automatic rebuild of the repo taht solve the problem without people check manually
11:47 fracklen joined #salt
11:47 xet7 joined #salt
11:55 blue joined #salt
11:55 Trauma joined #salt
11:56 daemonkeeper joined #salt
11:59 ronnix joined #salt
11:59 MeltedLux joined #salt
12:02 sh123124213 joined #salt
12:04 capnhex joined #salt
12:13 _KaszpiR_ dstensnes actually the same feeling I have with puppet, sometimes I really regret getting into the configuration management tools at all ;D
12:14 _KaszpiR_ in general we switched from debian/ubuntu to centos 7 and it was pretty good experience
12:16 dstensnes _KaszpiR_: i must say, i am quite happy with Debian
12:16 dstensnes when it comes to Ubuntu, i'm a bit disappointed really
12:17 dstensnes last week i deployed a fresh install of ubuntu 16.04, and found that it comes with default configuration in rsyslogd that outputs errors on every start
12:17 _KaszpiR_ :D
12:17 dstensnes and it comes with every version of ubuntu 16.04 that you install
12:18 dstensnes so statistically someone must have noticed it, but noone seems to have bothered fixing it
12:18 dstensnes and ubuntu 16.04 has been out for quite some time already
12:18 dstensnes but maybe I'm a bit too focused on perfection
12:19 dstensnes but when it comes to salt, it is really a much needed product
12:19 dstensnes but I am a bit weary that some of the things in there appears to not have been tested before landing in the stable releases
12:20 _KaszpiR_ for me, well, in general I managed to get to conf mgmt tools in the most painful moment - when they switched service managing every release, like init scripts, then upstart, now systemd, and all puppet modules were lagging behind to supoort those
12:20 _KaszpiR_ now it is much better
12:21 dstensnes true, there has been quite a lot of turmoil with this
12:21 _KaszpiR_ the scope for certian apps is huge, it's hard to test everything, not to mention hitting endge cases
12:21 dstensnes i accept that too :)
12:22 _KaszpiR_ for example multiple times I landed with puppet modules which were favoring specific distros, or were designed only to work on specivic system version + tools they were handling, and that was pain
12:22 Gabemo joined #salt
12:22 dstensnes but adding a ppa for ubuntu seems like something people should notice quite fast, when it's not working, and https://github.com/saltstack/salt/issues/32294 has been open for over a year
12:22 _KaszpiR_ also certain services tend to change a lot among patch versions (say, redis...)
12:23 _KaszpiR_ I've managed to hit puppet bugs not resolved for years
12:23 _KaszpiR_ ;D
12:23 _KaszpiR_ but yeah, you're right, ppa should be high priority in that case
12:24 _KaszpiR_ anyone got info how salt keeps backward compatibility? cause I remember puppet and its modules sometimes were pretty nasty about this
12:24 dstensnes but in saltstacks defence, it could be that this actually boils down to something in ubuntu, but still, a workaround in the module would be nice
12:24 dstensnes so i don't have to resort to cmd.run
12:24 inad922 joined #salt
12:25 dstensnes which kind of breaks the point with having a statemodule for pkgrepo
12:26 dstensnes anyway, i have work to do
12:27 DammitJim joined #salt
12:27 dstensnes and this is probably not the right channel for this rant anyway. To the rest of you: Sorry if I seem a bit frustrated
12:27 _KaszpiR_ from integration tests I see that there is a test for ading ppa, but they provide keyserver and key id to use
12:28 _KaszpiR_ hm they also test with nginx ppa without those parameters...
12:28 dstensnes but then it should fail to import them too then?
12:28 dstensnes in my head it would fail to add a ppa no matter which keyserver they use?
12:28 dstensnes (in the tests that is)
12:29 _KaszpiR_ maybe salt is switching towards more explicit resource declarations, like, 'from now on you must add ppa with keys and shit, and it breaks backward compatibility'
12:29 dstensnes maybe
12:30 dstensnes that is why I asked if someone would read my comments on the case, to see if they make sense :)
12:30 dstensnes could be something i'm missing
12:30 dstensnes but still, as you see in my first comment on that case, then state actually returns with 1 failure
12:30 _KaszpiR_ https://github.com/saltstack/salt/blob/f39a78be1a200fe13fe773772e4ef687a47621d5/salt/states/pkgrepo.py
12:31 dstensnes even though it seems to have added the sources.list.d file properly, but still missing the key
12:31 _KaszpiR_ yeah
12:32 dstensnes which causes it to return success on the next time I try to run it, but key is actually still missing, so it breaks further down the road, when i try to install packages from that ppa
12:32 _KaszpiR_ but the same issue was bogging puppet
12:33 dstensnes well, it could be some bad code from ubuntu that is actually causing it
12:33 dstensnes but a test would still reveal a problem
12:33 dstensnes s/would/should/
12:34 LostSoul joined #salt
12:39 dstensnes _KaszpiR_: where did you find that unit test btw?
12:40 kojiro joined #salt
12:40 kojiro joined #salt
12:42 _KaszpiR_ https://github.com/saltstack/salt/blob/f56c634458c22d2c10bfb4f96b57ed8d98a6b9f5/tests/integration/modules/test_pkg.py
12:42 dstensnes thanks
12:43 _KaszpiR_ line 76
12:43 _KaszpiR_ no wonder it was not detected, it is not tested ;)
12:44 dstensnes hmm, i see that...
12:45 _KaszpiR_ well, its pure python test
12:45 _KaszpiR_ here's anohter https://github.com/saltstack/salt/blob/12345dee7fb5cd3a061c4ebb0162bd04097e5310/tests/integration/files/file/base/pkgrepo/managed.sls
12:45 candyman88 joined #salt
12:45 _KaszpiR_ line 84
12:47 dstensnes hmm
12:47 dstensnes is there somewhere we can see the output of these unit tests?
12:48 c_g joined #salt
12:49 dstensnes i found https://jenkins.saltstack.com/
12:50 dstensnes https://jenkins.saltstack.com/job/branch_tests/ doesn't look good
12:50 ssplatt joined #salt
12:51 _KaszpiR_ find corresponding pull request and there are outputs attached to it
12:54 Spencer joined #salt
12:56 ronnix joined #salt
12:57 wangofett joined #salt
12:58 dstensnes well, i'm going to have to look into that test later, because i got real work todo :/
12:58 dstensnes i'm going to add that ppa with a cmd.run instead in the mean time
13:00 JohnnyRun joined #salt
13:02 wangofett joined #salt
13:03 brousch joined #salt
13:05 dstensnes hmm, that actually failed too...
13:05 dstensnes maybe that is the real problem
13:07 evle1 joined #salt
13:08 numkem joined #salt
13:08 _KaszpiR_ you know what, I rmeber I had some bullshit error with ondrey repo under puppet
13:09 _KaszpiR_ from what I remeber it was caused by special chars in the output (the r in the name and y in surename)
13:09 dstensnes https://github.com/saltstack/salt/issues/32294#issuecomment-306480931
13:10 dstensnes yes, seems that a bit related to me
13:10 _KaszpiR_ stdout:
13:10 _KaszpiR_ 'ascii' codec can't decode byte 0xc5 in position 92: ordinal not in range(128)
13:10 _KaszpiR_ yeah that's it
13:10 dstensnes exactly
13:10 _KaszpiR_ same shit
13:10 babilen add-apt-repository is totally unnecessary IMHO
13:10 _KaszpiR_ afair the issue is with ecoding
13:11 _KaszpiR_ WARNING: add-apt-repository is broken with non-UTF-8 locales, see https://github.com/oerdnj/deb.sury.org/issues/56 for workaround:
13:11 _KaszpiR_ # LC_ALL=C.UTF-8 add-apt-repository ppa:ondrej/php
13:11 _KaszpiR_ maybe that's the issue?
13:11 dstensnes _KaszpiR_: yes, seems like it....
13:12 _KaszpiR_ try to force your salt minion/master to run with UTF-8
13:12 _KaszpiR_ cause I believe it runs under POSIX or C
13:12 dstensnes hmm, that is.... not nice?
13:12 dstensnes that could cause heaps of trouble elsewhere?
13:14 _KaszpiR_ encoding? probbaly everywhere ;)
13:15 _KaszpiR_ but switching to utf-8 should actually fix most of the issues
13:15 dstensnes hmm, yes...
13:15 dstensnes i'm considering babilen's comment
13:15 dstensnes maybe better to just ignore the whole ppa thing, and just add it like a normal repository
13:17 dstensnes but i think it's safe to say this is not a salt issue
13:17 babilen The apt-key call might still be sick all over salt when it sees Ondřej's name
13:17 dstensnes but rather just another ubuntu issue
13:17 felskrone joined #salt
13:17 babilen But I seem to remember that it was add-apt-repository that was broken in this regard and not apt-key or salt
13:17 dstensnes babilen: true
13:18 babilen How dare people have non-ascii names?!?
13:18 dstensnes i won't blame "Ond\xc5\x99ej Surý" for his name either
13:18 dstensnes :)
13:19 _KaszpiR_ babilen life? :D
13:19 _KaszpiR_ got two, in my  name and surename
13:19 _KaszpiR_ the number of error emails I get, priceless
13:19 dstensnes heh, funny...
13:20 _KaszpiR_ not really, when you try to access certain data, and system says 'we do not know you'
13:20 _KaszpiR_ especially if it involves my money :)
13:20 dstensnes really understandable
13:21 dstensnes i'm just happy i'm not this guy: https://en.wikipedia.org/wiki/Hubert_Blaine_Wolfeschlegelsteinhausenbergerdorff,_Sr.
13:21 _KaszpiR_ :D
13:22 drawsmcgraw joined #salt
13:22 dstensnes with the computer systems of today, that is bound to cause some issues with everything
13:26 ronnix joined #salt
13:26 racooper joined #salt
13:28 _KaszpiR_ dstensnes tkins kind of shit (non-ascii characters) forced me to cease to use ubuntu  ;)
13:28 _KaszpiR_ *that kind
13:30 _KaszpiR_ unfortunately ubuntu happens to get this kind of 'wtf' changes that break things and force you to waste a lot of time to implement workaround
13:30 edrocks joined #salt
13:30 dstensnes exactly, that is my problem with Ubuntu
13:30 dstensnes also why i'm trying to stick to Debian
13:30 fracklen joined #salt
13:31 _KaszpiR_ Debina has the same, but with bigger friction ;)
13:31 dstensnes my experience with Debian is that they are way better at testing their stuff before it hits stable
13:31 _KaszpiR_ of course, those systems are good for development but they start to suck if you try to automate
13:32 dstensnes ah, i haven't had that much problems with that
13:32 _KaszpiR_ yeah, but sometimes they just stick to stable which just have a lot of stuf well tested
13:32 _KaszpiR_ ergo, they lag behind with features
13:33 dstensnes that is true, but the base system is way more stable
13:33 _KaszpiR_ of course, if you need stability or features, depends on the project
13:33 dstensnes even if I sometimes have to add some 3rd party repositories further into a release
13:33 dstensnes typically nodejs
13:33 dstensnes for development machines
13:33 _KaszpiR_ this reminds me docker images, sometimes you wonder who on earth does those changes
13:34 _KaszpiR_ like one day 'latest' switched from ubuntu 14 to ubuntu 16
13:34 _KaszpiR_ ;D
13:34 random_salt_user joined #salt
13:34 dstensnes well
13:34 dstensnes that could cause some problems
13:35 dstensnes but then...
13:35 dstensnes it is actually "latest"
13:35 dstensnes maybe not use "latest"? Can you address it with the version you want?
13:35 _KaszpiR_ but for me most annoying part about debian/ubuntu are two things, they start services on package installation and old packages are removed, and not left as is, which forces you to update config definitions
13:35 _KaszpiR_ we don't use latest, devs did ;D
13:36 _KaszpiR_ since they started to use specific versions it is way better
13:36 dstensnes well, user issue then
13:36 _KaszpiR_ netherless we saw sometimes the same version to point to different contianer version, though
13:36 dstensnes but in Debian configs shouldn't need to be updated between newer versions of the package, because they try to avoid changing the versions
13:37 _KaszpiR_ like, v1.0.1  was not pointing to the same contianer image version as it used to a month ago
13:37 _KaszpiR_ also ubuntu + ondrey ppa + php = magic, some packages from 5.6 install php7
13:38 _KaszpiR_ so you think you install php-module-5.6 and it actually installs ph-module-7.1 or something like it ;D
13:39 random_salt_user left #salt
13:39 dstensnes hmm, weird... haven't tried that
13:41 cyborg-one joined #salt
13:44 SaltyVagrant__ joined #salt
13:45 thinkt4nk joined #salt
13:45 SaltyVagrant___ joined #salt
13:48 edrocks did they remove the ternary filter from jinja2?
13:49 keltim joined #salt
13:50 kojiro joined #salt
13:50 SaltyVagrant_ joined #salt
13:51 keltim anyone using salt enterprise here? I'm evaluating it but it seems pretty rough ... but it looks like the perfect solution to set up tasks for the users
13:52 edrocks os salt has been reliable for the past year for us. It had some issues when we first started using it but they were ironed out within about 6months
13:52 keltim edrocks, what is os salt?
13:52 edrocks open source
13:53 keltim oh. we do as well. but I'd like something to give the users and salt enterprise looks very nice
13:55 hemebond left #salt
13:56 SaltyVagrant_ joined #salt
14:01 LondonAppDev joined #salt
14:04 Reverend so, my reactors have eslpoded
14:04 Reverend https://hastebin.com/ofocofalaj.txt
14:04 Reverend :D
14:04 Reverend any clues anyone? It appears to be thinking that the command it's trying to run has 11 arguments... O_O
14:04 Reverend coincidentally, that
14:05 Reverend s how many characters are in "repo_update"... but I'm not sure if that'
14:05 Reverend fucking keyboard.
14:05 babilen Reverend: You are doing all kind of strange things there (from passing "-b 1" (for which you need the "batch: 1" parameter in orchestrate) to passing pillars as kwarg
14:05 Reverend babilen: can't remember why, but I swear there was a reason. Is there an option to put pillar in as not a kwarg? isn't pillar a kwarg? O.o
14:06 usernkey joined #salt
14:06 babilen You'd pass pillars directly there
14:06 edrocks is there a way to test rendering a jinja template without running a state?
14:07 Reverend babilen: is there a doc for this? or would you mind showing me real quick? :| Im not sure what you mean.
14:07 Reverend tell you what, let me write it.
14:08 wavded joined #salt
14:08 babilen Reverend: http://paste.debian.net/970158/
14:08 Reverend hmm. thanks!
14:09 Reverend is batch supposed to go under pillar? O.o
14:09 Reverend didn';t even know that
14:09 babilen Please read the comment and issue referenced therein
14:09 Reverend oh shit. my bad I thought you'd just pasted an sls :P
14:10 babilen I'm passing the batch size to the orchestrate runner via pillars as you can't use it there
14:10 babilen It is an SLS, but it contains comments so that future me or colleague can address this issue once that bug gets fixed
14:10 Reverend well, I'm gonna chop batch out and muddle it round and see if it gets rid of that error. Weirdly, batch -was- working... ?
14:11 _KaszpiR_ dstensnes AFAIR /etc/apt/trusted.gpg.d/ has limit of keys in there ;)
14:11 _KaszpiR_ at least it had, something like 20
14:16 saintpablo joined #salt
14:16 Trauma joined #salt
14:17 socket- Hey guys, sorry this is offtopic, but not sure the best place to ask something like this. I'v heard there are printing solutions where all your users have 1 virtual printer. Once a printjob has been sent, the user can go to the physical printer of their choice and identify to it in order to print their jobs. If anyone knows what this is, I'd appreciate some info on what technology does this.
14:18 drawsmcgraw joined #salt
14:19 _KaszpiR_ socket- google printer pooling
14:19 dstensnes _KaszpiR_: oh does it? I didn't know
14:20 impi joined #salt
14:20 _KaszpiR_ dstensnes yeah, remember I had that issue with some ancient server which started to fail due to too many keys ;D
14:20 dstensnes i haven't really looked into the trusted.gpg.d directory
14:20 dstensnes okay, nice to know :) Thanks :)
14:21 socket- _KaszpiR_: thanks for the info
14:21 mpanetta joined #salt
14:21 _KaszpiR_ dstensnes usually happens if you want to install too much stuff on the machine
14:22 babilen Are you thinking of https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=733028 ?
14:23 mpanetta joined #salt
14:24 _KaszpiR_ yeah, afair there's something like 40 keys limit, not sure if it is fixed
14:24 ronnix joined #salt
14:24 _KaszpiR_ dstensnes https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1263540
14:24 dstensnes hmm, funny... didn't know
14:26 dstensnes but then again... running over 40 additional repositories might indicate that you might want to do something differently
14:26 dstensnes i would not be comfortable with that many repositories i think
14:27 dstensnes well, maybe on a desktop, but it's still quite a lot :)
14:27 _KaszpiR_ trying to squeeze a lot fo valid repos can cause this, like a lot of specific tools
14:28 KingJ joined #salt
14:28 _KaszpiR_ on development machine (like vagrant), workaroud - split vagrant boxes per role
14:29 Reverend babilen - it -was- the batch option. However, that -was- working until like a few days ago, so I have no idea what's changed :/
14:29 Reverend \shrug
14:29 Reverend hacky sls's ftw
14:31 dstensnes _KaszpiR_: i'm not doubting the problem, i'm just thinking that that many repositories, might be lots of different sources of potential errors :)
14:31 dstensnes but that's me
14:31 _KaszpiR_ don't even get me started ;D
14:31 dstensnes i'm trying to limit the number of repositories to a handful that I trust :)
14:32 _KaszpiR_ apt-pin is your friend
14:32 mikecmpb_ joined #salt
14:32 _KaszpiR_ gotta precisely define wich packages to get from which repos
14:33 dstensnes sounds like a lot of work :)
14:34 cyborg-one joined #salt
14:37 alvinstarr joined #salt
14:37 dstensnes well, thanks _KaszpiR_ for all your input
14:38 _KaszpiR_ yw
14:39 hashwagon joined #salt
14:42 PatrolDoom joined #salt
14:42 PatrolDoom joined #salt
14:44 jas02 joined #salt
14:45 usernkey joined #salt
14:45 xet7 joined #salt
14:45 pbandark Hi.. I would like to execute `semanage port -a -t mongod_port_t -p tcp 27017` on minions. is there any existing selinux state module which I can use or should I go with `cmd.run` ?
14:46 babilen https://docs.saltstack.com/en/latest/ref/states/all/salt.states.selinux.html
14:46 dstensnes joined #salt
14:47 dstensnes joined #salt
14:50 LondonAppDev joined #salt
14:50 pbandark babilen: yes. i checked existing selinux modules but not getting exactly which module to use and how to specify port,protocol
14:52 dstensnes joined #salt
14:54 Reverend will i need to restart salt-master after making an orch dir?
14:55 mikecmpbll joined #salt
14:55 babilen pbandark: Is it supported in the execution module?
14:55 babilen Reverend: No, fileserver.update should suffice
14:56 pbandark babilen: not sure. hence, I was plaining to go with cmd.run state module and execute `semanage port -a -t mongod_port_t -p tcp 27017`
14:56 Reverend thanks babilen :)
14:57 dxiri joined #salt
14:59 babilen pbandark: It might be easy to add to the current module which you could then synchronise to your miniond from _modules
15:00 dxiri_ joined #salt
15:01 felskrone joined #salt
15:01 pbandark babilen: you mean, creating custom modules ?
15:02 _JZ_ joined #salt
15:02 _aeris_ joined #salt
15:03 _aeris_ hello #salt !
15:03 babilen pbandark: Yeah, just fork the current one, add a bit of functionality, drop the "new" modules in _modules and submit a PR to wait for it to land in Salt proper
15:03 _aeris_ is there any difference between salt and salt-ssh for the pillar processing ?
15:04 pbandark ok babilen
15:04 _aeris_ i found that salt.pillar.get('foo', {}).get('bar', 'prod') don't work with salt-ssh, but work with salt-call/salt (with minion)
15:04 _aeris_ and salt['pillar.get']('foo:bar', 'prod') works in both cases
15:06 babilen I would strongly suggest to use salt.pillar.get('foo:bar', DEFAULT) .. but there shouldn't™ be a difference in pillar processing in terms of the syntax/functions you can call between both
15:06 drawsmcgraw joined #salt
15:09 onlyanegg joined #salt
15:10 ronnix joined #salt
15:11 mikecmpbll joined #salt
15:12 _aeris_ i got "Rendering exception occurred: Jinja variable 'function object' has no attribute 'get'" from salt-ssh
15:12 _aeris_ after some debug, seems salt.pillar.get('foo', {}) return a "function object" and not the {} expected
15:13 lompik joined #salt
15:18 mikecmpb_ joined #salt
15:19 dxiri joined #salt
15:21 wangofett joined #salt
15:24 Brew joined #salt
15:26 babilen _aeris_: It really shouldn't .. salt.pillar.get('foo', {}) itself is a function, but it should be evaluated and chaining should be possible
15:27 wangofett joined #salt
15:32 inad922 joined #salt
15:40 dxiri joined #salt
15:43 Guest73 joined #salt
15:43 jshm joined #salt
15:47 keldwud joined #salt
15:47 keldwud joined #salt
15:56 Echo joined #salt
15:58 usernkey joined #salt
15:59 SalanderLives joined #salt
16:00 JoeyJoJo joined #salt
16:00 dxiri joined #salt
16:00 usernkey joined #salt
16:04 aldevar left #salt
16:09 Renich joined #salt
16:13 dxiri joined #salt
16:15 edrocks joined #salt
16:21 mt5225 joined #salt
16:21 dxiri_ joined #salt
16:40 lubyou joined #salt
16:43 Renich joined #salt
16:44 lubyou Hi
16:44 lubyou I need some help with unicode
16:44 lubyou https://github.com/saltstack/salt/issues/40578#issuecomment-306234086
16:44 dxiri joined #salt
16:45 lubyou im trying to make that work, but I think it is not possible. Can somebody confirm, please?
16:46 Mattch1 joined #salt
16:47 impi joined #salt
16:48 edrocks if I have a production version of my app + databases running and I want to setup a separate testing instance with different pillars would I use a salt env for that?
16:56 spartakos joined #salt
16:57 spartakos left #salt
16:57 spartakos joined #salt
17:00 ahrs joined #salt
17:02 it_dude joined #salt
17:03 spartakos left #salt
17:04 woodtablet joined #salt
17:05 Praematura joined #salt
17:06 iggy lubyou: you could try running under python3 (although not sure how to do that on Windows)
17:07 lubyou @iggy I think salt is not yet ready for python 3
17:07 lubyou ah
17:07 lubyou https://github.com/saltstack/salt/issues/11995
17:08 lubyou "All tests now pass on Python 3. We'll be announcing support in Nitrogen in a few weeks."
17:09 major okay .. soo .. I am trying to grok saltstack-formulas/salt-formula-salt.git ...
17:12 iggy major: get more coffee first
17:12 major iggy, in serious
17:12 whytewolf maybe something stronger
17:12 sp0097 joined #salt
17:12 iggy ^
17:13 iggy edrocks: you _could_... I wouldn't though... I'd use separate masters
17:13 edrocks iggy: I'm wondering how to do this because they will run on the same servers. I need a way to use different pillars depending on which one I want to run otherwise I need duplicate states
17:14 iggy you are going to run dev on your prod boxes?
17:14 edrocks I think I can set a pillar to change which other pillars to load when running `salt '*' state.sls app.run` but that seems a little hacky
17:14 * iggy backs away slowly
17:14 edrocks running beta version on prod
17:14 edrocks we are moving some customers over to a beta
17:15 * edrocks pulls iggy back over here
17:15 whytewolf FCUK it we will do it live!
17:15 iggy if you are going to try saltenv's... test thoroughly somewhere else first
17:16 edrocks I'm kind of leaning towards the pillar as a switch between other pillars above but I'm open to ideas. I've never used salt envs before
17:16 major I am just gonna go back to saltstack-formulas/salt-formula
17:17 major so I don't eat my keyboard
17:17 inad922 joined #salt
17:21 Renich joined #salt
17:24 Guest73 joined #salt
17:28 woodtablet joined #salt
17:28 woodtablet left #salt
17:32 woodtablet joined #salt
17:36 major whats the benefit of maintaining the pillar data in a separate repo?
17:38 Eugene You can make the pillar repo private, and open-source your main repo
17:38 major hmm
17:39 whytewolf there is also less likely chance of accidently exposing your pillar repo through your salt states
17:42 iggy also, theoretically at some point (if you are driving everything off pillar data), your states repo will see relatively few updates vs pillar
17:43 major hmmm
17:45 wangofett joined #salt
17:50 Guest73 joined #salt
17:50 wangofett joined #salt
17:54 sh123124213 joined #salt
17:56 wangofett joined #salt
18:01 MTecknology You can stick pillar git repos into gitfs_roots?
18:01 whytewolf they don't count as pillars.
18:02 whytewolf but they will show up in the state tree
18:02 losh joined #salt
18:05 fracklen joined #salt
18:09 cyborg-one joined #salt
18:12 wangofett joined #salt
18:13 dendazen joined #salt
18:15 SalanderLives joined #salt
18:19 felskrone joined #salt
18:20 englishm_work joined #salt
18:21 edrocks joined #salt
18:24 wangofett joined #salt
18:24 wendall911 joined #salt
18:25 drawsmcgraw joined #salt
18:29 mikecmpbll joined #salt
18:33 impi joined #salt
18:39 censorshipwreck joined #salt
18:41 major is there some special syntax when referencing a grain from the pillar sls file?
18:42 drawsmcgraw major: Nothing I'm aware of. Just `grains['some_grain']`
18:42 wangofett joined #salt
18:43 drawsmcgraw or `grains.get('some_grain', 'sane_default')` if you're the cautious type.
18:43 major doh
18:45 spartakos joined #salt
18:45 spartakoss joined #salt
18:48 spartakos joined #salt
18:49 wangofett joined #salt
18:49 pewpew joined #salt
18:50 Trauma joined #salt
18:52 aboe joined #salt
18:54 nafg joined #salt
18:58 felskrone joined #salt
18:59 mugundan joined #salt
19:00 mugundan joined #salt
19:01 major I take it moving stuff off to sls files is the ideal way to "include" environment settings from alternate environments
19:02 major as opposed to defining them all in the top.sls
19:04 ws2k3 joined #salt
19:11 swills joined #salt
19:18 mugundan_ joined #salt
19:20 edrocks joined #salt
19:27 kojiro joined #salt
19:32 major soo .. looking at this github.py script I ran across for dealing with the github webhook.... and I am not "entirely" certain I understand what the GitHubReactions() function is doing...
19:32 major https://gist.github.com/xenophonf/58c3c78c34f8dabffb04
19:35 _KaszpiR_ it's a skeleton for full reactor
19:36 _KaszpiR_ it launches events on github webhooks, but each of them is doing no_op just to debug it
19:36 major yah .. but I feel like the getattr() in the bottom end of run() is doing some fun magic with the object returned by GetHubReactions()
19:36 SalanderLives Is there a way to apply permissions to a directory with file.directory with some exempt files?
19:37 SalanderLives Such that if states are run again against the server it doesn't just keep rerunning the states as the permissions are fought over by two separate states
19:39 _KaszpiR_ major I think it tries to process each event as object and tries to run event_repo_branch attribute (if exists), otherwise it runs no_op
19:42 rlarkin joined #salt
19:42 _KaszpiR_ major I guess this is known as introspection? (my wild guess)
19:42 major yah, it is
19:43 major just .. odd to me that it isn't doing anything with the objects .. unless salt is magically using the refrences returned by getattr()...
19:44 major that would be odd..
19:45 _KaszpiR_ I think that's the whole idea
19:45 _KaszpiR_ but it sounds dangerous
19:45 MTecknology SalanderLives: you can hav salt not manage files that aren't available if you use -clean:False but otherwise you'll usually want to clean up some logic
19:45 major yah .. I assume that is why there is some heavy lifting in the start of the run() in regards to security checks
19:46 ecdhe joined #salt
19:46 major the code does a real-time grab of the github API whitelist as well as compare the HMAC from the signing cert (if specified)
19:48 SalanderLives MTecknology, Thanks, I rewrote the states so they use onchanges and got the logic I wanted
19:48 MTecknology major: those get_attr bits are executing a function
19:49 major thought getattr() only returned the reference to the object..
19:49 major my brain is melting :(
19:49 MTecknology major: sure, that's what getattr() does, but what's after that?
19:49 MTecknology hint- two more characters
19:49 major oh snap
19:50 major truth!
19:50 major so those functions need to be defined for this reactor to be complete.
19:52 MTecknology So reactions is being set to an instance of the object and then getattr tries to get attributes from it and if they can't be found defaults to the no_op function (which has been defined.. only does pass) and executes whichever function it gets
19:52 _KaszpiR_ yep
19:53 MTecknology This, however, makes no sense to me - https://gist.github.com/xenophonf/58c3c78c34f8dabffb04#file-github-py-L50
19:53 MTecknology I feel like that should definitely de a syntax error...
20:01 jk joined #salt
20:01 whytewolf not a syntax error, just a blank method
20:02 sh123124213 joined #salt
20:02 keldwud joined #salt
20:02 keldwud joined #salt
20:02 whytewolf it is the same as declaring void main(argc,**argv) {} in C
20:03 whytewolf [be forgiving it has been about 10 years since i touched c]
20:04 toastedpenguin joined #salt
20:05 edrocks where does your top file go when you are using multiple environments? Do you just define it in the base and include other states/pillars for different environments there or are you supposed to do it per environment in their respective dirs?
20:05 edrocks I'm looking at this example here https://docs.saltstack.com/en/latest/ref/states/top.html#multiple-environments
20:05 edrocks would their top file be in /srv/salt/dev/top.sls? why are they putting multiple envs in a single top file
20:06 lordcirth_work Anyone know how to configure git so it will stop you if you accidentally commit as "root"?
20:06 whytewolf because salts enviroment setup is not a true seperation of enviroments
20:06 edrocks whytewolf: so you can either put them all in one or separate them out? or a crazy mix I suppose
20:06 _KaszpiR_ joined #salt
20:07 whytewolf edrocks: doesn't really matter iirc. they all merge together in the end
20:07 edrocks whytewolf: thanks
20:07 whytewolf i don't really work with enviroments so not 100% sure though
20:07 edrocks I just switched over to them so we can setup beta servers
20:08 edrocks seems better than using pillars as flags to load other pillars
20:08 whytewolf we will see
20:09 whytewolf maniacal laugh
20:10 edrocks oh my
20:11 edrocks it's only a *temporary* beta but we will probably do more in the future so
20:11 edrocks I'm trying to at least halfway set it up the right way
20:16 brousch I have a schedule.present state that's failing because the job "already exists in schedule." It seems like if it was already in the schedule, the state should pass.
20:16 brousch This fix indicates that my logic is wrong https://github.com/saltstack/salt/pull/23882/files
20:16 brousch Can someone explain this to me?
20:19 whytewolf brousch: that is modules.schedule.add which yes should error if you are trying to add a schedule that already exists. schedule.present should check if the schedule already exists and not run schedule.add if it does
20:20 nafg I'm getting "The minion function caused an exception" when running salt
20:20 nafg The stack trace doesn't refer to any of my files
20:20 nafg I know what changes I pushed, but I don't know what the error means
20:20 nafg What is a "minion function"?
20:21 brousch I even salt-call schedule.delete the job, then run my states. It suceeds the first time, but fails the second time
20:21 whytewolf nafg: a minion function would be any state or modulee function
20:21 whytewolf brousch: what version of salt.
20:21 nafg Ok I see the pillar failed to render
20:21 nafg Rendering SLS 'collectd' failed. Please see master log for details.
20:21 brousch 2016.11.1 (Carbon)
20:22 nafg Says
20:22 nafg found character '%' that cannot start any token; line 3
20:22 nafg which is
20:22 nafg {%- import_yaml "/home/naftoli/dev/git.bitbean.com/internal/salt-pillar/collectd-credentials.yml" as all_creds %}
20:23 nafg #!yaml|gpg doesn't support jinja? I have to do #!jinja|yaml|gpg ?
20:23 whytewolf nafg: that would imply it isn't reading the {
20:23 whytewolf ...
20:23 whytewolf YES
20:24 edrocks is this true? "The subdirectories in the multiple file roots cannot match, otherwise the downloaded files will not be able to be reliably ensured" https://docs.saltstack.com/en/latest/ref/configuration/master.html#file-roots
20:24 DammitJim joined #salt
20:24 nafg hmm, so that wasn't a fluke of slsutil.renderer
20:25 edrocks wouldn't that make the whole concept of environments completely useless?
20:25 whytewolf edrocks: maniacal laugh?
20:25 edrocks whytewolf: damn it
20:25 jab416171 joined #salt
20:27 stomith joined #salt
20:28 whytewolf brousch: strange. looking at the code. it should detect the schedule as already there. and my own tests with 2016.11.5 work. and looking at the history of the file i see nothing that changed between 2016.11.1 and 2016.11.5 that would change that
20:28 brousch Yeah, we use this on thousands on servers. I'm not sure why it's failing on this one minion
20:29 whytewolf brousch: check that minions version. maybe you have an older release or something
20:30 whytewolf which happens more often then it should
20:30 brousch Nah, version is the same
20:30 brousch Oh yes, we have had that before
20:31 brousch I'll have to think about it tonight. Thanks for the help whytewolf
20:31 whytewolf no problem, wish i could have been more help
20:32 whytewolf i mean you could run some -l trace on the minion with salt-call see if there is something going bonkers
20:34 hemphill joined #salt
20:41 Tantagel joined #salt
20:41 edrocks when is nitrogen supposed to be released? I think this fixes my primary issue which is merging pillars https://github.com/saltstack/salt/pull/38617
20:42 keldwud joined #salt
20:42 whytewolf well, nitrogen RC hasn't dropped yet. so who knows
20:43 edrocks waiting for another laugh when I start running the dev branch
20:44 whytewolf wouldn't run it in prod.
20:44 whytewolf but i see not issue with running it
20:44 whytewolf more testing is good
20:50 sh123124213 joined #salt
20:50 amcorreia joined #salt
21:01 major do py dsl states have a logger they can use on the master to log output to the masters log file?
21:01 whytewolf py dsl? that thing is still around?
21:04 whytewolf major: if you can avoid it. don't use pyDSL
21:05 sh123124213 joined #salt
21:06 wangofett joined #salt
21:07 major what about just #py ?
21:07 whytewolf #py or #pyobjects would be fine. they are both still maintained.
21:08 major kk .. well .. how about logging from #py into the master log? :)
21:08 whytewolf as for logging, not sure. typically they are just render engines
21:09 major well like .. exceptions seem to be picked up and logged ..
21:09 major was hoping there was a way to just log alternate things
21:09 whytewolf major: you could try importing logging as you would a module and you know try it
21:10 major hmm .. I did that and logger.info() didn't come through .. though maybe the loglevel isn't set up to log info
21:10 major will try some stuff after this meeting...
21:11 Guest73 joined #salt
21:12 wangofett joined #salt
21:14 whytewolf you could make a logging module. and use that in your #py [or even jinja render]
21:20 jas02 joined #salt
21:21 mavhq joined #salt
21:22 major honestly I am just trying to get a better feel for how all this works
21:22 wangofett joined #salt
21:23 whytewolf what are you missing?
21:24 major a CLUExFOUR upside my head
21:25 major mostly trying to grok how this external webhook event lands in rest_cherrypy and if the #py state file there can return a dictionary that trigger some other state to run
21:26 major or rather .. be applied..
21:27 whytewolf ... #py is just a render just like jinja
21:27 whytewolf it doesn't get speciel tools that jinja doesn't other then being python
21:28 major right
21:28 major but the dictionary I return acts just like specifying a flat .sls w/ the same structure?
21:29 whytewolf yeah
21:29 major perfect
21:29 whytewolf you are just returning the highstate data directly instead of yaml
21:29 major right
21:29 wangofett joined #salt
21:29 major well .. I am conditionally returning it based on information from the hook
21:29 major and after doing key validation
21:33 dxiri_ joined #salt
21:35 wangofett joined #salt
21:35 afics joined #salt
21:37 c_g joined #salt
21:45 dxiri joined #salt
21:55 dxiri joined #salt
22:03 edrocks joined #salt
22:05 hemebond joined #salt
22:06 jas02 joined #salt
22:07 dxiri joined #salt
22:14 dxiri joined #salt
22:16 nona joined #salt
22:26 dxiri joined #salt
22:33 jrgochan joined #salt
22:34 jrgochan hello
22:34 jrgochan i'm having a horrible time trying to debug jinja templates. Is there a guide out there that would teach me how to do some introspection?
22:35 dxiri joined #salt
22:35 jrgochan no idea how to see if the variables I'm making are being formed properly
22:35 stankmack joined #salt
22:36 hemebond jrgochan: You can use Jinja from a Python console.
22:37 hemebond There's also https://docs.saltstack.com/en/latest/topics/jinja/index.html#debugging
22:37 jrgochan i'm not sure what that means in a saltstack context. how would I run a state.apply from a python console?
22:37 jrgochan sorry if that seems a silly question
22:38 nixjdm joined #salt
22:38 hemebond I thought your issue was with Jinja. You can use Jinja, without Salt, via a Python console.
22:39 hemebond But if your issue is how it's interacting with Salt then maybe post your code somewhere and we can have a look.
22:39 jrgochan https://pastebin.com/LqX2yNW4
22:39 jrgochan I'm trying to figure out how to build a string using grains and then send it to a salt cp.list_master module
22:40 hemebond Okay, so you haven't grocked Jinja yet. You've got  {{ }} inside your {% %}
22:40 hemebond {% %} is already "inside" Jinja so you don't use  {{ }} to print out stuff.
22:41 hemebond http://jinja.pocoo.org/docs/2.9/templates/#other-operators
22:41 hemebond That's the Jinja documentation. Jinja is not a Salt thing, it's its own Python module.
22:42 jrgochan hrm. alright. cool!
22:42 jrgochan how would I check the value of, let's say, my "path" variable by running a state.apply salt command?
22:43 jrgochan or some way to output the final state before it gets executed?
22:43 hemebond I usually just use /tmp/test.txt: file.managed and print everything into that.
22:43 hemebond From a test.sls file.
22:44 dxiri joined #salt
22:44 jrgochan hrm. not sure i understand. sorry :/
22:44 jrgochan https://pastebin.com/mEr2d47j
22:45 jrgochan for example, running that state gives me no changes, so I'd like to see what the value of "path" is, as well as the output of "salt['cp.list_master']", but I'm not sure how to
22:47 hemebond https://pastebin.com/JAgnYjnk
22:49 jrgochan State '/tmp/test.txt' in SLS 'testing' is not formed as a list
22:49 jrgochan perhaps yaml issues?
22:49 athaller joined #salt
22:49 hemebond Oh sorry, yeah
22:49 hemebond Make contents a list
22:49 hemebond One sec
22:50 hemebond https://pastebin.com/3TuMHUYb
22:51 jrgochan ooo. cool. thanks. :)
22:51 jrgochan outputs this. <function list_master at 0x45971b8>
22:51 jrgochan so I assume i need to figure out how to convert that to a string of sorts using jinja
22:51 hemebond Ah, you need to add your parameters back in.
22:51 hemebond I removed the actual calling part.
22:51 sh123124213 joined #salt
22:52 hemebond salt['cp.list_master']("something")
22:52 ssplatt joined #salt
22:52 sh123124213 joined #salt
22:54 jrgochan magicallness
22:54 jrgochan hemebond: you just made my life quite a bit nicer. thank you!
22:54 hemebond I think there might be an easier way, rather than printing to a file... but my minions are offline because of my modem change.
22:54 kiorky joined #salt
22:55 jrgochan sorry to hear that X_X
22:55 hemebond Just means I didn't setup the port forwarding properly :_)
22:55 jrgochan yeah. I feel like there must be some way built into salt, but I can't find documentation on it
22:55 hemebond I think using test.echo can do it.
22:56 hemebond None of my port forwarding settings saved. Yay.
22:56 jrgochan >_< less than the bueno
22:58 dxiri joined #salt
23:01 neuhauss joined #salt
23:02 jrgochan https://pastebin.com/GgNRjPXY
23:02 jrgochan you were totally right! test.echo helps a ton
23:02 hemebond Yeah, didn't work on that cp.list_master though.
23:03 hemebond You might not want to use {{ file }} as the state ID if you're trying to debug.
23:03 jrgochan yeah, it's an awfully cumbersome way to debug what I want to code up as well
23:03 jrgochan ahh. fair enough.
23:03 jrgochan file_path perhaps
23:03 hemebond Could have unintended consequences depending on what the variable contains.
23:05 PatrolDoom joined #salt
23:08 dxiri joined #salt
23:10 jrgochan oh man. making so much progress. you're a life saver hemebond
23:10 hemebond ????
23:12 gmoro_ joined #salt
23:14 beebeeep joined #salt
23:15 dxiri_ joined #salt
23:23 whytewolf there are a few things for debugging jinja in salt. with out actually running your state. state.show_highstate state.show_sls actually gives you highstate data generated by your sls
23:23 whytewolf of coarse the cpget_tempalte module
23:24 whytewolf and i would point you at a render script i wrote. that returns the rendered output
23:24 whytewolf but apperently github is down
23:45 dxiri joined #salt
23:59 sjorge joined #salt

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary