Perl 6 - the future is here, just unevenly distributed

IRC log for #salt, 2017-06-12

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:02 hemebond Is this for a particular application?
00:17 onlyanegg No, I wanted to create a lot of dashboards the other day, so I wrote a jinja template and used the datadog python library to add them. I thought it'd be cool to have a state for it instead.
00:19 onlyanegg I know there's a terraform resource which I may end up using, but I think salt with jinja can be more expressive.
00:34 fracklen joined #salt
00:37 zulutango joined #salt
00:38 nafg joined #salt
00:49 mt5225 joined #salt
00:49 fritz09 joined #salt
00:59 onlyanegg joined #salt
01:14 Rubin joined #salt
01:24 zerocool_ joined #salt
01:25 zerocoolback joined #salt
01:34 swills joined #salt
01:34 zerocoolback joined #salt
01:48 ilbot3 joined #salt
01:48 Topic for #salt is now Welcome to #salt! <+> Latest Versions: 2016.3.6, 2016.11.5 <+> Support: https://www.saltstack.com/support/ <+> Logs: http://irclog.perlgeek.de/salt/ <+> Paste: https://gist.github.com/ <+> See also: #salt-devel, #salt-offtopic <+> We are volunteers and may not have immediate answers <+> The call for speakers for SaltConf17 is now open: http://tinyurl.com/SaltConf17
01:57 mt5225 joined #salt
02:32 evle1 joined #salt
02:46 JPT joined #salt
02:47 debian112 joined #salt
02:58 fracklen joined #salt
02:59 debian112 joined #salt
03:02 debian112 joined #salt
03:06 debian112 joined #salt
03:08 mt5225 joined #salt
03:10 sp0097 joined #salt
03:14 onlyanegg joined #salt
03:15 gnomethrower joined #salt
03:20 leafOfTree joined #salt
03:21 onlyanegg joined #salt
03:24 debian112 joined #salt
03:26 zerocool_ joined #salt
03:29 debian112 joined #salt
03:33 miruoy joined #salt
03:35 nafg joined #salt
03:36 donmichelangelo joined #salt
03:40 debian112 joined #salt
03:46 coredumb MTecknology: well as you say it's a concept... depending on your external pillar module, your don't have to worry of your top.sls and it's just a matter of defining your host
04:19 mt5225 joined #salt
04:27 rem5 joined #salt
04:28 rem5 joined #salt
04:34 mt5225 joined #salt
04:37 cyborg-one joined #salt
05:04 dustywusty joined #salt
05:21 sp0097 joined #salt
05:22 fracklen joined #salt
05:29 nafg joined #salt
05:34 debian112 joined #salt
05:42 debian112 joined #salt
05:44 impi joined #salt
06:00 preludedrew joined #salt
06:02 debian112 joined #salt
06:05 do3meli joined #salt
06:05 do3meli left #salt
06:07 debian112 joined #salt
06:16 aldevar joined #salt
06:19 zulutango joined #salt
06:19 capnhex joined #salt
06:24 felskrone joined #salt
06:26 kavakava joined #salt
06:26 kavakava joined #salt
06:30 colttt joined #salt
06:31 debian112 joined #salt
06:34 fracklen joined #salt
06:37 debian112 joined #salt
06:40 ProT-0-TypE joined #salt
06:41 debian112 joined #salt
06:42 fracklen joined #salt
06:48 debian112 joined #salt
06:52 fracklen_ joined #salt
06:53 debian112 joined #salt
07:01 fracklen joined #salt
07:02 pbandark joined #salt
07:07 debian112 joined #salt
07:10 debian112 joined #salt
07:16 debian112 joined #salt
07:19 fracklen joined #salt
07:20 debian112 joined #salt
07:27 POJO joined #salt
07:29 xet7 joined #salt
07:34 debian112 joined #salt
07:45 capnhex joined #salt
07:48 debian112 joined #salt
07:57 darioleidi joined #salt
07:58 justanotheruser joined #salt
07:59 debian112 joined #salt
08:03 fracklen joined #salt
08:03 debian112 joined #salt
08:03 fracklen joined #salt
08:06 impi joined #salt
08:07 POJO joined #salt
08:07 mikecmpbll joined #salt
08:11 debian112 joined #salt
08:15 oida joined #salt
08:18 flughafen joined #salt
08:19 onlyanegg joined #salt
08:19 Sense8 joined #salt
08:21 alexlist joined #salt
08:31 debian112 joined #salt
08:34 mikecmpbll joined #salt
08:35 m4rk0 joined #salt
08:35 m4rk0 Hello
08:36 m4rk0 Is it possible to set jinja variable from cmd.run?
08:37 m4rk0 I tried something like: {% set IP_ADDR = salt['cmd.run']('wget -qO- http://ipecho.net/plain') %}
08:37 POJO joined #salt
08:38 debian112 joined #salt
08:38 m4rk0 But variable output is: /bin/sh: wget: command not found
08:39 babilen You should use an absolute path. Why not use http.query or what are you trying to do anyway?
08:39 m4rk0 I will now :D
08:42 m4rk0 babilen, something like this {% set IP_ADDR = salt['http.query']('http://ipecho.net/plain') %} ?
08:44 babilen https://docs.saltstack.com/en/latest/topics/tutorials/http.html has more information
08:44 debian112 joined #salt
08:44 babilen Are you trying to figure out the IP address of your box?
08:45 m4rk0 Yea :D
08:45 Sense8 joined #salt
08:45 babilen I take it that this isn't on a box with a public IP?
08:46 m4rk0 True
08:46 m4rk0 I know how to read interface ip (which is local IP), but don't know how to get public IP :)
08:46 pbandark1 joined #salt
08:47 darioleidi joined #salt
08:48 babilen You'd have to get that from the box that has that IP configured or from the datastore that configures it
08:48 m4rk0 Hmmm...
08:55 Mattch joined #salt
08:55 debian112 joined #salt
08:58 mikecmpbll joined #salt
08:59 debian112 joined #salt
09:07 kedare joined #salt
09:08 sjorge joined #salt
09:08 kedare Hi all :)
09:08 kedare I have a very very weird issue with SaltStack
09:09 kedare I'm running a simple state.apply, it's running perfectly fine when I run it manually from the salt master through SSH, but when it's ran the same way (On the same salt master, with exactly the same command) from the Jenkins slave, I have a lot of states that are failing with messages like : Specified file C:\\inetpub\\wwwroot\\staging\\web-app is not an absolute path
09:10 kedare The same state.apply ran by ssh console works fine : Directory C:\\inetpub\\wwwroot\\staging\\web-app is in the correct state
09:10 kedare And that was working perfectly fine in the past, I had a salt-master update recently so maybe this could cause this ?
09:11 debian112 joined #salt
09:11 mikecmpb_ joined #salt
09:16 o1e9 joined #salt
09:23 mikecmpbll joined #salt
09:27 debian112 joined #salt
09:28 justan0theruser joined #salt
09:33 debian112 joined #salt
09:40 mikecmpbll joined #salt
09:46 yuhl joined #salt
09:48 mt5225 joined #salt
09:49 mavhq joined #salt
09:52 debian112 joined #salt
09:53 mikecmpb_ joined #salt
09:59 yuhl left #salt
10:00 debian112 joined #salt
10:04 Kelsar joined #salt
10:05 POJO joined #salt
10:07 debian112 joined #salt
10:07 mikecmpbll joined #salt
10:11 ivanjaros joined #salt
10:13 LondonAppDev joined #salt
10:15 m4rk0 babilen, are you still there? I would like to use http.query method for now... but in my case {% set IP_ADDR = salt['http.query']('http://ipecho.net/plain') %} ... IP_ADDR variable contain "body: xxx.xxx.xxx.xxx", can You tell me how to get rid of "body:" part?
10:16 mikecmpb_ joined #salt
10:17 mariusv joined #salt
10:18 debian112 joined #salt
10:19 mikecmpbll joined #salt
10:22 debian112 joined #salt
10:24 pbandark Hi.. I want to create user in mongodb(`mongo --eval 'db.createUser({user: "admin", pwd: "1234", roles:[{role: "userAdminAnyDatabase", db: "admin"}]})'`). But, I am unable to execute this command with `cmd.run` state function. https://paste.fedoraproject.org/paste/Y81cWWLSWVHXbNz7jR5bAg
10:28 m4rk0 Got it :) {% set IP_ADDR = salt['http.query']('http://ipecho.net/plain')['body'] %}
10:33 m4rk0 But it doesn't help... http.query run on master salt :/
10:42 debian112 joined #salt
10:46 Whissi file.recurse with "clean: True" doesn't support "backup: minion", right?
10:57 Praematura joined #salt
10:59 evle1 joined #salt
11:08 mt5225 joined #salt
11:17 pbandark I am able to connect mongo db using mongo command: `mongo  -u admin -p 1234 --host 192.168.122.18  --port 27017`. but with `salt-call  mongodb.db_list admin 1234 192.168.122.18  27017`, connection fails. " Failed to connect to mongo database"  <==
11:18 debian112 joined #salt
11:28 lorengordon joined #salt
11:31 debian112 joined #salt
11:36 debian112 joined #salt
11:43 yuhl joined #salt
11:44 yuhl left #salt
11:45 debian112 joined #salt
11:46 sjorge joined #salt
11:47 mt5225 joined #salt
11:54 XenophonF joined #salt
11:58 thinkt4nk joined #salt
11:58 debian112 joined #salt
12:01 gmoro joined #salt
12:10 absolutejam I asked this the other day, but I'm still not sold on what the best idea is
12:10 absolutejam In a .sls file, if I first wanted to run a 'cmd.run' then perform actions based on the output, what would you suggest?
12:11 absolutejam So far, I've just done a cmd.run with 'stateful' and if the cmd.run result signifies the other states need to run, I just make it return a 'changed' state and make my other states dependent with onchanges:
12:11 Mattch joined #salt
12:11 absolutejam Seems a bit hacky, but it works.
12:13 Mattch joined #salt
12:15 debian112 joined #salt
12:17 XenophonF running a shell command statefully sounds like the only way to accomplish what you want
12:24 feld joined #salt
12:25 sjorge joined #salt
12:26 numkem joined #salt
12:26 debian112 joined #salt
12:31 hemebond left #salt
12:35 debian112 joined #salt
12:41 toastedpenguin joined #salt
12:43 pbandark it seems to be we cant use "  mongodb_user.present" to create first user. is there fix for https://github.com/saltstack/salt/issues/8933 ?
12:44 NegiLXXXVIII joined #salt
12:45 ronnix joined #salt
12:46 [CEH] joined #salt
12:48 mt5225 joined #salt
12:48 h32Lg joined #salt
12:51 rem5 joined #salt
12:53 toastedpenguin joined #salt
12:54 absolutejam oh fudge
12:54 absolutejam I wrote a state around stuff in develop
12:54 h32Lg Hi together
12:54 absolutejam I didn't realise
12:55 h32Lg i've installed salt master and minion with the version salt 2016.11.5 (Carbon) but I'm not able to ping the minion which is on the same host
12:56 absolutejam Did you accpet the key etc.?
12:56 colttt joined #salt
12:56 h32Lg yes
12:56 h32Lg I receive a "Minion did not return. [No response]" for the minion and within the minion log there is an error message complaining about the memory usage but 1,7gb of memory are free
12:57 h32Lg [salt.utils       ][ERROR   ][8308] fork #1 failed: 12 (Cannot allocate memory)
13:00 Inveracity joined #salt
13:08 XenophonF that's unusual - how close to the default config are you?
13:09 h32Lg One second
13:11 h32Lg etc/salt/master: worker_threads: 15 | fileserver_backend: - roots | file_roots: base: - /srv/salt - /srv/formulas | ipc_write_buffer: 'dynamic'
13:11 h32Lg Etc/salt/minion: master: 127.0.0.1 | master_finger: 'c8.....'
13:12 h32Lg That's it :)
13:12 h32Lg I've installed salt minion and master through the bootstrap script with -P and -M options
13:24 XenophonF I'd maybe undo the changes to ipc_write_buffer and worker_threads.
13:25 XenophonF I don't know what the bootstrap script does with those flags, but assuming it installs from source, I'd switch to vendor-supplied pacakges.
13:26 XenophonF admittedly, these are pretty vague suggestions
13:26 XenophonF you shouldn't be running out of memory for a fork
13:26 XenophonF so the only thing I can think of is getting back to defaults/known good versions
13:30 Cadmus joined #salt
13:32 Cadmus Hello, I've got a snag with an archive.extracted state, the archive file is on a server with a self-signed HTTPS cert (which I can't update), is there any way to tell salt to ignore the cert errors?
13:35 edrocks joined #salt
13:35 Cadmus I guess if there is a flag it also exists for things like file.managed
13:36 h32Lg @XenophonF I've tried the vendor packages first but there were a lot more complex errors which look cryptographic to me. But I'll try to undo the changes and reduce to aminimu
13:37 h32Lg *a minimum
13:37 XenophonF Cadmus: You could try adding the self-signed cert to the local trust store.
13:38 capnhex left #salt
13:39 mikecmpb_ joined #salt
13:40 drawsmcgraw joined #salt
13:44 XenophonF wow digging through the code that turns mech://path into a file...
13:44 edrocks joined #salt
13:44 XenophonF lots of indirection
13:44 XenophonF i think i found it in salt/utils/http.py
13:45 XenophonF looks like salt can use either requests or tornado (the default)
13:46 XenophonF https://docs.saltstack.com/en/develop/topics/tutorials/http.html
13:47 XenophonF doesn't look like there's a knob to turn off certificate verification
13:47 XenophonF sorry Cadmus
13:47 Cadmus XenophonF: Thannks for looking :) . It's a one-off so I think I'll just copy it to another server for now.
13:49 XenophonF yeah that's probably the simpler option
13:49 XenophonF or copy it into file_roots somewhere
13:49 XenophonF that's what i usually do - i have "large" files in an s3 bucket that's listed in file_roots
13:50 dendazen joined #salt
13:53 Cadmus I have a few too many big binary blobs here already, what's one more?
13:53 XenophonF :-D
13:58 colttt joined #salt
13:58 NegiLXXXVIII hi
13:58 NegiLXXXVIII does anyone know when the release of nitrogen is planned?
13:59 XenophonF Real Soon Now
13:59 NegiLXXXVIII that would be realy great :D
13:59 XenophonF it will almost certainly be out sometime between the release of Duke Nukem Forever and Half Life 3
13:59 NegiLXXXVIII ok :d
14:00 NegiLXXXVIII so much for that... :P
14:00 POJO joined #salt
14:00 Cadmus But DNF did get released, sadly.
14:00 mt5225 joined #salt
14:01 XenophonF exactly
14:02 debian112 joined #salt
14:04 NegiLXXXVIII ohh i just found the version page...
14:05 NegiLXXXVIII just forget my question
14:07 noobiedubie joined #salt
14:08 bowhunter joined #salt
14:09 debian112 joined #salt
14:11 debian112 joined #salt
14:11 nku hrm, any ideas why my syndic nodes wouldn't sync grains to their minions with saltutil.sync_all? i tried with the main master first and now from the syndic node itself, but still no sync is performed. 2016.11.5+ds-3 everywhere
14:12 Brew joined #salt
14:13 winsalt joined #salt
14:15 debian112 joined #salt
14:17 doctori joined #salt
14:18 nixjdm joined #salt
14:19 debian112 joined #salt
14:22 mpanetta joined #salt
14:23 mpanetta joined #salt
14:24 debian112 joined #salt
14:24 pbandark hi..  anyone in the group tried configuring mongodb user with salt ?
14:25 absolutejam ugh, now I have to look for myself
14:25 absolutejam I wanna know when it's out too!
14:25 darioleidi joined #salt
14:29 debian112 joined #salt
14:33 debian112 joined #salt
14:37 debian112 joined #salt
14:37 rihannon joined #salt
14:41 Naresh joined #salt
14:43 theencoded joined #salt
14:44 debian112 joined #salt
14:49 sarcasticadmin joined #salt
14:49 debian112 joined #salt
14:51 ronnix joined #salt
14:51 mt5225 joined #salt
14:56 Kelsar 2017.x out yet?
14:56 impi joined #salt
14:56 debian112 joined #salt
14:57 edrocks joined #salt
15:01 theencoded I'm pretty new to salt, and I'm trying to bring up a new EC2 instance with an elastic IP. I've configured the instance's network interface like this... https://gist.githubusercontent.com/ewollesen/2d2dbcb8955e71648b9197cf10eb63c3/raw/dabb89a545be510e2514ce1bca195e7ba355fd0b/gistfile1.txt But it doesn't allocate an elastic IP. Can anyone identify what I'm missing? I tried to follow the docs here
15:01 theencoded https://docs.saltstack.com/en/latest/topics/cloud/aws.html
15:01 debian112 joined #salt
15:02 amcorreia joined #salt
15:05 fracklen joined #salt
15:07 doctori joined #salt
15:07 debian112 joined #salt
15:10 debian112 joined #salt
15:16 doctori joined #salt
15:20 debian112 joined #salt
15:20 doctori joined #salt
15:21 bowhunter joined #salt
15:22 keltim joined #salt
15:22 doctori joined #salt
15:23 debian112 joined #salt
15:24 doctori Hi, has anyone managed to push managed files to S3 ? (within a state) I know there's an open issue (2013 ...) about that : https://github.com/saltstack/salt/issues/6443 but has anyone managed do workaround that ?
15:25 rlatimore joined #salt
15:26 debian112 joined #salt
15:28 GMAzrael is it possible to do a logical or in a require statement?
15:30 PatrolDoom joined #salt
15:30 debian112 joined #salt
15:30 evle1 joined #salt
15:30 fracklen joined #salt
15:30 heaje joined #salt
15:35 nixjdm joined #salt
15:35 englishm_work joined #salt
15:36 debian112 joined #salt
15:38 gmoro_ joined #salt
15:38 XenophonF GMAzrael: you could alter a list of requisites using Jinja, if you had enough info at render time to make that decision
15:40 XenophonF theencoded: the option is `allocate_new_eip: True`
15:41 debian112 joined #salt
15:45 ivanjaros joined #salt
15:46 GMAzrael_ joined #salt
15:46 debian112 joined #salt
15:48 debian112 joined #salt
15:48 toastedpenguin joined #salt
15:53 debian112 joined #salt
15:56 debian112 joined #salt
15:57 cyborg-one joined #salt
15:59 debian112 joined #salt
16:00 theencoded XenophonF: I've tried that as well, both are listed in the docs, but neither worked
16:04 Praematura joined #salt
16:05 anotherZero joined #salt
16:06 debian112 joined #salt
16:14 debian112 joined #salt
16:15 edrocks joined #salt
16:17 debian112 joined #salt
16:17 Gareth theencoded: Double check that your EC2 subnet is setup to hand out elastic IPs.  If I remember correctly, it's not enabled to do so by default.
16:18 edrocks joined #salt
16:19 debian112 joined #salt
16:23 debian112 joined #salt
16:26 pppingme joined #salt
16:26 onlyanegg joined #salt
16:27 DammitJim joined #salt
16:27 o1e9 joined #salt
16:28 debian112 joined #salt
16:30 woodtablet joined #salt
16:33 debian112 joined #salt
16:34 notCalle joined #salt
16:35 nixjdm joined #salt
16:35 OliverUK joined #salt
16:37 OliverUK Hello, can salt be configured to 'monitor' (possibly ping) an IP address and if it is up then SSH onto it and start configuring it straight away and not have to do a 'state.apply' etc?  If this is possible is there any documentation on how to set this up or some key search terms I should use?  Thanks in advance :-)
16:39 onlyanegg OliverUK: You want to configure the box as soon as it starts?
16:39 debian112 joined #salt
16:43 Inveracity joined #salt
16:45 ronnix joined #salt
16:53 debian112 joined #salt
16:53 impi joined #salt
16:58 debian112 joined #salt
17:01 c_g joined #salt
17:01 debian112 joined #salt
17:06 debian112 joined #salt
17:07 Roh joined #salt
17:09 debian112 joined #salt
17:10 doctori OlivierUK: you should be able to do that with the start states on the minion https://docs.saltstack.com/en/latest/ref/states/startup.html
17:11 doctori You'll need to accept automatically the minion key
17:11 tiwula joined #salt
17:11 whytewolf or use saltify to setup the minion. which will push the minion key [and handle the ssh into the machine part]
17:12 debian112 joined #salt
17:14 ChubYann joined #salt
17:19 debian112 joined #salt
17:21 OliverUK onlyanegg: Not necessarily as soon as it starts but as soon as it becomes contactable.  So for certain devices we could have a 'staging' environment where we start them in, salt sees them and connects and configures them which might include moving them to another network (outside of the staging environment)
17:22 druonysus joined #salt
17:24 hashwagon joined #salt
17:24 OliverUK Part of the initial configuration might be to include installing salt, not sure what is possible yet
17:25 debian112 joined #salt
17:33 theencoded Gareth: I double checked, but I don't see anything that seems to allow or disallow elastic IPs by subnet. That search did lead me to some very specific documentation that indicated that if the subnet is setup to automatically receive a public IP address, that it might *not* be able to receive elastic IP allocations. So I added 'AssociatePublicIpAddress: False' to my config, and voile, I have an elastic
17:33 theencoded IP. So thanks!
17:33 Gareth :)
17:34 nixjdm joined #salt
17:36 shanth can salt stack use atlassian stash as a gitfs backend to house state files?
17:37 candyman88 joined #salt
17:37 druonysus_ joined #salt
17:40 whytewolf shanth: yes, just configure stash to use ssh keys for the repo, and give salt the keys.
17:40 whytewolf when i still had stash i used to use that configuration.
17:41 whytewolf [didn't they change to bitbucket?]
17:41 rem5 joined #salt
17:43 debian112 joined #salt
17:43 rem5_ joined #salt
17:47 wendall911 joined #salt
17:47 anotherZero joined #salt
17:48 rem5 joined #salt
17:49 rem5_ joined #salt
17:51 lastmikoi joined #salt
17:52 druonysus joined #salt
17:55 shanth yeah i think it is bucket now
17:57 rem5 joined #salt
18:01 rem5_ joined #salt
18:02 pbandark can anyone provide example for "service.mod_watch" ? I am unable to find it over google
18:02 whytewolf example? what do you think it does?
18:02 whytewolf it is used by the watch requisite
18:03 pbandark yes. I am using watch to restart the service. but, after going through "https://docs.saltstack.com/en/2015.8/ref/states/requisites.html" it seems to be I need to use mod_watch
18:03 pbandark but, I am unable to understand how I need to use it
18:03 whytewolf it isn't a state function you create a state for
18:03 pbandark i mean syntax
18:03 whytewolf https://docs.saltstack.com/en/latest/ref/states/requisites.html#watch
18:04 rem5 joined #salt
18:04 rubenb joined #salt
18:05 whytewolf pbandark: also listen uses it and uses the same format https://github.com/whytewolf/salt-phase0-states/blob/master/sys/install/mysql.sls
18:06 pbandark checking
18:07 Edgan joined #salt
18:07 pbandark whytewolf: sorry but I dont see watch in https://github.com/whytewolf/salt-phase0-states/blob/master/sys/install/mysql.sls
18:07 whytewolf pbandark: i was using listen, which also uses mod_watch
18:07 pbandark ok
18:07 [CEH] joined #salt
18:07 nafg joined #salt
18:08 o1e9 joined #salt
18:08 whytewolf listen does the same thing as watch except instead of doing the mod_watch during the server.running function will create another stae at the end of the run that runs the mod_watch function
18:09 pbandark ok
18:10 fracklen joined #salt
18:12 debian112 joined #salt
18:12 pbandark whytewolf: do you have any experience with   mongodb_user.present?  I am trying to install mongodb and create mongodb user. but, it seems to be "  mongodb_user.present:" do not work for 1st user.
18:13 pbandark https://paste.fedoraproject.org/paste/Al~wLbQX1xMdWR6ysJfAzA
18:14 whytewolf pbandark: see https://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.mongodb.html
18:14 whytewolf the top of the module, about configuration
18:16 napoleon`8`5 joined #salt
18:16 debian112 joined #salt
18:17 whytewolf make sure mongo is actually running. and listening on that address you have for host.
18:18 lordcirth_work So, I made a PR adding an execution module.  I want to start on a state that uses it while waiting for acceptance.  Should I make the new branch based on the PR branch instead of develop?
18:19 whytewolf and that you can add a user with out logging in
18:19 rem5 joined #salt
18:19 whytewolf lordcirth_work: should have created the state module before submitting the PR :P
18:20 whytewolf anyway, yes. other wise any commits you make will be included in the PR
18:20 lordcirth_work whytewolf, well, they are somewhat separate?
18:20 pbandark whytewolf: yes. mongod is running and ip is correct.  from doc, it seems to be we need to specify username and password to connect to mongod host. but as this is fresh mongo setup without any user config, how we can specify user and passwd
18:20 whytewolf pbandark: that is more a thing to figure out with mongo. I don't know mongo
18:21 debian112 joined #salt
18:21 pbandark whytewolf: I am able to create user manually from mongo interface. but not with salt.
18:21 whytewolf lordcirth_work: meh, an exacution and state module that work together could have been a common PR. but if you already PRed the exacution module then fork to a new branch
18:23 Praematura_ joined #salt
18:23 whytewolf pbandark: I don't know.
18:23 lordcirth_work whytewolf, It's a state to configure nfs exports, should it just be called 'nfs' ?
18:24 pbandark whytewolf: ok
18:24 whytewolf lordcirth_work: iirc standard naming in the nfs tools for anything dealing with nfs exports should be named with exports in the name. but i am not sure if i recall that correctly
18:25 lordcirth_work whytewolf, nfs_export.present ?
18:25 whytewolf that looks good to me
18:27 whytewolf humm, there is an nfs3 module that has list_exports and del_exports
18:27 debian112 joined #salt
18:28 whytewolf but no add_exports
18:28 whytewolf lordcirth_work: did you update that module or create a new one that handled more then just nfs3?
18:30 whytewolf ahhh you expanded nfs3
18:30 lordcirth_work whytewolf, yeah, I added add_export and reload_exports so it is actually useful enough to build a state on
18:31 lordcirth_work so now I am writing .present and .absent, etc
18:31 whytewolf very nice
18:33 lordcirth_work I'm a bit unsure how best to handle the fact that you can pass different options to different IPs for the same export.  I may just go with "don't"
18:33 lordcirth_work It's safe to have 2 export lines with the same path, right?
18:34 whytewolf been a long time since i built an exports file.
18:35 nixjdm joined #salt
18:38 noobiedubie joined #salt
18:38 debian112 joined #salt
18:39 anotherZero joined #salt
18:41 bowhunter joined #salt
18:42 debian112 joined #salt
18:42 lordcirth_work Got confirmation on it, 2 lines works fine
18:44 dyasny_ joined #salt
18:45 debian112 joined #salt
18:45 aldevar joined #salt
18:47 major sooo .. slowly getting a full grasp of the reactors
18:48 major on this webhook reactor I have .. the 'tgt' doesn't pass through the state top.sls filtering, or does it?
18:49 whytewolf no, it doesn't. is is just like orchestration tgt
18:49 lordcirth_work whytewolf, I am unsure how to structure the arguments
18:49 whytewolf lordcirth_work: very carefully?
18:50 lordcirth_work whytewolf, lol.  Also I found a bug in list_exports() so I guess I should fix that in my first PR?
18:50 lordcirth_work I know bugfixes usually go in stable but I imagine no one actually uses the nfs3 module since it's so incomplete
18:50 major but .. I can set the tgt to a minion ID, or a nodegroup, and deliver the event to a specific master and it will still populate down to the 'tgt' members...
18:52 whytewolf major: that doesn't mean it fires of top.sls [which really doesn't have filtering] when you call state.sls <state file> you avoid the top entirely. same thing here
18:52 debian112 joined #salt
18:52 major whytewolf, yah, I follow that
18:52 sgo_ joined #salt
18:52 major just .. like I said ... trying to wrap my head completely around the implications and ways in which it can be used
18:53 whytewolf lots of different ways.
18:53 major yah .. sort of coming to that realization
18:53 major I suppose I am also trying to confirm the image I am building
18:53 major or the mental image rather
18:55 debian112 joined #salt
18:56 aldevar1 joined #salt
18:56 rem5_ joined #salt
18:58 edrocks joined #salt
19:00 austin_ joined #salt
19:03 POJO joined #salt
19:04 major is there a way to trigger the cache update to a repo in the gitfs roots?
19:04 whytewolf you mean such as salt-run fileserver.update backend=gitfs
19:04 POJO joined #salt
19:05 major was thinking to a specific formula
19:05 gtmanfred major: https://docs.saltstack.com/en/develop/topics/tutorials/gitfs.html#refreshing-gitfs-upon-push
19:05 gtmanfred you can't update a specific formula, only all the fileserver backends
19:06 gtmanfred you can also use the salt-api for that
19:06 gtmanfred and setup github or whatever to post to the api endpoint when you do a push or a pull request merge
19:06 debian112 joined #salt
19:06 whytewolf i just got lazy and use this orchestration. and when i finally get out of dev and get this in prod was just going to have a webhook call it https://github.com/whytewolf/salt-phase0-orch/blob/master/orch/sys/salt/update.sls
19:08 POJO joined #salt
19:08 debian112 joined #salt
19:13 debian112 joined #salt
19:15 POJO joined #salt
19:17 POJO joined #salt
19:18 debian112 joined #salt
19:19 POJO joined #salt
19:20 dyasny joined #salt
19:23 austin__ joined #salt
19:24 lasseknudsen joined #salt
19:24 debian112 joined #salt
19:24 edrocks do salt states have to explicitly have a require option in order to support it? https://docs.saltstack.com/en/latest/ref/states/all/salt.states.sysctl.html
19:25 edrocks ie sysctl.present doesn't list out require/_in but I need to make it be required_in: - docker: mydockercontainer
19:25 whytewolf no, require is a global
19:25 edrocks thanks
19:25 edrocks whytewolf: I got the environments working btw
19:26 whytewolf crongrats
19:26 edrocks lots of effort but it should work well when we start doing per branch deployments
19:28 debian112 joined #salt
19:28 POJO joined #salt
19:34 debian112 joined #salt
19:35 nixjdm joined #salt
19:38 debian112 joined #salt
19:38 anotherZero joined #salt
19:38 POJO joined #salt
19:44 debian112 joined #salt
19:45 lorengordon joined #salt
19:46 ivanjaros joined #salt
19:46 rem5 joined #salt
19:46 thinkt4nk joined #salt
19:50 debian112 joined #salt
19:50 cyborg-one joined #salt
19:52 aboe joined #salt
19:54 keldwud joined #salt
19:54 keldwud joined #salt
19:59 lorengordon joined #salt
20:00 Roh joined #salt
20:02 debian112 joined #salt
20:03 anotherZero joined #salt
20:07 debian112 joined #salt
20:12 POJO joined #salt
20:14 patrek joined #salt
20:15 schemanic joined #salt
20:15 schemanic heyo
20:15 XenophonF yo
20:15 schemanic I can use Jinja in pillars yes?
20:15 schemanic Hey XenophonF
20:15 XenophonF go crazy
20:16 XenophonF all the same rendering options are available in Pillar SLS files as in regular ones
20:17 schemanic I want my salt cloud profiles to be very close together, but they vary in terms of what AWS tags to give them etc. I'm thinking jinja in the pillar is the right way to go so I end up with QA, Dev, Prod versions of my app server profile
20:17 XenophonF I do something similar
20:17 whytewolf except for pillars ... you can't get pillars in pillar
20:17 aldevar1 left #salt
20:17 XenophonF I also do things like look up VPC, subnet, and security group IDs.
20:17 schemanic That's fine. I don't need that
20:18 schemanic ah yes good call XenophonF. I don't have a VPC set up yet
20:18 schemanic Do you folks have recommendations on good formulas for scaffolding AWS VPCs
20:18 schemanic ?
20:19 pbandark joined #salt
20:19 XenophonF I wrote this for myself: https://github.com/irtnog/salt-states/tree/development/aws
20:20 XenophonF I don't have a good handle yet on "correct" VPC design, but I basically follow an n-tier architecture
20:20 XenophonF public web/private app/private database
20:21 XenophonF with each tier replicated across at least two AZs
20:21 schemanic OMG Xenophonf your Github account is like, everything I'm trying to do with my environment
20:21 XenophonF yay! glad i can be of use
20:21 schemanic are you working with AWS Linux at all?
20:21 XenophonF yes
20:22 schemanic Thank the effing maker
20:22 XenophonF at work it's mostly CentOS
20:22 schemanic I've been pulling formulas from the saltstack repos and using them with my environments
20:22 schemanic Thats been mostly educational
20:23 schemanic but I've been getting up and running a lot faster by just writing states
20:23 XenophonF I fork 'em.  salt-formula has some code that manages things OK-ish.
20:23 whytewolf that is all a formula should be, educational. most of the time about how not to do something
20:23 XenophonF well...
20:23 XenophonF yeah
20:23 XenophonF sometimes
20:23 schemanic I think formulas make sense. I like the separation between pillar and complex states
20:23 schemanic but I keep hearing people express whytewolf's sentiment
20:24 XenophonF some of the formulas are rather long in the tooth
20:24 schemanic so XenophonF, your repo appears to be an example of how that works out
20:25 XenophonF if you look at the irtnog org's public repos, you'll see a bunch of formulas that i wrote, of varying quality/completeness/correctness
20:25 XenophonF along with forks of the official ones that I use
20:25 anotherZero joined #salt
20:25 keltim I think some are needlessly obfuscated and some just aren't flexible enough
20:26 * XenophonF shrugs
20:26 XenophonF I'll agree
20:26 keltim but we just write our own formulas really
20:26 keltim often swiping ideas from the official one
20:26 schemanic XenophonF, it looks like these states use several things I'm used to seeing in Formulas
20:26 XenophonF yup
20:26 XenophonF i tend to follow the same pattern everywhere, except for simple stuff
20:26 keltim I'm very fond of the map.jinja / defaults.yaml convention
20:26 XenophonF or hacks
20:26 whytewolf flexibility is my biggest gripe. seconded by no set standards between them allowing for cross usability
20:27 XenophonF true
20:27 XenophonF although let me tell you writing a moderately complicated formula is pretty tough
20:27 XenophonF e.g., i'm getting ready to throw away my active-directory-formula b/c it sucks
20:27 keltim yea I spent a couple of weeks on my waf / apache / mod_security formulas
20:28 XenophonF same goes for work i started for openstack (the writing a formula for which appears to be a rite of passage for Salt users)
20:28 schemanic whytewolf, yes - cross usage is something I want to do quite badly. I want to be able to have one place that I install java from, but if I'm using java for a stack be able to set things for it in the stack config etc etc
20:28 mt5225 joined #salt
20:28 schemanic like, there are a number of times when I've thought to myself 'well, I've already defined the number of <THINGS
20:28 keltim the important thing for me (well one of them) is that no one should need to make any decisions when adding a new element to a formula, just enter the data
20:29 keltim but no altering templates
20:29 keltim in general
20:29 XenophonF yup
20:29 schemanic ...> I want in one formula, and I'd like another formula to operate on those things, not in a separate set that I define myself
20:29 XenophonF it's pretty difficult though
20:29 XenophonF e.g., i templated shibboleth and it's far from feature complete
20:29 XenophonF all those XML configs
20:29 * XenophonF shudders
20:29 GMAzrael joined #salt
20:30 whytewolf XenophonF: I had a sit and think on that and one way you could have saved yourself a bit of grief would have been to write a xml render
20:30 XenophonF oh man
20:30 XenophonF I tried.
20:30 XenophonF It sucked.
20:30 XenophonF I guess if file.serialized actually supported XML Badgerfish (I think that's the name?), I would have gone that route.
20:31 XenophonF I dunno.  I think maybe templating the Shibboleth configs was a mistake.
20:32 debian112 joined #salt
20:32 XenophonF learned a lot in the process so that's good
20:32 nickabbey joined #salt
20:32 keltim if the team is constantly having to mess with the templates PR's become a major time drain
20:32 XenophonF true
20:32 schemanic XenophonF,  Your clamav states show some stuff that's missing from the mainline formula
20:32 Taters_ joined #salt
20:33 XenophonF I wrote those without looking at the clamav formula
20:33 schemanic thats awesome. Getting clamav to work so that it will scan from the cron file is a bear
20:33 schemanic or rather, update
20:33 XenophonF note the glue state
20:33 XenophonF either under amavisd/ or clamav/
20:33 XenophonF i don't remember which and have to run to a meeting
20:33 XenophonF brb
20:34 nixjdm joined #salt
20:35 debian112 joined #salt
20:36 XenophonF thank goodness meeting cancelled
20:37 XenophonF schemanic: see also https://github.com/irtnog/salt-pillar-example
20:37 schemanic XenophonF, thanks very much, I appreciate the examples
20:37 XenophonF sure thing!
20:37 XenophonF let me know if you see anything that doesn't make any sense
20:39 debian112 joined #salt
20:41 schemanic Hey XenophonF, i see this remote management thing, how are you doing that? are you sshing into people's laptops?
20:41 XenophonF which one?
20:41 hasues joined #salt
20:41 sarcasticadmin joined #salt
20:43 XenophonF I'm using the free version of Meraki SM, which we also use at work.
20:43 XenophonF it's pretty basic to be honest
20:45 debian112 joined #salt
20:50 Eugene joined #salt
20:53 edrocks joined #salt
20:54 POJO joined #salt
20:57 debian112 joined #salt
20:59 v3x so here's a dumb question -- is it possible at all to use pillar data to define configuration settings in master.d/minion.d ?
20:59 onlyanegg joined #salt
21:00 ahrs joined #salt
21:01 winsalt I manage the minion.d folder with salt, so yes, some of the files use pillars in them with jinja
21:01 dyasny joined #salt
21:02 Roh left #salt
21:02 v3x yeah i'm just trying to figure out how to avoid a chicken/egg issue i guess
21:02 Roh joined #salt
21:03 v3x every time i have an issue like this it means i'm doing something wrong, and i spend a day in denial, then redo something
21:03 v3x :/
21:04 XenophonF v3x: I use salt-formula to manage salt.
21:05 XenophonF It takes a little bit of manual effort to bootstrap the master, but all you have to do with a minion is point it at the master.
21:05 XenophonF gtg ttyl
21:05 whytewolf it depends on the setting but there are config options that can be in pillar. if it is anything for a module such as mysql settings, or mongodb settings then yes pillar can be used
21:06 whytewolf with out having to sync them to the minion
21:07 whytewolf well you do have to sync the pillars. i mean update the minion config files
21:07 hosttor joined #salt
21:07 timfi joined #salt
21:08 whytewolf https://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.config.html#salt.modules.config.get
21:09 timfi joined #salt
21:10 timfi joined #salt
21:12 timfi joined #salt
21:18 lordcirth_work whytewolf, could you tell me if this is overcomplicated? It mirrors the internal structure: https://gist.github.com/lordcirth/e4b57246540771d8da22a9f4b875c2d9
21:19 whytewolf no that isn't to bad at all.
21:19 lordcirth_work whytewolf, k thanks
21:20 timfi joined #salt
21:24 ronnix joined #salt
21:24 timfi joined #salt
21:24 timfi joined #salt
21:25 shanth can you configure salt to pull pillar data from gitfs also? whytewolf :)
21:26 whytewolf shanth: https://docs.saltstack.com/en/latest/ref/pillar/all/salt.pillar.git_pillar.html
21:26 timfi joined #salt
21:27 pppingme joined #salt
21:27 shanth i love this guy
21:29 whytewolf :P
21:30 debian112 joined #salt
21:32 onlyanegg joined #salt
21:33 whytewolf what the hell, according to the internet addiction test. I am not addicted.
21:35 nixjdm joined #salt
21:36 shanth left #salt
21:36 shanth joined #salt
21:41 mt5225 joined #salt
21:47 StolenToast joined #salt
21:47 StolenToast joined #salt
21:49 ronnix joined #salt
21:53 major I tried to take a test like that and the computer said it was addicted to me...
21:59 ronnix joined #salt
22:05 major is there a way to set config options on the CLI to aid in boot-strapping a master?
22:07 rem5_ joined #salt
22:09 aarontc joined #salt
22:10 edrocks joined #salt
22:17 c_g joined #salt
22:20 mt5225 joined #salt
22:21 patrek joined #salt
22:27 fxhp joined #salt
22:33 hashwagon So in a state file with multiple functions 'require' is typically needed only if the command needs to wait for another command to finish above?
22:34 nixjdm joined #salt
22:40 hasues left #salt
22:41 Praematura_ joined #salt
22:41 onlyanegg joined #salt
22:43 iggy salt works serially... every state waits for the previous state
22:43 iggy if you mean what order does salt operate in, it's top-down
22:48 shanth does it make you a bad person if you aren't using much jinja?
22:48 shanth feels like i just dont need it that often
22:49 spartakos joined #salt
22:49 spartakos salt
22:50 iggy shanth: my first salt setup didn't use much
22:50 iggy my current ones use too much
22:50 iggy it's all about that balance
22:50 shanth what's the time gap between those two iggy?
22:50 spartakos hi i'm trying to use pkg.installed with sources and reinstall : True in 2005.8 to force install of mysql 5.7 on a vm what comes bundled with some mysql 5.5 libs
22:50 whytewolf shanth: i try to minimize it's use but maxamize it's impact
22:50 iggy 4 years?
22:50 shanth oh man haha
22:50 shanth im getting frustrated because i cant use all the salt features yet
22:51 shanth makes me feel like a dodo
22:51 iggy the current ones didn't just get this way... they evolved
22:51 shanth im just going to go as is and improve as i go, so hard to get them optimal and learn at the same time :\
22:51 spartakos but it fails in 2005.8 with TypeError: install() got multiple values for keyword argument 'reinstall;
22:54 mikecmpbll joined #salt
22:55 spartakos any thoughts on this?
22:55 spartakos i want to force reinstall
22:55 whytewolf spartakos: i don't think you need to add reinstall
22:55 whytewolf and it is most likely going to conflict with pkg_verify
22:55 spartakos ok
22:56 spartakos it tried without and it whined about earlier versions of three libraries on the image
22:56 spartakos if there's another way to force an install of 5.7 mysql with my specific sources that would be great
22:58 spartakos my problem there is that the ubuntu 14.04 images in AWS come prebundled with some mysql 5.5 libs
22:58 spartakos thanks for your help and advice
23:25 rogi joined #salt
23:30 gmoro joined #salt
23:34 nixjdm joined #salt
23:38 keldwud joined #salt
23:38 keldwud joined #salt
23:39 MTecknology shanth: only use as much jinja as you need. If you don't need it, then you're adding complications for later.
23:42 asyncsec joined #salt
23:44 tom[] the docs give examples like {{ pillar['foo']['bar'] }} and i wonder why {{ pillar.foo.bar }} is not preferable. any insights?
23:45 iggy I wouldn't say either one is preferable
23:45 iggy the docs likely follow the preference of whoever wrote that doc page

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary