Perl 6 - the future is here, just unevenly distributed

IRC log for #salt, 2017-08-18

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:01 alexlist joined #salt
00:03 cyborg-one joined #salt
00:05 edrocks joined #salt
00:05 jmiven joined #salt
00:10 darvon joined #salt
00:17 masuberu joined #salt
00:19 woodtablet left #salt
00:23 lessthan joined #salt
00:23 icebal joined #salt
00:23 lessthan hi, can some one help me experiment with salt via vagrant?
00:25 lessthan or suggest an alternative to vagrant?
00:25 lessthan I just want to practice salt configs
00:32 ujjain joined #salt
00:32 ujjain joined #salt
00:37 pipps joined #salt
00:38 pipps joined #salt
00:39 GMAzrael joined #salt
00:42 edrocks joined #salt
00:57 lessthan hi, can some one help me experiment with salt via vagrant?
00:57 lessthan or suggest an alternative to vagrant?
00:57 lessthan I just want to practice salt configs
00:59 nkuttler i like libvirt
00:59 zerocoolback joined #salt
01:00 lessthan nuttler, so my native os is windows
01:00 lessthan can I just open two virtualboxes and have one be master, one minion, and have them communicate with each other?
01:00 lessthan *nkuttler
01:01 nkuttler lessthan: sure, that can work
01:01 nkuttler you just need to have networking
01:01 lessthan nuttler, awesome, because I want to practice in linux, and having a vm in a vm seems a bit much
01:01 lessthan damn it, *nkuttler
01:01 lessthan my k key is broken, only works intermittently, I swear I'm not doing this on purpose
01:01 nkuttler right
01:02 nkuttler lel, you're not the first
01:02 lessthan so "need to have networking" requires what on my end?
01:03 nkuttler lessthan: i'm not really sure. check the virtualbox networking docs
01:03 lessthan k
01:04 pipps joined #salt
01:08 Nahual joined #salt
01:21 GMAzrael joined #salt
01:26 babilen joined #salt
01:34 masber joined #salt
01:37 pipps joined #salt
01:38 noobiedubie joined #salt
01:38 pipps joined #salt
01:39 onlyanegg joined #salt
01:40 pipps joined #salt
01:40 aarontc joined #salt
01:51 ilbot3 joined #salt
01:51 Topic for #salt is now Welcome to #salt! <+> Latest Versions: 2016.11.7, 2017.7.1 <+> Support: https://www.saltstack.com/support/ <+> Logs: http://irclog.perlgeek.de/salt/ <+> Paste: https://gist.github.com/ <+> See also: #salt-devel, #salt-offtopic <+> We are volunteers and may not have immediate answers
01:51 lessthan_ joined #salt
01:52 onlyanegg joined #salt
01:53 ssplatt joined #salt
01:59 onlyanegg joined #salt
01:59 zerocoolback joined #salt
02:15 lessthan_ okay so I have two VM's running with bridged NICs so they can ping each other
02:15 ssplatt joined #salt
02:16 lessthan_ can anyone recommend some decent tutorials so I can delve into salt?
02:22 GMAzrael joined #salt
02:23 cliluw joined #salt
02:27 ssplatt joined #salt
02:42 lessthan_ is anyone here at all?
02:45 lessthan_ which version of salt uses RAET instead of zeroMQ?
03:09 edrocks joined #salt
03:21 gnomethrower joined #salt
03:34 whytewolf none
03:34 whytewolf RAET was an alternative transport much like tcp. but zeroMQ has always been the default transport
03:35 lessthan_ whytewolf, ah so zeroMQ is the default even now?
03:35 whytewolf yes
03:35 whytewolf and RAET is for all intents and purpases dead
03:35 lessthan_ okay great, I had heard some one say in a talk that it may be deprecated
03:36 lessthan_ yea I meant tcp, I forgot what the alternative was
03:36 whytewolf yeah tcp transport is the alternative. but honestly it still uses zeromq in places that have not been transfered over to tcp yet. from what i undertand
03:37 lessthan_ whytewolf, oh also, I have one tutorial that runs on localhost with master + minion on same VM
03:37 lessthan_ and another tutorial that runs using vagrant
03:37 lessthan_ is there any reason to do the latter?
03:38 lessthan_ I mean just for tutorial/learning purposes
03:38 whytewolf nope no reasons except personal preference.
03:38 lessthan_ okay cool, away I go then :)
03:38 GMAzrael joined #salt
03:39 whytewolf have fun aSALTing the castle
03:39 lessthan_ hah
03:39 lessthan_ whytewolf, oh sorry one last thing, have you used salt for network automation?
03:40 whytewolf i have not. i have done a couple of minor things to servers, but as most of my networking is handled by openstack it isn't the same as other forms of networking and i really never got into salt-proxy for configing switches and what not
03:41 lessthan_ hmm, finding advice for that seems difficult
03:41 lessthan_ I've used netmiko, curious what salt brings to the table
03:42 whytewolf salt uses napalm for a lot of things. there are other libs as well.
03:42 whytewolf it is mostly covered by salt-proxy
03:43 donmichelangelo joined #salt
03:43 lessthan_ yea I've heard of napalm, sort of an abstraction layer over the libraries handling juniper, ios-xr, aresta, whitebox, etc
03:43 whytewolf which is one of the more confusing and painful pieces of salt
03:43 lessthan_ but for older cisco routers napalm seems to just use netmiko
03:44 whytewolf https://docs.saltstack.com/en/latest/topics/proxyminion/index.html
03:46 edrocks joined #salt
03:47 lessthan_ hmm, "[WARNING] Key 'file_ignore_glob' with value None has an invalid type of NoneType, a list is required for this value"
03:47 lessthan_ all I've done is edit /etc/salt/minion to set `master: localhost`
03:47 lessthan_ restart salt-master and minion
03:48 lessthan_ accept key
03:48 pipps joined #salt
03:48 lessthan_ and `sudo salt '*' test.ping`
03:49 whytewolf humm, check master config make sure file_ignore_glob isn't uncommented
03:49 whytewolf it should just default to nothing. and you shouldn't be seeing that error
03:49 masber joined #salt
03:49 pipps joined #salt
03:49 whytewolf well, shouldn't be seeing that warning
04:18 hoonetorg joined #salt
04:32 evle joined #salt
04:32 pipps joined #salt
04:35 vishvendra joined #salt
04:50 GMAzrael joined #salt
04:51 golodhrim|work joined #salt
04:52 pualj joined #salt
05:02 sh123124213 joined #salt
05:09 masber joined #salt
05:37 edrocks joined #salt
05:37 preludedrew joined #salt
05:39 Sen_ joined #salt
05:42 nickknick joined #salt
05:52 armguy joined #salt
05:53 sen_siv joined #salt
05:55 Bock joined #salt
05:57 oida joined #salt
05:58 felskrone joined #salt
06:04 Ni3mm4nd joined #salt
06:18 Rumbles joined #salt
06:25 sen_siv joined #salt
06:40 jkaberg joined #salt
06:43 kukacz joined #salt
06:44 kukacz_ joined #salt
06:47 jkaberg left #salt
06:50 edrocks joined #salt
06:52 GMAzrael joined #salt
06:54 kavakava Can anyeone here recommend a (advanced) saltstack training course?
06:55 do3meli joined #salt
06:55 do3meli left #salt
06:56 kavakava I'm not thinking about simple state files using pillars and similar, but more in the direction of using really complex state files, using the python renderer and similar
07:06 sjorge joined #salt
07:07 darioleidi joined #salt
07:08 rgrundstrom joined #salt
07:09 rgrundstrom Good morning
07:21 jhauser joined #salt
07:26 ventris joined #salt
07:27 edrocks joined #salt
07:28 darioleidi_ joined #salt
07:31 sh123124213 joined #salt
07:40 coredumb kavakava: the Saltstack Admin II course is pretty advanced
07:40 coredumb but is certainly not only limited to complex state files
07:47 kavakava coredumb: Thanks
07:47 kavakava That's actually a good thing
07:47 kavakava Have you taken the course?
07:52 darioleidi joined #salt
07:56 pbandark joined #salt
07:57 coredumb kavakava: I have
07:58 sjorge joined #salt
08:00 kavakava Did you take it online? Was it possible to ask the instructors questions?
08:01 pualj joined #salt
08:04 pbandark joined #salt
08:04 mikecmpbll joined #salt
08:11 xet7 joined #salt
08:12 Naresh joined #salt
08:14 coredumb kavakava: yes it's hangouts sessions
08:14 coredumb you got the video
08:14 coredumb you can ask all you want
08:15 _KaszpiR_ joined #salt
08:15 kavakava Great. Thanks a bunch
08:15 coredumb I think you got the detailed program of the course
08:29 jhauser joined #salt
08:30 robin2244 joined #salt
08:31 robin2244 Hi All
08:37 schasi joined #salt
08:39 robin2244 Someone can help me please ? I want use Jinja filter for condition, for exemple i want get dns or main route and if the value match i will run some cmd.run
08:43 babilen robin2244: http://jinja.pocoo.org/docs/dev/templates/#if
08:43 mugsie joined #salt
08:43 mugsie joined #salt
08:44 aldevar joined #salt
08:45 GMAzrael joined #salt
08:47 vishvendra1 joined #salt
09:09 vishvendra joined #salt
09:42 Annihitek joined #salt
09:46 GMAzrael joined #salt
09:50 zerocoolback joined #salt
09:52 zerocoolback joined #salt
09:55 edrocks joined #salt
09:58 Rumbles joined #salt
09:59 rgrundstrom Yay, just reduced a 133 line state to 100 lines.
10:00 babilen Now reduce it to 33
10:00 rgrundstrom Umm that would be hard...
10:01 rgrundstrom If I want to maintain functionallity.
10:04 zerocoolback joined #salt
10:15 babilen rgrundstrom: I was messing with you
10:15 babilen (in case that wasn't clear)
10:16 rgrundstrom I know :) But i like a challange :p
10:16 jhauser joined #salt
10:17 babilen 42 lines?
10:18 rgrundstrom "- watch:<break> - file: /<dir>" Can I use this to have it watch the hole folder?
10:19 smartalek joined #salt
10:21 babilen If you have a state that matches that
10:21 babilen You watch states, not actual files/directories
10:23 rgrundstrom so if i write a file in "file: /<dir>/<file>" and have watch set to "file:/<dir>" will it trigger?
10:26 babilen It's not about files or directories at all, but state IDs and names
10:26 babilen So if your requisite matches the <module,id> tuple of another state it will apply
10:27 rgrundstrom Ahh you are right :) I knew this :)
10:27 * rgrundstrom banging head in table.
10:35 rgrundstrom babilen: https://gist.github.com/anonymous/a17cf68ddf858ba4ea267cad8f95ee55#file-gistfile1-txt <- Think you can help me with this?
10:38 rgrundstrom I have a bad habbit of using IF when i can use onlyif or unless instead.
10:41 cyborg-one joined #salt
10:43 robin2244 Thanks babilen, i use it this, but it's possible to use this syntax {% if grains['os_family'] == 'RedHat' %} but with this {{ salt.cmd.run('cmd') }} ?
10:46 dimeshake joined #salt
10:46 babilen robin2244: What are you actually trying to do?
10:47 babilen rgrundstrom: You might want to target that state by pillars
10:47 GMAzrael joined #salt
10:47 babilen (i.e. extract the pkg.installed into its own SLS and target that in the states top.sls by I@ or J@)
10:49 rgrundstrom babilen: That would be the ideal solution but i cant do that.
10:51 mquin joined #salt
11:00 megamaced joined #salt
11:01 Deliant joined #salt
11:06 zerocoolback joined #salt
11:15 GMAzrael joined #salt
11:19 impi joined #salt
11:25 rgrundstrom babilen: When watching a id do you need to use file: or pkg: depending on what is done in that id?
11:26 viq rgrundstrom: requirements are in form of <function>: <name>
11:26 viq rgrundstrom: so yes, you watch file: something or pkg: something
11:27 rgrundstrom viq: figured... Im getting "The following requisites were not found:" when running my state
11:29 zerocoolback joined #salt
11:45 edrocks joined #salt
11:50 robin224_ joined #salt
11:51 rgrundstrom I currently have 3x file.managed: within the same state with diffrent ID. And then a file: ID watch for each one. 2 of them are not working. Is there a limit of file: ID you can have within a state?
11:51 darioleidi joined #salt
11:58 ProT-0-TypE joined #salt
12:02 felskrone1 joined #salt
12:06 snc joined #salt
12:08 robin2244 joined #salt
12:12 ZornyMagnetbox joined #salt
12:15 GMAzrael joined #salt
12:18 viq no
12:18 viq can you show your state?
12:19 rgrundstrom viq: no sorry i cant.
12:20 ZornyMagnetbox joined #salt
12:20 viq also, what exactly do you mean by "not working"?
12:21 rgrundstrom Im in the middle of some critical troubleshooting right now. Let me finish this and ill get back to you
12:22 edrocks joined #salt
12:26 johnkeates joined #salt
12:27 jhauser joined #salt
12:43 GMAzrael joined #salt
12:47 ssplatt joined #salt
12:51 rgrundstrom viq: still here?
12:52 cyteen joined #salt
12:56 jdipierro joined #salt
12:59 edrocks joined #salt
13:00 pualj joined #salt
13:01 zerocoolback joined #salt
13:04 GMAzrael joined #salt
13:07 rgrundstrom Here is my problem: https://gist.github.com/anonymous/ea820a626398fce3b0eb911e6b26f3ae#file-gistfile1-txt <- I had to slim this down a lot. Hope that anyone can find the problem.
13:12 beardedeagle joined #salt
13:22 renaissancedev[m joined #salt
13:23 edrocks joined #salt
13:26 racooper joined #salt
13:29 kavakava rgrundstrom: https://github.com/saltstack/salt/issues/4508 - I guess this might be related
13:29 MajObviousman iggy: are you willing to strip/sanitize your network addresses/subnets/vlans and post your openstack deployment scripts? Even if it's very network specific, there's lots of other things I would find useful
13:30 MajObviousman whytewolf: is there a mailing list or something where things like "RAET is dead" is discussed?
13:42 rgrundstrom kavakava: Im guessing you did not read the error at the bottom of the gist.
13:58 * rgrundstrom is going home.... Have a great weekend!
13:58 evle joined #salt
14:01 cgiroua joined #salt
14:04 noobiedubie joined #salt
14:07 kukacz joined #salt
14:09 onlyanegg joined #salt
14:14 Deliant joined #salt
14:14 edrocks joined #salt
14:15 sarcasticadmin joined #salt
14:40 zerocoolback joined #salt
14:42 zerocoolback joined #salt
14:43 zerocoolback joined #salt
14:43 _JZ_ joined #salt
14:44 jdipierro joined #salt
14:48 tapoxi joined #salt
14:51 Nahual joined #salt
14:56 onlyanegg joined #salt
15:02 pualj joined #salt
15:17 tiwula joined #salt
15:25 jab416171 ugh. I do a grains.append mygrain myvalue, and then immediately after, do grains.item mygrain, and myvalue isn't in the list. what gives?
15:25 jab416171 (from the salt master)
15:26 Lionel_Debroux_ joined #salt
15:30 Heartsbane joined #salt
15:37 pipps joined #salt
15:38 pipps joined #salt
15:38 MajObviousman jab416171: in the same state?
15:39 jab416171 no, from the command line
15:41 Annihitek left #salt
15:42 woodtablet joined #salt
15:47 socket- joined #salt
15:59 pualj joined #salt
16:07 buskatoon joined #salt
16:08 sarlalian joined #salt
16:12 jab416171 restarting the minions and the master numerous times finally got the new grain to show up.
16:12 pipps joined #salt
16:16 woodtablet i jumped in the room late
16:17 woodtablet but if you do a refresh that might work better next time
16:17 woodtablet > salt '*' saltutil.sync_all && salt-run saltutil.sync_all
16:17 woodtablet like that
16:17 MajObviousman grains are computationally expensive to capture, so they are not refreshed unless necessary
16:17 MajObviousman the master has a local cache of each minions grains, so it will refer to the cache where possible
16:18 MajObviousman as woodtablet indicated, forcing the grains to sync to the master after you set one will update that cache
16:25 onlyanegg joined #salt
16:25 jab416171 MajObviousman, why doesn't a grains.append trigger a refresh?
16:25 jab416171 I'm changing the grain, I would expect that the next time I read it to reflect that change.
16:25 jab416171 or at least update the cache
16:29 MajObviousman I'm not sure
16:29 MajObviousman that would seem logical to me
16:29 MajObviousman what version of salt are ou using?
16:29 skullone_ left #salt
16:31 nixjdm joined #salt
16:32 pualj joined #salt
16:37 jdipierro joined #salt
16:52 dxiri joined #salt
16:58 shanth_ joined #salt
17:02 edrocks joined #salt
17:03 tapoxi joined #salt
17:04 tapoxi anyone here work for saltstack
17:04 shanth__ joined #salt
17:13 GMAzrael joined #salt
17:14 pipps joined #salt
17:19 mikecmpbll joined #salt
17:21 dxiri joined #salt
17:23 skatz joined #salt
17:25 GMAzrael joined #salt
17:25 skatz Am I right in thinking that minion_blackout only applies to execution modules, not states? I was hoping I could somehow allow state.highstate but still whitelist which states could be applied, but whitelisting state.highstate seems to allow any state to be applied.
17:25 icebal joined #salt
17:27 brianthelion Hey all, just asking again about my orchestration runner scenario from yesterday. MajObviousman had some good input but I wanted to see if anyone else had thoughts. Here's the idea:
17:27 brianthelion I want to use an orchestration runner to cloud.create to bootstrap both a minion and master, and to set them talking to each other
17:28 brianthelion the problem is that we don't know the master's IP at render time
17:28 cliluw joined #salt
17:28 brianthelion so we can't feed it to the minion's bootstrap
17:29 brianthelion I found this https://arnoldbechtoldt.com/blog/saltstack-event-driven-infrastructure-with-salt-reactor which details how to set up a *similar* orchestration, but with some key differences
17:30 brianthelion namely, that the master in this scenario is assumed to be the one doing the orchestration; in my scenario, the orchestrator is outside the relationship
17:32 brianthelion this seems like a common use-case, and i'm surprised to not find any recipes for it online
17:32 dxiri joined #salt
17:34 shanth_ joined #salt
17:37 Deliant joined #salt
17:42 omie888777 joined #salt
17:47 nixjdm joined #salt
17:53 shanth_ joined #salt
17:55 aldevar joined #salt
17:59 sjorge joined #salt
18:07 MajObviousman brianthelion: if you can control your DNS, then you could have the "provision the master" step insert an A or CNAME record for salt pointing to the IP of the fresh salt master
18:07 MajObviousman without a declared master, the minion will just look for anything named salt
18:07 brianthelion yeah, that's my current plan actually
18:07 MajObviousman I think this is indeed a common use case, but your wrinkle is the not knowing the IP ahead of time
18:08 MajObviousman actually ... https://docs.saltstack.com/en/getstarted/fundamentals/index.html
18:09 brianthelion this points to a weakness in that the programming model breaks when there are things that you CAN'T know in advance
18:09 brianthelion I've had similar problems with temp files
18:10 MajObviousman https://github.com/UtahDave/salt-vagrant-demo/blob/master/Vagrantfile  so here in this example they are hard setting the IP
18:10 MajObviousman nuts
18:11 MajObviousman salt is exceedingly flexible, but there are some assumptions that you can't get around by design. Such as rendering jinja in one go
18:13 brianthelion one thing that i think would "fix" this is if stdout that comes back from SSH were interpreted as a reactor stream
18:13 brianthelion or any stdout for that matter
18:14 brianthelion then you could trigger reactor events based on stdout
18:14 hashwagon joined #salt
18:16 pipps joined #salt
18:17 MajObviousman well, that's already happening
18:17 MajObviousman salt-run state.event
18:17 MajObviousman and run a change
18:18 ouemt joined #salt
18:18 MajObviousman oh hey yes, you could do that. At the end of your step one, fire a custom event off with exactly the data you need and trap/respond to it with a reactor event
18:19 brianthelion hmm... but how do capture the IP from the bootstrap's stdout?
18:19 MajObviousman the event would be purely to bundle the data you pass back as a pillar to the local.state.sls it runs
18:20 MajObviousman clone the bootstrap code and add your own bit to the end
18:20 tapoxi joined #salt
18:21 brianthelion interesting. so basically edit the bootstrap so it shunts all the other stdout crap to a log file and only print the json pillar?
18:21 MajObviousman bootstrap as in the thing what installs salt?
18:21 brianthelion yeah
18:22 MajObviousman are you using salt-cloud to make your VMs?
18:22 brianthelion i am using salt-run with a runner call to cloud.create
18:23 MajObviousman makes sense
18:23 MajObviousman you wrote this runner yourself, yes?
18:26 brianthelion No it's just this: https://docs.saltstack.com/en/latest/topics/orchestrate/orchestrate_runner.html#runner
18:26 pipps joined #salt
18:27 MajObviousman oh
18:28 MajObviousman right, ok
18:28 MajObviousman so then, each time you invoke a runner or invoke a state.sls, that's like a distinct operation as if you typed it into a command on cli
18:30 MajObviousman I know salt-cloud returns a nice big yaml of data from the creation of the VM
18:30 MajObviousman not sure how one would grab that and parse it
18:31 brianthelion yeah that's the question i guess
18:31 brianthelion i was hoping to shunt it into a reactor stream
18:31 pipps joined #salt
18:33 brianthelion it kinda seems like there should be an option to turn ANY stdout/err into a reactor stream
18:33 brianthelion that would solve a lot of problems
18:35 MajObviousman since you are using salt-cloud, that means there is a deploy script of some kind. It is trivial to write your own deploy script. you can literally just copy the stock one and make your changes
18:35 brianthelion yeah i've done that
18:35 MajObviousman so that means you can invoke just about anything you like at the end of it. Say for instance you set up salt-minion and turn it on. Then the very last thing is a salt-call event.send
18:36 MajObviousman with whatever you want tucked into the event
18:36 brianthelion but event.send doesn't come back across the ssh channel does it?
18:36 MajObviousman nope
18:37 brianthelion so it would have to have knowledge of the orchestrator's IP
18:37 MajObviousman nope
18:37 brianthelion no?
18:37 MajObviousman the event gets stuck on the bus which goes back to the master
18:37 MajObviousman reactor can pick it up there if you like
18:38 MajObviousman that's more or less how I'm doing my provisioning
18:39 brianthelion well, so there are three parties here: the orchestrator, the master that I'm trying to bootstrap, and the minion that I'm trying to boostrap. technically, the orchestrator is everyone's master, but only during the bootstrapping process
18:40 brianthelion after that, the orchestrator is out of the equation
18:41 MajObviousman so you're provisioning the master first, and it will not have any knowledge of the orchestrator?
18:42 MajObviousman it's a bit of a kludge, but you could provision the master first, set its minion to connect ot the orchestrator (at least to start) and then let the reactor on the orchestrator take over
18:42 MajObviousman crap we need terms
18:42 MajObviousman so, let's do O for orchestrator, MasB for the newly bootstrapped master, and MinB for the minion
18:43 brianthelion ok, added wrinkle: O doesn't have a public IP
18:43 MajObviousman so it can only do outbound but not inbound
18:43 MajObviousman well, there went your reactor model
18:43 brianthelion so all events need to come back via the SSH channel that it opens, ephemerally, to MasB and MinB
18:43 MajObviousman all right
18:44 MajObviousman that's certainly a challenge
18:44 MajObviousman I see the box you're in
18:44 brianthelion that's why i'm obsessing over the inability to turn stdout/stderr into an event stream
18:44 brianthelion that would solve it
18:44 brianthelion seems like a natural extension to the model
18:45 Rumbles joined #salt
18:46 MajObviousman any next steps I could offer would require some code diving, and I'm not free to do that at the moment
18:47 brianthelion i'm good at diving on the saltstack code already
18:47 brianthelion i'll see what i can do
18:47 brianthelion i just wanted to make sure i wasn't missing a "silver bullet" given that this use-case *seemed* pretty vanilla
18:47 nixjdm joined #salt
18:52 irated joined #salt
18:54 onlyanegg joined #salt
18:56 MajObviousman I will dispute the seeming vanilla claim
18:56 MajObviousman the vanilla operation of salt-cloud is to join it to a previously created salt master
19:00 pabloh007fcb joined #salt
19:01 MajObviousman when you run the salt bootstrap on what will be your master, are you doing anything besides just -M?
19:02 dxiri guys, quick question, how can I retrieve the netmask from an IP?
19:02 dxiri using grains
19:03 brianthelion MajObviousman: no
19:03 brianthelion I may want to set it up as a syndic later
19:03 dxiri I see grains.item ipv4, ip_interfaces ip4_interfaces...but all of those return only the IP
19:04 MajObviousman dxiri: in my (very old) version of salt, the netmask is not among the grains data returned
19:04 dxiri :(
19:07 MajObviousman brianthelion: would you be comfortable hastebinning your deploy script?
19:09 brianthelion yeah it's not that interesting so far but i'll put it on gist
19:15 edrocks joined #salt
19:17 brianthelion MajObviousman: https://gist.github.com/brianthelion/a90d486adc50517f341228d8a2069e91
19:18 _KaszpiR_ joined #salt
19:19 MajObviousman so the master you're creating is what turns around and creates the minion
19:19 MajObviousman I didn't understand that
19:21 brianthelion oops! sorry, just realized that script isn't the full example
19:21 brianthelion no, in the full example the orchestrator attempts to create them both and then point the minion at the master
19:21 MajObviousman I was actually going to suggest this very thing to you, but I worried about having to pass credentials down in the provider to get it set up
19:22 Elsmorian joined #salt
19:22 brianthelion that's a good idea tho
19:22 MajObviousman well, it's what you're doing here isn't it?
19:23 brianthelion yeah i guess it's not unreasonable to bootstrap the master and then have it bootstrap the minion
19:23 MajObviousman then you will never need to know the IP on the orchestration source
19:23 brianthelion true
19:23 brianthelion good idea!
19:24 MajObviousman I might suggest you use sdb:// for your creds and force them into environment variables. That way at least they are ephemeral
19:24 MajObviousman https://docs.saltstack.com/en/latest/ref/sdb/all/salt.sdb.env.html
19:24 brianthelion haven't played with sdb://, thanks!
19:32 onlyanegg joined #salt
19:33 ChubYann joined #salt
19:40 pualj joined #salt
19:42 Lionel_Debroux_ joined #salt
19:46 nixjdm joined #salt
19:46 darioleidi joined #salt
19:46 Elsmorian joined #salt
20:02 _KaszpiR_ joined #salt
20:12 dxiri status: Interface eth0 restart to validate
20:13 dxiri how can I restart that from the state file?
20:13 dxiri I thought it was done by default? (acording to the docs)
20:15 dxiri root
20:26 lordcirth_work dxiri, on what distro?
20:26 dxiri ubuntu 16 LTS
20:26 lordcirth_work dxiri, service.restarted: - name: networking
20:27 lordcirth_work However, it doesn't always work
20:27 lordcirth_work Reboots are best if making major changes
20:28 dxiri lordcirth_work: yep, tried that, doesn't work reliably
20:28 dxiri is there any way I can display a message after the state runs like "please reboot server"
20:28 viq cmd.run echo   ?
20:29 viq with "order: last"
20:32 JPT while you're at it, maybe introduce a cronjob that does daily or at least weekly reboots. This way, security updates for your kernel actually do something. :)
20:33 lordcirth_work Unfortunately, not all systems like that
20:33 lordcirth_work But we have ksplice for that.
20:33 kukacz_ joined #salt
20:34 lordcirth_work 1 year uptime, because no you can't reboot the server while there's 1 person on it...
20:34 JPT In that case, announce a maintenance in the next year and you're good. :)
20:37 dxiri lol
20:37 dxiri viq: didn't know about that order: last :)
20:37 dxiri thanks!
20:45 Elsmorian joined #salt
20:47 nixjdm joined #salt
20:51 Deliant joined #salt
21:05 cyborg-one joined #salt
21:09 Rumbles joined #salt
21:22 pualj_ joined #salt
21:33 debian112 joined #salt
21:35 rpb joined #salt
21:36 dxiri_ joined #salt
21:37 viq joined #salt
21:39 ouemt joined #salt
21:43 ecdhe joined #salt
21:43 pbandark1 joined #salt
21:44 woodtablet left #salt
21:47 nixjdm joined #salt
21:49 kukacz__ joined #salt
21:52 aldevar left #salt
22:14 ZornyMagnetbox joined #salt
22:19 systemexit joined #salt
22:20 peters-tx joined #salt
22:24 GMAzrael joined #salt
22:24 brianthelion MajObviousman: https://docs.saltstack.com/en/latest/topics/cloud/reactor.html#salt-cloud-minion-id-waiting-for-ssh
22:31 onlyanegg joined #salt
22:34 ouemt joined #salt
22:36 WN1188 joined #salt
22:40 iggy MajObviousman: I couldn't do that, sorry...
22:46 nixjdm joined #salt
22:53 justanotheruser joined #salt
22:54 justanotheruser joined #salt
22:55 WN1188 so, we've got a salt master w/ some encrypted pillar data. and we've got another salt master associated with it via syndic. how can minions joined to the syndic master get access to the pillar encryped data on the master of masters?
22:56 WN1188 we'd like to not have gpg private keys floating around in too many places...
23:00 WN1188 we are imagining a master of masters and more than one dev salt master joined via syndic.
23:25 GMAzrael joined #salt
23:31 zulutango joined #salt
23:52 sh123124213 joined #salt
23:58 skully_ joined #salt
23:59 mquin joined #salt

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary