Perl 6 - the future is here, just unevenly distributed

IRC log for #salt, 2017-09-27

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:11 usernkey joined #salt
00:12 pipps joined #salt
00:12 usernkey1 joined #salt
00:20 zerocoolback joined #salt
00:26 justanotheruser joined #salt
00:27 aneeshusa joined #salt
00:40 XenophonF dxiri: why not just use salt-formula?
00:48 cyborg-one joined #salt
00:54 cyteen joined #salt
00:55 johnj joined #salt
00:57 JawnAuz joined #salt
00:58 pipps joined #salt
01:02 morissette joined #salt
01:05 onlyanegg joined #salt
01:08 sjohnsen joined #salt
01:09 athaller joined #salt
01:33 onlyanegg joined #salt
01:54 ilbot3 joined #salt
01:54 Topic for #salt is now Welcome to #salt! <+> Latest Versions: 2016.11.7, 2017.7.1 <+> Support: https://www.saltstack.com/support/ <+> Logs: http://irclog.perlgeek.de/salt/ <+> Paste: https://gist.github.com/ <+> See also: #salt-devel, #salt-offtopic <+> We are volunteers and may not have immediate answers
01:57 johnj joined #salt
02:01 pipps joined #salt
02:16 doubletwist joined #salt
02:20 evle3 joined #salt
02:38 usernkey joined #salt
02:40 pipps joined #salt
02:40 usernkey1 joined #salt
02:42 bbradley joined #salt
02:45 usernkey joined #salt
02:46 dxiri XenophonF: iggy's link did the trick, but If formulas are the standard way of doing it, then I can take a look :) do you have one?
02:58 johnj joined #salt
03:04 zerocoolback joined #salt
03:04 zerocoolback joined #salt
03:19 tiwula joined #salt
03:27 evle joined #salt
03:30 evle2 joined #salt
03:49 sh123124213 joined #salt
03:59 johnj joined #salt
04:20 chowmein__ joined #salt
04:21 mechleg1 joined #salt
04:21 rawzone^ joined #salt
04:21 aldevar1 joined #salt
04:21 Sarph joined #salt
04:21 Arendtse1 joined #salt
04:22 dnull- joined #salt
04:22 wedgie_ joined #salt
04:22 jab416171_ joined #salt
04:22 Dereckso1 joined #salt
04:22 chadhs_ joined #salt
04:23 rickflare2 joined #salt
04:23 carmony_ joined #salt
04:24 Neighb0ur joined #salt
04:24 mishanti2 joined #salt
04:24 matti_ joined #salt
04:24 tvm left #salt
04:24 uncool_ joined #salt
04:25 Ahlee_ joined #salt
04:25 saltsa_ joined #salt
04:25 cofeineS1nshine joined #salt
04:25 pcgod_ joined #salt
04:25 gadams_ joined #salt
04:26 Udkkna_ joined #salt
04:26 cholcombe_ joined #salt
04:26 hashwagon_ joined #salt
04:29 heyimawesome_ joined #salt
04:30 Valfor joined #salt
04:30 Valfor joined #salt
04:30 scc_ joined #salt
04:30 Tyrant joined #salt
04:30 armyriad joined #salt
04:30 coldbrewedbrew_ joined #salt
04:30 nullwit joined #salt
04:30 jerrcs joined #salt
04:31 ujjain joined #salt
04:31 ujjain joined #salt
04:31 tvinson joined #salt
04:32 k1412 joined #salt
04:34 chadhs joined #salt
04:34 swa_work joined #salt
04:34 ahammond joined #salt
04:35 Hydrosine joined #salt
04:36 whytewolf joined #salt
04:36 dimeshake joined #salt
04:36 twooster joined #salt
04:36 permalac joined #salt
04:36 mike25de joined #salt
04:36 vexati0n joined #salt
04:36 scooby2 joined #salt
04:37 monokrome joined #salt
05:00 johnj_ joined #salt
05:03 ivo_ joined #salt
05:16 ws2k3 joined #salt
05:17 ws2k3 joined #salt
05:17 ws2k3 joined #salt
05:18 ws2k3 joined #salt
05:18 ws2k3 joined #salt
05:19 ws2k3 joined #salt
05:51 Bock joined #salt
06:01 johnj_ joined #salt
06:02 Mava joined #salt
06:03 do3meli joined #salt
06:03 do3meli left #salt
06:07 felskrone joined #salt
06:15 Neighb0ur left #salt
06:16 Neighbour joined #salt
06:24 yuhl joined #salt
06:26 zulutango joined #salt
06:34 bartuss7 joined #salt
06:40 bartuss7 Hello. When will be available 2017.7.2?
06:40 sh123124213 joined #salt
06:46 zerocoolback joined #salt
06:47 Hybrid joined #salt
06:47 Ricardo1000 joined #salt
06:55 blue joined #salt
06:59 cablekevin joined #salt
07:01 johnj joined #salt
07:14 Arendtse1 left #salt
07:14 Arendtsen joined #salt
07:15 ikarpov_ joined #salt
07:20 aldevar1 left #salt
07:31 sh123124213 joined #salt
07:31 robman joined #salt
07:33 onlyanegg joined #salt
07:52 m4rk0 This community with 483 people is dead af :/
07:55 haam3r_ m4rk0: What makes you say that?
07:56 m4rk0 haam3r_, waiting for answer almost 24h, and all i see joined/left messages
07:56 mikecmpbll joined #salt
08:03 johnj joined #salt
08:04 obitech joined #salt
08:05 dxiri joined #salt
08:06 tbrb joined #salt
08:09 coredumb anyone knows if there's a way to pass a variable or a pillar to state.template ?
08:11 o1e9 joined #salt
08:12 obitech coredumb what do you mean by that ?
08:12 obitech here is a reference for variable use in states: https://docs.saltstack.com/en/latest/ref/states/vars.html
08:14 _KaszpiR_ joined #salt
08:16 mayk joined #salt
08:16 Naresh joined #salt
08:16 coredumb obitech: actually I'm using salt-call --local state.template to bootstrap a master, but I want to pass it some arguments for flexibility
08:18 obitech hmm what kind of arguments ?
08:18 felskrone1 joined #salt
08:19 coredumb like path and hostname
08:19 coredumb hostname is fine
08:20 coredumb but I can't get current path from salt.cmd.shell('pwd')
08:20 coredumb cause the python env doesn't exec from where you called the salt binary
08:23 schasi joined #salt
08:26 _KaszpiR_ joined #salt
08:26 xva joined #salt
08:28 felskrone joined #salt
08:29 coredumb so maybe the question should be: How to get the current working directory from a state file?
08:32 obitech Hmm not sure tbh but I'm not an expert with that. Maybe you could use a shell script as a workaround? Or write your own module
08:35 coredumb obitech: I'm looking how to get the result of os.getcwd() this should work
08:39 usernkey1 joined #salt
08:43 usernkey joined #salt
08:44 _aeris_ joined #salt
08:46 pbandark joined #salt
08:58 pbandark https://docs.saltstack.com/en/latest/topics/cloud/features.html#salt-cloud-feature-matrix do not contains what all possible actions are available with `salt-cloud` for google. is it not yet implemented? or not included in the documentation ?
09:06 johnj joined #salt
09:29 sh123124213 joined #salt
09:32 usernkey joined #salt
09:46 cDR joined #salt
09:52 ahrs joined #salt
09:54 zerocoolback joined #salt
10:07 johnj joined #salt
10:21 uncool_ left #salt
10:21 uncool joined #salt
10:33 mayk_ joined #salt
10:37 bartuss7_ joined #salt
10:39 oida joined #salt
10:41 obitech joined #salt
10:51 XenophonF dxiri: https://github.com/saltstack-formulas/salt-formula
10:55 XenophonF m4rk0: try setting python_shell=True
10:56 oida_ joined #salt
10:59 XenophonF coredumb: maybe do something like pillar="{\"here\": \"`pwd`\"}"
11:00 coredumb XenophonF: tried but it doesn't work
11:00 coredumb wait are the \" really needed ?
11:01 XenophonF yes
11:02 XenophonF you could do this instead: pillar=\{\"here\":\ \"`pwd`\"\}
11:02 XenophonF dunno if the space after the colon is strictly required
11:02 coredumb yeah same
11:03 coredumb the pillar is empty
11:08 johnj joined #salt
11:20 coredumb is there a way to limit salt-api /url access per external_auth user?
11:38 smead joined #salt
11:42 oida_ joined #salt
11:45 coredumb ok so salt-api let me login and get a token
11:46 impi joined #salt
11:46 coredumb but accessing /keys url sends me EauthAuthenticationError: Authentication failure of type "eauth" occurred for user api.
11:46 coredumb any idea how to debug this?
11:53 coredumb sending commands work fine ....
11:58 absolutejam Anyone using foreman with Salt?
12:03 J0hnSteel joined #salt
12:09 johnj joined #salt
12:14 Nahual joined #salt
12:16 Hybrid joined #salt
12:23 GnuLxUsr joined #salt
12:24 megamaced joined #salt
12:24 zerocoolback joined #salt
12:25 coredumb Could not LazyLoad pam.acl: 'pam.acl' is not available. Could not LazyLoad pam.process_acl: 'pam.process_acl' is not available. master returns this when I try to access salt-api.... any idea what would be missing?
12:30 GMAzrael joined #salt
12:37 numkem joined #salt
12:39 edrocks joined #salt
12:44 zerocoolback joined #salt
12:46 kedare joined #salt
12:47 wavded joined #salt
12:49 edrocks Does the regular multimaster setup still work if one of your masters fails? I assume you would just use the backup master in this situation but the wording on using the PKI setup is weird https://docs.saltstack.com/en/latest/topics/tutorials/multimaster.html
12:50 aldevar joined #salt
13:10 johnj joined #salt
13:20 racooper joined #salt
13:29 cgiroua joined #salt
13:32 oida joined #salt
13:39 squishypebble joined #salt
13:48 mikecmpb_ joined #salt
13:49 mks1981 joined #salt
13:52 mks1981 left #salt
13:52 mks1981 joined #salt
13:54 mks1981 joined #salt
13:57 schasi joined #salt
14:01 _KaszpiR_ joined #salt
14:08 squishypebble joined #salt
14:10 tapoxi joined #salt
14:11 matti joined #salt
14:11 matti joined #salt
14:12 johnj joined #salt
14:15 smead joined #salt
14:15 _aeris joined #salt
14:17 schemanic joined #salt
14:18 schemanic Does anyone do database admin with salt? I'm trying to find information on states/modules which I can use to perform database backups and restores
14:24 mikecmpbll joined #salt
14:25 Brew joined #salt
14:35 XenophonF schemanic: there are both states and modules for MySQL, Postgres, SQLite, Cassandra, SQL Server, MongoDB, AWS DynamoDB, AWS RDS, Oracle,...
14:35 XenophonF https://docs.saltstack.com/en/latest/ref/modules/all/ and https://docs.saltstack.com/en/latest/ref/states/all/
14:35 schemanic XenophonF, yes, but I'm noticing nothing that does just what I'm looking for, unless it's doing it in a way I don't recognize
14:36 babilen What are you looking for?
14:37 Ahlee_ joined #salt
14:37 schemanic I want to write states for Postgres that basically say 'back up to this file path and store it on s3' and 'get this file from s3/salt filesystem and restore database from it.'
14:39 babilen Sounds like a few cmd.run states are what you are looking for (unless there are specific modules for the tools you plan to use)
14:40 babilen For S3 you can use https://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.s3.html
14:40 schemanic hmm. Yeah I'm seeing that too. I was hoping to avoid that since we rely alot on things like the psql client to perform those tasks. So we run things like pg_dump or pg_restore
14:41 schemanic Can you pass a path from the salt filesystem to a cmd.run state?
14:41 babilen I wouldn't recommend to use salt:// for database dumps and you cannot pass those either
14:42 babilen (primarily due to their size)
14:42 schemanic So the state chain would need to be something like 'cmd.run to spit file out to local directory, then s3.upload/whatever to drop local file in s3'
14:43 schemanic and the inverse to to a restore
14:43 babilen Pretty much .. you might want to consider writing a simple custom execution module for that task
14:44 schemanic and then call it from states?
14:44 schemanic well
14:44 schemanic hmm I guess I don't need that
14:44 schemanic but there are stateful operations I want to make requisite on backup
14:44 babilen And then write a state (which would "just" add the "have I been achieved yet" logic
14:45 schemanic Are execution modules hard to write?
14:45 babilen But I don't really see this as a "state" in that it isn't idempotent, but rather as an action that you'd call every now and then
14:45 babilen Do you know Python?
14:45 schemanic yeah
14:45 babilen I don't think execution modules are tricky to write
14:46 beardedeagle joined #salt
14:46 babilen The question here is: How to make your actions stateful?
14:46 schemanic the documentation is annoying to read
14:46 babilen I'd just take a look at a few modules in the codebase and take it from there
14:46 schemanic that sucks
14:47 babilen Well, you are annoyed when you read the documentation .. what else could I suggest?
14:47 schemanic this documentation is basically a list of different things you can do, without explaining what you're doing them with.
14:48 schemanic I'm being unreasonably cranky. I'm sorry.
14:49 babilen It's okay .. it really isn't that hard in the end. All public functions are available to be called on the minion, you have a __virtual__ function that decides if a module is loaded (e.g. checks if dependencies are met) and dunder dicts such as __salt__ are monkey patched after the modules are loaded, which allows for calling other modules
14:50 babilen The latter also means that you cannot refer to dunder dict contents in module scope as they haven't been monkey patched yet
14:50 _JZ_ joined #salt
14:51 XenophonF From an ops perspective, schemanic, I think of backups as being a task I schedule using the config management system.
14:51 XenophonF state.apply isn't something I run regularly
14:51 babilen ^
14:52 schemanic XenophonF, so setting up salt to run backups via another system
14:52 XenophonF right
14:52 babilen We also use specific tools for backups and don't do that with salt (we configure those tools with salt however)
14:53 XenophonF Now, that said, you could use Salt's event bus and Reactor system to trigger actions based on a backup job's status.
14:53 schemanic Right, I want to ultimately call a salt job for this operation, so that when I build a job scheduler with Rundeck, I can just tell Rundeck to call the salt job
14:53 XenophonF Can you give us a concrete example of what you're trying to do?
14:54 XenophonF I'm having a difficult time imagining where I'd need anything more than "tell the backup system to back up this thing, and tell it to send success/failure notifications here"
14:55 XenophonF Like, after a successful backup, do you want to kick off some kind of off-site copy process that your existing backup system can't do itself?
14:55 XenophonF That might be a reasonable candidate for the Reactor system.
14:55 tiwula joined #salt
14:56 schemanic We don't have a 'backup system'
14:56 schemanic We have a cron job that runs a ruby script that strings together a bunch of executables and params that generates a backup artifact
14:56 schemanic then it does that once for each site database we manage
14:57 schemanic each site needs its own backup
14:57 XenophonF so you wrote your own backup system :)
14:57 schemanic yeah and it's godawful
14:57 babilen Maybe switch to something more common?
14:57 schemanic I need an easier way to prove that my backups are happening and that they're valid/not corrupted
14:58 schemanic The reason I want to write states is that I'm thinking that if I have configuration set up for my sites already, then that will be valid for their respective backups
14:59 schemanic I've looked at bacula, but god that seems complicated
15:01 XenophonF lol i was just about to recommend that
15:02 schemanic do you use it?
15:02 babilen We use bacula
15:03 XenophonF e.g., use salt to manage /etc/bacula/scripts on your database servers
15:03 XenophonF http://wiki.bacula.org/doku.php?id=application_specific_backups:postgresql
15:03 babilen That's exactly our approach
15:03 XenophonF bunch of ideas there for how to do PostgreSQL backups
15:03 XenophonF incl. continuous archiving
15:03 schemanic you mean that they are ideas and not standards?
15:04 XenophonF well i'm just looking at the community-supported docs
15:04 babilen The scripts you'll deploy will be based on those, but we don't really have any that are just c&p from anywhere
15:04 sarcasticadmin joined #salt
15:05 schemanic Ugh, i'm just frustrated that these are nebulous perly ways of doing things instead of 'this is the correct way. do that.'
15:06 XenophonF at work we're using CPM (AWS) or Veeam (vSphere), and we back up the entire EC2 instance/RDS instance/VMware guest
15:06 XenophonF still
15:06 schemanic Oh wow
15:06 schemanic yeah no we are no where near that
15:06 XenophonF even there I use Salt to push pre- and post-hook stuff for the VMware Tools client, so that my database servers shut down properly
15:07 schemanic I would love to be wizardly like that
15:07 XenophonF on Windows the backup story is nicer because everything supports VSS
15:07 XenophonF Linux lacks a convenient API for quiescing I/O.
15:08 XenophonF in AWS we use RDS almost exclusively, so CPM just calls the CreateDbSnapshot API (or whatever it's called)
15:08 XenophonF and that DTRT
15:08 schemanic is that an aws api?
15:09 XenophonF yeah
15:09 XenophonF CreateDBSnapshot is the official name
15:09 schemanic Does that work at the server level or the db level
15:09 XenophonF official as in that's what the REST API call is
15:09 XenophonF well for RDS it doesn't matter
15:09 XenophonF Amazon doesn't let your grubby little hands touch their RDS instance internals :)
15:09 schemanic Please elaborate?
15:10 Cumulo741 joined #salt
15:10 schemanic right I get that
15:10 XenophonF so RDS instances are special
15:10 XenophonF black box
15:10 schemanic but what I'm asking is, can I back up an individual database with that api or is that api specifically about managing the black box as a whole?
15:10 XenophonF the details of how they quiesce I/O and whatnot are irrelevant to me, only that a RDS snapshot is guaranteed consistent
15:11 XenophonF CreateDBSnapshot creates a backup of the entire RDS instance, not an individual DB or tablespace w/in the instance
15:11 XenophonF TBH we only do one database/tablespace per instance, because of separation of concerns
15:11 XenophonF admittedly I pay extra for that
15:12 XenophonF worth it for the security boundary though
15:13 johnj joined #salt
15:14 XenophonF but you can DIY with bacula or whatever
15:15 XenophonF or if you're running everything in VMs, leverage your hypervisor's backup APIs, which is how we do it in our private clouds
15:16 XenophonF that's all vSphere, so we have VADP-aware backup solutions (Veeam in our case) and use Salt to deploy the pre-freeze and post-thaw scripts.
15:16 XenophonF all those do is "service mysqld stop" "service mysqld start"
15:17 XenophonF e.g., https://github.com/irtnog/salt-states/tree/development/vmware/tools/
15:20 pcn Does this ring any bells?  I'm using 2016.3.6 on ubuntu, and I've got a runner that uses get_local_client so I can get minion pillars that I need.  However, once I run this it seems like when I update those same pillars, the changes don't take effect.
15:22 johnkeates joined #salt
15:22 pcn Looks like this may be similar: https://github.com/saltstack/salt/issues/31907
15:24 csmule joined #salt
15:24 csmule Does pkg.install do an "apt-get update"?
15:26 XenophonF it will if you tell it refresh=True, see https://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.aptpkg.html#salt.modules.aptpkg.install
15:27 XenophonF also pkgrepo states trigger a refresh, but I don't remember the exact behavior---it's documented though
15:28 XenophonF sorry pcn doesn't ring a bell
15:30 _KaszpiR_ joined #salt
15:33 csmule tnx XenophonF
15:35 hardyfresh joined #salt
15:36 hardyfresh Is it possible to build up an array of objects in pillars across multiple files?
15:39 bartuss7_ left #salt
15:41 hardyfresh Here's a basic example of what I'm looking for: https://pastebin.com/PqFvu5bT
15:42 aldevar left #salt
15:44 onlyanegg joined #salt
15:46 zerocoolback joined #salt
15:48 kedare joined #salt
15:48 kedare Hi all :)
15:48 kedare Small question
15:49 kedare Is there a way to get the Job ID from the job itself (That would be a state.apply) ?
15:56 babilen hardyfresh: That should be possible, yes
15:57 hardyfresh babilen: I found this article that suggests that I'll have to revisit the idea and merge the pillar data with an alternate strategy: https://fabianlee.org/2017/05/12/saltstack-combine-multiple-pillar-files-under-a-single-key/
15:58 impi joined #salt
15:58 hardyfresh Which seems like it's the only way as the pastebin link that I provided does not work
15:58 babilen Why is that?
15:59 babilen I haven't looked into your data in detail, but lists are merged if you enable that
15:59 babilen (as are other datastructure)
15:59 hardyfresh because the 2 lists share top level keys
15:59 GMAzrael joined #salt
15:59 hardyfresh so only the values from the last pillar.sls file are retained, unfortunately
16:00 babilen Lists that share keys can be combined
16:00 hardyfresh I'm not seeing that in action, does it require some additional configuration/steps?
16:00 babilen https://docs.saltstack.com/en/latest/ref/configuration/master.html#pillar-merge-lists
16:01 babilen You might want to read the block on "pillar merge strategy"
16:01 hardyfresh ah interesting, thanks
16:07 onlyanegg joined #salt
16:09 babilen hardyfresh: Working as expected now?
16:10 hardyfresh I haven't tested it yet, I need to verify that my existing pillars are not depending on the previous behavior
16:11 babilen If the monitoring goes bonkers .. it did ;)
16:11 hardyfresh haha exactly!
16:14 johnj joined #salt
16:14 swills joined #salt
16:14 swills joined #salt
16:18 kjsaihs joined #salt
16:22 jab416171 joined #salt
16:25 socket- Hello, I want to make sure auditd is running, but only reload it if its turned off, or if a file has changed since the last time checked.  Here is my current state: https://apaste.info/tnEO however, if i stop the auditservice the service does not reload.
16:26 DammitJim joined #salt
16:26 socket- Can I have onchanges only apply to the reload portion of the service.running and not to the enable?
16:28 summers should be ok to leave off the `- enable: True` from the state, the default is None, which means no change
16:31 socket- ok, i tried that. I just did a "service auditd stop" on the box, and then applied the state, but it said "service.running... state not run because none of the onchanges reqs changed"
16:32 socket- I want it to always be running, and only reload if changes are detected, do i need 2 items for this?
16:32 oida_ joined #salt
16:34 socket- like https://apaste.info/YJun ?
16:34 summers you should not need 2 items for that, no
16:34 iggy dxiri: I wouldn't say formulas are the standard way (they can at times be more cumbersome than they are worth), but they are definitely a way that generally more than one person uses
16:35 summers socket-: try changing the `onchanges` to `watch`
16:35 summers IIRC `onchanges` is deprecated for service states
16:35 iggy other way around
16:36 summers `watch can be used with service.running to restart a service when
16:36 iggy or wait, I'm thinking of cmd.* states
16:36 summers another state changes ( example: a file.managed state that creates the service's config file ). More details regarding watch can be found in the Requisites documentation.`
16:36 summers https://docs.saltstack.com/en/latest/ref/states/all/salt.states.service.html#salt.states.service.running
16:36 summers iggy: I think you are :)
16:38 edrocks joined #salt
16:40 socket- thanks, that worked!
16:40 summers socket-: I think you will def want to keep the `enable: True` in there too, btw
16:40 summers I expect it will be enabled by default by your distro, but just in case
16:40 summers enable it so you have that guarantee
16:40 summers also kudos for using auditd, it's a great tool
16:41 bushelofsilicon joined #salt
16:43 bushelofsilicon is test kitchen what everyone is using to test their configs?
16:43 oida joined #salt
16:43 summers nah, test in prod
16:44 pbandark1 joined #salt
16:45 bushelofsilicon lol
16:46 edrocks joined #salt
16:50 ikarpov_ joined #salt
17:02 pipps joined #salt
17:02 iggy same
17:03 shanth joined #salt
17:03 pipps joined #salt
17:04 shanth for the salt minion can you specify which IP it uses? having issues getting a minion to talk to the master because it is has so many interfaces
17:07 nixjdm joined #salt
17:09 bushelofsilicon wait, what? changes go directly to your production environment?
17:09 iggy shanth: no, you need to set the routes up on the minion correctly
17:10 iggy bushelofsilicon: yep
17:10 shanth actually its not interfaces its ipsec tunnel iggy - other applications have to set the ip as well, is there a way to do it for the minion?
17:11 shanth i just want to speficy what ip the minion uses
17:11 iggy shanth: no, because the minion isn't listening, it's making outgoing connections to the master
17:11 shanth theres no way at all to specify?
17:11 iggy for the 3rd time, no
17:11 pipps joined #salt
17:12 bushelofsilicon iggy: I thought summers was joking, are changes really that low risk?
17:12 iggy no, we just have a plan for rolling back everything if it doesn't work
17:13 shanth seems like a missing feature :(
17:14 iggy shanth: that's not how networking really works... when a "client" (in the client/server sense) makes a connection to a server, it doesn't specify what IP to use... it just says "connect to X server on Y port"
17:15 johnj joined #salt
17:18 shanth iggy the way the networking guy explained it to me was that since this box has an ipsec tunnel running, things that connect over the tunnel try to use the external ip and applications need to speficy their source ip. even ping has a -S option and only works if you specify the right ip, seems odd that salt cant specify source ip for minion
17:20 iggy feel free to open a GH issue
17:22 shanth good plan :)
17:24 mchlumsky joined #salt
17:26 bushelofsilicon shanth: the only applications I've seen where you can specific the route are network testing tools. In my experience, you set the route on the router or endpoint, or some VPN clients let you push routes to the endpoint
17:31 csmule joined #salt
17:38 pipps joined #salt
17:40 squishypebble joined #salt
17:41 GMAzrael joined #salt
17:45 overyander joined #salt
17:54 morissette joined #salt
17:58 Cumulo741 joined #salt
18:00 pipps joined #salt
18:02 wavded joined #salt
18:03 Hybrid joined #salt
18:04 oida_ joined #salt
18:16 johnj joined #salt
18:18 ChubYann joined #salt
18:18 nixjdm joined #salt
18:19 K0HAX joined #salt
18:19 edrocks joined #salt
18:21 pipps joined #salt
18:22 Shirkdog joined #salt
18:22 Hybrid joined #salt
18:26 mkoskar joined #salt
18:27 pipps joined #salt
18:37 pbandark what is recommended way to install "libcloud" on salt-master? with rpm/yum :"python2-libcloud" or with pip: "apache-libcloud" ?
18:38 nexus2000 joined #salt
18:39 pipps joined #salt
18:39 iggy depends on if the version available from your package manager has all the features you need (usually it doesn't)
18:40 pbandark ok
18:42 aldevar joined #salt
18:43 nexus2000 playing with salt orchestrator and don't know if it is possible to match an specific tgt with several conditions (tgt: "os:CentOS and id:name1")
18:43 nexus2000 any idea?
18:44 lordcirth_work nexus2000, haven't used orch, but if it's a compound matcher, you can do "G@os:CentOS and G@id:name1"
18:45 nexus2000 it doesn't work
18:45 nexus2000 it works if you put something like: "os:CentOS" (and select tgt_type: grain)
18:46 nexus2000 but it doesn't work with the "and"
18:46 lordcirth_work Does it allow tgt_type: compound?
18:47 nexus2000 mmm, let me test it
18:47 nexus2000 nice, it works
18:47 nexus2000 it isn't documented
18:47 oida joined #salt
18:47 pbandark iggy: with default installation either with yum/pip, i am facing issue while passing "email" for "service_account" in GCP. hence, i cloned the libcloud code from github. but, i can see the "gce.py" file differs from what i can see with yum/pip installation.
18:47 nexus2000 tgt_type can be "glob" (default) or "grain"
18:48 nexus2000 thanks, lordcirth_work
18:48 lordcirth_work nexus2000, np.  You should consider making a PR to fix the docs
18:53 alvinstarr joined #salt
18:54 alvinstarr joined #salt
18:56 mikecmpbll joined #salt
18:57 tapoxi where are the RPMs for salt 2016.11.7?
18:58 oida_ joined #salt
18:58 tapoxi repo only has 2016.11.6, 2017.7.1
19:01 pbandark1 joined #salt
19:04 absolutejam Is there an easy way to manage minion/master config via a Salt state?
19:04 absolutejam Like, is there a state for it I mean. I did have a look but perhaps I'm being dumb
19:09 nexus2000 lordcirth_work, sure
19:11 onlyanegg joined #salt
19:16 yuhl_ joined #salt
19:17 johnj joined #salt
19:18 nixjdm joined #salt
19:26 lordcirth_work absolutejam, file.managed, essentially.  Also some config can be offloaded to pillar
19:27 mayk_ joined #salt
19:34 shred joined #salt
19:36 aneeshusa joined #salt
19:36 ecdhe joined #salt
19:45 nixjdm joined #salt
19:53 ibro joined #salt
19:54 pipps joined #salt
19:57 shred joined #salt
20:10 csmule joined #salt
20:12 ChubYann joined #salt
20:15 Cumulo741 joined #salt
20:17 oida joined #salt
20:18 johnj joined #salt
20:18 edrocks joined #salt
20:18 nixjdm joined #salt
20:23 oida_ joined #salt
20:26 aneeshusa joined #salt
20:36 nixjdm joined #salt
20:36 oida joined #salt
20:38 ouemt joined #salt
20:49 pbandark1 joined #salt
20:50 sh123124213 joined #salt
20:52 gh34 joined #salt
20:52 _KaszpiR_ joined #salt
20:57 pipps joined #salt
21:00 capstar joined #salt
21:01 edrocks joined #salt
21:05 pipps joined #salt
21:06 pipps joined #salt
21:06 bigjazzsound joined #salt
21:07 wavded joined #salt
21:07 ChubYann joined #salt
21:13 aldevar left #salt
21:16 nixjdm joined #salt
21:19 johnj joined #salt
21:23 aneeshusa joined #salt
21:34 tapoxi joined #salt
21:40 pipps joined #salt
21:44 xMopxShell Does salt's mysql modules expose a way to use the underlying db engine's query iterpolation? I can't seem to find it...
21:45 xMopxShell e.g. i'm used to MysqlDB's `cursor.execute("select x from y where z = ?;", (foobar, ))`, where it safely subs in teh values for you
21:45 xMopxShell I see there's mysql.quote_identifier, but that's not quite as good IMO.
21:46 wavded joined #salt
21:53 doubletwist So the minion running on my salt-master. It's a vmware vm. productname grain = VMware Virtual Platform,  and manufacturer grain = VMware, Inc.,
21:53 doubletwist However the virtual: grain says "xen" and virtual_subtype says "Xen PV DomU"
21:53 doubletwist Why might that be and how can I get it to recognize the VM type correctly?
21:54 doubletwist minion and master are v 2017.7.1
21:54 pipps joined #salt
21:56 doubletwist Other VMs kickstarted off the same image/kickstart process correctly identify as vmware
22:00 iggy doubletwist: what does virt-what report?
22:00 doubletwist vmware
22:04 whytewolf doubletwist: if you salt-call -l debug saltutils.sync_grains is there anything about Please install virt-what?
22:04 pipps joined #salt
22:05 whytewolf [not asking if it is installed just if salt detects it]
22:06 GMAzrael joined #salt
22:06 cgiroua joined #salt
22:06 doubletwist No
22:06 doubletwist Though it ends in: [DEBUG   ] Could not LazyLoad saltutils.sync_grains: 'saltutils.sync_grains' is not available.
22:06 whytewolf oh wait, never mind. huh, only way to get xen as the output of that grain is with virt-what output
22:07 whytewolf sorry that was my bad put an s on saltutil by accident
22:08 pipps joined #salt
22:08 whytewolf humm, and XenPV DomU only shows up if xen shows up in dmesg
22:08 whytewolf or the xen drivers are in /sys/bus/xen/drivers
22:10 doubletwist right. without the s it finishes but doesn't have any error about grains or virt-what
22:10 doubletwist neither 'xen' nor 'domu' [of any case] shows up in dmesg
22:11 whytewolf the system having this issue is FreeBSD or linux?
22:11 doubletwist ok now there's something
22:11 doubletwist LInux
22:11 doubletwist Oracle Linux 7.4
22:12 doubletwist on the master [which shows up as xen] there are items in /sys/bus/xen/drivers/    and there isn't on the minions that show up as vmware
22:12 whytewolf okay, that might be what is causing it. you have the xen drivers installed. for some reason
22:12 doubletwist not sure how
22:13 whytewolf https://github.com/saltstack/salt/blob/v2017.7.1/salt/grains/core.py#L770-L776
22:18 nixjdm joined #salt
22:19 doubletwist weird. The files aren't owned by any package. I have NO idea how they got installed
22:20 whytewolf sys is a virtual filesystem that is kernel controlled.
22:20 johnj joined #salt
22:22 whytewolf check your kernel
22:27 GMAzrael joined #salt
22:30 doubletwist Thank you. I'm looking into it.
22:31 Lighter joined #salt
22:33 pipps joined #salt
22:34 Lighter_ joined #salt
22:41 aneeshusa joined #salt
22:43 oida_ joined #salt
22:43 bbradley joined #salt
22:47 pipps joined #salt
22:48 GMAzrael joined #salt
22:49 oida joined #salt
22:55 bbradley joined #salt
22:56 squishypebble joined #salt
23:03 GMAzrael joined #salt
23:21 johnj joined #salt
23:24 GMAzrael joined #salt
23:40 zerocool_ joined #salt
23:41 pipps joined #salt
23:45 GMAzrael joined #salt

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary