Perl 6 - the future is here, just unevenly distributed

IRC log for #salt, 2017-09-28

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:00 justanotheruser joined #salt
00:06 GMAzrael joined #salt
00:10 Cumulo741 joined #salt
00:22 johnj joined #salt
00:27 GMAzrael joined #salt
00:33 squishypebble joined #salt
00:38 GMAzrael joined #salt
00:43 justanotheruser joined #salt
00:48 johnj joined #salt
00:48 GMAzrael joined #salt
00:58 shred joined #salt
00:58 wavded joined #salt
01:02 cgiroua joined #salt
01:09 GMAzrael joined #salt
01:14 XenophonF exit
01:14 XenophonF whoops wrong window
01:17 wavded joined #salt
01:26 pipps joined #salt
01:29 Brew joined #salt
01:31 squishypebble joined #salt
01:32 GMAzrael joined #salt
01:32 shred joined #salt
01:38 wavded joined #salt
01:39 tiwula joined #salt
01:55 ilbot3 joined #salt
01:55 Topic for #salt is now Welcome to #salt! <+> Latest Versions: 2016.11.7, 2017.7.1 <+> Support: https://www.saltstack.com/support/ <+> Logs: http://irclog.perlgeek.de/salt/ <+> Paste: https://gist.github.com/ <+> See also: #salt-devel, #salt-offtopic <+> We are volunteers and may not have immediate answers
01:55 GMAzrael joined #salt
01:58 onlyanegg joined #salt
02:03 GMAzrael_ joined #salt
02:03 squishypebble joined #salt
02:04 squishypebble joined #salt
02:07 justan0theruser joined #salt
02:08 justan0theruser joined #salt
02:10 oida_ joined #salt
02:11 zerocool_ joined #salt
02:17 BlackSponge joined #salt
02:18 al joined #salt
02:19 WildPikachu joined #salt
02:24 onlyanegg joined #salt
02:24 GMAzrael joined #salt
02:25 squishypebble joined #salt
02:36 summers I was totally joking about testing in prod (mostly)
02:37 summers bushelofsilicon: save yourself, it was a joke
02:37 summers we have a set of tiered envs that we test on well before a serious change hits prod
02:40 alexlist joined #salt
02:41 squishypebble joined #salt
02:43 pipps joined #salt
02:45 GMAzrael joined #salt
02:52 evle joined #salt
02:54 gnomethrower summers: Everyone has a test environment
02:54 gnomethrower some of us are just lucky enough to also have a production environment ;)
02:54 summers heh, nice
02:55 summers I was totally testing the grafana4 states in prod with test=True when I realized that test=True was totally ignored and I had just broken all datasources for everyone, like 50+ dashboards were toast in an instant
02:55 summers that was awesome
02:56 summers it took all of 10 seconds to fix, but srsly
03:00 oida joined #salt
03:06 GMAzrael joined #salt
03:14 ahrs joined #salt
03:15 ahrs joined #salt
03:21 farcaller joined #salt
03:27 GMAzrael joined #salt
03:27 justanotheruser joined #salt
03:34 justanotheruser joined #salt
03:35 ikarpov_ joined #salt
03:37 blue joined #salt
03:38 daemonkeeper joined #salt
03:38 cb joined #salt
03:39 Armadillo joined #salt
03:39 Dr_Jazz joined #salt
03:39 ujjain joined #salt
03:39 ujjain joined #salt
03:48 GMAzrael joined #salt
03:48 ujjain joined #salt
03:48 ujjain joined #salt
03:59 PFault joined #salt
03:59 marwel joined #salt
04:01 stankmack joined #salt
04:05 oida_ joined #salt
04:09 mschiff joined #salt
04:09 mschiff joined #salt
04:09 mrud joined #salt
04:09 mrud joined #salt
04:09 GMAzrael joined #salt
04:15 GMAzrael joined #salt
04:17 Bock joined #salt
04:20 Guest66150 joined #salt
04:21 hatifnatt joined #salt
04:23 oida joined #salt
04:36 oida_ joined #salt
04:36 GMAzrael joined #salt
04:39 sjorge joined #salt
04:56 oida joined #salt
04:56 GMAzrael joined #salt
05:17 GMAzrael joined #salt
05:38 GMAzrael joined #salt
05:40 ntropy joined #salt
05:52 mayk joined #salt
05:52 jj88_ joined #salt
05:59 GMAzrael joined #salt
05:59 jj88_ hi
06:00 jj882 is anybody on
06:02 jj882 all these ppl and nobody is on?
06:03 jj882 can anybody see what im typing
06:06 EthPyth joined #salt
06:14 gnomethrower jj882: yes, we can see what you're typnig
06:14 gnomethrower typing*
06:14 gnomethrower don't ask if you can ask a question, just ask!
06:20 GMAzrael joined #salt
06:23 stanchan joined #salt
06:24 mkoskar joined #salt
06:25 Ricardo1000 joined #salt
06:32 do3meli joined #salt
06:32 do3meli left #salt
06:35 sh123124213 joined #salt
06:39 aldevar joined #salt
06:41 GMAzrael joined #salt
06:48 whytewolf jj882: no one is answering because it is almost midnight. in the western part of the states. which is where most of the people in this channel are located [most, not all]
07:02 GMAzrael joined #salt
07:04 mayk joined #salt
07:08 johnj joined #salt
07:09 coredumb hey whytewolf isn't it getting late for you as well?
07:09 whytewolf yeap, it is midnight
07:10 aanriot joined #salt
07:13 Hybrid joined #salt
07:14 oida_ joined #salt
07:16 whytewolf don't have work until monday
07:23 GMAzrael joined #salt
07:30 robman joined #salt
07:34 JAuz joined #salt
07:36 onlyanegg joined #salt
07:42 coredumb whytewolf: neat :)
07:44 GMAzrael joined #salt
07:45 jj882 hi all
07:45 jj882 it is 245 here
07:50 jj882 i need a mentour anybody game
07:55 babilen You might get an answer if you actually ask a question that relates to salt :)
07:58 _KaszpiR_ joined #salt
08:02 obitech joined #salt
08:02 Lighter_ joined #salt
08:04 pbandark joined #salt
08:05 jj882 not sure im in the right chat im trying to figure out how to use  i2p and bit torrent i do bealive my isp is blocking torrents
08:05 GMAzrael joined #salt
08:07 whytewolf this is definitely the wrong room for that
08:07 obitech jj882 get a vpn mate
08:07 obitech https://thatoneprivacysite.net/vpn-section/
08:09 jj882 i dl a vpn
08:09 johnj joined #salt
08:09 jj882 didnt work
08:09 jj882 what is this chat room for
08:10 babilen saltstack -- https://saltstack.com/
08:10 whytewolf jj882: cox doesn't block torrents.
08:11 heyimawesome joined #salt
08:11 jj882 the fact that you know im on cox is creepy lol
08:13 whytewolf it shows when you do a /whois on you
08:13 obitech exactly haha
08:13 jj882 well for some reason my bit torrent wont connect
08:13 jj882 but i think i messed up in irc
08:13 schasi joined #salt
08:13 jj882 maybe im on the wrong server
08:14 whytewolf who are on freenode
08:14 whytewolf s/who/you
08:14 jj882 there is a #salt for i2p
08:14 brd joined #salt
08:15 jj882 https://thetinhat.com/tutorials/darknets/i2p.html
08:15 whytewolf this isn't that #salt
08:15 jj882 can anyone direct me on how to get to the room this article refers 2
08:15 whytewolf you are on the wrong server
08:16 jj882 that article doesnt list a server just a ip is that the same thing
08:16 whytewolf from that link you need to be in i2p to connect to the right server
08:17 whytewolf 127.0.0.1 = your computer
08:17 mikecmpbll joined #salt
08:20 _KaszpiR_ joined #salt
08:21 jj882 hmmm
08:22 jj882 i finally got i2p to reopen in a windows expolre browser but dont know where to go to  from there not seeing a irc option
08:23 whytewolf you need to connect your irc client [the thing you are here on] to 127.0.0.1 port 6668
08:24 jj882 i will have to go dl a client
08:24 jj882 running this in a chrome window
08:24 jj882 and btw something if not cox maybe the router is blocking torrents
08:24 whytewolf wouldn't doubt it.
08:25 jj882 i thought at first maybe it was low seed torrents but then i got a high seed one and still same problem
08:25 jj882 the problem is im in a appartment complext which provides internet so to my knowledge no acess to router settings
08:25 GMAzrael joined #salt
08:26 whytewolf well, that sucks
08:26 whytewolf honestly, you really should get a VPN.
08:27 whytewolf much easier to setup
08:28 jj882 i got a vpn
08:28 jj882 ran it and still did not help
08:29 jj882 dont really know what im doing
08:29 jj882 i dl tunnel bear
08:30 jj882 only 500 mb a month for free but from a article i read i just need to get the torrent started
08:30 jj882 after that its unblocked
08:31 Mattch joined #salt
08:36 whytewolf well, I've given about all the help i dare to. you might actually want to try #i2p-help [the channel does exist on this server]
08:41 schasi I have a machine that I think is targeted via top.sls, but the states for it are not run. Is there a way to test targetting?
08:41 schasi Rather to test my file; if the definitions in it target a machine and why
08:42 whytewolf schasi: salt 'minion'state.show_top
08:46 schasi Thanks. That shows me that the state I have for it in top.sls doesn't get applied. Huh
08:46 GMAzrael joined #salt
08:48 jesusaur joined #salt
08:49 schasi I found what I have to change for it to work. I don't get why though :D
08:49 whytewolf what was it?
08:52 schasi I have a top.sls with targeting: 'E@(?i)MediaWiki-\d+.*' and a "MediaWiki.sls" with "roles: [Common, Wiki]" in it
08:52 schasi Change the "roles: [Common, Wiki]" to "roles: [Common, MediaWiki]" and the "MediaWiki-1.url.com" gets targetted correctly
08:53 schasi The top.sls above is in pillars. There is also a top.sls in states, which tells what states are run on which machine. I thought that alone would be enough
08:54 whytewolf ... that. shouldn't have changed anything
08:55 schasi I agree. Hence my confusion
08:55 schasi There might be some magic somewhere else that I don't see
08:56 whytewolf unless you were targetting in your states files on MediaWiki not wiki
08:57 whytewolf for a role
08:57 jj88 joined #salt
08:57 schasi Oh wait. I think I get it
08:58 schasi I was targeting on MediaWiki
08:59 schasi pillars/top.sls says which machines get which pillars/<something>.sls. then in <something>.sls, it says which roles are assigned. Then in states/top.sls, I say which roles get which states.
09:00 whytewolf that would be how you have it setup yes.
09:00 * whytewolf hates writters block
09:01 yuhl joined #salt
09:01 schasi whytewolf: What do you need to write (about)?
09:01 zerocool_ joined #salt
09:02 whytewolf i signed up to give a talk during saltconf
09:03 whytewolf "Salt’s Little Secrets Revealed"
09:04 taaperotassu joined #salt
09:04 jj88 hi
09:05 whytewolf still the wrong room jj88
09:05 jj88 i know i cant figure out what server to connect 2
09:05 jj88 but i did dl a irc client called ice chat
09:05 schasi What little secret does salt have?
09:05 schasi secrets
09:06 whytewolf jj88: try asking over in #i2p-help
09:06 zerocoolback joined #salt
09:06 whytewolf lots of things. that a lot of people miss.
09:06 whytewolf ignore_missing for pillar states. [undocumented feature]
09:06 whytewolf a lot of people miss how to use mine from pillar
09:07 whytewolf spm
09:07 whytewolf and one or two bad things like - names gone wrong
09:07 schasi If I were you, I'd start out with some slides where I just put those things as a header
09:07 GMAzrael joined #salt
09:07 schasi Than make a couple of sloppy bullet points
09:08 schasi Bam, you have 20% of the work done ;-)
09:08 whytewolf thats pretty much where i was going to start. :P
09:08 jj88 only one person in that room whyte lol
09:08 whytewolf jj88: well then try #i2p
09:08 jj88 why is my isp still showing win using vpn
09:09 schasi Then I don't get where the writers block is
09:09 jj88 wait may have had it off
09:09 whytewolf schasi: coming up with what to actually say. :P
09:09 johnj joined #salt
09:09 schasi Heh :D
09:10 jj88 will it always list my cox if i connected with that orginially ?
09:10 schasi What do you know that the audience doesn't? What additional information is there for the individual points?
09:10 ECDHE_RSA_AES256 joined #salt
09:11 schasi Maybe you want to do a silent presentation ;-)
09:11 whytewolf lol ;-)
09:11 whytewolf anyway. it is 2am. i should head to bed
09:12 schasi Sleep tight
09:15 schasi So when whyteaway is not away, he is actually wolf ;-)
09:18 jj88 joined #salt
09:18 jj88 hi
09:19 schasi Still wrong channel, jj88 ;-)
09:19 jj88 wow figure out how to login into this chat was fun
09:19 jj88 not wrong chat no one in other chat and im bored lol
09:19 jj88 and rusty on how to use irc
09:19 jj88 so i figured id check stuff in this channel if ok with yall
09:20 jj88 i think i  got my vpn to work
09:20 jj88 can yall check
09:22 yuhl_ joined #salt
09:23 schasi I wouldn't know why
09:24 jj88 win i do a who is it doesnt say cox anymore
09:24 obitech you can check your VPN on your own: https://ipleak.net/
09:26 jj88 says im in canada so im guesssing so
09:27 jj88_ joined #salt
09:28 GMAzrael joined #salt
09:33 mayk_ joined #salt
09:36 onlyanegg joined #salt
09:39 impi joined #salt
10:00 obitech in the salt-ssh roster file, what's the difference between defining a 'sudo' and 'sudo_user' ? It's not quite clear to me when I should user the one over the other
10:07 masber joined #salt
10:10 GMAzrael joined #salt
10:11 johnj joined #salt
10:15 babilen obitech: sudo means "Salt will become root" while sudo_user defines the user salt will use (if you don't want root)
10:17 EthPyth joined #salt
10:17 zerocool_ joined #salt
10:20 babilen obitech: https://github.com/saltstack/salt/blob/develop/salt/executors/sudo.py#L55-L62
10:31 GMAzrael joined #salt
10:37 obitech thanks babilen!
10:44 Naresh joined #salt
10:48 EthPyth joined #salt
10:50 DanyC joined #salt
10:52 GMAzrael joined #salt
11:00 aldevar left #salt
11:12 nick123 joined #salt
11:13 GMAzrael joined #salt
11:18 GMAzrael joined #salt
11:37 aldevar joined #salt
11:37 onlyanegg joined #salt
11:43 GMAzrael joined #salt
11:50 EthPyth joined #salt
11:51 EthPyth joined #salt
11:55 smead joined #salt
12:03 EthPyth joined #salt
12:04 GMAzrael joined #salt
12:05 LeProvokateur joined #salt
12:09 GMAzrael joined #salt
12:11 zerocool_ joined #salt
12:13 yuhl joined #salt
12:15 yuhl joined #salt
12:16 GMAzrael_ joined #salt
12:26 GMAzrael joined #salt
12:28 GMAzrael_ joined #salt
12:35 edrocks joined #salt
12:36 yuhl joined #salt
12:36 hojgaard joined #salt
12:52 cgiroua joined #salt
12:53 CrummyGummy joined #salt
12:54 revellion joined #salt
13:01 JawnAuz joined #salt
13:11 skpilar joined #salt
13:13 gh34 joined #salt
13:14 test joined #salt
13:17 johnj joined #salt
13:18 numkem joined #salt
13:21 ikarpov joined #salt
13:22 nexus2000 joined #salt
13:23 onlyanegg joined #salt
13:29 wavded joined #salt
13:30 wavded joined #salt
13:37 KingJ joined #salt
13:41 oida joined #salt
13:43 squishypebble joined #salt
13:48 oida joined #salt
13:48 tom[] can i use join(',') to join values inside under a dick, like this https://gist.github.com/tom--/709b61eb0c521706f928be1ae1bfa552 ?
13:49 fl3sh joined #salt
13:50 racooper joined #salt
13:52 zerocool_ joined #salt
13:55 XenophonF yes but use the Jinja |join filter
13:55 XenophonF e.g., http://jinja.pocoo.org/docs/dev/templates/#filters
13:55 XenophonF see also http://jinja.pocoo.org/docs/dev/templates/#join
13:56 tom[] XenophonF: ah the attribute='' might do it
13:57 tom[] so in my case
13:57 tom[] {{ pillar.cluster.items()|join(',', 'private_ip') }}
13:58 XenophonF don't use items
13:58 XenophonF use the |dictsort filter
13:58 XenophonF {{ salt.pillar.get('cluster', {})|dictsort|join(',', attribute='private_ip') }}
14:01 KaczuH joined #salt
14:02 XenophonF use pillar.get to ensure a defined return value
14:02 XenophonF otherwise you'll get an attribute error at render time if the 'cluster' attribute doesn't exist
14:05 squishypebble joined #salt
14:06 XenophonF I'd recommend going one step further and using the |yaml_encode filter
14:06 XenophonF {{ salt.pillar.get('cluster', {})|dictsort|join(',', attribute='private_ip')|yaml_encode }}
14:07 XenophonF the reason being that ensures the resulting string gets escaped properly
14:09 tom[] join(',', attribute='private_ip') fails because private_ip is nested under the node name, e.g. cluster.bhs1.private_id and cluster.bhs2.private_id
14:09 tom[] https://gist.github.com/tom--/709b61eb0c521706f928be1ae1bfa552
14:12 orlando_arcapix joined #salt
14:14 ouemt joined #salt
14:17 csmule joined #salt
14:17 XenophonF not sure you can use map in that scenario
14:18 XenophonF you'll probably have to loop over the dictionary
14:18 tom[] at present i use {% for but it's a bit ugly
14:18 XenophonF something like {% for member in salt.pillar.get('cluster', {})|dictsort %}...
14:19 tom[] i didn't use pillar.get() because if the attribute doesn't exist then the server cannot be safely configured. i'd prefer the error at render time and fix it rather than hide the problem
14:19 johnj joined #salt
14:21 XenophonF I always ensure defined returns.  To prevent render errors like that, I add if statements that turn off that code path if value is false or none (as appropriate).
14:22 cablekevin joined #salt
14:25 q1x ohai
14:27 q1x any here using salt virt? I'm trying to set it up as per https://docs.saltstack.com/en/latest/topics/virt/nic.html#vm-nic-profiles but I keep getting "State 'virt.nic' in SLS 'mysls' is not formed as a list"
14:28 q1x even with something simple as https://pastebin.com/W68xmLJU
14:29 tom[] XenophonF: in my case here, if this part of a template renders without the attribute then that means there' a serious bug in the pillar data. so i could add a test that would raise an exception if the attribute is not defined. but it seems easier (and DRY) to let the templating fail so i see the error and fix it
14:31 GMAzrael joined #salt
14:33 pualj joined #salt
14:34 q1x oh crap, I think I see the problem here, I was thinking this was state but it seems to be pillar
14:39 onlyanegg joined #salt
14:39 doubletwist Ok, so I haven't narrowed it down yet, but something about Oracle's UEK kernel > 4.1.12-61 is installing those xen drivers that make the grains think it is a xen virtual instead of vmware
14:39 doubletwist I updated my test minions and now they all show virtual: xen
14:40 tapoxi joined #salt
14:45 sarcasticadmin joined #salt
14:52 mikecmpbll joined #salt
15:03 yuhl joined #salt
15:17 Brew joined #salt
15:21 pipps joined #salt
15:21 johnj joined #salt
15:24 tiwula joined #salt
15:30 pipps joined #salt
15:37 KaczuH joined #salt
15:42 onlyanegg joined #salt
15:46 aneeshusa joined #salt
15:50 jfelchner joined #salt
15:57 tapoxi joined #salt
15:58 _JZ_ joined #salt
15:58 johnkeates joined #salt
16:04 oida_ joined #salt
16:06 edrocks joined #salt
16:18 pbandark1 joined #salt
16:23 johnj joined #salt
16:34 Shirkdog joined #salt
16:36 motherfsck joined #salt
16:49 DanyC joined #salt
16:49 _KaszpiR_ joined #salt
16:53 numkem joined #salt
17:08 nexus2000 joined #salt
17:10 nixjdm joined #salt
17:11 GMAzrael joined #salt
17:12 pipps joined #salt
17:13 ibro joined #salt
17:15 axm joined #salt
17:16 yuhl joined #salt
17:19 JawnAuz Anyone here have recommendations for editors to use when writing sls/jinja files for Salt? Best I've seen is Atom with some specialized plugins so far. Not great support in VS-Code from what I can tell.
17:20 lordcirth_work JawnAuz, since I edit on the master via ssh, I just use vim with some settings for YAML
17:21 impi joined #salt
17:22 LeProvokateur joined #salt
17:22 JawnAuz Yeah, I store my configs on a repo and just use GitFS, so I'm rarely editing on the Master. Workable so far between Atom/VS-Code but would be nice to have an extension that understood Salt states. YAML linter is helpful enough though most of the time.
17:25 johnj_ joined #salt
17:26 lordcirth_work I find gitfs annoying, I like to be able to test something *before* committing it.  My gitfs repos have far too many 1-character commits.
17:32 mikecmpbll joined #salt
17:37 JawnAuz Oh yeah, my dev branch is full of syntax fix commits, I hear ya there. :)
17:37 XenophonF joined #salt
17:39 oida_ joined #salt
17:41 numkem joined #salt
17:49 swa_mobil joined #salt
17:54 pipps joined #salt
18:11 squishypebble joined #salt
18:20 nixjdm joined #salt
18:24 squishypebble joined #salt
18:25 pipps99 joined #salt
18:25 oida_ joined #salt
18:26 johnj_ joined #salt
18:34 ChubYann joined #salt
18:37 torontoyes joined #salt
18:40 oida_ joined #salt
18:40 iggy yeah, we have dev systems with a dev master, hack until it works there, then commit to git which then goes to our prod masters (not via gitfs, but similar)
18:43 torontoyes I am trying to bootstrap install minions, however, I get the following issue: https://pastebin.com/Jt5RPmwC
18:47 Lionel_Debroux joined #salt
18:48 flowstategames joined #salt
18:49 edrocks joined #salt
18:50 flowstategames anyone currently around have experience diagnosing mass minion disconnects?
18:51 LeProvokateur joined #salt
18:51 flowstategames beyond setting master_tries to -1 and ping_interval to 1min
18:57 lordcirth_work flowstategames, you've checked the logs on master and minion side?
18:58 flowstategames nothing in master, 90% of our minion log files are just empty
18:58 flowstategames sometimes the minion dies, but the far more frequent case is that it's running, and if I test.ping from minion to master, they reconnect
18:59 flowstategames so now I have crons to do that, which still don't appear to be enough
19:00 lordcirth_work flowstategames, is the network reliable?
19:00 flowstategames there are no firewall rules or weird hops between master and minion, and we've had no other stability problems
19:00 flowstategames this is in AWS
19:00 flowstategames in a single VPC
19:01 flowstategames and there are no load-balancers in the way (ran into that early, that was nasty)
19:02 toastedpenguin joined #salt
19:02 sh123124213 joined #salt
19:03 cyborg-one joined #salt
19:10 DammitJim joined #salt
19:12 numkem joined #salt
19:14 sh123124213 joined #salt
19:15 obscuras joined #salt
19:15 obscuras anybody know the difference between using #!yaml|gpg in my pillar and the new (2017.7) decrypt_pillar configuration option?  Why does the new option exist?
19:15 phtes Any way to conditionally try pkg names for installing?
19:15 oida_ joined #salt
19:16 phtes Python-pip is python2-pip in some epel rpms , need to account for it
19:17 obscuras @phtes, what do you mean "in some...rpms"? Are there inconsistent dependencies, or do you mean per-platform differences?
19:18 phtes Some machines work some day use the alt name (python2)
19:18 phtes Best I could find was that it’s not always matching even though the rpm is directly downloaded
19:18 obscuras are the different machines running different os? if not, why do some use one and some use the other?
19:19 phtes Same image for them all , all using the same https link to dl
19:19 phtes I just inherited so it could just be an outdated sls
19:19 nixjdm joined #salt
19:20 obscuras are you spinning up new machines or managing existing ones?
19:20 phtes But online viewing shows its python-pip, downloadignthe rpm shows it as python2
19:20 phtes (In epel)
19:21 phtes New machines
19:21 obscuras and some think that the rpm provides python-pip and others think it provides python2-pip?
19:22 phtes Ah ha your on to something and old one now throws the error if I reprovision
19:23 phtes Looks like I need to just update the sls... still odd that online it says it’s still python-pip
19:28 johnj_ joined #salt
19:36 FroMaster joined #salt
19:36 FroMaster joined #salt
19:39 ouemt I've got a users.sls file that looks like:
19:39 ouemt users:
19:39 ouemt me:
19:39 ouemt - bunch of options
19:39 ouemt notme:
19:39 ouemt - bunch of options
19:40 ouemt In top.sls, how to I specify that I am a required user for a given nodegroup?
19:42 obscuras See this: https://stackoverflow.com/questions/32568714/saltstack-how-to-create-ssh-keys-per-user-per-server-and-exchange-it#32614406
19:43 obscuras I'm assuming your users.sls file is a pillar, because you don't list any valid states in your example.
19:43 ouemt obscuras: super new, so I'm not sure
19:43 ouemt what I posted is the content of the file, nothing above that
19:44 obscuras what's the filepath?
19:44 ouemt right now, /root/users.sls because I'm still working on it
19:44 ivo_ joined #salt
19:44 obscuras that won't do anything.
19:44 ouemt I know
19:44 ouemt it's not ready
19:45 ouemt I'm still trying to figure out how to put this all together
19:45 obscuras By default your base is /srv/pillar or /srv/salt (based on your master/minion config)
19:45 ouemt yeah, base is /srv/salt
19:46 ouemt /srv/salt/base/top.sls is where that file is, but I haven't moved the users.sls file in there yet
19:47 ouemt so under one of my nodegroups, I could just add a line like:
19:47 ouemt users:
19:47 ouemt - me
19:47 ouemt and if users.sls is in /srv/salt/base/ it should grab it?
19:48 ivo_ joined #salt
19:48 obscuras no, top.sls defines states to apply to that group.
19:48 obscuras users isn't a state as you've described it.
19:48 obscuras see https://docs.saltstack.com/en/latest/ref/states/all/salt.states.user.html#salt.states.user.present
19:49 ouemt yes
19:49 ouemt I've seen this page many times
19:49 Cumulo741 joined #salt
19:49 ouemt the given examples are too small in scope for me to see how all the pieces fit together
19:49 obscuras Look at the first link, since it shows how to assign specific values (such as usernames) to a specific set of nodes.
19:50 obscuras You can ignore the SSH key management if you want, but it also uses user.present.  Start with that as a sample and work from there.
19:54 ouemt obscuras: I'm sorry, but I don't understand that example
19:59 obscuras it uses a top.sls pillar to specify which servers get which users (as pillar data)
20:00 obscuras then you'd have a /srv/salt/top.sls base that would tell '*' to use the server_users state (/srv/salt/server_users.sls) which generates the appropriate states based on that pillar data.
20:01 obscuras (He doesn't mention the /srv/salt/top.sls configuration.)
20:05 ouemt obscuras: so the server01.sls file effectively "calls" the server_users script which contains the user.present directive for each of the passed users?
20:05 ouemt I know the terminology is off, but I'm still piecing this together
20:06 tom[] how do i make a filesystem in a dev but only if has no filesystem at present?
20:06 obscuras other way around.
20:06 DammitJim joined #salt
20:07 obscuras The /srv/salt/top.sls tells it to use the server_users sls on your target, which uses the data in the "server_users" pillar.
20:07 ouemt obscuras: but server_users doesn't occurr in his top.sls
20:08 pipps joined #salt
20:08 obscuras Then, the /srv/pillar/top.sls defines which values will be stored in the pillars for a given target:  server01 loads "users.server01" (/srv/pillar/users/server01.sls) and server02 loads users.server02.
20:08 obscuras server01.sls says that the pillar named "server_users" will contain the list of sarah, joe, etc...
20:08 ouemt and when those files are evaluated, they call server_users which is then evaluated
20:09 obscuras The master follows all the pillar rules to build the set of available pillar data.
20:09 ouemt ok, I think I understand how that works
20:09 obscuras Then the states can query the pillar data when they "run".
20:09 ouemt it also seems too complex for what I want to do, which is specify that one user should be on all minions
20:10 obscuras So even if you didn't have any states that referred to "server_data" pillar data, the pillar data would still be available.
20:10 obscuras If you just want a single user to be present on all minions, it really is just the second link I sent:
20:10 obscuras state_id:
20:10 obscuras user.present:
20:10 obscuras - name: my_userid
20:11 obscuras you can call state_id anything you like.
20:11 ouemt right, but I've already got all the users specified in my users.sls file, is there wa way to select a user from that file without restating all the options for that user?
20:11 obscuras so you want a single user from that list per target?
20:12 ouemt my user needs to be on all hosts
20:12 ouemt a different user needs to be on all hosts in nodegroup A
20:12 ouemt a third user needs to be on all hosts in nodegroup B
20:12 obscuras So you do want the more complicated example.
20:13 obscuras nodegroup A would include you and user 2.  nodegroup B would include you and user 3.
20:13 ouemt even in the more complicated example it doesnt show where the users are defined, other than by name
20:13 obscuras and you could create a default group (that '*' points to) that would include you.
20:13 obscuras how complicated are their options?
20:13 ouemt ~10 lines
20:14 obscuras but how similar between users?
20:14 ouemt the main thing is that I want to keep all the user info in one file if possible
20:14 ouemt it's the same options with different values specified for them
20:14 ouemt fullname, shell, home, uid, gid, password, createhome
20:14 ouemt groups*
20:14 obscuras got it.
20:15 obscuras You'll want to pack all that data into a map (dictionary), e.g.:
20:15 obscuras {% set users = {
20:15 obscuras "users": {
20:15 obscuras "param1": "value1",
20:15 obscuras "param2": "value2",
20:15 obscuras },
20:15 obscuras "user2": {
20:15 obscuras ...
20:15 obscuras }
20:15 obscuras } %}
20:16 obscuras then in the example, under "user.present" you would do something like:
20:16 ouemt where does that map go?
20:16 obscuras fullname: {{ users[user].fullname }}
20:16 obscuras shell: /bin/bash
20:17 obscuras otherparam: {{ users[user].otherparam }}
20:17 obscuras So you would have defined all the users in a jinja data structure...
20:17 obscuras ...and then you use the conditional for loop (for user in users) to build only the states for the users you want on that machine.
20:18 obscuras You can either stick the map in a file that you {% include %} or you can stick it at the top of your users.sls file.
20:18 ouemt ok, that map, minus {, %, ", and } is the file I have called users.sls
20:18 obscuras if you wanted to really jinja-heavy for the parameters you could even do:
20:18 ouemt I was hoping to avoid jinja alltogether lol
20:19 obscuras (oops -- you'd want to name your variable something other than "users" so that you don't collide with the "users" his example grabs from the pillar)
20:19 obscuras {% for option in my_users[user] %}
20:19 ouemt so there's no way to keep the user data out of top.sls?
20:19 nixjdm joined #salt
20:20 obscuras sorry, {% for option, value in my_users[user].items() %}
20:20 obscuras {{ option }}: {{ value }}
20:20 obscuras {% endfor %}
20:20 obscuras What do you mean "out of top.sls"?   None of this is in top.sls.
20:21 obscuras (Well, except for the /srv/pillar/top.sls that specifies which usernames should exist on which nodes.)
20:21 obscuras Everything else is in your users.sls state file.
20:22 ouemt ok, one sec
20:24 edrocks joined #salt
20:24 ouemt obscuras: https://gist.github.com/clegett/00dd5874eae0cea4e87af3d46d0164b0
20:25 ouemt ok, so I turn that file into the map by reformatting it as above
20:26 ouemt what does top.sls '*' entry look like if I'm the only user specified there?
20:27 obscuras Your /srv/salt/top.sls would look like:
20:27 obscuras base:
20:27 obscuras '*':
20:28 obscuras - users
20:28 obscuras and your /srv/pillar/top.sls would look like:
20:28 obscuras base:
20:28 obscuras 'nodegroupA':
20:28 obscuras - users.groupa
20:28 obscuras 'nodegroupB':
20:28 obscuras -users.groupb
20:29 obscuras and you'd have a /srv/pillar/users/groupa.sls that listed the users for that group, same for groupb.
20:29 ouemt just by name, right?
20:30 obscuras right, since you'll be creating a list that your state will iterate over in jinja. {% set users_to_enable = pillar.get("server_user") %} {% for user in users_to_enable %}
20:33 ouemt obscuras: ok, in the groupa.sls, the first line would be server_user here, right?
20:33 obscuras right.
20:33 obscuras that's the key by which pillar.get() will retrieve the data.
20:34 ouemt and users.sls with the map in it goes in /srv/salt/base/ ?
20:35 obscuras no, just /srv/salt/users.sls
20:35 obscuras (oddly enough)
20:35 obscuras in top.sls "base" is just the name of the "environment", i.e. which set of paths to use for looking for salt and pillar files.  "base" defaults to /srv/salt and /srv/pillar.
20:36 obscuras You could create other environments (like "dev") that point somewhere else for their state files.
20:36 ouemt my top.sls is in /srv/salt/base and starts with a base: line
20:36 ouemt I should move it to /srv/salt/
20:36 ouemt ?
20:36 obscuras top.sls will also be in /srv/salt/top.sls (for the one that points to your users.sls for all '*' targets.)
20:36 ouemt k
20:36 obscuras the /srv/pillar/top.sls will also have a "base" environment that tells which pillar data to use for which node group
20:37 ouemt I think base/ was created for some settings files I was trying to propagate
20:37 ouemt base/settings/.../file.txt
20:38 obscuras I'd probably call it "common" or something other than base to avoid thinking that your directory name has any connection to the "base" environment.
20:38 obscuras ...unless you set your file roots so that base points to /srv/salt/base/ and /srv/pillar/base/, but that just seems like it's asking for future confusion...
20:40 pbandark1 joined #salt
20:40 obscuras most often people will create a "files/" directory to store the files they're managing with salt.
20:41 ouemt mk, I was following some tutorial
20:41 obscuras like /srv/salt/files/settings/.../files.txt
20:41 ouemt back in my users.sls file
20:41 ouemt how do I handle groups and createhome with the map syntax?
20:43 obscuras Assuming you're setting "false" for createhome for all users, I wouldn't put it in the map and instead would make it part of the user.present state.
20:44 obscuras There are two ways to do groups:
20:45 obscuras 1) instead of the jinja-heavy {{ option }}: {{ value }} example I gave you above, list each option explicitly, like "shell: {{ user.shell }}" and for groups:
20:45 obscuras group:
20:45 obscuras {% for group in user.groups %}
20:45 obscuras - {{ group }}
20:45 obscuras {% endfor %}
20:45 obscuras 2) keep being very jinja-heavy and to something like:
20:46 obscuras {% if value islist %}
20:47 obscuras {{ value }}:
20:47 obscuras {% for entry in value %}
20:47 obscuras - {{ entry }}
20:47 obscuras {% endfor %}
20:47 sh123124213 joined #salt
20:47 obscuras {% else %}
20:47 obscuras {{ option }}:  {{ value }}
20:47 obscuras (oops above the {{ value }}: would be {{ option }})
20:47 obscuras {% endif %}
20:48 obscuras (also doublechecking the "islist" syntax)
20:48 obscuras and your map definition can nest data types, so in your map of:
20:48 obscuras "fullname": "myfullname",
20:48 obscuras "groups": ["group1", "group2", "group3"],
20:48 obscuras ...
20:49 obscuras instead of "value islist" you'd want {% if iterable(value) %}
20:50 ouemt the last pair in each user ends with a trailing comma
20:50 ouemt before the }
20:50 ouemt i.e.:
20:50 ouemt "password": "[hash]",}
20:51 obscuras it's optional; I like to do it because it makes it easier to move around later or insert additional without having to remember to add a new comma.
20:51 ouemt mk
20:52 ouemt my wife is harassing me to leave, so I guess I'm done at work for the day
20:52 ouemt thank you for all the help, I'm sure I'll be back
20:52 obscuras good luck!
20:59 cgiroua joined #salt
21:06 pipps joined #salt
21:08 pipps joined #salt
21:08 csmule What's the way to do a dry-run? I just want to see if my states are going to parse right and what states will be applied.
21:11 iggy test=True
21:12 iggy if you just want to parse/check, show_highstate and show_lowstate are handy
21:13 csmule I tried test=True, I thought it didn't work but I guess it did.
21:13 csmule I gotta figure out what the heck highstate/lowstate is :)
21:14 csmule thanks iggy. That works perfect.
21:15 smead joined #salt
21:16 smead joined #salt
21:17 smead joined #salt
21:19 nixjdm joined #salt
21:24 pualj joined #salt
21:24 hashwagon joined #salt
21:32 johnj_ joined #salt
21:34 sh123124213 joined #salt
21:39 ekristen joined #salt
21:40 cyborg-one joined #salt
21:45 pipps joined #salt
22:11 pipps joined #salt
22:12 ivo_ joined #salt
22:14 flowstategames joined #salt
22:19 nixjdm joined #salt
22:23 JawnAuz joined #salt
22:24 edrocks Can anyone help with this cmd.script not working? I'm getting a tmp file not found. I assume salt makes a tmp file for my script but it seems pretty basic to run this https://gist.github.com/epelc/32d12be225593682808643692bf236a2
22:25 edrocks I also tried switching name to src
22:26 edrocks I mean I tried switching `source` to `name`
22:26 edrocks The docs look like either will work
22:27 csmule There are experts here, not me though.  Does the script run on the minion machine?
22:28 edrocks Ahh, nevermind me I used `#!/bin/env` instead of `#!/usr/bin/env` in my script
22:28 edrocks I was thinking it was a salt error instead of script error . It works now
22:29 csmule nice
22:34 johnj_ joined #salt
22:39 telecode_101 joined #salt
22:47 kwork joined #salt
22:54 pipps joined #salt
22:57 edrocks joined #salt
23:06 absolutejam anyone using the kapacitor states?
23:12 GMAzrael joined #salt
23:12 tiwula joined #salt
23:19 nixjdm joined #salt
23:28 cgiroua joined #salt
23:28 GMAzrael joined #salt
23:36 johnj_ joined #salt
23:38 GMAzrael joined #salt
23:38 edrocks is it common to schedule a state.apply hourly?
23:38 edrocks trying to get my file watches to auto update but I'm not sure if thats recommended or if I should just manually trigger affected states
23:39 pipps joined #salt
23:44 edrocks joined #salt
23:54 oida joined #salt

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary