Perl 6 - the future is here, just unevenly distributed

IRC log for #salt, 2017-09-29

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:10 GMAzrael joined #salt
00:12 nomadlogic joined #salt
00:15 nomadlogic can someone point me in the right direction of howto execute salt.states.boto_apigateway.present by itself
00:16 nomadlogic i.e. i'm testing a .sls for that uses boto_apigateway, but i'm not sure how to run it to verify things
00:17 pipps joined #salt
00:23 XenophonF You'd execute that on a suitably configured minion.
00:23 XenophonF I.e., boto etc. are installed
00:24 XenophonF The requisite API key/secret has been added to the minion config.
00:24 nomadlogic thanks XenophonF - would you execute it via salt-call?
00:24 XenophonF I do that sort of provisioning on the Salt master (which is a minion of itself).
00:24 XenophonF since the master is already in a position of privilege
00:24 nomadlogic that's what i was thinking, and our pillar data is there as well
00:24 XenophonF right
00:25 XenophonF of course you could invoke state.apply via salt-call or salt
00:25 nomadlogic i usually run highstates like "salt 'host-regex*' state.apply
00:25 XenophonF they do the same thing---cause the minion to execute the apply function in the state execution module
00:26 nomadlogic but i'm not %100 sure on how to execute a .sls file outside of our normal salt workspace
00:26 XenophonF it's sometimes convenient to use salt-call, especially with --log-level=debug
00:26 XenophonF the commands `salt minion state.apply` and (on that minion) `salt-call state.apply` are effectively the same thing
00:27 GMAzrael joined #salt
00:27 nomadlogic ah ok, i see
00:27 XenophonF so you can run `salt-call state.apply aws.apigw` (or whatever your SLS is called) on that minion
00:28 nomadlogic ah ok!  great!
00:28 nomadlogic this really clarifies a blind spot i had - thanks so much
00:28 XenophonF sure!
00:29 jmaz_ joined #salt
00:34 jmaz_ joined #salt
00:38 johnj_ joined #salt
00:39 mkoskar joined #salt
01:07 GMAzrael joined #salt
01:09 GMAzrael_ joined #salt
01:12 gmoro joined #salt
01:21 wavded joined #salt
01:33 justanotheruser joined #salt
01:36 zulutango joined #salt
01:39 cyteen joined #salt
01:39 johnj_ joined #salt
01:53 flowstategames joined #salt
01:55 ilbot3 joined #salt
01:55 Topic for #salt is now Welcome to #salt! <+> Latest Versions: 2016.11.7, 2017.7.1 <+> Support: https://www.saltstack.com/support/ <+> Logs: http://irclog.perlgeek.de/salt/ <+> Paste: https://gist.github.com/ <+> See also: #salt-devel, #salt-offtopic <+> We are volunteers and may not have immediate answers
01:58 nomadlogic joined #salt
02:02 dxiri joined #salt
02:03 dxiri joined #salt
02:08 GMAzrael joined #salt
02:23 GMAzrael joined #salt
02:37 squishypebble joined #salt
02:38 GMAzrael joined #salt
02:38 Krushnika joined #salt
02:41 johnj_ joined #salt
02:45 evle joined #salt
02:47 nomadlogic left #salt
02:57 wavded joined #salt
03:00 GMAzrael joined #salt
03:26 _aeris_ joined #salt
03:35 onlyanegg joined #salt
03:42 wavded joined #salt
03:43 johnj_ joined #salt
03:48 wryfi joined #salt
04:10 GMAzrael joined #salt
04:11 Sarphram joined #salt
04:14 GMAzrael joined #salt
04:20 weylin joined #salt
04:35 sh123124213 joined #salt
04:37 rawzone joined #salt
04:45 johnj_ joined #salt
04:49 sh123124213 joined #salt
04:58 justanotheruser joined #salt
05:01 onlyanegg joined #salt
05:09 GMAzrael joined #salt
05:13 Bock joined #salt
05:24 eseyman joined #salt
05:24 impi joined #salt
05:47 johnj_ joined #salt
06:00 justanotheruser joined #salt
06:06 dxiri joined #salt
06:13 GMAzrael joined #salt
06:15 masber joined #salt
06:21 eseyman joined #salt
06:28 do3meli joined #salt
06:37 EthPyth joined #salt
06:49 johnj joined #salt
06:50 do3meli left #salt
06:50 dxiri joined #salt
07:09 GMAzrael joined #salt
07:20 Hybrid joined #salt
07:25 _KaszpiR_ joined #salt
07:40 pbandark joined #salt
07:43 obitech joined #salt
07:43 _KaszpiR_ joined #salt
07:49 robman joined #salt
07:49 schasi joined #salt
07:51 johnj joined #salt
07:51 dxiri joined #salt
07:51 gnomethrower joined #salt
07:54 pualj joined #salt
08:00 dxiri joined #salt
08:01 dxiri joined #salt
08:02 onlyanegg joined #salt
08:15 mikecmpbll joined #salt
08:17 hojgaard joined #salt
08:20 sh123124213 joined #salt
08:29 pualj joined #salt
08:35 impi joined #salt
08:41 toanju joined #salt
08:49 evle joined #salt
08:53 johnj joined #salt
08:56 evle joined #salt
09:09 dxiri joined #salt
09:12 GMAzrael joined #salt
09:19 kjsaihs joined #salt
09:25 exegesis joined #salt
09:27 ws2k3 joined #salt
09:28 ws2k3 joined #salt
09:29 tru_tru joined #salt
09:39 tru_tru joined #salt
09:45 cyteen joined #salt
09:54 johnj joined #salt
10:03 onlyanegg joined #salt
10:06 GMAzrael joined #salt
10:07 nonsenso joined #salt
10:10 impi joined #salt
10:10 EthPyth joined #salt
10:14 NightMonkey joined #salt
10:16 telecode_101 joined #salt
10:20 absolutejam If I run module.run in a state, how do onchanges etc work for dependant states?
10:21 absolutejam Is it always 'changed'?
10:24 coredumb joined #salt
10:26 dxiri joined #salt
10:28 masber joined #salt
10:28 impi joined #salt
10:32 wavded joined #salt
10:35 whyteaway absolutejam: you need to change the statefulness of the module.run. by using things like onlyif and unless.
10:35 whyteaway if the module.run does run then use it always changes
10:47 yidhra joined #salt
10:48 GMAzrael joined #salt
10:53 GMAzrael_ joined #salt
10:56 johnj joined #salt
11:03 jesusaur joined #salt
11:04 wavded joined #salt
11:07 Mava left #salt
11:12 EthPyth joined #salt
11:13 GMAzrael joined #salt
11:15 kavakava joined #salt
11:22 nielsk joined #salt
11:28 dxiri joined #salt
11:35 EthPyth joined #salt
11:45 GMAzrael joined #salt
11:58 johnj joined #salt
12:03 GMAzrael joined #salt
12:04 onlyanegg joined #salt
12:08 smead joined #salt
12:09 telecode_101 joined #salt
12:12 absolutejam Just thinking if I wanted use the Docker compose module, which has no state equivalent
12:13 absolutejam And I wanted to module.run it and send alert on changes
12:13 absolutejam But I guess it's not possible
12:13 absolutejam Unless I wrap it in a state
12:13 whyteaway module.run is a state
12:14 absolutejam I mean, create a custom state that includes the logic and returns changes etc
12:14 whyteaway https://docs.saltstack.com/en/latest/ref/states/requisites.html#unless
12:15 absolutejam I've used unless before
12:15 whyteaway if you can use unless and/or onlyif you can use module.run as if it is stateful
12:15 absolutejam But that's only to check the current state of something
12:16 absolutejam I can't check the change of state between state desertions
12:16 absolutejam Declarations
12:16 absolutejam Like in Ansible, I could capture stdout of one command and parse it need be
12:16 absolutejam Which isn't really a great solution here either
12:16 whyteaway you don't seem to be grasping what i am saying. the fact they keep module.run FROM running means it doesn't count as a change.
12:16 absolutejam I see what you mean, but I think it's my example
12:17 obitech can I use globbing with file.managed or file.copy? as in - source: /path/to/files-*
12:17 whyteaway obitech: no
12:17 impi joined #salt
12:17 obitech ah dommage
12:17 absolutejam It's because the module I'm talking about (Docker compose) will do a load of stuff based on the compose file
12:18 absolutejam Create containers, pull images, create networks. The only way to check changes would be to check every single part separately or wrap it in a custom state
12:18 absolutejam But I see what you mean. It's just my use case isn't really suited for it this time
12:19 whyteaway you sure https://docs.saltstack.com/en/latest/ref/states/all/salt.states.docker.html#module-salt.states.docker doesn't do any of that?
12:19 absolutejam But if it was something like starting a service, I could just query if the service was started before (if there wasn't a state module)
12:19 absolutejam It does but I've been battling the best route to go down
12:20 absolutejam I'm using compose files ATM, and I like the fact that they're there with all the info and they also allow for some manual intervention if I connect to the server
12:20 yuhl joined #salt
12:21 absolutejam I was considering keeping a compose file and just consuming the yaml with import_yaml and running states against each air
12:21 absolutejam That way I have a working compose file for test cases, documentation, etc. But it's also managed by salt
12:21 whyteaway obitech: what was your end goal with using globbing for source on a signle file output?
12:21 absolutejam Each section *
12:22 absolutejam Obitech you can use cp.list_master in jinja
12:22 absolutejam To get a file list
12:22 absolutejam Then process in jinja loop
12:23 obitech I just want to copy specific files in a batch to a different dir
12:23 obitech I'm doing a jinja loop now
12:23 absolutejam I do that a lot because I like working with files instead of just pillar
12:23 whyteaway obitech: file.recurse?
12:24 whyteaway or what you want local to local
12:24 obitech I don't want ALL files, just specific ones: $ cp /path/foo-* .
12:24 obitech local to local
12:25 whyteaway might be easier to use file.find to generate your list of files since it is local
12:27 obitech but that would get compiled before anything happens right? so if I run highstate on a fresh minion the list might be empty I think
12:28 whyteaway well if the files are put there by the highstate then you want to move them [not not put them in the proper place to begin with?]. yes it would be empty
12:28 obitech as in the first step would be to file.recurse all files from master to minion, 2nd step copy some files to a different dir locally
12:28 obitech well I'm gonna try some jinja loop now
12:28 obitech I'll figure it out
12:28 obitech thanks anyway tho :)
12:29 dxiri joined #salt
12:29 whytewolf just noticed i still had my away name
12:29 07IAA8DSW joined #salt
12:29 5EXAACMRJ joined #salt
12:30 * whytewolf really hopes his biological clock is reset by sunday.
12:33 babilen whytewolf: You are up early today!
12:33 whytewolf havn't been to bed yet
12:34 babilen Right .. that would be problematic if you have to get up at this time on Monday
12:34 babilen All the best!
12:35 telecode_101 joined #salt
12:35 whytewolf I have a 10am flight on sunday. I'm really hoping it isn't cold in utah
12:35 hoonetorg joined #salt
12:35 mchlumsky joined #salt
12:38 dev_tea joined #salt
12:43 yuhl joined #salt
12:44 LeProvokateur joined #salt
12:47 edrocks joined #salt
12:47 squishypebble joined #salt
12:53 megamaced joined #salt
13:00 johnj joined #salt
13:07 _aeris_ joined #salt
13:07 cyteen joined #salt
13:08 wavded joined #salt
13:09 wavded joined #salt
13:11 AnotherNick joined #salt
13:12 dxiri joined #salt
13:14 pualj joined #salt
13:17 gh34 joined #salt
13:18 cgiroua joined #salt
13:20 onlyanegg joined #salt
13:20 pualj_ joined #salt
13:20 ouemt joined #salt
13:24 pualj joined #salt
13:32 alvinstarr joined #salt
13:32 pualj joined #salt
13:35 obitech with salt-ssh, can I set custom grains in the roster file via minion_opts or do I need to deploy a thin_dir ?
13:36 hammer065 joined #salt
13:36 whytewolf you should be able to set them in minion_opts
13:37 whytewolf if you using a relativly modern version anyway
13:40 pualj_ joined #salt
13:40 obitech yep, that works. I'm just wondering if setting them up like that will cause sync problems when something goes wrong... https://docs.saltstack.com/en/latest/topics/ssh/roster.html#ssh-roster states say under thin_dir If you need a persistent Salt environment, for instance to set persistent grains, this value will need to be changed."
13:41 obitech ah I pressed enter too quickly haha but I guess you get the meaning
13:41 racooper joined #salt
13:43 alvinstarr joined #salt
13:44 pbandark1 joined #salt
13:52 pualj_ joined #salt
14:02 johnj joined #salt
14:16 bildz good morning
14:16 bildz can someone take a look at this orch sls and tell me why salt-running isnt seeing the local pillar im sending.  Server is defined and i thought it may be a reserved word, but i get an error changing that as well:  https://pastebin.com/FX0eiQRu
14:17 motherfsck joined #salt
14:18 whytewolf well, it is a pillar. so that should be 'dnscmd.exe /RecordAdd oradm.net {{ pillar['server'] }} 10 A {{ pillar['ipaddress'] }}'
14:18 ouemt good morning all, this doesn't work, and I'm not sure why: https://gist.github.com/clegett/2369d76e230901a8c7b8f22a2cb63c0b
14:19 ouemt my top file has 3 lines: "base:\n\s\s'*':\n\s\s\s\s- iptables"
14:20 whytewolf ouemt: do you get an error?
14:20 bildz whytewolf: ohhhhh  yes
14:20 bildz whytewolf: thank you :D
14:20 ouemt whytewolf:
14:20 ouemt Data failed to compile:
14:20 ouemt ----------
14:20 ouemt State 'something' in SLS 'iptables' is not formed as a list
14:20 ouemt with the last line repeated 3 times
14:21 ouemt followed by "Too many functions declared in state 'pkg' in SLS 'iptables'"
14:22 bildz whytewolf: it's saying that "State 'add_dns_record' in SLS 'orch.add_server' is not formed as a list"
14:22 bildz ouemt: same issue :)
14:22 whytewolf ouemt: ... wow i must be tired this is a state not a top file. one second there is a WHOLE lot wrong with it
14:22 ouemt whytewolf: that's actually what I wanted to hear, I'm pretty new to this
14:22 ouemt as in this is my first state
14:23 bildz ouemt: try starting with 1 step and then add them incrementally to debug
14:23 whytewolf ouemt: first, what is the name of the pkg you want installed?
14:23 bildz im basing my sls off an example from the docs https://docs.saltstack.com/en/latest/topics/orchestrate/orchestrate_runner.html
14:25 bildz whytewolf: fixed mine
14:25 whytewolf bildz: i wasn't just about to answer based on what you had gisted/
14:25 whytewolf :P
14:25 whytewolf too many levels in yours :P
14:26 whytewolf ouemt: yours I'm nbot 100% sure what yours is supposed to be doing exactly
14:26 jmb13562 joined #salt
14:26 ouemt whytewolf: the package is iptables-services
14:26 ouemt as in, "yum install iptables-services"
14:26 ouemt that works
14:27 ouemt then I want to stop, disable, and mask firewalld
14:27 ouemt then start and enable iptables.service and ip6tables.service
14:30 whytewolf https://gist.github.com/whytewolf/86e9579525739725798cc571fd32f58d
14:30 whytewolf so something like that
14:32 whytewolf okay, after a couple of edits
14:34 ouemt Data failed to compile:
14:34 ouemt ----------
14:34 ouemt State 'install_iptables' in SLS 'iptables' is not formed as a list
14:34 ouemt last line repeated 4 times
14:34 pualj_ joined #salt
14:36 whytewolf check your indenting. not sure if the gist carried over correctly. it should be two spaces then 4 spaces.
14:37 whytewolf other wise it compiles fine for me
14:37 beardedeagle joined #salt
14:41 ouemt just double checked, but I hadn't copy pasted
14:41 ouemt 0, 2, 4, and 6 spaces depending on the line
14:42 whytewolf nothing should be at 6 spaces
14:42 ouemt OH
14:42 ouemt I see what I did
14:43 jmb13562 joined #salt
14:43 ouemt the minon is doing things
14:43 whytewolf minion doing things is good
14:43 pualj_ joined #salt
14:43 ouemt next is to add the iptables config, change the ssh port, and tell selinux about it
14:44 ouemt Service iptables.service uses non-existent option "enabled".  Perhaps "enable" option was intended?
14:44 whytewolf oops, yeap that should be enable not enabled
14:45 ouemt all 3 of them?
14:45 whytewolf anything that is - enabled: <bool>
14:45 whytewolf should be - enable: <bool>
14:45 ouemt cool
14:45 ouemt that worked
14:45 ouemt yay!
14:46 ouemt ok, now to figure out how to load an iptables config with this
14:46 ouemt oh this is going to be a LONG file isn't it
14:47 zerocool_ joined #salt
14:49 schasi o/ whytewolf
14:49 whytewolf o/
14:50 oida joined #salt
14:54 sarcasticadmin joined #salt
14:55 whytewolf alright. I am tired. i have not slept. and i am seeing double. good day everyone.
14:56 wryfi joined #salt
15:03 dxiri joined #salt
15:04 johnj joined #salt
15:04 tongpu joined #salt
15:09 ProT-0-TypE joined #salt
15:12 edrocks joined #salt
15:13 pualj_ joined #salt
15:13 tkojames joined #salt
15:13 XenophonF anyone using the ACL shortcuts with boto_s3_bucket.present states that can clue me into the correct syntax?
15:27 hammer065 joined #salt
15:35 pualj_ joined #salt
15:37 onlyanegg joined #salt
15:46 tiwula joined #salt
15:46 babilen joined #salt
15:49 DammitJim joined #salt
15:54 lordcirth_work Just updated to Firefox Quantum.  It seems really fast.  If you're using Firefox, give it a try
16:06 johnj joined #salt
16:07 dxiri joined #salt
16:07 wavded joined #salt
16:08 pipps joined #salt
16:09 lubyou joined #salt
16:09 aldevar left #salt
16:09 nledez joined #salt
16:11 pipps joined #salt
16:16 sarcasticadmin joined #salt
16:18 toastedpenguin joined #salt
16:24 dxiri joined #salt
16:25 rgrundstrom joined #salt
16:25 rgrundstrom Good evening everone.
16:26 rgrundstrom babilen: Are you here?
16:27 nixjdm joined #salt
16:27 wavded joined #salt
16:30 GMAzrael joined #salt
16:34 ooboyle joined #salt
16:43 edrocks joined #salt
16:43 tapoxi joined #salt
16:46 lnxnut_ joined #salt
16:52 GMAzrael joined #salt
16:55 astronouth7303 ok, so i have a MySQL database whose application doesn't manage schema (no migrations, etc). Anyone have a setup that works for them?
16:56 mikecmpbll joined #salt
16:56 wavded joined #salt
17:10 DanklyNight joined #salt
17:15 pipps joined #salt
17:15 ooboyle anyone seen the nssm.exe be hit by a trojan? specifically trickybot?
17:17 rgrundstrom ooboyle: My first question is why use Windows :/ (Sry, im alergic to Windows.)
17:17 ooboyle me too. trying to phase it out. inherited some bad shit. but still have it so need to work past it for now :)
17:18 rgrundstrom ooboyle: So you are having problems with virus attacks?
17:20 ooboyle yes
17:21 rgrundstrom ooboyle: Sent you private message
17:21 ooboyle when salt-minion is stopped, the trojan does not get installed. when salt-minion is started, the trojan re-appears pretty quickly
17:23 MTecknology What is nssm.exe and how is it involved in salt?
17:24 ooboyle rgrundstrom using webchat for this channel. How do i respond to your pm?
17:24 MTecknology click the tab..
17:25 ooboyle i did. telling me i can't use this command in this window
17:25 rgrundstrom ooboyle: As far as I know you cant.
17:26 MTeck joined #salt
17:31 _beardedeagle joined #salt
17:37 ECDHE_RSA_AES256 joined #salt
17:39 _aeris_ joined #salt
17:40 _KaszpiR_ joined #salt
17:41 pipps joined #salt
17:43 nixjdm joined #salt
17:47 bbradley joined #salt
17:47 shortdudey123 joined #salt
17:49 squishypebble joined #salt
17:50 ry joined #salt
17:55 pipps joined #salt
17:56 pualj_ joined #salt
17:57 bbradley joined #salt
17:58 felskrone joined #salt
18:01 edrocks joined #salt
18:01 lordcirth_work Freenode webui lets you PM, I've done it
18:01 pppingme joined #salt
18:02 _aeris_ joined #salt
18:06 _aeris_ joined #salt
18:07 rgrundstrom joined #salt
18:08 jmiven joined #salt
18:14 impi joined #salt
18:18 viq joined #salt
18:20 pbandark1 joined #salt
18:21 pualj joined #salt
18:22 tom[] how do i make a `disk.format` state depend (using require) on the value returned by `disk.fstype`?
18:23 ivo_ joined #salt
18:24 tom[] specifically, don't format the disk if "ext4" is the fstype of the device?
18:25 absolutejam nssm is the non sucking service manager
18:25 absolutejam A wrapper to create better services than just registering with sc
18:26 pbandark1 joined #salt
18:31 squishypebble joined #salt
18:34 lordcirth_work tom[], I would just use jinja, myself.  {% if fstype != 'ext4 %} etc
18:35 lordcirth_work However, that would show nothing in the state return rather than a Clean result.
18:36 tom[] yes. how (as a noob) do i get the string from `disk.fstype` into a template variabe?
18:37 sjorge joined #salt
18:37 lordcirth_work {% set fstype = salt['disk.fstype']('/dev/sdx') %}
18:37 lordcirth_work Of course, you could do the if directly and not bother with an intermediate variable
18:40 tom[] seems like that would be better. "The problem you're going to run into here is that all the jinja sections of your sls file will be evaluated before any of the yaml Salt states are evaluated." https://stackoverflow.com/a/27696137
18:43 nixjdm joined #salt
18:43 tom[] if i put something like {% if 'ext4' == salt['disk.fstype']('/dev/sdx') %} around a state, is that condition evaluated before any preceding states in the sls file?
18:44 armyriad joined #salt
18:45 XenophonF tom[]: you're conflating render time with execution time
18:45 XenophonF all Jinja code gets executed in one pass, before the YAML contents get parsed
18:46 tom[] that's my concern with wrapping a state in something like {% if 'ext4' == salt['disk.fstype']('/dev/sdx') %}
18:47 XenophonF _none_ of the states in that SLS file will execute before the Jinja code executes
18:47 XenophonF all of the jinja will run first
18:47 XenophonF then the YAML will get compiled
18:47 XenophonF and then the SLS will get executed
18:47 tom[] understood
18:47 lordcirth_work tom[], so if the 'if' is false, that whole section won't exist at exec time
18:48 lordcirth_work Which is why you'll get no output about it
18:49 tom[] ok. so let me modify my original question
18:49 tom[] how do i make a `disk.format` state depend (using require) on the outcome of a previous `disk.fstype` state?
18:50 tom[] so that the `disk.fstype` state may be executed within a sequence of state in the sls ?
18:52 pipps joined #salt
18:58 lordcirth_work tom[], so, disk.format and disk.fstype are execution modules, not states
18:58 lordcirth_work The only disk.* state is disk.status: https://docs.saltstack.com/en/latest/ref/states/all/salt.states.disk.html
18:59 lordcirth_work a disk.formatted state sounds like it would be what you want, but it does not exist
18:59 tom[] i probably don't understand the difference
19:00 lordcirth_work So, execution modules either do things, or find data for you; they are used as tools, like libraries, by states.  States are "ensure x is configured like y"
19:01 lordcirth_work So disk.format, which is actually salt.modules.disk.format, will go and stomp the filesystem on whatever you tell it to; which is why you want to check with fstype first.
19:01 lordcirth_work If a salt.states.disk.formatted (note *ed) existed, it would check for you with fstype whether it should stomp it or not.
19:01 lordcirth_work States are supposed to be the more... user-facing part
19:02 tom[] that sounds like a good description of what i'm struggling with
19:03 lordcirth_work Right, so the "optimal" solution is for someone to make a disk.formatted state that does exactly what you want, and is usable by others
19:03 lordcirth_work If you have any python skill, or want to learn, that person could be you :)
19:04 lordcirth_work If not, I'd just do the jinja thing we mentioned and move on :P
19:04 GMAzrael joined #salt
19:06 ouemt if my base is set to /srv/salt, then "salt://ssh_state/files/sshd_config" would refer to a file located at /srv/salt/ssh_state/files/sshd_config, right?
19:08 lordcirth_work ouemt, correct
19:10 lordcirth_work By the way there's a very handy jinja variable called 'tpldir' so in /srv/salt/ssh_state/init.sls you could refer to the file as 'salt://{{ tpldir }}/files/sshd_config .  If you do this, then if you rename or move 'ssh_state', the path will 'just work'
19:10 lordcirth_work I've been using this in lots of places, it's great
19:11 johnj_ joined #salt
19:11 ouemt lordcirth_work: any idea how I would use grains to grab one IP from each minion to be placed in sshd_config's "ListenAddress " directive?
19:20 armyriad joined #salt
19:20 ouemt also, how would I set the equivalent of the command "semanage port -a -t ssh_port_t -p tcp 12345"
19:27 onlyanegg Hey, all. I'm having this strange issue where a list passed through the pillar cli argument is rendering differently. Has anyone seen anything like this?
19:27 onlyanegg https://gist.github.com/onlyanegg/787713817bbb1e8c8697d1113b2deeb2
19:27 onlyanegg pods: [pod1] turns to pods: [pod1, pod1, pod1, pod1]
19:29 onlyanegg or where can I start debugging this? Where does this pillar argument get rendered?
19:31 socket- Hello, I have a machine with grains.item ipv4 having 3 values. 10.200.0.1, 127.0.0.1, 192.168.0.1 I am trying to do jinja to say, {% if '10.200' in grains["ipv4"] %} , but it's executing the "else" am I doing this wrong?
19:33 onlyanegg maybe do {% for ip in grains.ipv4 %}{% if '10.200' in ip %} ...
19:34 ChubYann joined #salt
19:35 socket- thanks, ill try that
19:35 astronouth7303 ouemt: you want to use the mine to share information between minions (such as their IP address)
19:38 ouemt astronouth7303: I'm not sure I do, I absolutely don't want all the machines to know about each other
19:39 ouemt I just want to specify which IP a given minion should have it's sshd listen on
19:39 astronouth7303 oh, then generate pillar data
19:40 pipps joined #salt
19:42 onlyanegg ouemt: you want to pick one ip out of a list?
19:43 nixjdm joined #salt
19:44 ouemt onlyanegg: the ipv4 grain contains the lo, the address I want, and sometimes one or two others
19:44 ouemt I want to specify that the sshd should only listen on one of those
19:50 onlyanegg jinja has filters first() or last(), maybe some others...
19:50 ouemt onlyanegg: I'm not sure I can predict where in the list it is, but I could regex it, only one IP will be on the subnet I care aboutr
19:50 onlyanegg or if you know the subnet, you can maybe do something like I proposed above for socket... there may be better ways
19:52 inad922 joined #salt
19:52 ahrs joined #salt
19:53 ouemt jesus, didn't even see that
19:53 ouemt literally the same thing
19:55 onlyanegg salt 2017.7 also added a bunch of new filters... This issue proposes using execution modules within state files to do get around the lack of custom filters - https://github.com/saltstack/salt/issues/12761
19:57 ouemt now if I could just figure out the user management bullshit, I'd be getting somewhere
20:02 ouemt how would I set the equivalent of the command "semanage port -a -t ssh_port_t -p tcp 12345"
20:05 onlyanegg never done that... have you looked at the selinux execution module or state? https://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.selinux.html
20:05 ouemt onlyanegg: yeah, maybe I just don't know enough about it, but I don't see an obvious way to do it in there
20:05 ouemt I gues I could resort to cmd.run or similar
20:12 lordcirth_work ouemt, sorry was afk.  I do exactly that: ListenAddress {{ salt['network.ip_addrs'](cidr='10.0.0.0/8')[0] }}
20:13 lordcirth_work Where 10.0.0.0/8 is my mgmt network, the most private
20:13 lordcirth_work So, get the list of ips in that subnet, which will have only 1 element, then take that element
20:13 johnj_ joined #salt
20:26 onlyanegg ^ that's nice
20:34 astronouth7303 is there a way to make `watch` ok if a given requisite isn't defined?
20:34 astronouth7303 eg, `file: /etc/mysql/*.cnf` when no states define it (because that particular install is ok with the system configuration)
20:35 ouemt lordcirth_work: nice
20:35 ouemt now I need to figure out enough jinja to actually make use of this
20:35 schemanic joined #salt
20:36 schemanic Hey is there a way to say 'only target minions that are responding right now'?
20:42 it_dude joined #salt
20:42 nixjdm joined #salt
20:45 DammitJim joined #salt
20:46 DammitJim how does one make a list of items, but each item has 2 elements? ... in pillar?
20:48 MTecknology DammitJim: a tuple?
20:48 mpanetta joined #salt
20:49 MTecknology I don't think jinja supports tuples, but you could do a list of dictionaries or a list of lists
20:49 onlyanegg hmmm, I wonder if you could do something like a list of - ['item1', 'item2]
20:50 DammitJim MTecknology, dictionaries are like key:value pairs, right?
20:50 MTecknology yes
20:50 DammitJim oh ok, that's what I have right now, but I am running into the problem where the key is going to be the same
20:51 DammitJim so, a list of lists... let me google that
20:51 MTecknology uhm...
20:51 MTecknology no?
20:51 MTecknology http://yaml-online-parser.appspot.com/
20:52 onlyanegg This works for me - list: \n  - [1, 2]\n  - [3, 4]
20:52 onlyanegg that is - it's valid yaml
20:58 DammitJim onlyanegg, you just can't do: -list: \n - [1, 2]\n - [1, 4]
20:58 DammitJim that's what I'm, looking to do.. not a dictionary
20:58 DammitJim just a list of a list
20:59 DammitJim - [[here, and], [here, there]]
20:59 DammitJim I think we got a winner
21:00 DammitJim how do you write that in pillar?
21:00 smead joined #salt
21:02 onlyanegg I'm pretty sure you can that in pillar, no?
21:02 onlyanegg well without the literal '\n'
21:05 schemanic Is anyone familiar with how to extend JAVA_OPTS for a tomcat server? I have a separate program that needs to insert a parameter string into JAVA_OPTS, and I'm trying to see how I can do that without having to much with my tomcat formula
21:06 pbandark joined #salt
21:14 schemanic Or how about: I have a list in formula X's pillar key 1. I want formula Z's pillar value to append a value to formula X's pillar key 1. Wat do?
21:15 johnj_ joined #salt
21:20 eightyeight joined #salt
21:20 rgrundstrom joined #salt
21:21 tom[] fwiw, solution for my problem is `/dev/sdx:\n  blockdev.formatted`
21:24 eightyeight joined #salt
21:28 schemanic joined #salt
21:30 onlyanegg schemanic: the kafka formula use values from the zookeeper formula by importing (ie. from 'zookeeper/settings.sls' import zk with context)
21:31 onlyanegg maybe you can do something like that?
21:32 schemanic onlyanegg, I dont want the tomcat formula to import the javaagent map. I want the javaagent to import the tomcat pillar and alter it so that it's as it should be before it passes into it's own map.jinja
21:33 schemanic either that, or have the javaagent pillar extend the tomcat map value after the fact so that the javaagent's JAVA_OPTS string makes it into what tomcat passes to it's own config file
21:41 rgrundstrom What is good pracsis regarding using map.jinja? 1 map for everything or 1 map for each state?
21:41 hax404 joined #salt
21:42 nixjdm joined #salt
21:44 mike25de rgrundstrom: depends if your project is huuuge or not.
21:44 mike25de if not.. you can have 1 jinja for everything... this is how i have ... everything in one place.
21:45 rgrundstrom mike25de: I have folders for each service im managing. So currently 1 map.jinja in each service folder
21:50 hoonetorg joined #salt
21:59 schemanic joined #salt
22:05 JawnAuz I can put an engine.conf inside master.d and have it load on restart?
22:17 johnj_ joined #salt
22:17 _JZ_ joined #salt
22:19 telecode_101 joined #salt
22:22 acsir joined #salt
22:31 pipps joined #salt
22:33 jfelchner joined #salt
22:37 phileus0 joined #salt
22:44 whyteaway JawnAuz: yes
22:55 sjorge joined #salt
23:03 pipps joined #salt
23:05 ebusto joined #salt
23:09 ebusto Hi all. I have a Jinja template I'm using to generate a configuration file for Prometheus. I'm trying to get a list of all minions, so I can direct Prometheus to scrape each minion.
23:09 ebusto A coworker pointed me to wheel.key.list, but it doesn't look like Jinja templates have access to the wheel modules.
23:13 whytewolf wheel is only avalible on the master
23:13 whytewolf simplest way to get a list of the minions is to setup mine on all of them
23:14 whytewolf and then mine something that will return from all of the like grains['id']
23:14 whytewolf https://docs.saltstack.com/en/latest/topics/mine/
23:19 johnj_ joined #salt
23:19 colabeer joined #salt
23:19 phileus0 What's the best way to debug init file rendering in Salt?  I'm still a newb so any help would be appreciated.
23:19 ebusto Thanks, that looks relatively straight forward.
23:19 phileus0 I have an init.sls file that is failing to render.
23:20 whytewolf phileus0: what is the error you get when it doesn't render?
23:20 phileus0 For different programming languages, I would just print to find out what is the issue.
23:20 phileus0 ----------
23:20 phileus0 Pillar failed to render with the following messages:
23:20 phileus0 ----------
23:21 whytewolf ahh. lovely. the message being check the master log
23:21 whytewolf turn up debug on the master and "check the master log"
23:22 phileus0 uggh..okay...thanks.
23:25 whytewolf if it was a state instead of a pillar you would just render it with cp.get_template
23:26 ebusto whytewolf: That did the trick!
23:34 jfelchner joined #salt

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary