Perl 6 - the future is here, just unevenly distributed

IRC log for #salt, 2017-10-10

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:01 gruvglide joined #salt
00:20 stanchan joined #salt
01:38 dxiri joined #salt
01:40 asyncsec joined #salt
01:55 ilbot3 joined #salt
01:55 Topic for #salt is now Welcome to #salt! <+> Latest Versions: 2016.11.8, 2017.7.2 <+> Support: https://www.saltstack.com/support/ <+> Logs: http://irclog.perlgeek.de/salt/ <+> Paste: https://gist.github.com/ <+> See also: #salt-devel, #salt-offtopic <+> We are volunteers and may not have immediate answers
02:01 ipmb joined #salt
02:18 zerocoolback joined #salt
02:19 zerocoolback joined #salt
02:40 evle joined #salt
02:59 torontoy1s joined #salt
03:01 asyncsec joined #salt
03:35 onlyanegg joined #salt
03:46 zerocoolback joined #salt
03:58 johnj_ joined #salt
04:05 ramteid joined #salt
04:06 sh123124213 joined #salt
04:26 zerocoolback joined #salt
04:31 sh123124213 joined #salt
04:38 keldwud joined #salt
04:39 keldwud joined #salt
04:43 zerocoolback joined #salt
04:52 Bock joined #salt
04:59 johnj_ joined #salt
05:07 sh123124213 joined #salt
05:13 felskrone joined #salt
05:28 omie888777 joined #salt
05:37 omie888777 joined #salt
05:39 onlyanegg joined #salt
05:43 sh123124213 joined #salt
05:48 dagb joined #salt
05:53 dagb I am fighting with salt-vagrant-demo. 'vagrant up' times out prior to master coming online. Or so it says. 127.0.0.1:2222 responds to ssh.
05:53 dagb anyone familiar with salt-vagrant-demo care to suggest what to look for?
05:56 dagb I am lying. 127.0.0.1:2222 does not respond. Will find the timeout value...
05:58 zerocoolback joined #salt
06:00 johnj_ joined #salt
06:00 fxhp joined #salt
06:06 Tenyun joined #salt
06:17 armyriad joined #salt
06:17 do3meli joined #salt
06:17 do3meli left #salt
06:19 Tenyun joined #salt
06:30 zerocool_ joined #salt
06:32 jcristau joined #salt
06:41 kahiru joined #salt
06:50 sh123124213 joined #salt
06:56 Mogget joined #salt
07:00 johnj joined #salt
07:01 obitech joined #salt
07:05 usernkey joined #salt
07:11 major joined #salt
07:12 _aeris_ joined #salt
07:12 zerocoolback joined #salt
07:24 Lionel_Debroux joined #salt
07:27 Ricardo1000 joined #salt
07:30 darioleidi joined #salt
07:32 ahrs joined #salt
07:33 zerocoolback joined #salt
07:34 DarkKnightCZ joined #salt
07:35 babilen joined #salt
07:35 DarkKnightCZ Hi, is there any documentation regarding the interval of triggering salt/presence/present ? E.g. how often is it triggered? Thanks
07:36 Hybrid joined #salt
07:42 usernkey joined #salt
07:52 m4rk0 babilen, I'm aware of these changes, problem with mine is why I have to send mine.update from every minion, this is currently pretty complicated for my current deploy...
07:55 babilen Well, use an external source of information, fire events from the minions with the necessary information once they are up, trigger the http query from the minion in a startup state/state that's run on startup, ...
07:56 babilen ... run the mine.update from an initial state run, ....
07:59 oyvindmo joined #salt
08:00 pbandark joined #salt
08:02 johnj joined #salt
08:02 _KaszpiR_ joined #salt
08:02 DanyC joined #salt
08:03 m4rk0 babilen, one more question how to pass arguments type or cidr with "mine.get '*' network.ip_addrs"
08:04 DanyC joined #salt
08:10 pualj joined #salt
08:10 babilen m4rk0: You don't, you configure a mine function alias (cf. my paste) and ask for that
08:22 miruoy joined #salt
08:23 miruoy_ joined #salt
08:32 _KaszpiR_ joined #salt
08:34 zerocoolback joined #salt
08:37 Rumbles joined #salt
08:38 Trauma joined #salt
08:39 m4rk0 babilen, alright thanx again
08:41 colegatron joined #salt
08:45 aldevar joined #salt
08:45 zerocoolback joined #salt
08:46 zerocoolback joined #salt
08:47 zerocoolback joined #salt
08:47 zerocoolback joined #salt
08:53 Trauma joined #salt
08:54 ivanjaros joined #salt
08:56 zerocoolback joined #salt
08:56 Tenyun joined #salt
09:03 johnj joined #salt
09:09 toanju joined #salt
09:38 hojgaard joined #salt
09:42 dxiri joined #salt
09:50 zerocoolback joined #salt
09:51 pbandark hello everyone.. while writing  execution module, how to force display docstring(comment from the execution function) if mandatory arguments are not passed by the user ?
10:00 cb_ joined #salt
10:04 johnj joined #salt
10:21 DarkKnightCZ joined #salt
10:26 W4RL0RD joined #salt
11:05 johnj joined #salt
11:32 gladia2r joined #salt
11:35 usernkey1 joined #salt
11:40 Hybrid joined #salt
11:52 gladia2r babilen: not sure if you around or remember about my IF problems I had/have --
11:53 gladia2r i've updated the gist with the actual state rule that i'm trying to use that variable: https://gist.github.com/gladia2r/e7d5d61a122bdf8481234440950470f3
11:54 dragon788 joined #salt
11:54 gladia2r and I've also checked that link you gave http://jinja.pocoo.org/docs/2.9/templates/#assignments - though i'm reading that 'if statements' are an exception to the scoping behavior
11:54 evle joined #salt
11:54 SteamWells joined #salt
11:56 gladia2r as such, I still don't get it why if I'm using the if blocks, the variable is not 'set', and if i'm not using the conditions it works
11:59 k_sze[work] joined #salt
12:06 johnj joined #salt
12:07 asyncsec joined #salt
12:08 q1x Am I correct in when I think any salt['<function>'] calls run within a pillar .sls are running in the context of the master?
12:08 Nahual joined #salt
12:09 q1x I'm trying to "unlock" part of the pillar only to hosts that meet a certain condition based on their local filesystem (using file.file_exists), but it is returning true for all hosts regardless
12:10 q1x when running from the cli, I have hosts that report true and false correctly
12:10 DarkKnightCZ joined #salt
12:11 q1x So, my guess is the {%- if salt['file.file_exists']('<filename>') %} statement is being run on the master for every minion
12:11 q1x (which does match currently)
12:12 q1x can anyone confirm? Is there another way I could achieve what I'm trying to do?
12:12 hammer065 joined #salt
12:17 Naresh joined #salt
12:23 alexlist joined #salt
12:31 babilen gladia2r: Try setting it outside the if block first
12:34 mchlumsky joined #salt
12:35 m4rk0 Hello again :)
12:36 numkem joined #salt
12:36 m4rk0 I've mine.conf https://gist.github.com/mdzidic/9be5cc9769399e40edffc2bafee63821 and I can't get custom function to work "internal_ip_addrs" (no result) even if "config.get mine_functions" says it's registered...
12:37 babilen q1x: I'd write a custom grain in which you test for that path and target pillars based on that .. But wouldn't that allow every minion to get hold of that pillar simply by creating the file in question?
12:37 babilen m4rk0: Where do you set that?
12:38 * babilen only ever sets mine functions in pillar ..
12:39 babilen And in what way is it not working? Is it just returning with a G&T in its hand after a while and falls asleep on the sofa?
12:39 Hybrid1 joined #salt
12:39 m4rk0 babilen, on minion side and restarted salt-minion... network.interfaces and network.ip_addrs got populated but custom function not...
12:40 m4rk0 On salt-call mine.get '*' internal_ip_addrs it returns local: ------
12:41 q1x babilen: yup, but the same goes for the grain of course. Actually, I want to math on if file not exists so "unlocking" the pillar would require removing a file
12:41 q1x match*
12:42 babilen q1x: In terms of pillar targeting a custom grain feels about right for that approach
12:42 gh34 joined #salt
12:43 q1x babilen: not really what i was hoping for, but thanks :)
12:43 babilen m4rk0: Could it be because you have network.ip_addrs without alias already?
12:43 q1x babilen: so I was correct about hte context?
12:43 q1x (useful to know for the future)
12:44 babilen q1x: Context? I mean you could use {% if grains.get('your_fancy_custom_grain') %}
12:44 q1x babilen: no, I meant that the salt['<function>'] jinja calls in pillar are being run in the master context
12:44 babilen But yeah, it's run on the master .. you need a runner (look at the mine.get documentation for an example) to run on minions
12:45 babilen https://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.mine.html#salt.modules.mine.get
12:45 q1x babilen: ah, so that confirmed then :)
12:46 q1x thanks, clears up a lot!
12:47 babilen I use the mine.get runner in conjunction with mine function aliases of network.ip_addrs quite often to set IP addresses of hosts in the pillar
12:49 babilen m4rk0: It might be that by having both the alias is not working
12:49 babilen (you can definitely have multiple aliases)
12:49 babilen I also find setting mine functions in pillar data to be a lot easier
12:52 q1x babilen: Can I ask another small question, I'm trying to hide the command executed by cmd.run from the execution log, but I would still like to retain log of the output (AFAIK "output_loglevel: quiet" supresses both). Any ideas?
12:53 gladia2r babilen: thanks for getting back to me, i've already tried outside of the if block or even without any if conditions, then the "set" variable works fine - but the idea is that I'd need those "set's" inside the if block (if possible)
12:53 babilen gladia2r: Yeah, I follow, but try setting it to a default value outside and then to the actual one later
12:53 m4rk0 babilen, I've tried via pillar (on another fresh minion) and still can't get custom function to work, even "salt '*' config.get mine_functions" shows it as registered function...
12:53 babilen gladia2r: Might not be the final design, I'm just curious if that works if the "introduce" the variable in the right scope
12:54 noobiedubie joined #salt
12:54 colegatron joined #salt
12:54 babilen m4rk0: I think the reason is that you have network.ip_addrs twice in there (once as an alias)
12:55 babilen q1x: Hmm ... not sure .. Maybe an outputter would work? https://docs.saltstack.com/en/latest/ref/output/all/index.html
12:56 jdipierro joined #salt
12:56 m4rk0 babilen, ok I'll check that...
12:56 q1x babilen: thanks, It's seems I can set env for cmd.run as well...I might b able to use that to "hide" some args to the command, let me check
12:56 babilen m4rk0: So remove the non-alias one (or define an alias for that too)
12:56 DarkKnightCZ joined #salt
12:57 babilen q1x: Are you passing in sensitive data that you don't want in the logs?
12:57 q1x babilen: yes
12:57 q1x (that same pillar data from earlier)
12:57 babilen Right :)
12:58 babilen Can't you run a state on the minion (that runs the command and utilises the pillar data)
12:58 babilen ?
12:58 babilen That way you don't have to faff around with logs and stuff
12:58 q1x babilen: you mean a custom state?
12:59 babilen https://docs.saltstack.com/en/latest/ref/states/all/salt.states.cmd.html#salt.states.cmd.run was what I was thinking of
12:59 babilen Ah, or is that what you are doing but you want output_loglevel: quiet to suppress execution logs, but contain output?
12:59 xet7 joined #salt
13:00 q1x babilen: exactly!
13:01 babilen Cool, I'm with you now .. tbh, I'd just edit the state module, introduce another configuration variable, provide a patch to SaltStack and keep the (custom) state in _states for the time being
13:01 babilen But there might be another approach
13:01 babilen Not sure why they haven't differentiated between that right away
13:02 babilen Maybe have "quiet", "output", ... with "output" as additional output_loglevel in that it behaves like quiet, while logging the output?
13:03 q1x quiet seems to have been deprecated
13:04 babilen No, you can set "output_loglevel: quiet"
13:04 q1x babilen: oh, that is wat you meant
13:04 babilen I'm proposing introducint "output_loglevel: command_output" (or somesuch)
13:04 q1x yes, I see
13:04 q1x that would be useful
13:05 noobiedubie joined #salt
13:07 johnj joined #salt
13:08 q1x babilen: I've worked around it by using the env in cmd.run, it works :)
13:09 q1x babilen: set env variables with the pillar data then use those variables in the cmd line
13:09 q1x they are not expanded in the execution log, only $<VAR> is shown
13:09 q1x They might popup in debug, but that is fine by me
13:13 babilen q1x: Nice! :)
13:14 q1x babilen: thanks man, you're a champ :)
13:25 ozux joined #salt
13:27 zach joined #salt
13:28 DarkKnightCZ joined #salt
13:28 zach Any of you guys seen this with the latest version of salt when using pip.installed? https://pastebin.com/gCgmXGV2
13:29 vb29 joined #salt
13:31 vb29 left #salt
13:31 ozux any one can help with some docs how to use regex in the formulas? ({% if  grains['id'] == "*foo*bar*" %} )
13:31 vb29 joined #salt
13:31 vb29 left #salt
13:31 vb29 joined #salt
13:31 _JZ_ joined #salt
13:32 ozux re.match does not work does it? And startswith is just the start, but we have servers with different patterns.
13:35 noobiedubie how do i escape a string when setting defaults: for a jinja template
13:36 ouemt joined #salt
13:38 noobiedubie ozux: are you talking in a jinja statement like the one you posted or in a state
13:38 noobiedubie ozux: a lot of states have the match: which can be used to match on regex
13:39 noobiedubie ozux: https://docs.saltstack.com/en/latest/topics/targeting/
13:40 babilen ozux: https://docs.saltstack.com/en/latest/topics/jinja/index.html#std:jinja_ref-regex_match -- but I'd recommend to handle that in top.sls rather than in the SLSs
13:41 babilen (as suggested by noobiedubie)
13:41 babilen And no, jinja2 is horrible and you can't use modules in Python's stdlib
13:42 noobiedubie ^ that does make me sad...
13:43 babilen mako ftw! *sob*
13:45 squishypebble joined #salt
13:48 ozux babilen: well, they are in Top.sls but this one is a messy formula, and I have to regex couple of servers in order to get it done :) Unless any better idea or recommendation helps me to improve the formula itself
13:49 babilen Which formula?
13:50 ozux home grown formula for datadog
13:50 murrdoc joined #salt
13:50 ozux and I'm struggling with a file process.yaml. It's different for different set of servers
13:52 noobiedubie ozux: you could also set custom grains allowing you to match on that instead and maybe simplifing you formula a bit
13:54 babilen ozux: Could you paste the section in question? Not saying that matching there can't be done, but I see it as an anti-pattern
13:54 babilen (→ http://paste.debian.net, https://gist.github.com, http://sprunge.us, … )
13:55 Guest13762 joined #salt
13:55 ozux babilen: I can agree about anti pattern, I was hoping to go with Pillar.  Any document on custom grains?
13:56 ozux Ah you mean: https://docs.saltstack.com/en/latest/topics/grains/#writing-grains ?
13:56 babilen ozux: Maybe assign a different template in pillars?
13:59 ozux babilen: Yes, since the regex solution is a additional mess on top of the mess mountain I have, I rather refactor and start assigning roles, and in the config file I choose based on pillar (the roles) how to populate the config file
14:00 vb29 Hello everyone
14:00 ozux In community we really miss a general pattern, best practice how to for Salt Stack. And people write crazy code. (even as simple as https://devops.com/puppet-best-practices/ )
14:00 ozux Or is there any and I have missed it?
14:01 vb29 I am having issue while running mysql_query.run_file state
14:01 vb29 I have logged an issue as well https://github.com/saltstack/salt/issues/44004
14:01 vb29 can anyone please have a look at it?
14:01 vb29 am I missing something over there? or is that a bug?
14:02 ipmb joined #salt
14:06 ozux__ joined #salt
14:08 Cadmus joined #salt
14:08 babilen ozux: There's https://docs.saltstack.com/en/latest/topics/best_practices.html
14:09 babilen https://github.com/saltstack-formulas/template-formula
14:09 johnj joined #salt
14:09 Cadmus Hello, I'm having a weird error, here's the statement https://pastebin.com/AcNsEFbB
14:10 Cadmus And the rr is ID 'java-app-home' in SLS 'java-app' contains multiple state declarations of the same type
14:10 Cadmus But that's the whole statement, so how do I have multiples of anything if it's just doing one directory?
14:16 zerocoolback joined #salt
14:18 JawnAuz joined #salt
14:18 JawnAuz Yay for 2017.7.2.
14:18 cgiroua joined #salt
14:18 babilen Cadmus: Iterate over your pillar (and access it security with pillar.get) and name java-app-home-{{ app-name }}
14:21 Cadmus babilen: I've checked for this one host, and it only has one app-name, so I should be okay I thought, you think it's calling it multiple times somehow?
14:21 pjs_ left #salt
14:22 babilen Cadmus: I have no idea, you have to paste the entire SLS and error (and I kindly ask you to use a different pastebin than pastebin.com such as http://paste.debian.net, https://gist.github.com, http://sprunge.us, … )
14:22 pjs joined #salt
14:22 vb29 can anyone please have a look at this? https://github.com/saltstack/salt/issues/44004
14:23 Cadmus babilen: Understood, I'll have a rummage and see if anything leaps out. There's some nasty nested Jinja later on which I might be falling foul of, I wish I could see the sls after jinja rendering
14:23 babilen You can
14:24 beardedeagle joined #salt
14:24 babilen https://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.cp.html#salt.modules.cp.get_template
14:24 Cadmus Oh ho! Let's look there
14:25 babilen Ah .. wait, that might not be what you are looking for
14:25 ZeD joined #salt
14:25 babilen https://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.state.html#salt.modules.state.show_sls is the one for SLS
14:26 Guest40334 left #salt
14:26 ZeD- joined #salt
14:27 ZeD- Hi, trying to find the variable to use in jinja to get the name of the state being run currently, possible ?
14:27 Cadmus babilen: Damn, it won't work because it won't render
14:28 babilen Figured that would happen :)
14:28 babilen I blame the "nasty jinja"
14:29 Tenyun joined #salt
14:30 Cadmus Yeah, lets comment it out or delete it and see if we have the same issue
14:39 ozux joined #salt
14:55 sarcasticadmin joined #salt
14:56 squishypebble joined #salt
15:01 Cadmus It was the nasty jinja, a later file.whatever statement could render without its title, so it was being tacked on.
15:03 gladia2r babilen: just an update, I've tried that - and unfortunately that value (before the if block) sticks throughout the state (sls) and it wont get the proper values from the IF block :(
15:03 squishypebble joined #salt
15:05 Brew joined #salt
15:08 Trauma joined #salt
15:08 babilen gladia2r: Hmm, curious .. I think I've used that before
15:08 babilen (conditional assignments that is)
15:08 babilen Either way ... Pub o'clock
15:09 gladia2r kk - :)
15:09 johnj joined #salt
15:10 Cadmus Mmm, pub
15:10 DanyC joined #salt
15:16 major joined #salt
15:22 arif-ali joined #salt
15:27 nixjdm joined #salt
15:30 ozux guys, is there any way to filter out failed minions when I do salt \* state.apply? Now I use scroll up or search in terminal best case :)
15:30 ozux (I mean ERROR: Minions returned with non-zero exit code )
15:31 ozux I'm aware of -l and  -l quiet --state-verbose=* but need to get a list of all minions which had failed in a reportive system I rather say
15:42 DarkKnightCZ joined #salt
15:54 ipmb joined #salt
15:58 dvdmuckle joined #salt
16:06 tom[] when using file.managed, how do i write the yaml line so that the check_cmd will be fgrep '-foo +bar'
16:07 tom[] it's a problem of escaping quotes
16:10 schasi joined #salt
16:10 johnj joined #salt
16:12 tiwula joined #salt
16:17 m4rk0 ozux, maybe "salt --state-output" ?
16:26 dxiri joined #salt
16:28 heaje joined #salt
16:30 DanyC joined #salt
16:30 dxiri_ joined #salt
16:31 jessesbye joined #salt
16:33 zerocoolback joined #salt
16:34 asyncsec joined #salt
16:36 DanyC_ joined #salt
16:37 jessesbye Hello all! I am trying to troubleshoot an issue with "Detected conflicting IDs, SLS IDs need to be globally unique." The state is only included one place, so I have no idea why it is saying that there is a conflicting ID. I even removed the include and just pasted the contents of the state, and it is still trying to include the state file. Is there some way that this reference could be cached? Not sure how else salt master would be trying to look for
16:37 jessesbye the include file when I have removed all references to it from the code.
16:40 wwalker joined #salt
16:41 major trying to figure out the best method for using salt to manage a stack bare metal inside a private network which run containers and host a clustered filesystem, as well as manage the containers running on the bare metal
16:42 major and not entirely certain I want the containers making calls into the private network
16:43 wwalker ubuntu 16, I have a state that in test mode says it is going "install/update" a package.  When I run without test, it says Clean.  Any pointers on fixing that?  I have it in more than one state, but most of my pkg.installed states report correctly in test=True.
16:45 nixjdm joined #salt
16:47 smartalek joined #salt
16:52 smartalek Morning all. Anyone every come across a scenario where state.show_top shows the correct order, but highstate runs in a different order? Specifically, I'm using environments and finding that prd is getting run before base with env_order set to base then prd.
17:00 ahrs joined #salt
17:07 wavded joined #salt
17:11 johnj_ joined #salt
17:14 squishypebble joined #salt
17:17 beardedeagle joined #salt
17:30 onlyanegg joined #salt
17:41 ahrs joined #salt
17:43 ssplatt joined #salt
17:43 nixjdm joined #salt
17:46 acsir joined #salt
17:52 edrocks joined #salt
17:52 edrocks is there a way to get the `saltenv` in an sls file?
17:53 edrocks Never mind https://docs.saltstack.com/en/latest/ref/states/vars.html#saltenv
17:55 jessesbye joined #salt
18:04 mikea joined #salt
18:05 major no ideas/suggestions for the DMZ?
18:06 mikea is there a guide to scaling salt masters? I've got about 800 minions on one master and it's having issues.
18:07 mikea cpu usage is sky high, strace of the process tells me there's a lot of activity in the gitfs cache
18:09 FroMaster joined #salt
18:12 johnj_ joined #salt
18:19 ozux joined #salt
18:19 ecdhe joined #salt
18:20 mikea We do have a lot of gitfs roots and git pillars
18:20 mikea I tried removing the git pillars, didn't help
18:21 mikea we do have a custom engine that puts stuff into a db, turned that off and it made no difference
18:22 wavded joined #salt
18:27 Oida joined #salt
18:28 beardedeagle joined #salt
18:28 XenophonF hm, strace, that might help me debug some problems I'm having...
18:29 XenophonF major: you could host the master in the DMZ, or you could use salt-ssh
18:43 ChubYann joined #salt
18:45 nixjdm joined #salt
18:47 major yah .. not looking to support ssh into the containers
18:47 major honestly was hoping to fully manage them via their hosted nodes
18:48 major just not entirely certain how easy it is to wrap existing package management modules and the like to reach in via a shell exec into the containers
18:50 swills joined #salt
18:51 x0r joined #salt
18:55 XenophonF i don't really configure the containers
18:55 XenophonF they're, er, self-contained
18:57 smartalek joined #salt
18:58 DammitJim joined #salt
19:03 impi joined #salt
19:04 major more LXC container than docker
19:04 smartalek1 joined #salt
19:08 toanju joined #salt
19:09 Hybrid joined #salt
19:13 johnj_ joined #salt
19:15 major the LXD formula and module from: https://github.com/saltstack-formulas/lxd-formula
19:23 major that and I want to manage the bare metal and the containers from the same master
19:24 major I "feel" like idealy I could manage the containers via their bare metal hosts since the LXD module has an exec interface
19:24 major but there I am not certain how to wrap the pkg module into all of that
19:25 Nahual major: Couldn't you technically do a local salt run through that exec interface? I'm not sure how you would get the necessary files onto the system though.
19:25 JawnAuz joined #salt
19:25 Nahual We have a similar problem here but we'll just be using a normal salt-minion deployment to the containers themselves until we code in additional LXD support.
19:26 Nahual Well now that I think about it, have a bind mount from the bare metal with the necessary salt deployment files into the various containers and then a local salt run. I'm just not too sure of your requirements.
19:29 wavded joined #salt
19:29 mpanetta joined #salt
19:29 major https://github.com/saltstack-formulas/lxd-formula/issues/3
19:29 major looks like the one and only issue opened against it is more or less about the same problem ...
19:30 major the last comment more or less properly sums up what may very well be the ideal long-term solution
19:31 major basically need a salt-lxc interface on the host similar to salt-ssh
19:31 * major thinks.
19:31 XenophonF oh I get it
19:31 whytewolf humm, wonder why pcdummy isn't speaking up. wonder if he forgot about his irc connection.
19:31 XenophonF lxd is more like a virtual machine
19:31 Nahual Yeah. That is something we would be looking to put together in the future.
19:31 XenophonF than a minimalist chroot/jail
19:32 Nahual Unless someone beats us to it.
19:32 major XenophonF, well .. no .. LXC is the original container interface .. Docker used to work w/in LXC
19:32 major XenophonF, and then docker sort of got into this minimalistic group of container approach
19:32 * XenophonF nods his head as if he understands.
19:33 major soo .. containers themselves are a minimalistic rfork(plan9) or jail(bsd) sort of environment that can act as anything from a single application component talking across a network to a full private VM w/out the overhead of emulating the entire machine
19:33 major how you use it is up to you .. Docker is just a managing interface for the container which restricts you to using them in their idea of the "Right Way(tm)"
19:34 major but .. you can use them to act as a full server if you are so inclined
19:34 XenophonF yeah, lots of familiarity with chroot and jails and zones
19:34 major LXD adds support for migrating a running container between nodes in the cluster
19:35 major in my case I have gluster volumes for container specific data which allows me to migrate the containers and their between nodes fairly easily .. so generally I treat my containers as stand-alone self-contained VM's ..just .. w/out all the extra VM stuff
19:36 major but I don't really want to install ssh into the containers, nor allow the containers to reach out to the salt-master directly .. sooo .. a salt-lxc wrapper on the host into a sort of salt-ssh minion interface via 'lxc exec' seems to be more what I am looking for... but .. it doesn't yet exist
19:37 whytewolf XenophonF: solaris zones are more towards virtualization then containers.
19:37 major I am not even certain where to look to start something like salt-lxc
19:38 major whytewolf, any pointers?
19:38 major vim is ready
19:38 Hybrid joined #salt
19:38 whytewolf honestly i would say try and get a hold of pcdummy
19:38 whytewolf he wrote 99% of that formula
19:40 major pcdummy, ping
19:41 whytewolf he hasn't said anything in a while in here. even if he is in the list.
19:41 major but I mean .. at the heart of the issue is the option to treat the container as a remote target that has no minion installed .. i.e. salt-ssh, but instead of passing through ssh, pass through 'lxc exec'
19:41 major hmmm
19:42 JAuz joined #salt
19:42 major I wonder if I can just abuse the crap out of salt-ssh and just override the ssh command to be 'lxc exec' ;P
19:43 nixjdm joined #salt
19:43 major what would be better would be to simplify salt-ssh to salt-shell and then support various interfaces for aquiring the "shell" to the target
19:43 whytewolf or, write a salt-proxy mod
19:43 major thus you could do this for whole slew of devices, including devices connected via a serial-port server
19:43 major as a mod?
19:43 major hmm
19:44 Nahual salt-proxy, hadn't though of that route. Good point.
19:44 major so just rewrite salt-ssh as salt-proxy?
19:44 major :P
19:45 whytewolf wait i thought your bare metal minion can connect. i was thinking write your salt-proxy module to basicly operat locally
19:45 whytewolf the bare metal running salt-proxy
19:45 major ahh
19:45 major duh
19:45 major brilliant
19:45 major For reference: https://docs.saltstack.com/en/latest/topics/proxyminion/index.html
19:46 major whytewolf, yah .. that will pretty much solve all of it
19:47 major whytewolf, again.. thanks for your insight :)
19:48 whytewolf no problem. :) now... to get back to enterprise customers
19:49 major pfft
19:52 fatal_exception joined #salt
19:54 JawnAuz__ joined #salt
20:00 major ironically .. this is also the solution to another challenge I had lined up after this one ..
20:00 major actually .. like.. 5 challanges .. so I guess it was 6 problems solved with 1 solution
20:01 whytewolf Combo!
20:01 CaptTofu joined #salt
20:03 major whytewolf, think this should be its own repo or should I friendly-fork lxd-formula and add a _proxy/ to it?
20:05 major also .. it is 1 proxy per device correct?
20:06 major or in this case, per-container
20:06 whytewolf it is 1 proxy per decive, don't know if you can sneak a way to change that into a more localized setting like container control
20:07 whytewolf i would start it as it's own repo. and add a query ticket to see if they are interested in the solution. if they are you can always fork and add it later.
20:08 major fair enough
20:09 ozux joined #salt
20:09 major hopefully pcdummy is still supporting that formula ..
20:10 major is there some place that collects proxyminions?
20:10 major similar to formulas?
20:11 whytewolf formulas is kind of a catch all
20:12 major hmm
20:12 major and .. I hope lastly.. orchestrating the migration of a container and dealing with the proxy-minion at the same time
20:13 whytewolf that i am unsure of.
20:13 major the lxc-formula supports starting/stopping/restarting/migrating the container, particularly useful for doing restarts of the host (kernel upgrades in particular)
20:14 major guess I will attack that one when I get there
20:14 major no clue what sort of pain is going to be involved
20:15 johnj_ joined #salt
20:21 Hybrid joined #salt
20:23 major feel like both the migration of the container and the need for a salt-proxy per device is sort of a reason to do something like salt-ssh instead
20:23 major doesn't seem like less problems tht way
20:29 edrocks joined #salt
20:31 schasi joined #salt
20:31 major seems like less problems that way even
20:31 major oh well .. maybe try both
20:39 cliluw joined #salt
20:40 Hybrid joined #salt
20:43 nixjdm joined #salt
20:54 dxiri joined #salt
20:59 vaelen joined #salt
21:00 DanyC joined #salt
21:01 vaelen joined #salt
21:16 johnj_ joined #salt
21:38 _KaszpiR_ joined #salt
21:43 nixjdm joined #salt
21:48 cgiroua joined #salt
21:51 dxiri joined #salt
21:54 fatal_exception joined #salt
22:09 Trauma joined #salt
22:17 johnj_ joined #salt
22:23 icebal joined #salt
22:29 sh123124213 joined #salt
22:34 dxiri joined #salt
22:36 cyborg-one joined #salt
22:39 dxiri joined #salt
22:43 nixjdm joined #salt
22:54 cyteen joined #salt
23:08 cro joined #salt
23:18 johnj_ joined #salt
23:21 brianthelion Does anyone have a tight recipe for using salt-cloud to bootstrap a master, end-to-end? I see that you can pass a master configuration in, but I'm assuming that only handles /etc/salt/master and not the myriad other things one might want.
23:22 brianthelion i guess one option would be to bootstrap a minion and then use a formula to boostrap a master on localhost
23:31 tiwula joined #salt
23:40 dxiri joined #salt
23:52 sh123124213 joined #salt
23:57 rburkholder joined #salt

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary