Perl 6 - the future is here, just unevenly distributed

IRC log for #salt, 2017-11-11

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:00 MTecknology The cmd module is executing su for all commands, so that the environment and such can be properly handled. However, I require gauth for su, sudo, and ssh. Since one of the goals was to require gauth to obtain root... I can't really just stop doing this.
00:02 MTecknology I'm more familiar with pam than 80% of admins out there (since I read a book on it once and toyed around with it a bit), but this seems extra challenging.
00:03 sp0097 joined #salt
00:04 viq teach salt to use gauth? ;)
00:04 astronouth7303 hm.
00:04 astronouth7303 the source is surprisingly complex, too
00:05 astronouth7303 https://github.com/saltstack/salt/blob/develop/salt/modules/cmdmod.py#L438
00:05 Manor joined #salt
00:05 astronouth7303 is there a way to distinguish environments in pam? like, if it's being executed by salt vs from a shell?
00:05 gswallow joined #salt
00:07 MTecknology It's not salt that needs to change. I think we need a bypass_for_user option to allow success when executed by that user
00:08 zerocoolback joined #salt
00:09 MTecknology hmmm.....
00:10 MTecknology TADA!
00:10 MTecknology The cool thing about pam is that it's actually quite trivial, just also complex
00:12 MTecknology http://dpaste.com/17EYQG4
00:15 threwahway joined #salt
00:16 pbandark1 joined #salt
00:28 GMAzrael joined #salt
00:38 MTecknology Why has that never been something I've noticed befor? :S
00:43 johnj_ joined #salt
00:51 cyteen joined #salt
00:56 cyteen joined #salt
00:59 Shirkdog joined #salt
01:02 zerocoolback joined #salt
01:04 fxcg joined #salt
01:10 kellyp joined #salt
01:27 sp0097 joined #salt
01:28 rgrundstrom joined #salt
01:28 rgrundstrom Good evening everyone
01:29 zulutango joined #salt
01:30 rgrundstrom or its actually good morning here... Jesus... I need to go to sleep.... soon... just one more line of code
01:35 MTecknology How can we help you write ten more lines?
01:36 rgrundstrom MTecknology: I decided to cut writing code for today. A few hours sleep then continue. Thanx for the support :)
01:36 MTecknology Thanks*  You probably really should sleep. :P
01:37 rgrundstrom Yeah...
01:38 colegatron joined #salt
01:39 GMAzrael joined #salt
01:44 johnj_ joined #salt
01:52 MTecknology I'm missing something trivial here- http://dpaste.com/3FMQYV3
02:06 Manor joined #salt
02:06 kellyp joined #salt
02:19 shoogz joined #salt
02:21 onlyanegg joined #salt
02:21 shoogz joined #salt
02:23 shoogz joined #salt
02:24 shoogz joined #salt
02:26 shoogz joined #salt
02:27 shoogz joined #salt
02:29 tigerwho joined #salt
02:29 mcqueenorama joined #salt
02:31 mcqueenorama i see my custom grain when I do "salt www-263* cmd.run "salt-call -g", but not when I do, "salt www-263* grains.ls"
02:31 mcqueenorama what's the difference?
02:54 johnj_ joined #salt
02:54 sp0097 joined #salt
02:56 ilbot3 joined #salt
02:56 Topic for #salt is now Welcome to #salt! <+> Latest Versions: 2016.11.8, 2017.7.2 <+> Support: https://www.saltstack.com/support/ <+> Logs: http://irclog.perlgeek.de/salt/ <+> Paste: https://gist.github.com/ <+> See also: #salt-devel, #salt-offtopic, and https://saltstackcommunity.herokuapp.com (for slack) <+> We are volunteers and may not have immediate answers
02:56 mcqueenorama_ its not a bug in salt.  The custom grain function was reading files from a directory, and i added both the directory and file in the directory after the minion was started
02:57 MTecknology that's why I asked how they were configured... :(
02:59 MTecknology I'd recommend /not/ setting custom grains using config files and instead write a custom grain that can be pushed, then it wouldn't require a restart.
02:59 mcqueenorama_ the initial call for grain info would have caused the custom grain handler to fail.  Salt probably takes failing functions out of the list, or it runs them once and caches the results
02:59 mcqueenorama_ ok
03:00 mcqueenorama_ thanks
03:07 Manor joined #salt
03:16 gswallow joined #salt
03:23 Bryson joined #salt
03:45 sp0097 joined #salt
03:45 GMAzrael joined #salt
03:46 johnj_ joined #salt
03:57 MTecknology Apparently the backslash is being escaped, but I don't understand why
04:09 threwahway joined #salt
04:12 MTecknology This escaping thing is starting to feel like a bug.
04:18 MTecknology I can run the function itself and things change as expected
04:30 pipps joined #salt
04:30 GMAzrael joined #salt
04:31 pipps99 joined #salt
04:47 johnj_ joined #salt
04:47 MTecknology there we go... file.line instead.
05:04 zerocoolback joined #salt
05:07 tiwula joined #salt
05:09 Manor joined #salt
05:10 sp0097 joined #salt
05:13 zulutango joined #salt
05:25 gswallow joined #salt
05:28 onlyanegg joined #salt
05:32 todder joined #salt
05:44 aldevar joined #salt
05:46 mavhq joined #salt
05:48 johnj_ joined #salt
05:49 colegatron joined #salt
05:50 zerocoolback joined #salt
06:03 zerocoolback joined #salt
06:06 kellyp joined #salt
06:10 Manor joined #salt
06:16 LocaMocha joined #salt
06:28 shoogz joined #salt
06:29 shoogz joined #salt
06:31 shoogz joined #salt
06:32 shoogz joined #salt
06:34 shoogz joined #salt
06:36 shoogz joined #salt
06:42 RandyT joined #salt
06:42 RandyT joined #salt
06:43 gswallow joined #salt
06:47 GMAzrael joined #salt
06:48 samodid joined #salt
06:49 johnj_ joined #salt
07:12 vchauhan joined #salt
07:13 zerocoolback joined #salt
07:18 cyborg-one joined #salt
07:20 aldevar joined #salt
07:20 gswallow joined #salt
07:22 vchauhan joined #salt
07:45 GMAzrael joined #salt
07:50 johnj_ joined #salt
08:09 cyteen joined #salt
08:11 chowmein__ joined #salt
08:12 fxcg joined #salt
08:27 gswallow joined #salt
08:38 tigerwho left #salt
08:47 GMAzrael joined #salt
08:51 johnj joined #salt
08:57 DarkKnightCZ joined #salt
09:01 rgrundstrom joined #salt
09:02 rgrundstrom Good morning
09:04 onlyanegg joined #salt
09:24 gswallow joined #salt
09:44 GMAzrael joined #salt
09:53 johnj joined #salt
10:02 Manor joined #salt
10:06 Manor joined #salt
10:16 kellyp joined #salt
10:17 onlyanegg joined #salt
10:17 dnull joined #salt
10:26 gswallow joined #salt
10:35 zulutango joined #salt
10:37 shoogz joined #salt
10:38 shoogz joined #salt
10:39 shoogz joined #salt
10:41 shoogz joined #salt
10:42 shoogz joined #salt
10:44 shoogz joined #salt
10:46 samodid joined #salt
10:50 evle1 joined #salt
10:54 johnj joined #salt
10:57 major joined #salt
11:07 cyteen joined #salt
11:08 mikecmpbll joined #salt
11:12 Whissi joined #salt
11:15 DarkKnightCZ joined #salt
11:18 pualj_ joined #salt
11:23 gswallow joined #salt
11:26 rgrundstrom I am never goint to learn this. If one or more files is missing I want script to run: https://gist.github.com/Robert-Grundstrom/cec4765e1156113a3b8d70faa49af971#file-gistfile1-txt
11:28 evle1 joined #salt
11:39 el_wood_tx joined #salt
11:39 el_wood_le joined #salt
11:43 Praematura joined #salt
11:47 GMAzrael joined #salt
11:55 johnj joined #salt
11:57 pbandark joined #salt
12:14 dhwt joined #salt
12:18 DarkKnightCZ joined #salt
12:18 onlyanegg joined #salt
12:18 pualj joined #salt
12:31 evle4 joined #salt
12:32 systeem- left #salt
12:42 evle1 joined #salt
12:48 GMAzrael joined #salt
12:56 johnj joined #salt
13:06 Praematura joined #salt
13:08 miruoy joined #salt
13:08 kellyp joined #salt
13:16 pbandark joined #salt
13:18 evle3 joined #salt
13:19 rgrundstrom Never mind.. Solved it
13:20 Lego789 joined #salt
13:22 evle1 joined #salt
13:26 el_wood_tx joined #salt
13:26 el_wood_le joined #salt
13:27 nomeed joined #salt
13:28 gswallow joined #salt
13:31 crawl joined #salt
13:31 evle1 joined #salt
13:34 onlyanegg joined #salt
13:43 GMAzrael joined #salt
13:57 johnj joined #salt
14:00 snc joined #salt
14:05 pualj_ joined #salt
14:10 fxcg joined #salt
14:15 Praematura joined #salt
14:16 major joined #salt
14:27 RandyT joined #salt
14:27 RandyT joined #salt
14:28 gswallow joined #salt
14:34 onlyanegg joined #salt
14:38 poige if one needs a state to be declared for a group of hosts with such names that regexps won't do; what would be the best way to declare them?
14:39 poige I bet you can't use:
14:39 poige host1:
14:39 poige bar:
14:39 poige foo:
14:39 poige - somestate
14:39 GMAzrael joined #salt
14:40 gswallow joined #salt
14:40 poige instead it's required to interleave with - somestate; I don't see how it's convenient
14:45 shoogz joined #salt
14:46 shoogz joined #salt
14:46 viq poige: 'host1,host2,host3,hostX':
14:46 viq poige: or nodegroups
14:48 shoogz joined #salt
14:49 shoogz joined #salt
14:51 shoogz joined #salt
14:53 shoogz joined #salt
14:58 johnj joined #salt
14:58 SkyRocknRoll joined #salt
15:08 poige viq: thanks!
15:08 poige viq: what about multilines for comma separated?
15:08 poige viq: as to nodegroups — what do you mean? the groups that are supposed to be defined in salt's master config?
15:11 pbandark joined #salt
15:13 poige Also, suppose commas separated approach was used, how one then gets state applied exactly to this list of hosts?
15:24 Praematura joined #salt
15:26 poige viq: aha, nodegroups are ultimately nonsense; compared to ansible it becomes ridiculous when your infrastructure config isn't self-sufficient and it crosses the bound of /srv landing into Salt master config
15:26 poige No idea why they went that way; but this is a show stopper for sure
15:36 nethershaw joined #salt
15:41 GMAzrael joined #salt
15:43 Deliant joined #salt
15:53 coredumb poige: I do it from external pillar
15:53 Deliant joined #salt
15:53 coredumb and from your state {% if pillar[xx] is defined %}
15:53 poige coredumb: it doesn't say a lot to me (yet)
15:54 poige coredumb: I'll look into it, thanks for hint
15:54 poige coredumb: BTW, may be you can answer: how to limit state.apply only to those hosts that are declared in top.sls
15:55 gswallow joined #salt
15:55 poige coredumb: This is another non-logical thing that if you use state.apply with '*' it will try to apply top.sls for '*' even if top.sls doesn't have entries for nodes
15:56 poige Or, being put in other way: it's not-logical that you can't easily run state.apply w/o using '*' to limit state.apply only to top.sls defined rules
15:56 poige I can put something like 'test.nop' for '*' in top.sls just to make it going w/o errors each time but this is a hack
15:57 poige Where's clear design?
15:59 johnj joined #salt
16:00 coredumb well as is matching * non-logical?
16:00 poige if top.sls doesn't have entry for '*'
16:00 poige say you start with defining states for a sub-set of the hosts
16:01 coredumb https://github.com/saltstack/salt/blob/develop/doc/topics/releases/oxygen.rst < read "New pillar/master_tops module called saltclass
16:01 coredumb "
16:01 poige you can list them in top.sls
16:01 coredumb details about external pillar
16:01 coredumb and actually master_tops
16:01 coredumb I don't use top.sls
16:01 poige coredumb: thanks for URL
16:01 poige coredumb: well, salt doc describes using top.sls
16:02 coredumb doesn't mean they force you to use it :)
16:02 poige coredumb: I'm just trying to follow the way docs described
16:02 poige coredumb: and the way isn't too logical, that's the trouble
16:02 poige why do I need to put '*' in top.sls?
16:03 poige why if I didn't put '*' there state.apply with '*' would try going through '*' even if it's not declared in top.sls?
16:03 poige or, ok, how do I run state.apply with for only defined in top.sls entries?
16:04 poige That all seem to be very pretty basic things and I'm surprised seemingly no one in Salt tried to think about it
16:05 viq poige: personally I like pillars for that, which lets me for example "salt -I roles:ldap -b 2 service.restart slapd"
16:05 onlyanegg joined #salt
16:05 poige but this is not state.apply no way
16:06 coredumb state.apply takes a state as an argument
16:06 coredumb it doesn't care about your top file
16:06 poige it's almost ad-hoc
16:07 viq coredumb: if you don't give an argument then 'state.apply' does highstate
16:08 viq poige: well, you could always define some baseline (or indeed noop) state to all nodes. But then again, you could be targeting your command only to hosts you want to run it on.
16:09 coredumb yeah but highstate without top file won't run any state
16:09 poige viq: nop is a hack
16:09 poige viq: it stinks actually
16:09 poige viq: and there's no easy way to limit state.apply for those only declared in top.sls "groups"
16:09 viq poige: not saying it isn't. But if you insist on targeting '*' then it lets you get around your complaint
16:10 viq poige: how are you defining the groups in top.sls ?
16:10 poige viq: I'm insisting on '*' would be AND with top.sls entries
16:10 poige viq: not OR
16:10 poige viq: that's the way it'd be logical
16:10 coredumb then don't use state.apply
16:10 sp0097 joined #salt
16:10 poige nice
16:11 poige The docs describe it that way
16:11 poige IOW you say "don't follow the docs"
16:11 viq poige: I don't understand your statement. 'salt * state.apply' tells all nodes to apply states that are defined in top.sls, so it is an AND like you said
16:11 coredumb anyway if you run state.apply wihtout argument on *
16:11 coredumb it should run a highstate
16:11 coredumb and match your top file
16:11 coredumb so what's the issue ?
16:12 poige what if top.sls doesn't have entries suitable for all the nodes?
16:12 coredumb then nothing runs on those nodes
16:12 poige It's giving errors then
16:13 coredumb for the node yeah
16:13 poige And I would expect nodes that aren't described in top.sls to be ignored then
16:13 viq alternatively, sounds like a configuration error to me
16:13 viq You're telling them to apply a state that doesn't exist.
16:14 coredumb yeah
16:14 poige yeah
16:14 poige how do I limit the scope then? )
16:14 viq By targeting minions appropriately
16:14 poige to only those nodes that were described in top.sls?
16:14 poige ok, I've a list of minions in top.sls
16:14 viq With -L, -I, -G, -P, or whatever other means
16:15 poige how do I get state.apply to use that definition
16:15 poige ?
16:15 poige or instead I have to repeat it once again (each time I use state.apply)
16:15 poige you see now?
16:16 poige this is what I call non-logical
16:16 viq poige: you don't, top.sls is not used for targeting
16:16 poige I don't want to copy paste
16:16 viq Use your CMDB then
16:16 poige If I have top.sls with list of minions why can't I use it
16:17 viq Or assign pillars to them, target states in top.sls by pillars, and target commands (like state.apply) by pillars.
16:17 poige what is CMDB?
16:17 viq Configuration Management DataBase
16:17 poige what is it for e. g.?
16:17 viq https://en.wikipedia.org/wiki/Configuration_management_database
16:18 poige G'damn't in ansible you just have simple inventory file
16:18 poige that out of the box supports groups
16:18 poige and that's it
16:18 viq For example certain source of truth what hosts you have and what state they should be in
16:18 poige With salt you mention more and more entities to get simple things done
16:18 poige I don't feel like it's worth it
16:18 viq top.sls *is not inventory*
16:18 coredumb and does not relate to the cli
16:19 viq poige: assign pillars to hosts. Be happy.
16:19 poige it's definition of rules of what to be done for what
16:19 poige isn't it?
16:19 viq It's a "that node should have those states" map.
16:19 poige and if this definition has list of targets why would you need to copy this list to CLI
16:19 poige ok
16:20 viq This is *not* the list of targets.
16:20 poige let it be defined that way
16:20 poige but why can't it be used then?
16:20 viq Again, this is *not* the list of targets.
16:21 poige it's not
16:21 poige but it has such information
16:22 poige and it can't be used out of the box
16:22 viq Then ask on mailing lists, or file a bug report, maybe then one of creators will be able to tell you why, as I'm not one of them. I can tell you how things are, not why.
16:22 poige I'm here not to make salt better
16:23 poige I'm choosing tool to get done job better
16:23 viq And as with every tool, you have to learn it's quirks to use it well. This is one of those quirks.
16:23 sjorge joined #salt
16:23 poige If I'm seeing ansible is more logical, requiring less quirks to get known of; be it
16:24 viq And again, I'm telling you, assign pillars to those hosts, and assign states by pillars, then you'll be able to also target them for execution by same pillars.
16:24 poige what are pillars?
16:24 viq "variables" is the short explanation
16:24 poige "pillars"
16:24 viq https://docs.saltstack.com/en/latest/topics/pillar/
16:24 poige they call variables "pillars"
16:24 poige to get it easier to understand I suppose? :P
16:25 poige ok, I have hosts: foo, bar, doom
16:25 poige I was trying to define that list in top.sls and assign some state for them
16:25 poige If I'm using pillars how does it look then?
16:25 poige I need another directory first of all?
16:26 viq Yes, you do need another directory.
16:27 poige and then I see again /srv/pillar/top.sls has entry for '*' :)))
16:28 viq But once you have that, you can use https://docs.saltstack.com/en/latest/ref/states/top.html#advanced-minion-targeting in your states top.sls, and like I have shown above, you can use that to target state.apply only to those minions too
16:29 poige again
16:29 poige I'm not getting how it's different from top.sls
16:29 poige moreover, they're using top.sls in pillar dir
16:30 poige I have that "group": foo, bar, doom. Those are host names
16:30 poige I want some state.sls to be applied for them
16:30 poige How do get pillars into this?
16:32 viq Say I have a bunch of machines, with very meaningful names like s01-03 and n07-24, that are to be nginx servers. There is no easy way to target them without explicitly listing them. But, in pillars/top.sls I assign to them (by explicitly listing them there) a pillar of 'roles:nginx'. Then in states/top.sls I have 'roles:pillar:'\n - match: pillar\n - nginx, and then I can do salt -I roles:nginx state.apply
16:32 viq Does that answer your question?
16:32 poige viq: thanks, but it's too general
16:33 viq ?
16:33 poige you're assigning a pillar or 'roles:nginx'
16:33 poige what do you mean?
16:33 poige is it combined tag name
16:33 poige or what is it roles, :, nginx
16:33 Praematura joined #salt
16:34 poige why it's colon separated?
16:34 viq It's just arbitrary "variables"
16:34 viq because pillars are colon separated
16:34 poige so pillars' name is just "roles"?
16:34 poige and nginx is its value?
16:34 nomeed poige: pillars are attributes assigned to hosts
16:35 nomeed you can defined them and assign them however you want
16:35 poige before they used to say it's variables
16:35 poige ok
16:35 nomeed and the colons are used to retrieve the keys
16:35 viq again, you have more at https://docs.saltstack.com/en/latest/topics/pillar/
16:35 poige no way
16:35 viq and eg https://docs.saltstack.com/en/latest/topics/targeting/pillar.html
16:35 nomeed managing an inventory is much easier in salt than in ansible in my opinion
16:35 poige Salt's docs are written by the same quirkers
16:35 nomeed in ansible it gets way too bloated
16:36 poige so back to my example with hosts: foo, bar, doom
16:36 nomeed you will first have to read how to assign pillars to your hosts
16:36 poige somehow I need to group them
16:36 poige so I can define pillar called 'mygroup'
16:36 nomeed you can always check if your attributes have been assigned
16:37 poige and then assign 'group1' to 'mygroup' attribute using syntax 'mygroup:group1'
16:37 poige right?
16:37 nomeed with $ salt "<fqdn hostname>" pillar.items
16:37 nomeed yes you can do that
16:37 poige I'm asking if I got it correctly from your words guys
16:37 nomeed you can assign it however you like and then run against ANY attribute you like
16:38 nomeed you could assign states to specific cpuarchs or whatever
16:38 poige ok, so I go to pillar dir and edit top.sls there
16:38 poige would it be the only file I need to assign that attribute?
16:38 viq poige: you could just assign 'group1', but in my example, for clearer organisation of things, I preffered to have it under 'roles', to make it obvious what those are.
16:39 poige viq: it's a matter of terminology
16:39 viq Yes, you assign pillars in pillars/top.sls, then you can use them elsewhere
16:39 poige viq: groups vs roles not that much of difference
16:39 viq those are just arbitrary strings, 'roles' made sense to me.
16:39 nomeed poige you should read the salt tutorials
16:39 nomeed https://docs.saltstack.com/en/latest/topics/tutorials/states_pt1.html#states-tutorial
16:39 poige I tried
16:40 poige Same quirks. Nothing works
16:40 nomeed at what point are you?
16:40 poige Grains-n-pillars-n-drillars-n-100-more-concepts just to get to simple things
16:40 poige and then you discover you can't limit state.apply easily to only those nodes that were declared in top.sls rules
16:41 poige f*ck it
16:41 nomeed because like viq said
16:41 GMAzrael joined #salt
16:41 nomeed it is two different things
16:41 poige I know
16:41 nomeed with state.apply you apply every states defined in the top.sls of the states
16:41 poige but it's stupid you can't use info from that anyways
16:41 nomeed run it manually
16:41 poige and this is stupid too
16:42 poige what's the point to have CMS to run manually
16:42 nomeed what is your goal?
16:42 poige or to copy-paste definitions from top.sls to salt CLI
16:42 nomeed the point of the top.sls file with state.apply is exactly
16:42 nomeed that you dont run it manually
16:42 poige hold on
16:42 nomeed but regularly
16:42 nomeed without your interaction
16:42 poige I just want to get pillars edited correctly
16:43 poige I'm editing top.sls in pillar directory
16:43 poige Where do I put 'mygroup' to?
16:43 nomeed you have to define your pillars(attributes) in an sls file relative to your pillar directory
16:43 poige base:
16:43 poige '*':
16:43 poige - packages
16:43 poige this is an excerpt from theirs doc
16:43 nomeed yes
16:43 poige what does it say? nothing
16:43 poige just nothing
16:44 poige what's base?
16:44 poige it it where I put 'mygroup' instead?
16:44 nomeed packages is an sls file relative to your pillar directory
16:44 poige where do I put 'group1' then?
16:44 nomeed usually a file named packages.sls
16:44 poige hold on
16:44 poige I'm not about packages anymore
16:44 poige you told me I need pillars to get nodes addressed in sane way
16:44 poige ok, now what?
16:45 poige I see some 'base: '*' - packages'
16:45 nomeed show me you have done already
16:45 nomeed *what you have
16:45 poige I've just opened top.sls in pillars dir
16:46 poige and what to declare foo, bar and doom to have 'mygroup' attr set to 'group1'
16:46 * viq tosses a few cookies nomeed's way ;)
16:46 poige and I'm seeing not how this example from the doc helps me in that
16:47 nomeed the docs clearly state that you should create a sls file
16:47 nomeed in the same directory
16:47 nomeed with the id declaration
16:47 nomeed if for example like in your example
16:47 poige sls files?
16:48 poige I thought it should be top.sls even
16:48 nomeed the top.sls file is the index
16:48 poige exactly one .sls file. Do I need more to get this job done
16:48 poige oh, yeah, almost expected. ok
16:48 poige what would be in top.sls then for this mygroup:group1 example?
16:50 poige kinda 'EnvironmentName: foo: - mygroup_group1 bar: - mygroup_group1 doom: - mygroup_group1"?
16:50 poige and then I define mygroup_group1.sls to assign mygroup:group1 attribute?
16:51 nomeed https://gist.github.com/anonymous/15662020905dce73139ad1706d4ad201
16:51 stooj joined #salt
16:52 nomeed this is pretty simple
16:52 poige ah, thanks
16:52 poige but this is roles.sls
16:52 poige how to use it from top.sls then?
16:52 nomeed you can name it however you want
16:52 poige sure
16:52 poige but you said I need index file top.sls in addition
16:53 viq nomeed: though that will be mygroup:group1:bar for example, as I understand it poige wants mygroup:group1 assigned to minions foo, bar and doom
16:53 poige damn it
16:53 poige sure deal
16:54 poige viq: is correct. I was thinking about that simple operation
16:54 poige to put some label on those 3 nodes
16:54 poige using something called "pillars"
16:54 viq poige: so in pillars/top.sls you assign mygroup like you would otherwise, and you have pillars/mygroup.sls with contents 'mygroup: group1'
16:54 poige viq: ?
16:54 poige viq: like I would?
16:55 poige viq: I've no idea how to do that
16:55 viq Eg by assigning it to an explicit list of hosts
16:55 poige or more precisely I asked about my idea
16:55 poige but never got reply if it was correct or not
16:56 poige kinda 'EnvironmentName: foo: - mygroup_group1 bar: - mygroup_group1 doom: - mygroup_group1"?
16:56 poige what to put in top.sls first of all?
16:56 viq Kinda, but it could be "base: 'foo,bar,doom': - mygroup", and then mygroup.sls with contents of "mygroup: group1"
16:57 poige ohhhhhh
16:57 poige ooooooooohhhhhhhhhhh
16:57 poige holy grain
16:57 poige if I get list of 15 nodes
16:57 poige and it's really wide one, any means to split it into several lines?
16:58 nomeed my fault
16:58 nomeed yes
16:58 viq There are multiple ways you could go about that
16:58 nomeed write an external pillar
16:59 poige tell me more
16:59 poige how one gets through wide line in Salt
16:59 poige I bet this is not just simple as \-approach
17:00 poige It wouldn't be cumbersome enough ;P
17:00 johnj_ joined #salt
17:01 viq Or even something like https://pbot.rmdir.de/nSqCd9itoh2rzVBTbiTKEQ which would let you have eg pillars/minion_pillars/doom.sls with the pillars that one minion is to have
17:01 poige ahhh + more funny thing. Ok, so I have this pillar. Then I have to remember to call state.apply always with something referring to this pilaar name
17:01 poige I can't have just top.sls and apply it with salt \* state.apply  right?
17:01 poige dmnit
17:02 viq poige: your question was how to target only the minions that are to have the state applied. Here is your answer.
17:02 ctwhyexit joined #salt
17:02 poige aha. Can't be solved with top.sls and salt '*' state.apply
17:03 poige one would always need to tinker with specific list individually on the command line
17:03 poige what a shame
17:03 viq If you tell all hosts to use top.sls then all hosts need an entry in top.sls
17:03 poige Once again
17:03 nomeed https://gist.github.com/anonymous/fced1a3f89b028e3822d8fee1d016132
17:03 nomeed try this
17:03 viq Well, is "salt -I mygroups:group1 state.apply" such a hassle?
17:03 poige sure
17:04 poige what if I have mygroups:group1, .., N?
17:04 poige and I want corresponding states to be applied at once?
17:04 poige isn't it the purpose of top.sls after all?
17:04 nomeed what do you mean at once
17:04 viq No
17:04 poige I mean w/o running salt -I mygroup:group1
17:04 poige I mean w/o running salt -I mygroup:group2
17:04 poige I mean w/o running salt -I mygroup:group3
17:05 poige I mean w/o running salt -I mygroup:group4
17:05 poige I mean w/o running salt -I mygroup:group5
17:05 viq Purpose of top.sls is to tell nodes what states they are to have applied.
17:05 poige I mean w/o running salt -I mygroup:groupN
17:05 viq It is *not* to target minions.
17:05 viq Also, have a look at complex matcher.
17:05 poige Ok, how do I target all those N groups?
17:05 poige given that they wouldn't be called as numbers.
17:05 viq sorry, compound
17:05 poige it would be "nginx", "apache", "mysql" and so on
17:06 poige \@
17:06 viq https://docs.saltstack.com/en/latest/topics/targeting/compound.html
17:06 onlyanegg joined #salt
17:06 poige I guess now it's very clear why ansible gets more and more popular
17:06 ctwhyexit_ joined #salt
17:06 nomeed the point of salt is that you can be flexible
17:07 nomeed and have all the tools available to adjust to your environment
17:07 nomeed with ansible you have the simplicity and the fixed setup
17:07 nomeed which makes it easier to use
17:07 nomeed but also the limitations
17:07 nomeed which you wont have with salt
17:08 viq poige: you would need to target them separately with ansible as well
17:09 nomeed if your environment is simple and you know that you dont need all the features of salt and options to customize every part of your configuration
17:09 nomeed then theres nothing wrong to stick with ansible
17:09 poige viq: ?
17:09 poige viq: on site.yml including others ymls with roles
17:10 poige you just run ansible-playbook site.yml
17:10 poige that's it
17:10 viq poige: you could have more than one 'group' assigned to host as well.
17:10 poige same with ansible
17:10 poige easy
17:11 nomeed you do the same with salt
17:11 poige hahaha
17:11 * viq shrugs
17:11 nomeed salt "*" state.highstate
17:11 poige with grains, pillars, compounds matching and cumbersome things like https://pbot.rmdir.de/nSqCd9itoh2rzVBTbiTKEQ
17:11 viq If you prefer to inflict ansible on yourself, feel free ;)
17:12 nomeed poige: rtfm
17:12 poige yeah; totally same ))
17:12 poige nomeed: aha
17:12 poige that's the point. It's fukcing manua
17:12 poige that's the point. It's fukcing manual
17:13 poige Written by people who invented grains/pillars and top.sls which you can't use directly by itself
17:14 * viq lost interest
17:14 poige one simple salt … state.apply + top.sls gets inflated into lots of lines whereas ansible's is just ansible-playbook site.yml
17:14 poige surely anyone would lose interest. That's why ansible is number one CMS now and salt is never gonna make it
17:15 nomeed salt handles manages all your states in the top.sls for your whole environment
17:15 poige yeah
17:15 nomeed while in ansible you would have several playbooks
17:15 poige how does it help to apply?
17:16 nomeed you do not need the top.sls
17:16 poige you can't use '*' to apply if some "mappings" for nodes are missing
17:16 poige ok, no need for top.sls
17:16 poige ok
17:16 poige oneliner: ansible-playbook site.yml
17:16 nomeed you could just write your own state
17:16 nomeed like a playbook
17:16 poige does it all
17:16 nomeed which includes other states, requirements
17:16 poige how would you achieve similar with Salt?
17:16 nomeed which bloats
17:16 nomeed and then call
17:17 nomeed salt "*" state.sls bloatedstate
17:17 poige you can't use *
17:17 poige do you remember?
17:17 nomeed "*" references
17:17 poige it will go for each node
17:17 nomeed ALL your minion ids
17:17 nomeed yes
17:17 poige but not all the nodes have state "attached"
17:17 poige some -- do not
17:18 poige 95 % have and 5 — do not
17:18 poige You can't use "*" anymore
17:18 nomeed why would you want to only call the state attached
17:18 nomeed you would want to apply everything from top.sls
17:18 nomeed and make sure that your states are correct
17:18 nomeed and have it run daily
17:19 poige say I don't want to have 100 % of nodes to be affected
17:19 fxcg joined #salt
17:19 poige I want to put there only a part limiting to some of them
17:19 poige then add more and more
17:19 poige step-by-step
17:20 nomeed the thing is salt doesnt limit you this way
17:20 nomeed as ansible does
17:20 nomeed with groups
17:20 nomeed you have the option to target minions however you want
17:20 poige one liner
17:20 poige that does it all
17:21 poige and you can't repeat the same with salt
17:21 poige Again: to apply config in ansible I just type: ansible-playbook base.yml
17:22 nomeed yes
17:22 ctwhyexit joined #salt
17:22 nomeed different concepts
17:23 poige yes
17:23 poige convenient and intuitive and inconvenient and counter-intuitive
17:23 poige pretty different
17:24 nomeed It is actually the pretty much the same thing
17:24 poige one liner vs what?
17:24 nomeed In salt you would test your roles and assign to playbooks for you environment
17:24 nomeed *ansible
17:25 nomeed in salt you would write some formula for a role and assign it to minions in the top file
17:25 nomeed the big difference is exactly your point
17:25 poige ok, you've assigned it in top.sls
17:25 nomeed since salt manages it centrally
17:25 poige now what
17:25 poige now it's time to apply it
17:25 nomeed while ansible doesnt
17:26 ctwhyexit Hello
17:26 poige if your top.sls doesn't mention some nodes you can't use '*'
17:26 poige you need tinkering with list of minions to apply state to
17:27 nomeed why is it tinkering, you need to define it somewhere
17:27 nomeed since salt does not require it
17:27 ctwhyexit I'm trying to execute a shell script that is on my Salt Master to 100's of remote Linux machines. How do I do this. Is there something like salt * cmd.run 'hostname'
17:28 pualj joined #salt
17:28 poige nomeed: how do you define?
17:28 poige nomeed: where "somewhere"?
17:28 nomeed exactly
17:28 poige once again: with ansible you apply it in 1 simple line
17:29 nomeed yeah
17:29 poige you assign roles with inventory file
17:29 gswallow joined #salt
17:29 nomeed yes
17:29 nomeed like pillars
17:29 poige but then you can't apply states :))
17:29 poige like in single line in ansible )
17:30 poige cause you can't use salt '*'
17:30 stooj joined #salt
17:30 viq ctwhyexit: cmd.script IIRC, let me check
17:31 nomeed I really am missing your point. You defined your groups in ansible but you dont want to do it in salt and expect it work?
17:31 viq ctwhyexit: https://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.cmdmod.html#salt.modules.cmdmod.script
17:31 poige nomeed: ever used roles in ansible?
17:31 nomeed yes
17:31 poige nomeed: your can have playbook dedicated to roles
17:32 nomeed yes could include them in whichevery playbook you want
17:32 poige nomeed: you can assign roles to nodes using groups in inventory file
17:32 nomeed and spread it across your filesystem
17:32 poige nomeed: you can have some nodes w/o any assigned role
17:32 poige nomeed: only those that have assigned roles would have role playbook run
17:32 ctwhyexit viq: So it would be - salt '*' cmd.script salt://scripts/runme.sh
17:33 viq ctwhyexit: seems to be exactly that, yes
17:33 poige nomeed: and since "base.yml" is a bunch on includes you can run all with ansible-playbook base.yml
17:33 ctwhyexit thanks viq!
17:33 viq ctwhyexit: of course assuming it's under /srv/salt/scripts/runme.sh (if your file_roots is /srv/salt)
17:34 poige nomeed: the thing you can't repeat in Salt
17:34 * viq loooooves gitfs, since that way the script can be *only* in git repo somewhere :D
17:34 ctwhyexit viq: thanks for the tip. My file_roots is in a different location. I will modify accordingly
17:34 nomeed poige: this is good and bad
17:34 poige you need either a hack with test.nop so then you can use salt *
17:35 poige and you get output cluttered from hundreds of nodes that did only nop
17:35 poige it sucks
17:35 gswallow joined #salt
17:36 nomeed poige: but this is the difference of salt and ansible since salt is centrally managed
17:37 nomeed while in ansible you are allowed to spread your playbooks
17:37 poige but you're not required to spread them
17:37 poige you can have central node; most of ppl do it that way
17:37 poige although it's good you can run them from laptop as well if you want
17:38 nomeed yes same as top.sls then
17:38 poige yeah, but w/o test.nop then
17:38 nomeed why would you want this? what is your goal?
17:38 nomeed usually I dont care what output comes from state.apply since I already tested states in a different environment
17:38 poige I want to add "roles" step-by-step and easily apply them
17:39 poige with single command, not w/ a bunch of
17:39 nomeed but the last gist I linked
17:40 nomeed did assign the states to the group
17:40 nomeed which you would run however you want with $ salt "*" state.apply
17:40 nomeed state1 and state2 would only be applied to the nodes
17:40 nomeed defined in the top.sls
17:40 nomeed not all("*")
17:41 viq ctwhyexit: to clarify, salt:// == file_roots, so after that comes wherever you have your script under file_roots
17:41 nomeed usually you have salt formulas(like ansible roles)
17:42 nomeed which you would assign to nodes in the top.sls
17:42 nomeed to whichever attribute which already exists($ salt-call grains.items) or which you defined yourself
17:42 nomeed you could also just use your minion id in the top.sls
17:43 nomeed without having to define anything in pillars
17:43 nomeed or you would assign your "inventory" in the /etc/salt/master file
17:44 nomeed which basically would be the same as defining pillars
17:44 poige nomeed: ?
17:44 poige nomeed: I tried using minion id in top.sls
17:45 nomeed it must be the fqdn
17:45 poige nomeed: same q-n: how do you easily apply state
17:45 poige nomeed: you can't use '*'
17:45 poige nomeed: or you need to use test.nop
17:45 poige same outcome: it sucks
17:46 nomeed you would target your minion
17:46 nomeed salt "<minion id>" state.sls <name of state>
17:47 nomeed obviously the name of the state
17:47 nomeed would be some formula
17:47 nomeed examples like https://github.com/salt-formulas
17:47 nomeed which are basically like roles
17:48 ctwhyexit viq: it worked like a charm. Thank you very much!
17:48 poige nomeed: ok, compare it to: ansible-playbook base.yml )
17:48 nomeed I know what you mean
17:48 nomeed a playbook is basically a top.sls in salt
17:48 poige nomeed: cause all the playbooks included from base.yml already have roles ("targets") specified
17:49 poige and you assign roles with groups in inventory
17:49 poige it's KISS
17:49 nomeed yes
17:49 nomeed since it is strictly defined
17:49 poige you can have dynamic inventory anyways
17:49 poige with ansible
17:49 nomeed in salt everything is customizable which is its biggest strength
17:50 nomeed poige: dynamic is salts biggest strength
17:50 poige but never it's a KISS
17:50 nomeed and the inventory management in salt is much more powerful(since you can adapt it)
17:50 nomeed whats your point?
17:51 poige my point is ansible is the way
17:51 nomeed okay
17:51 nomeed I use both tools
17:51 Praematura joined #salt
17:52 nomeed both have their strengths
17:52 nomeed etc pp
17:52 tiwula joined #salt
18:01 johnj_ joined #salt
18:04 jfelchner joined #salt
18:06 cyteen joined #salt
18:06 DarkKnightCZ joined #salt
18:11 gswallow joined #salt
18:12 poige https://github.com/saltstack/salt/issues/39457
18:24 pualj_ joined #salt
18:42 poige To start using Pillar targeting it is required to make a Pillar data cache on Salt Master for each Minion via following commands: salt '*' saltutil.refresh_pillar or salt '*' saltutil.sync_all. Also Pillar data cache will be populated during the highstate run. Once Pillar data changes, you must refresh the cache by running above commands for this targeting method to work correctly.
18:42 poige ha-ha-ha
18:42 poige "use pillar be happy"? -- fuck it
18:49 GMAzrael joined #salt
18:53 shoogz joined #salt
18:54 gswallow joined #salt
18:55 shoogz joined #salt
18:55 coredumb poige: if you're so unhappy with the way salt works, why don't you just let it go and keep using ansible instead of arguing on IRC ?
18:56 poige coredumb: I was hoping that there were other solutions
18:56 poige coredumb: turned out it's worse than I expected; I can't say I'm 100 % happy with ansible but now I'm 100 % sure why people prefer it over salt
18:56 shoogz joined #salt
18:58 Trauma joined #salt
18:58 shoogz joined #salt
18:59 coredumb poige: if it suits you just keep rolling then
18:59 iggy I prefer salt over ansible fwiw
18:59 aldevar joined #salt
18:59 poige as I said "not 100 %". But things I've got known today about Salt didn't improve my opinion; made it worse in fact
19:00 shoogz joined #salt
19:00 iggy but I almost always tell people to use whatever tool makes the most sense to them (i.e. what's best for the job, and what they are most comfortable working with)
19:01 poige iggy: it makes sense to try something new
19:01 poige iggy: but if it turns out to be worse, sure
19:01 iggy I did read some of the scrollback and you had an incorrect assumption at one point (don't know if it got cleared up) but `salt '*' state.apply` doesn't apply everything to every host... it follows what's assigned in the top file
19:01 shoogz joined #salt
19:02 poige viq: >  Kinda, but it could be "base: 'foo,bar,doom': - mygroup", and then mygroup.sls with contents of "mygroup: group1"
19:02 poige and this stuff doesn't work, BTW, viq
19:02 poige you can't have it CS
19:02 johnj joined #salt
19:02 poige iggy:
19:02 babilen poige: The biggest difference is that salt gives you a message bus that allows you to write code to react to certain events
19:03 poige babilen: nice. I'm to work, not to play with message bus
19:03 coredumb poige: again salt is just a framework and if you're not happy with the way it does stuff by default it's easily extensible
19:03 viq iggy: their problem is that if you do `salt '*' state.apply` it will complain for hosts that don't have anything defined in top.sls
19:03 poige babilen: if I need message bus I'm using rabbit or zeromq directly
19:04 coredumb and the first link I posted you easily solves your "big" issue
19:04 babilen poige: I guess you don't quite understand how you would use that feature, but that's okay
19:04 poige babilen: I'm pretty sure you're guessing (probably wrong)
19:04 poige but that's ok as well
19:04 coredumb nah we all know babilen is right :D
19:05 coredumb but it's ok indeed
19:05 poige yeah
19:05 babilen Sorry, I will go back and enjoy my life rather than enter what appears to be a rather hostile discussion
19:05 poige that's why ansible is getting more and more popular
19:05 poige indeed
19:05 iggy I've never seen state.highstate complain about undeclared hosts... but then I'm pretty sure I have `'*':\n  - common` in every top I've ever written... gotta have a consistent base
19:05 viq iggy: I tested, it does complain
19:05 poige babilen: so poor
19:06 iggy fair enough
19:06 poige sure
19:06 iggy but like babilen I'm out of this discussion now... it's going nowhere
19:06 poige it's typical fanatics approach; it's not a bug; it's a feature :)
19:06 viq iggy: https://pbot.rmdir.de/xQzEQRjS7XCO-jvgA7gWVg
19:07 Vye joined #salt
19:07 poige Instead of listening to newcomers who sees illogical things there and there some of you who already got used to them are protecting them
19:08 poige just due to habit you've developed
19:08 babilen Ad hominem?
19:08 poige I thought you left for good and enjoying life already
19:09 babilen If you want this to go somewhere then summarise your points and sent an email to the mailing list. I'm sure all of us appreciate input on how to improve salt. Discussing such things on IRC is, in my experience, rather pointless and typically doesn't change anything
19:10 babilen In fact it often devolves into exactly the kind of discussion we see here
19:10 babilen IRC is best for clearly defined issues where all involved parties tries to find a solution
19:11 babilen You don't even see the advantage of having access to the message bus and applications such as reactors, beacons, orchestration, .. and so on
19:11 babilen In fact I am not even sure what you are trying to achieve at the moment
19:11 poige k
19:12 Praematura joined #salt
19:13 babilen As with every advanced piece of software there are definitely problems with salt and I'm sure everyone would be a happy hippo if those would be addressed .. Unfortunately SaltStack is rather poor in working with their bug tracker (IMHO), which means that reporting bugs is not necessarily the best way forward for larger discussions on strategy
19:14 aldevar joined #salt
19:15 babilen Watch some of the videos Lyft posted on how they utilise Salt or what EMC are doing to see some production systems
19:21 poige viq: >  Kinda, but it could be "base: 'foo,bar,doom': - mygroup", and then mygroup.sls with contents of "mygroup: group1"
19:22 poige viq: letting you know, this piece fails, you can't have it ,-separated
19:23 pualj joined #salt
19:26 babilen https://docs.saltstack.com/en/latest/topics/targeting/compound.html might be of value
19:26 poige I had been using compounds before indeed
19:27 gswallow joined #salt
19:30 KingJ joined #salt
19:30 apofis joined #salt
19:43 apofis joined #salt
19:49 GMAzrael joined #salt
19:51 onlyanegg joined #salt
19:52 pualj_ joined #salt
19:55 aldevar joined #salt
19:56 mavhq joined #salt
19:57 Guest73 joined #salt
20:03 johnj joined #salt
20:24 pualj joined #salt
20:26 samodid joined #salt
20:30 jhauser joined #salt
20:31 CampusD joined #salt
20:33 Guest73 joined #salt
20:48 GMAzrael joined #salt
21:04 johnj joined #salt
21:16 pualj joined #salt
21:18 onlyanegg joined #salt
21:24 gswallow joined #salt
21:24 gswallow joined #salt
21:33 laertus can someone help me understand why in this pillar walkthrough:  https://docs.saltstack.com/en/latest/topics/tutorials/pillar.html#more-complex-data
21:34 laertus in one jinja2 template they use:   pillar.get('users', {}).items()
21:34 MTecknology laertus: What's your question?
21:34 laertus and in another template they use:   salt['pillar.get']('pkgs:apache', 'httpd')
21:35 laertus why is the "salt" prefix necessary in the 2nd template?
21:35 MTecknology (tip: keeping questions/thoughts contained to a line lets people know when you're done and prevents time waste)
21:35 laertus why don't they just do another "pillar.get" ?
21:36 MTecknology lemme know when you're question is done and I'll respond
21:38 laertus no, please, don't waste your time helping me
21:38 Edgan laertus: They are just two different syntaxes to do the same thing. Though sometimes the difference in syntaxes is a lookup vs a declaration.
21:38 MTecknology "pillar" is a dictionary object. pillar.get() is using python's .get(). Using salt['pillar.get'] is calling the get function of salt's pillar execution module.
21:39 laertus thank you
21:40 MTecknology laertus: rule of thumb, before you hit enter, wait two seconds to see if there's more you're already planning to type. Is that required to understand the question being asked? If so... don't press enter.
21:41 Edgan laertus: I don't recommend using pillar.gets all over the place. I prefer to have defaults defined as part of the formula, and then merge in pillars in a layered way.
21:41 Edgan laertus: https://storage.cygnusx-1.org/formula.txt
21:42 Manor joined #salt
21:42 Edgan MTecknology: Or use a tech that lets you edit your message after you send it. Hence why plenty of people, especially younger ones, are moving channels like this to services like Slack.
21:42 Trauma joined #salt
21:43 MTecknology Edgan: I'd consider that equally bad practice. Either way, you're not thinking through what you're asking.
21:43 Edgan MTecknology: Sometimes even if you have thought it through, you will still come up with a better way to phrase it. Thing of it like a rough draft of a paper.
21:44 MTecknology Edgan: then don't press enter and rephrase
21:45 Edgan MTecknology: But you won't always think of it till after you hit enter.
21:45 MTecknology then it's called clarification
21:45 Edgan MTecknology: Also not everything is a Phd thesis. IRC is more like a in person conversation, and doesn't need to be so formal.
21:46 MTecknology If you prefer to talk to people in incomplete thoughts, then fine.. whatever you prefer
21:46 viq And jump away
21:46 viq to grab a cup of tea
21:46 viq before you
21:46 viq go to the door
21:46 viq and come back
21:46 viq to finish your sentence
21:47 MTecknology ^ +1
21:47 laertus it's so pleasant to have one's style of conversation criticized
21:47 laertus this is why i come to #salt
21:47 MTecknology It's an IRC thing, not a #salt thing.
21:48 Edgan laertus: Ignore him. There are plenty of good people here. I would say that includes MTecknology, but we all have our quirks.
21:48 heyimawesome joined #salt
21:48 viq Like liking to one sentence not span multiple lines ;)
21:48 Edgan I agree it is a thing you will see across IRC channels. But some of it has to do with the limitations of the tech.
21:48 laertus you know, if i put everything i just asked on one line, i'm sure there'd be someone to criticize it
21:49 Edgan Slack lets you change messages, and hide multiple lines in a message. Kind of like a built-in pastebin.
21:50 MTecknology laertus: Edgan and I were arguing because we disagree. I was done caring after xx:40.
21:54 laertus Edgan: could you tell me more about the layered approach you used in the example you linked to?
21:55 laertus i'm reading through it, but there's so much there... at first glance it's hard to tell where the layering comes in
21:56 Edgan laertus: Other formulas will break the defaults at the top into a separate defaults.yml file, and load it into the map.jinja.
21:56 MTecknology He's talking about having multiple sets of defaults merged in a predictable way so you can always know the pillar value exists
21:56 Edgan laertus: The advantage of making them one file is that you can then use jinja inside the defaults to repeat yourself less, and do other things like if statements.
21:57 Edgan laertus: Then you can see in the application map.jinja the section for region_env_cluster
21:58 Edgan laertus: It uses grain matching to find the overrides for that combination of region, environment, and cluster inside the pillars.
21:59 Edgan laertus: This could be something like a password that is unique per region, environment, and cluster.
21:59 Edgan laertus: You can make up your own merging based on a any grain or combination of grains.
22:00 Edgan laertus: you can also layer them. So you can have a region password, that overrides the default, but then have a special password just for a certain fqdn
22:00 laertus could you give a single example of just one such merge?
22:01 Edgan laertus: pillar data?
22:01 laertus sure
22:03 Edgan laertus: https://paste.fedoraproject.org/paste/EoaaJusTv6kLCD16X23HBg
22:04 Edgan laertus: this is an example of region_env_cluster
22:04 Edgan laertus: in a rabbitmq map.jinja with region_env_cluster, this would override auth: True to False
22:05 swa_work joined #salt
22:05 johnj joined #salt
22:05 cyborg-one joined #salt
22:07 Edgan laertus: us-west-2 is the region, inf(infrastructure) is the env, and jenkins is the cluster
22:07 Edgan laertus: The grains are sliced pieces of a host naming scheme, as mentioned at the top of formula.txt
22:07 Edgan laertus: jenkins-jenkins-master-01.inf.us-west-2.aws.acme.com
22:10 laertus i think i'm half getting it
22:11 laertus i understand that in formula.txt there are grains that extract relevant information about your machines, such as which region, cluster, and environment they're part of
22:12 Edgan laertus: Then in your salt state/formula you can say {{ rabbitmq.auth }} instead of pillar['rabbitmq'][grain['region][grain['env']][grain['cluster']]
22:13 laertus why is it {{ rabbitmq.auth }} and not {{ rabbitmp.us-west-2.inf.jenkins.auth }}?
22:14 Edgan laertus: because in the map.jinja you merge rabbitmq.us-west-2.inf.jenkins.auth into rabbitmq.auth as an override
22:14 laertus oh
22:14 Edgan {% set region_env_cluster = salt['pillar.get'](defaults.state.name ~ ':' ~ grain.region ~ ':' ~ grain.env ~ ':' ~ grain.cluster, default=toplevel, merge=True) %}
22:14 Edgan merge=True
22:15 zulutango joined #salt
22:15 laertus where is defaults.state.name coming from?
22:15 Edgan it is set higher in the same file
22:16 Edgan state:
22:16 Edgan name: {{ name }}
22:16 Edgan Which is then set by name, which is
22:16 Edgan {% set name = 'application' %}
22:16 mavhq joined #salt
22:16 Edgan laertus: The reason I say defaults.state.name instead of application is then I can use one formula as the template for another. I just need to change
22:17 Edgan {% set name = 'application' %} to {% set name = 'foo' %}
22:17 laertus Edgan: i really appreciate you taking the time to explain this to me, but i think this is way too sophisticated for me to understand
22:17 laertus i'm just starting out with salt, and can't wrap my mind around something with so many parts and layers of indirection
22:18 Edgan laertus: I think you are under estimating yourself. It is just a learning curve.
22:18 Edgan laertus: You already seem to be getting the basics
22:18 laertus yeah.. i think i could probably get it if i spent an hour with you face-to-face and you explaining every part of that file for me
22:18 laertus it's hard to do this over irc, though
22:19 Edgan laertus: I can answer any questions, and you don't have to do it all exactly as I do. You can take the individual lessons and apply them.
22:19 laertus i think i might need another week or two with salt first.. and then i might come back to this and try to puzzle it out
22:19 Edgan laertus: It also helps if you try actually using the ideas, and run into issues. Then you can get answers.
22:20 laertus yeah, i think i need more practice
22:20 Edgan laertus: Do you have any salt books?
22:21 laertus no.. i've just been reading the official documentation and a whole lot of articles online
22:21 laertus i think i'm getting the basics, and just need to practice those
22:21 Edgan laertus: The documentation is good, but only gives the most basic examples.
22:21 Trauma joined #salt
22:21 viq laertus: my advice would be to start simple, and start thinking about adding complexity and abstractions once you need them
22:22 Edgan viq: I agree starting simple is good, but that are many different ways to do things. Some are more complex, but clearly better.
22:23 laertus yeah, i can see that.. there are so many ways to do things in salt
22:23 laertus and sometimes i run in to a bit of analysis paralysis
22:23 Edgan laertus: Here is how I see it
22:24 Edgan laertus: The first layer is just yaml, where you statically define what you want. A user, pkg, file, or service.
22:24 Edgan laertus: Then the second layer is jinja, where you can turn the static into dynamic at whatever complexity level if you want and can think of.
22:25 Edgan laertus: Then if you want to get really fancy, there are alternatives to jinja.
22:26 * laertus nods
22:28 laertus that makes sense
22:29 Edgan I think if you can learn move advanced ways you can learn salt faster, and shorten the learning curve.
22:30 Edgan The learning curve is part of the reason so few people want to invest time into Salt.
22:31 MTecknology The learning curve for salt is nothing like what was just described.
22:31 Edgan MTecknology: do tell
22:32 MTecknology nah, I'm not gonna argue with you again
22:32 Edgan ok, then why even comment?
22:32 MTecknology because it's worth commenting on
22:33 MTecknology salt is pretty simple unless you're intentionally looking for ways to over-complicate it
22:34 heyimawesome joined #salt
22:35 Edgan MTecknology: I agree it can be very simple, but you will end up with lots of duplicate code or long variable names at scale without complexity.
22:41 GMAzrael joined #salt
22:52 sp0097 joined #salt
22:58 heyimawesome joined #salt
23:02 shoogz joined #salt
23:03 shoogz joined #salt
23:04 shoogz joined #salt
23:06 shoogz joined #salt
23:06 johnj joined #salt
23:08 shoogz joined #salt
23:09 shoogz joined #salt
23:10 dhwt joined #salt
23:10 heyimawesome joined #salt
23:17 gswallow joined #salt
23:34 haam3r_ joined #salt
23:37 sp0097 joined #salt
23:44 GMAzrael joined #salt
23:54 viq But you need to reach a certain scale before it's worth inflicting such complexity upon yourself
23:57 Manor joined #salt

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary