Perl 6 - the future is here, just unevenly distributed

IRC log for #salt, 2017-11-21

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:04 Oida joined #salt
00:05 deuscapturus joined #salt
00:24 johnj_ joined #salt
00:27 wryfi joined #salt
00:31 threwahway__ joined #salt
01:00 kellyp joined #salt
01:05 deuscapturus joined #salt
01:25 johnj_ joined #salt
01:33 saltslackbridge joined #salt
01:34 kellyp joined #salt
02:01 onlyanegg joined #salt
02:05 mavhq joined #salt
02:09 colegatron joined #salt
02:16 major joined #salt
02:22 tiwula joined #salt
02:27 johnj_ joined #salt
02:29 Lenz joined #salt
02:40 XenophonF so wait win_certutil only manages certificates?
02:40 XenophonF OMG
02:40 evle joined #salt
02:41 XenophonF oh win_pki is what I want
02:42 nomeed joined #salt
02:56 ilbot3 joined #salt
02:56 Topic for #salt is now Welcome to #salt! <+> Latest Versions: 2016.11.8, 2017.7.2 <+> Support: https://www.saltstack.com/support/ <+> Logs: http://irclog.perlgeek.de/salt/ <+> Paste: https://gist.github.com/ <+> See also: #salt-devel, #salt-offtopic, and https://saltstackcommunity.herokuapp.com (for slack) <+> We are volunteers and may not have immediate answers
02:58 RandyT XenophonF: thank, I've hacked something, but was more interested to know if the state_id calling mod.random sets some unknown var that I could use after running that state id, or how to assign it to some variable used later in the flow...
03:00 RandyT or asked another way, does mod.random_str return store that value where I can use it?
03:00 RandyT https://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.mod_random.html#salt.modules.mod_random.str_encode
03:04 XenophonF sorry but i'm not really following you, too tired
03:28 johnj_ joined #salt
03:38 onlyanegg joined #salt
03:55 deuscapturus joined #salt
03:56 cliluw joined #salt
04:17 DoomPatrol joined #salt
04:29 johnj_ joined #salt
04:29 SkyRocknRoll joined #salt
04:32 wongster80 joined #salt
04:32 mcqueenorama joined #salt
04:39 LocaMocha joined #salt
04:44 mcqueenorama joined #salt
04:53 mcqueeno1ama joined #salt
04:55 alker joined #salt
05:02 colegatron joined #salt
05:14 wongster80 joined #salt
05:15 onlyanegg joined #salt
05:17 Arendtse1 joined #salt
05:30 johnj_ joined #salt
05:34 kellyp joined #salt
05:36 mcqueeno1ama joined #salt
05:57 mcqueenorama joined #salt
05:58 alker joined #salt
06:17 Oida joined #salt
06:22 saltslackbridge1 joined #salt
06:22 chowmein__ joined #salt
06:23 _xor joined #salt
06:26 Whissi joined #salt
06:26 nledez joined #salt
06:28 mr_kyd joined #salt
06:31 johnj_ joined #salt
06:38 mcqueenorama joined #salt
06:41 alker joined #salt
06:48 pualj joined #salt
06:54 justanotheruser joined #salt
06:59 webchat35 joined #salt
07:03 webchat35 is there an example of using yaml+jinja and pyobjects? I would like to parse some json output in a one-off in a state (then actually POST the data elsewhere)
07:03 pualj joined #salt
07:04 webchat35 Right now i Have a cmd.run state that shells out to curl, then parses that output with python, and then prints valid json and pipes that output to curl to POST elsewhere
07:05 alker joined #salt
07:05 N-Mi joined #salt
07:05 N-Mi joined #salt
07:05 webchat35 I know it's dirty, and save writing a module for this (unless there's json parsing modules somewhere?), I thought maybe using yaml+jinja and then for this one particular ID pyobjects
07:09 MTecknology that sounds like you might want to be writing a module instead, and maybe using it from a state
07:11 webchat35 @MTecknology it does, it does, though maybe you can humour me in the mean time?
07:16 DarkKnightCZ joined #salt
07:16 Ricardo1000 joined #salt
07:25 do3meli joined #salt
07:28 uptime joined #salt
07:31 pualj joined #salt
07:32 colttt joined #salt
07:32 johnj_ joined #salt
07:41 do3meli left #salt
07:48 felskrone joined #salt
08:01 major joined #salt
08:03 zulutango joined #salt
08:05 Tucky joined #salt
08:06 Lenz joined #salt
08:07 Lenz joined #salt
08:10 yuhl joined #salt
08:11 yuhl left #salt
08:12 yuhl joined #salt
08:15 alker joined #salt
08:16 yuhl joined #salt
08:17 kit_ joined #salt
08:18 Hybrid joined #salt
08:26 Rumbles joined #salt
08:28 jrenner joined #salt
08:33 johnj joined #salt
08:34 hoonetorg joined #salt
08:35 yuhl joined #salt
08:35 toanju joined #salt
09:03 mikecmpbll joined #salt
09:09 astronouth7303 joined #salt
09:11 mschiff joined #salt
09:11 mschiff joined #salt
09:14 pbandark joined #salt
09:14 Akkarin joined #salt
09:14 Yoda-BZH joined #salt
09:15 Yoda-BZH joined #salt
09:16 alker joined #salt
09:16 wongster80 joined #salt
09:28 Mattch joined #salt
09:34 johnj joined #salt
09:46 inetpro joined #salt
09:48 aldevar joined #salt
09:48 Naresh joined #salt
09:54 alker1 joined #salt
10:00 alker joined #salt
10:01 mavhq joined #salt
10:09 Rumbles joined #salt
10:16 mcqueenorama joined #salt
10:19 jesusaur joined #salt
10:25 alker joined #salt
10:32 inetpro joined #salt
10:33 Neighbour How useful is the salt mine in a masterless setup?
10:35 johnj joined #salt
10:37 mcqueenorama joined #salt
10:53 DanyC joined #salt
10:53 Arendtse1 left #salt
10:54 Arendtsen joined #salt
10:58 mcqueenorama joined #salt
10:58 inetpro joined #salt
10:59 onovy joined #salt
11:02 CeBe hi, how can I control the output of state.sls inside of salt orch? Currently it only shows a very brief summary, but I'd like to see more about what happended on the state run
11:07 CrummyGummy I haven't played with it much but you can specify a returner like elasticsearch or mysql to store response information.
11:18 mcqueenorama joined #salt
11:20 _h__ joined #salt
11:23 _h__ left #salt
11:24 thefish joined #salt
11:25 thefish hi all - I'm having trouble getting the contents of a file (stored in pillar) used for contents_pillar in a state. Its a raw php config file, id prefer not to have to make a template and substitute stuff out, because they are all different formats. I've used {% raw %} in the pillar, but the state dies when it expands it out - anyone doing similar with any success?
11:26 thefish ive tried adding raw to the state as well, but then the substitution for the pillar doesnt work. It seems the only way to make it work is to copy out the pillar data into the state itself
11:28 XenophonF that's not right
11:29 XenophonF contents_pillar should dump whatever is in the pillar variable directly into the file verbatim
11:29 XenophonF what does pillar.get show you on the minion?
11:31 thefish XenophonF: it shows the file contents (pillar.get apache:vhosts:foo:configfile:contents - shows "raw" php)
11:32 thefish but then when applying the state, it whines about format. let me get the exact error
11:33 thefish "Rendering SLS 'base:apache.vhosts' failed: could not found expected ':'; line 35" - seems like the ";" php line terminators
11:34 thefish so in the error, i see the text of the file i want made, its def finding the pillar and expanding, but it looks like the state is not rendered because the contents are expected to be jinja
11:36 johnj joined #salt
11:39 mcqueenorama joined #salt
11:45 XenophonF wait a sec
11:46 XenophonF are you using the contents_pillar kwarg to a file.managed state
11:46 XenophonF or are you doing something different?
11:46 XenophonF it should look like `contents_pillar: apache:vhosts:foo:configfile:contents`
11:46 XenophonF it might also look like `contents: {{ salt.pillar.get('apache:vhosts:foo:configfile:contents')|yaml_encode }}`
11:46 XenophonF note the use of |yaml_encode
11:51 thefish XenophonF: its almost like your second example - its in a loop to prep for multiple files like this (they cant go in version control or grains)
11:52 thefish - contents_pillar: {{ vhosts[vhost]['configfiles'][file]['filecontents'] }}
11:52 thefish ...for vhost, for file... ^
11:54 thefish it looks like the problem is a ":" in the pillar - one of the keys is "https://foo.."
11:55 Neighbour would |yaml_encode fix that?
11:55 mcqueenorama joined #salt
11:55 thefish XenophonF: i think you have a point there
11:55 thefish im not pointing to the pillar ref, im fetching the contents
11:58 thefish XenophonF: nope - same thing
11:58 Ricardo1000 joined #salt
11:58 thefish Neighbour: yaml_encode didnt work - it expects a really strangely-named pillar to exist :)
11:59 thefish wondering if i just need to b64encode the whole thing, then decode after writing, what a pita though
12:06 indistylo joined #salt
12:12 foolsca__ joined #salt
12:15 GrisKo joined #salt
12:16 thefish XenophonF: Neighbour: found a way around, its with b64 but not as ugly as diy:
12:17 thefish pillar: {{ salt.hashutil.base64_encodestring(" ... the whole php nastiness...") | indent(12 }} # that indent is important, and changes depending on where in the pillar you are
12:18 thefish then in the state: file.decode with - encoded_data: | \n foo
12:18 thefish again in the state the indent filter is needed to match the current indentation
12:19 thefish thanks for listening :)
12:20 Neighbour np :)
12:20 megamaced joined #salt
12:26 haarp joined #salt
12:28 haarp hello. i need to use strings containing tabs in a loop, e.g.: {% for line in [ 'foo\tbar', 'bar\tfoo'] %}   - it's not working: "failed: Illegal tab character;". its a literal string, why does it care about tabs?
12:29 CeBe haarp: are you sure its failing at the place of the for loop and not later where you use "lin"
12:29 CeBe *line
12:33 haarp oooh
12:33 haarp that makes a lot of sense
12:33 haarp thank you CeBe, this helped
12:37 johnj joined #salt
12:42 SkyRocknRoll joined #salt
12:47 Ricardo1000 joined #salt
12:47 XenophonF wait what?
12:47 XenophonF no
12:47 XenophonF you're doing it wrong
12:47 XenophonF that's not how contents_pillar works
12:47 XenophonF thefish: contents_pillar is a Pillar key ID
12:48 thefish XenophonF: yes i saw that when you helped at first - i was getting the contents, not the id
12:48 XenophonF file.manage (underneath the hood) does the pillar.get() call for you, using that key ID
12:48 XenophonF that's what I'm saying
12:48 XenophonF contents_pillar puts the contents of the named Pillar key into the file
12:48 XenophonF you don't need to base64 encode anything
12:49 thefish i thought i'd tried that, let me retry with just the id
12:49 XenophonF in fact
12:49 XenophonF you can be somewhat clever about it
12:49 sh123124213 joined #salt
12:49 XenophonF I would create /srv/pillar/myfile.php, and put my PHP code in there verbatim
12:50 XenophonF and then I would create /srv/pillar/myfile.sls
12:50 thefish XenophonF: and then encode_file?
12:50 XenophonF and in that use {% import_text "myfile.php" as myfile %}
12:50 thefish ^ you mean in the pillar?
12:50 XenophonF and then in the same file set myfile: {{ myfile|yaml_encode }}
12:50 XenophonF yes in the pillar
12:50 sh123124213 Can I save minion keys on the master to a database and accept keys based on values of the database ?
12:50 XenophonF and then over in /srv/salt/myfile.sls (the State)
12:51 evle1 joined #salt
12:51 XenophonF do myfile: {file.managed: [{contents_pillar: myfile}, ...}
12:51 XenophonF and everything gets serialzed/deserialized properly
12:51 XenophonF and you don't have to indent stuff
12:51 XenophonF KISS
12:51 thefish i like that - giving it a bash now, thanks
12:52 XenophonF I use the same trick to handle GPG-encrypted Pillar values.
12:52 XenophonF wrote it up for the mailing list and reddit, let me find the post
12:52 XenophonF https://www.reddit.com/r/saltstack/comments/6py6a0/emacs_epafile_import_text_gpg_renderer/
12:53 Ricardo1000 joined #salt
12:53 XenophonF I should update my pillar example repo to include this stuff
13:00 major joined #salt
13:04 thefish XenophonF: breaking during parse again - can you check my homework? in pillar, import_test and set contents: {{ myfile | yaml_encode }} - pillar.get from minion and can see the contents
13:05 thefish then in state: file.managed: [{contents_pillar: apache:vhosts:bla:bla }]
13:05 XenophonF can you post the actual stuff to gist.github.com or something?
13:06 XenophonF or I can post something of mine if you want to see a known-good example
13:06 thefish seeing known-good would be handy, thanks XenophonF
13:12 Nahual joined #salt
13:15 XenophonF ok hold on a sec
13:28 XenophonF sorry still tidying up my example
13:35 XenophonF OK so for example, here's my login.example.com Pillar SLS and associated files - https://github.com/irtnog/salt-pillar-example/tree/master/login/example/com
13:38 johnj joined #salt
13:39 XenophonF let's say for the sake of argument that I'd want to write the keystore password to a file
13:39 XenophonF it's one of the encrypted blobs, and it lives (post-render) in shibboleth:idp:keystore_password
13:40 XenophonF so this is how I'd write the file.managed state to do that - https://gist.github.com/xenophonf/bc1d9af89e3d47a4faf4a1f54cf6231e
13:42 rojem joined #salt
13:44 thefish thanks XenophonF - it looks a lot like mine
13:49 thefish XenophonF: done again and now its working, not sure where i messed up - thank you!
13:52 Ricardo1000 joined #salt
13:53 numkem joined #salt
13:56 mcqueenorama joined #salt
13:57 major joined #salt
14:00 wnkz joined #salt
14:02 mikecmpb_ joined #salt
14:05 XenophonF aweosme
14:05 tom[] if i want to use the lxc.wait_started execution module from a state sls, can i use salt.function? or will that only work with the orch runner?
14:11 gh34 joined #salt
14:13 XenophonF tom[]: maybe use module.run?
14:14 tom[] ok
14:17 XenophonF b/c it's a minion, you don't have access to runner modules
14:17 XenophonF you only have access to execution modules
14:21 Rumbles joined #salt
14:28 edrocks joined #salt
14:30 tom[] right
14:33 jbkc85 joined #salt
14:34 jbkc85 How exactly could I set up a cmd.wait with a 'retry' for a specific amount of time expecting a valid $? Of '0'?
14:34 jbkc85 Basically I want to ensure that when the state finishes, that it verifies a shell script return code was valid and if not, to error out
14:34 bildz joined #salt
14:38 tom[] you can use a shell loop or in recent versions of salt there's a repeat feature that you can use on any state, but i can't find the docs for it now
14:39 johnj joined #salt
14:40 gtmanfred it is retry
14:40 gtmanfred https://docs.saltstack.com/en/latest/ref/states/requisites.html#retrying-states
14:40 ouemt joined #salt
14:41 saltslackbridge joined #salt
14:41 gtmanfred and don't need to use watch or cmd.wait, just use cmd.run and onchanges
14:41 deuscapturus joined #salt
14:46 saltslackbridge <chris.ruscio> Trying to have a salt minion run a process only if it's not currently running (schedule.present & cmd.run_bg) - can managing the PID be done within the schedule declaration (save the output of run_bg to file and reference it on subsequent runs)? - or would I need a wrapper script around the process to handle the tracking PIDs and deciding if another instance should be launched? - or would it work to use cmd.run (not bg) and maxrunning
14:46 saltslackbridge in the schedule.present state (would that be consuming a limited number of minion workers or be blocking in some other way?)
14:47 saltslackbridge <gtmanfred> you could use an orchestration state that is wrapped in jinja the checks `saltutil.running`
14:48 ooboyle joined #salt
14:48 jbkc85 Basically this is for Cassandra.  I want to run the nodetool status
14:48 jbkc85 And I want it to return 'okay'
14:49 racooper joined #salt
14:50 saltslackbridge <chris.ruscio> @gtmanfred - Using saltutil.running would mean not using run_bg, right? - if I use cmd.run and have a minion worker running a long running process that won't cause any problems for the minion?
14:54 saltslackbridge <gtmanfred> yeah, you wouldn’t be able to use run_bg, and no, it shouldn’t cause any problems for the minion, that is how salt goes out and checks for the timeout of running processes anyway while it is running. the timeout you set for the `salt` command is not how long it takes for the execution module to return, it is how long the minion is allowed to not respond to the `saltutil.running` command
14:57 wnkz joined #salt
15:01 Ricardo1000 joined #salt
15:04 DammitJim joined #salt
15:10 mcqueenorama joined #salt
15:13 Rumbles joined #salt
15:15 wnkz_ joined #salt
15:18 Ricardo1000 joined #salt
15:25 deuscapturus joined #salt
15:26 lompik joined #salt
15:29 deuscapturus joined #salt
15:31 mikecmpbll joined #salt
15:34 wnkz_ left #salt
15:38 jbkc85_ joined #salt
15:38 mcqueeno1ama joined #salt
15:40 johnj joined #salt
15:44 beardedeagle joined #salt
15:47 coredumb anyone using the s3 module over an S3 API enabled swift object store on mitaka ?
15:48 * gtmanfred is currently spinning up a devstack cluster to get back to work on the new openstack driver
15:50 coredumb gtmanfred: Actually I've successfully used the s3 api with other backup tools successfully, and used salt s3 module with minio to try out - success as well
15:51 coredumb but salt s3 module cannot seem to talk with swift S3 enabled API
15:51 coredumb it always return a "InvalidArgument" error
15:52 saltslackbridge <gtmanfred> oh, yeah i am not surprised by that
15:53 saltslackbridge <gtmanfred> why not the swift module? https://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.swift.html
15:54 alker joined #salt
15:54 DarkKnightCZ joined #salt
15:54 jbkc85 joined #salt
15:55 aldevar joined #salt
15:55 jbkc85 gtmanfred: sorry, I got distracted by a request..  the retry state for cmd.run, would the 'until' be something specific for a return code?
15:55 jbkc85 Like, 'until: 0'?
15:56 jbkc85 For running a cmd.run until it returns a valid RC that is
15:56 gtmanfred so, retry would just run it over and over until it passes
15:56 gtmanfred whatever:
15:56 gtmanfred cmd.run:
15:56 gtmanfred - name: command
15:56 gtmanfred - retry:
15:57 gtmanfred until: True
15:57 gtmanfred and that will run until the state returns True.
15:57 yuhl left #salt
15:57 gtmanfred the actual state return object
15:57 jbkc85 So True is equivalent to $?=0?
15:57 jbkc85 Thats what im wondering
15:57 gtmanfred yes
15:57 jbkc85 Awesome, thanks again :-)
15:57 gtmanfred that is when cmd.run returns a True
15:58 gtmanfred jbkc85: https://github.com/saltstack/salt/blob/2017.7/salt/states/cmd.py#L869
15:58 gtmanfred that is where it gets set
15:58 jbkc85 Oh, well that is easy enough to see lol
15:59 jbkc85 Thanks again, giving it a test now!
16:00 coredumb gtmanfred: well as the nova module doesn't work with mitaka and that it says that swift module is based on it ...
16:00 coredumb didn't even try
16:00 gtmanfred the novaclient is very different than swift, novaclient changes a lot, the only reason keystonev2 hasn't died yet is because of swift
16:01 gtmanfred but also, wouldn't be surprised if it wasn't working either
16:01 coredumb gtmanfred: let me try ...
16:03 nixjdm joined #salt
16:03 impi joined #salt
16:04 mikecmpbll joined #salt
16:06 user-and-abuser joined #salt
16:06 BarBQ joined #salt
16:07 coredumb gtmanfred: yeah doesn't log in
16:07 coredumb :(
16:10 saltslackbridge <gtmanfred> nooo
16:13 DarkKnightCZ joined #salt
16:13 coredumb gtmanfred: actually I can't make the swift client work in v3 either >_<
16:13 _JZ_ joined #salt
16:15 coredumb gtmanfred: nope actually swift client works in v3 with the correct amount of domain parameters :O
16:16 saltslackbridge <gtmanfred> ahh boo, well once we have the keystone stuff fixed, we should be easy to fix the rest of them
16:17 coredumb let me dig a bit in the module to see if it's an easy fix
16:17 dfinn joined #salt
16:18 Heartsbane joined #salt
16:19 tiwula joined #salt
16:21 MyGitIsDown joined #salt
16:27 keltim joined #salt
16:28 keltim I'm having a jinja problem all of a sudden with an sls https://bitbucket.org/snippets/iseatz/XeXGeK
16:28 keltim I can't figure out why that won't render
16:29 keltim has "value" changed to "ptr_value" ?
16:31 gtmanfred without seeing what is in global/settings.sls we have no way of knowing
16:32 keltim hold on I'll add it
16:32 * XenophonF scoffs at gtmanfred's pitifully weak psychic abilities.
16:36 alker joined #salt
16:36 keltim gtmanfred, i added it
16:36 MyGitIsDown I have my salt server connected to my lfs enabled git repo and I'm trying to have salt copy a binary file from the "salt://gitpath.exe" to a Windows machine but only the text file that points to the binary file makes it.  Is there anything special you had to do to get it to mirror the lfs content?
16:37 gtmanfred keltim:that all looks reasonable i would start checking the other things, and see why ec2_instance isn't being set, or 'root-image' is not in the 'roles'
16:39 gtmanfred keltim: also, is there a reason you haven't converted the call to /usr/local/sbin/my-ptr to just be a custom grain value? {% set ptr_value = salt['cmd.shell']('/usr/local/sbin/my-ptr') %}
16:40 gtmanfred keltim: https://docs.saltstack.com/en/latest/topics/grains/#writing-grains
16:40 keltim oh duh I completely forgot I added root-image to the roles for something else
16:40 keltim works fine!
16:41 keltim gtmanfred, I'm too shitty at python, working on it
16:41 gtmanfred i mean, just put that shell command in the grains
16:41 johnj joined #salt
16:41 gtmanfred import salt.modules.cmdmod as cmd
16:41 gtmanfred def ptr():
16:42 DarkKnightCZ joined #salt
16:42 gtmanfred return {'ptr-value': cmd.run('/usr/local/sbin/my-ptr')}
16:42 alker joined #salt
16:42 gtmanfred drop that in salt://_grains/ptr.py
16:42 gtmanfred or rewrite the my-ptr script to use python :P
16:43 gtmanfred then the command only needs to be run once, and it stores the value, instead of every time the state is loaded
16:43 gtmanfred grains.ptrvalue
16:46 socket- joined #salt
16:46 keltim thanks!
16:49 Rumbles joined #salt
16:50 alker1 joined #salt
16:50 vexati0n ok stupid question ... is there any way to have a jinja template iterate over the results of a salt function that returns a list?
16:51 gtmanfred {% for value in salt.module.function() %}
16:51 coredumb gtmanfred: for some reason the module sanitizes the password from kwargs ...
16:51 vexati0n so... {% for user in salt.user.list_users() %}
16:51 gtmanfred yes
16:51 vexati0n awesome, thx
16:55 aldevar joined #salt
16:57 kellyp joined #salt
17:01 MyGitIsDown I tried changing my gitfs_provider from pygit2 to Gitpython to no avail, and did not see any reference to lfs in either of the libraries documentation
17:03 wongster80 joined #salt
17:08 NeoXiD joined #salt
17:11 rewbycraft joined #salt
17:11 deuscapturus left #salt
17:12 csmule joined #salt
17:20 mcqueenorama joined #salt
17:21 * MyGitIsDown flashes $5USD venmo to anyone willing to help
17:25 indistylo joined #salt
17:25 uptime joined #salt
17:26 alker joined #salt
17:28 edrocks joined #salt
17:30 khaije1 if I want to execute a local state run via runner, would that be salt-run salt.execution <tgt> state.single blah blah  ... or is there a better way?
17:30 * khaije1 is unsure
17:31 edrocks joined #salt
17:32 deuscapturus joined #salt
17:38 edrocks joined #salt
17:40 SkyRocknRoll joined #salt
17:40 tom[] the state on line 31 of this https://gist.github.com/tom--/25574c04a4105d3e0a890e3ba85fb913 fails with "The following identity file(s) were not found: /root/.ssh/id_rsa_deploy". the state on line 5 runs later despite that it is required. how so?
17:42 johnj joined #salt
17:43 alker1 joined #salt
17:46 saltslackbridge <gtmanfred> khaije1 salt-run salt.cmd state.single
17:46 saltslackbridge <gtmanfred> then you don’t need to target
17:47 cyborg-one joined #salt
17:48 cyborg-one left #salt
17:54 khaije1 oh d'oh, right thanks gtmanfred!
17:58 onlyanegg joined #salt
18:00 alker joined #salt
18:05 ooboyle I have a minion that returns a Windows Socket Error 10061 (host is refusing connection) when a custom grain pulling a json file from s3 is executed from the master. But if I run salt-call locally, it works.
18:06 ooboyle Even running salt 'minion' cmd.run 'salt-call saltutil.sync_grains' from the master gets the socket error
18:06 ooboyle from the minion, no error...
18:06 ooboyle it's as if something is blocking comms to the master
18:06 ooboyle this works fine on 800 other minions....
18:07 ooboyle any reason is would work locally and not from the master?
18:10 ooboyle deleted cache and grains file
18:10 ooboyle disabled firewall and proxy. packet sniffer shows traffic back and forth between master and minion
18:13 pualj joined #salt
18:14 edrocks joined #salt
18:20 jbkc85_ joined #salt
18:24 misconfig joined #salt
18:25 cliluw joined #salt
18:28 misconfig Does anyone know if you can apply custom grains to specific hosts?
18:28 saltslackbridge <gtmanfred> put them in /etc/salt/grains
18:29 saltslackbridge <gtmanfred> otherwise, you can whitelist/blacklist grains modules in 2017.7 https://docs.saltstack.com/en/latest/topics/releases/2017.7.0.html#blacklist-or-whitelist-extmod-sync
18:29 saltslackbridge <gtmanfred> just whitelist which grains modules should be synced to the minion in /etc/salt/minion
18:31 cliluw joined #salt
18:31 mikecmpbll joined #salt
18:32 vodik joined #salt
18:33 DammitJim joined #salt
18:42 Trauma_ joined #salt
18:43 johnj_ joined #salt
18:44 alker joined #salt
18:50 alker joined #salt
18:51 tom[] if state b requires state a and if state c requires b, can i rely on salt running a before c?
18:52 misconfig @tom[], yes if you build the requisites properly
18:53 fleaz joined #salt
18:54 tom[] ok. and if b additionally requires states x and y, should this affect that a runs before c?
18:54 saltslackbridge <gtmanfred> yes
18:55 mcqueenorama joined #salt
18:55 tom[] hm!
19:02 tom[] in this abc.sls, can i rely that a, x and y must all apply before c? https://gist.github.com/tom--/25574c04a4105d3e0a890e3ba85fb913
19:04 colabeer joined #salt
19:04 dlam joined #salt
19:08 dlam is it possible to do negation in an onlyif: ?  i have this and salt seems to be discarding the !:  - onlyif: ! test -d /foo/bar/baz
19:08 dlam
19:08 saltslackbridge <gtmanfred> unless
19:09 saltslackbridge <gtmanfred> that is the opposite of onlyif
19:09 dlam (e.g. run this state only if the directory doesnt exist)
19:09 dlam ohhh ok ill try unless
19:10 hoonetorg joined #salt
19:13 SkyRocknRoll joined #salt
19:17 whytewolf tom[]: yes. since a,x,y will all run before b and b will run before c. the logic of "That is just how time works" says that a,x and y will run before c.
19:21 MyGitIsDown joined #salt
19:24 tom[] ok, thanks
19:24 BlackSponge joined #salt
19:26 tom[] now, in the second .sls in that gist, it seems the same should apply and state "v2 application" should run only after state "bitbucket deploy key". but it does not. "v2 application" errors as shown in the gist comment and the state.apply log shows "bitbucket deploy key" running after "v2 application"
19:26 tom[] https://gist.github.com/tom--/25574c04a4105d3e0a890e3ba85fb913
19:31 mavhq joined #salt
19:32 edrocks joined #salt
19:35 SkyRocknRoll joined #salt
19:38 felskrone joined #salt
19:40 colabeer joined #salt
19:41 GrisKo joined #salt
19:44 johnj_ joined #salt
19:44 pualj_ joined #salt
19:45 dlam what do i put to remove this message?  (i run masterless, and i recently upgraded salt-minion from a 2015 version to 2017.7.2):  "Error while bringing up minion for multi-master. Is master at salt responding?"
19:45 dlam i got 'file_client: local' in my /etc/salt/minion   but thats an old thing
19:48 alker1 joined #salt
19:50 saltslackbridge <mdpolaris> Is there anyway to take the output of a state id and use it in another state id? I am performing an operation that will produce a UUID and I need to use that in the next step.
19:51 saltslackbridge <mdpolaris> specifically i am mounting a block device on /tmp for centos which requires multiple systemd modifications, including adding the UUID to the unit file
19:53 alker joined #salt
19:54 ymasson joined #salt
19:59 MTecknology You could probably drop that info into sdb
19:59 Lenz joined #salt
20:01 mavhq joined #salt
20:03 jbkc85 joined #salt
20:03 jbkc85 Is anyone here familiar with using the consul module?  I am running into a 'node argument is missing' when trying to invoke it through a macro
20:03 jbkc85 https://gist.github.com/jbkc85/8d01621d746facef1bbe2e5a8fc60dd6
20:04 jbkc85 I know for a fact my host is being added, just for some reason its declaring my node argument as missing
20:05 deuscapturus joined #salt
20:06 cro joined #salt
20:09 indistylo joined #salt
20:12 usernkey joined #salt
20:18 saltslackbridge <gtmanfred> dlam: `master_type: disable`
20:19 saltslackbridge <gtmanfred> because in 2017.7 you can run a minion that uses file_client: local, but also connects to a master
20:19 saltslackbridge <gtmanfred> but the above disables it
20:23 saltslackbridge <chris.ruscio> How do you tell if an async job is complete? `salt-run jobs.list_jobs` and `salt-run jobs.lookup_jid <###>` don't seem to indicate completion status.
20:23 saltslackbridge <gtmanfred> salt-run jobs.active will show you if it is still running, and then if the return data for the minions is in lookup_jid, then it is finished
20:24 saltslackbridge <chris.ruscio> doesn't `jobs.active` poll each minion too, not just look at the master job cache?
20:25 saltslackbridge <gtmanfred> yes, it will show you which jobs are still running
20:26 saltslackbridge <gtmanfred> if you see a minions return in the jobs.lookup_jid though, it is finished
20:26 mechleg1 joined #salt
20:28 mechleg1 left #salt
20:29 saltslackbridge <chris.ruscio> Okay - I was looking for a way to figure it out locally - just ran a job on 300ish windows minions to reconfigure/restart them. There were a lot of auth errors and eventually the master stoped responding. Console message said to run it async ... did that, but then can't tell if things are complete without polling the minions (which are in the process of restarting)
20:30 saltslackbridge <chris.ruscio> Windows is turning out to be significantly more fragile than Linux ... go figure :slightly_smiling_face:
20:31 saltslackbridge <chris.ruscio> clarification - restarting the minion service, not the minion OS
20:31 mavhq joined #salt
20:32 usernkey1 joined #salt
20:36 mattrose joined #salt
20:37 saltslackbridge <mdpolaris> MTecknology: interesting idea. I have not used that before, other than playing with Vault very briefly. I am hoping to find another workaround, but thanks for the idea, it might make the most sense in the end
20:38 Lenz joined #salt
20:39 saltslackbridge <skatz> What's the best way to schedule a job to run at a random time between, say, 5 and 6 PM? I wanted to set `- when: 5:00pm` and `- splay: 3600` but it says `Unable to use "splay" with "when" option at this time. Ignoring.`
20:39 MTecknology -minute: random
20:39 saltslackbridge <skatz> ohhhhhhhhhh neat
20:40 mcqueenorama joined #salt
20:40 mcqueenorama any idea why machine.getGuestPropertyValue might return nothing?  the cli VBoxManage tool shows data.  when run  within salt-cloud, the vboxmanager queries like total_slots =
20:40 mcqueenorama int(machine.getGuestPropertyValue('/VirtualBox/GuestInfo/Net/Count')) return nothing
20:41 edrocks joined #salt
20:44 FreeSpencer joined #salt
20:44 FreeSpencer joined #salt
20:45 johnj_ joined #salt
20:49 usernkey joined #salt
20:53 alker joined #salt
20:54 SkyRocknRoll_ joined #salt
20:56 alker joined #salt
20:57 kellyp joined #salt
21:03 mechleg joined #salt
21:03 CampusD joined #salt
21:08 SkyRocknRoll_ joined #salt
21:08 saltslackbridge <skatz> MTecknology: something like this state? https://gist.github.factset.com/skatz/11366c1e69fbd056fc719583a21a798d When I do a schedule.list I see this, which doesn't indicate when it's scheduled: https://gist.github.com/phsteve/dd56b7e99a43b485f38f8c64959b24fb
21:08 saltslackbridge <skatz> File uploaded https://saltstackcommunity.slack.com/files/U7UTS99CN/F842AGUBF/schedule.list_output / undefined
21:09 saltslackbridge <skatz> looks like pasting 2 gists doesn't preview right in slack :slightly_smiling_face: here's the first one again: https://gist.github.com/phsteve/dd56b7e99a43b485f38f8c64959b24fb
21:09 saltslackbridge <skatz> File uploaded https://saltstackcommunity.slack.com/files/U7UTS99CN/F842AGUBF/schedule.list_output / undefined
21:10 kellyp joined #salt
21:12 mcqueenorama anybody have any clues for how to debug further with this problem?  salt cloud on osx: int(machine.getGuestPropertyValue('/VirtualBox/GuestInfo/Net/Count')) returns nothing
21:14 MTecknology saltslackbridge: I didn't realize you were using the salt scheduler, I was thinking cron
21:15 saltslackbridge <gtmanfred> mcqueenorama, you will probably want to talk to the people who wrote that api, https://github.com/mmabey/vbox_sdk
21:17 Lenz joined #salt
21:17 saltslackbridge <skatz> ah yeah, I'm using the salt scheduler
21:17 saltslackbridge <skatz> i could use cron i suppose
21:22 SkyRocknRoll joined #salt
21:22 csmule Is it valid to refer to {{saltenv}} in the top.sls file? What does that do?
21:26 saltslackbridge <gtmanfred> yes, it just sets the env in the top file to whatever saltenv= is passed, so it will only look for state files in that file root
21:26 Rumbles joined #salt
21:27 mcqueenorama thanks
21:36 misconfig Does anyone know if you can target which minions execute // load a custom grain? I don't want every minion to load a particular custom grain stored in the _grains dir.
21:38 saltslackbridge <gtmanfred> misconfig https://docs.saltstack.com/en/latest/topics/releases/2017.7.0.html#blacklist-or-whitelist-extmod-sync
21:39 saltslackbridge <gtmanfred> whitelist the only ones you want in the minions /etc/salt/minion file
21:39 edrocks joined #salt
21:39 misconfig ^^ thank you
21:43 csmule saltslackbridge:  thanks
21:44 saltslackbridge <skatz> so is it possible with the salt scheduler to execute a job at a random time between 5 and 6 pm? or should I use cron instead?
21:45 saltslackbridge <gtmanfred> ask in general and i will ping the person who can answer that question for you
21:46 johnj_ joined #salt
21:49 Deliant joined #salt
21:49 pualj joined #salt
21:50 ProT-0-TypE joined #salt
21:55 saltslackbridge <skatz> @gtmanfred thanks, will do
21:56 saltslackbridge <skatz> ah beat me to it :slightly_smiling_face:
21:56 alker joined #salt
21:57 stewgoin joined #salt
21:58 mavhq joined #salt
22:02 alker joined #salt
22:05 Rumbles joined #salt
22:19 mrud joined #salt
22:19 mrud joined #salt
22:22 mrud_ joined #salt
22:46 cgiroua joined #salt
22:46 JawnAuz joined #salt
22:47 johnj_ joined #salt
22:51 cgiroua joined #salt
22:59 mavhq joined #salt
23:00 alker joined #salt
23:09 DarkKnightCZ joined #salt
23:14 dfinn joined #salt
23:15 dfinn joined #salt
23:15 dfinn joined #salt
23:17 sh123124213 joined #salt
23:20 onlyanegg joined #salt
23:29 mavhq joined #salt
23:34 fuzzy left #salt
23:35 Uni joined #salt
23:44 _JZ_ joined #salt
23:48 johnj_ joined #salt

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary