Perl 6 - the future is here, just unevenly distributed

IRC log for #salt, 2018-01-17

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:00 saltslackbridge joined #salt
00:01 seffyroff joined #salt
00:12 squig joined #salt
00:18 esteban joined #salt
00:24 pipps joined #salt
00:25 ipmb I just started putting together a web interface to view jobs/results https://github.com/lincolnloop/saltdash
00:26 onlyanegg joined #salt
00:26 ipmb but, it's read-only by design... just for reporting
00:28 ipmb Neighbour: remember discussing targeting minions on the master last week? I just found an issue with using the cache.grains runner https://github.com/saltstack/salt/issues/45489
00:28 saltslackbridge joined #salt
00:30 pipps joined #salt
00:40 Edgan ipmb: It is probably much heavier, but theforeman supports that and more.
00:41 onlyanegg joined #salt
00:43 ipmb Yeah, I really wanted something that was read-only. I don't feel good about exposing salt functionality on the web
00:44 Edgan ipmb: The way I use theforeman is read-only. Minions report to foreman the results of runs, and I use foreman to look at grains and minion run reports.
00:44 hatifnatt MTecknology: I think Salt Entrprise isn't suitable for small teams llike 2-10 people, also I can't find price, only "Contact us", that's a bit disappointing.
00:45 ipmb Edgan: do you need to give foreman the ability to run Salt commands or access the Salt API?
00:45 hemebond hatifnatt: Isn't that because they work with each client to build something for them?
00:45 Edgan ipmb: no
00:46 ipmb how does it view the results of runs?
00:47 saltslackbridge joined #salt
00:47 Edgan I think the actual flow goes like: minion -> master -> foreman cron on master -> foreman api -> foreman database
00:48 ipmb what is the cron on master doing?
00:49 Edgan ipmb: uploaded the minion reports to foreman
00:49 ipmb from where? log files?
00:50 ipmb how is it accessing the minion/master reports?
00:50 esteban joined #salt
00:50 Edgan ipmb: https://theforeman.org/plugins/foreman_salt/7.0/index.html   I think as root on the master. They get written in /var
00:54 onlyanegg joined #salt
00:56 stanchan joined #salt
01:00 xet7 joined #salt
01:23 hatifnatt hemebond: may be, but I need some starting point in terms of money and functionality.
01:35 pipps joined #salt
01:45 MTecknology hatifnatt: honestly, you're better off evolving to the point that web UI's are useless to you. :(
01:45 MTecknology :) *
01:50 MTecknology one of my recent projects was dropping my personal gitea favor in favor of gitolite3 (w/ nothing extra). It took a bit to figure out how to do it right, but totally worth the switch.
01:51 MTecknology I'm trying to get to the point that I don't need to log into salt at all because it's all driven by git and netbox.
01:54 kojiro joined #salt
02:04 XenophonF MTecknology: you should totally write that up
02:05 MTecknology I plan to write it up, diagram it, and present at saltconf.
02:06 MTecknology but documentation is hard...
02:06 MTecknology documenting something that doesn't yet exist outside of ideas in my head is harder
02:08 MTecknology heh, actually, I've kinda built most of it at this point. There's only about two or three pieces missing at this point. After that, I want to tack on some way of managing networking devices through it.
02:20 XenophonF I swear to God, if I have to deploy yet another web app that builds in its own user database, I am going to scream.
02:21 nomeed joined #salt
02:21 XenophonF Wait, gitolite is written in Perl?
02:22 * XenophonF runs away screaming.
02:22 MTecknology lol
02:23 MTecknology perl is kinda the right choice for a project like that, though.
02:23 XenophonF holy crap the docs have the perl nature too
02:24 MTecknology indeed, the docs are not great
02:26 MTecknology stupidly trivial to deploy, been at least partially audited, exists in a nice small debian package, painful docs, only really provides ACL features and repo management over nothing at all.
02:26 MTecknology vs. I've been working on building a proper gitea package for debian main for over a year and only recently gave up to shove what I did into contrib.
02:57 ilbot3 joined #salt
02:57 Topic for #salt is now Welcome to #salt! <+> Latest Versions: 2016.11.8, 2017.7.2 <+> Support: https://www.saltstack.com/support/ <+> Logs: http://irclog.perlgeek.de/salt/ <+> Paste: https://gist.github.com/ <+> See also: #salt-devel, #salt-offtopic, and https://saltstackcommunity.herokuapp.com (for slack) <+> We are volunteers and may not have immediate answers
03:12 hatifnatt MTecknology: I'm alone almost fine with console only, but but for "command work" I think I need some UI with ritghs management and some visualisation.
03:13 shiranaihito joined #salt
03:18 hatifnatt btw, if there is any good docs / post how to organize work with salt in team I would be grateful for the link
03:20 indistylo joined #salt
03:25 saltslackbridge <gtmanfred> @hatifnatt enterprise starts at something like 120$/node/year and has much better rbac control.
03:25 saltslackbridge <gtmanfred> But there are discounts based on the number of servers
03:25 hemebond What is a node?
03:26 saltslackbridge <gtmanfred> Minion
03:28 Udkkna_ joined #salt
03:28 Lukazy joined #salt
03:29 stanchan joined #salt
03:31 aruns joined #salt
03:31 RandyT joined #salt
03:31 RandyT joined #salt
03:33 hatifnatt thanks for information, it's really enterprise level :)
03:34 Lukazy Hi all, new to salt here. I'm trying to do config for windows and running into some issues translating the equivalent. Anyone have a few moments for  few questions?
03:38 hatifnatt Lukazy: Don't ask to ask, just ask.
03:38 Lukazy sorry just habit from some other places
03:40 Lukazy i'm trying to set up a masterless windows minion config, and an example state to run, i've edited the equivalent of /etc/salt to C:\salt\  and it installs fine
03:40 robawt joined #salt
03:41 Lukazy i've also fed the c:\salt\minion a config from a .py file that tells it to be local and states a base file
03:41 Lukazy base directory*
03:42 Lukazy # Salt Minion Config master_type: disable file_client: local file_roots:   base:     - C:\salt\
03:42 Lukazy i created a top.sls in the same directory, as well as the appropriate sls file for what it corresponds too
03:43 Lukazy PS C:\salt\bin> salt-call --local state.apply local: ----------           ID: states     Function: no.None       Result: False      Comment: No Top file or master_tops data matches found.      Changes:  Summary for local ------------ Succeeded: 0 Failed:    1 ------------ Total states run:     1 Total run time:   0.000 ms
03:44 Lukazy they're both in the same directory as well
03:48 saltslackbridge <gtmanfred> Is the minion config at c:\salt\minion, or c:\salt\conf\minion? Because the second one is the default conf location
03:49 Lukazy oh let me double check that is perhaps the issue
03:50 Lukazy as there is a minion file in both locations when i look
03:50 Lukazy so it should be using the one in c:\salt\conf\minion
03:50 saltslackbridge <gtmanfred> Yes
03:50 Lukazy let me make some config changes thanks
03:51 major joined #salt
03:57 Lukazy yup was exactly my issue.... it was referencing the wrong location of minion file
03:57 Lukazy when i ran it locally with that conf it worked
03:57 Lukazy once i made the changes
03:58 Lukazy thank you so much saltslackbridge might have a few more questions later but this fixes that part
03:59 Lukazy so on windows as its masterless theres no reason to have the service running then you can tell it to just do salt-calls every once and awhile
03:59 Lukazy as long as its installed
04:04 swa_work joined #salt
04:41 noobiedubie joined #salt
05:07 tpaul joined #salt
05:18 stanchan joined #salt
05:20 lompik joined #salt
05:42 golodhrim|work joined #salt
05:45 irated joined #salt
06:09 mechleg1 left #salt
06:10 ahrs joined #salt
06:10 armyriad joined #salt
06:22 LocaMocha joined #salt
06:22 stanchan joined #salt
06:31 golodhrim|work_ joined #salt
06:42 saltslackbridge joined #salt
06:44 evle joined #salt
06:48 zerocoolback joined #salt
06:48 mechleg joined #salt
06:55 msn joined #salt
07:05 Ricardo1000 joined #salt
07:22 sayyid9000 joined #salt
07:39 yuhl joined #salt
08:06 Elsmorian joined #salt
08:06 Hybrid joined #salt
08:07 aldevar joined #salt
08:22 toanju joined #salt
08:22 noobiedubie joined #salt
08:24 Tucky joined #salt
08:26 hoonetorg joined #salt
08:34 Vye joined #salt
08:38 lkthomas joined #salt
08:38 lkthomas sup all
08:47 benner joined #salt
09:17 tpaul joined #salt
09:19 lkthomas I am trying to use Eclipse to deal with Salt code writing
09:19 lkthomas but it doesn't seems have plugin for Eclipse
09:21 Cadmus ebbex: Just wanted to thank you for pointing me towards the Orchestrator, I'm about 60% of the way through my rewrite already and it's working a lot better
09:23 pbandark joined #salt
09:33 Morrolan joined #salt
09:40 oida joined #salt
09:41 Mattch joined #salt
09:41 babilen Cadmus: Good to hear :)
09:42 Cadmus Now if only I weren't dealing with Oracle 😒
09:46 lkthomas when I hit state.apply, which sls file does it looking ?
09:46 hemebond lkthomas: All of them :-)
09:46 hemebond (top.sls actually)
09:47 taylorbyte joined #salt
09:54 lkthomas hemebond, states-> top.sls ?
09:55 hemebond Nah, top.sls is how you apply states to minions.
09:55 hemebond state.apply without any arguments uses that do figure out which states to apply.
09:55 lkthomas I see
09:55 hemebond Otherwise you have to pass it the state, e.g., state.apply my.state.file.name
09:56 lkthomas I am new to saltstack, what language does those sls using ?
09:56 lkthomas is it YAML ?
09:56 hemebond Default is Jinja2 and YAML.
09:57 lkthomas hmm, what language syntax checker are you using then ?
09:58 hemebond I just use Jinja or YAML syntax highlighting in Sublime Text.
09:58 Ricardo1000 joined #salt
09:58 lkthomas unless it's declare as Jinja, I should use YAML right
09:58 lkthomas ?
09:59 hemebond By default the state files are run through Jinja and then run through YAML
10:04 Naresh joined #salt
10:04 lkthomas I see
10:16 taylorbyte Hi guys I've been learning salt on my own on and off for a year, currently stuck on reading nested dictionaries / values (not sure what to call them)  from map.jinja and having trouble finding an example that is close to what i need.  https://bpaste.net/show/cceda2309754 this might be simple for someone in here?
10:24 hemebond taylorbyte: Have you checked out the Jinja2 documentation?
10:24 hemebond (if you're after some understanding of Jinja2 itself)
10:25 taylorbyte hemebond: yeah but i just can't seem to make sense of it or missed what im looking for
10:25 hemebond Okay. I'm having a read of the file.
10:25 Deliant joined #salt
10:27 hemebond I don't really understand line 83
10:29 taylorbyte hemebond: im trying to check if the app in the pillar file is the same as in the map.jinja so i can get the package names to install for that app
10:30 hemebond Instead of using two loops, can you not just loop one and fetch from the other?
10:31 hemebond app_pkgs = map.pkgs[app]
10:31 taylorbyte 've tried a bunch of things and can't remember what ive tried half the time. but i thought i should be able to refrence it like a multidimentionall array similar to php
10:32 hemebond You can do so (if I understand what you mean)
10:33 taylorbyte so i should be able to remove the if statement form line 83 and have   map.pkgs[app]  in line 86  like    - pkgs: {{ map.pkgs[app] }} ?
10:33 hemebond So you want to loop through froxlor:services and get the packages from the map.jinja for each?
10:33 babilen What a peculiar design
10:34 taylorbyte yeah. im not sure if that is the normal way of doing things either
10:34 taylorbyte i was thinking about scrapping the whole map.jinja
10:34 taylorbyte and keep everything in the init.sls
10:35 taylorbyte but i thought the map was so compatibility over different distros can be achieved
10:36 babilen taylorbyte: I typically use a default.yaml → map.jinja ← pillar approach, where defaults from default.yaml are merged with os_family/oscodename specific defaults and values from the pillar ..
10:37 babilen Sort of similar to what you find in the template-formula, but adapted to use defaults.merge to allow merging of nested datastructures
10:40 xet7 joined #salt
10:41 taylorbyte babilen: i have seen the defaults.yaml in a some formulas, i haven't taken any notice of them. are they parsed in the map,jinja?
10:41 babilen http://paste.debian.net/hidden/967348e8/ is an example for Xen
10:42 babilen dafaults.yaml is simply used because it is easier to type yaml as opposed to literal Python datastructures
10:43 babilen If the maps I have in map.jinja get too big, I typically also put them in a .yaml file and load them into map.jinja akin to defaults.map
10:43 babilen err
10:43 babilen defaults.yaml
10:43 tpaul left #salt
10:43 babilen Have to head off now .. all the best! I'd recommend to steal the defaults.merge approach along with specifying pkg installation options
10:44 taylorbyte thanks ill give it a go
10:49 chorkpop joined #salt
11:00 kedare joined #salt
11:00 kedare Hi all
11:00 kedare left #salt
11:02 chorkpop left #salt
11:02 kedare joined #salt
11:02 kedare Hi all o/
11:02 kedare Question, can I set a grain from inside a state ?
11:03 kedare Or more is it recommended to store dynamic data ?
11:03 kedare For example I use salt as CI and I want to store somewhere the version that has been deployed, I don’t know if using grains would be a good idea for this ?
11:04 Hans__ joined #salt
11:05 Dudedudedude joined #salt
11:12 Neighbour kedare: Yes, you can
11:13 zerocoolback joined #salt
11:17 mattfoxxx joined #salt
11:18 kedare Great :)
11:20 kedare Just to confirm, is this the correct way to do the string formatting in salt[] commands ? {{ salt["svn.info"]("C:\inetpub\wwwroot\{env}\{package}".format(env=pillar['application_environment'], package=package)) | yaml }}
11:24 Deliant joined #salt
11:24 zulutango joined #salt
11:34 evle joined #salt
11:37 ws2k3 joined #salt
11:55 sayyid9000 joined #salt
12:08 _JZ_ joined #salt
12:41 mavhq joined #salt
12:53 mritchie joined #salt
13:02 rgrundstrom joined #salt
13:02 rgrundstrom Good afternoon everyone
13:05 rgrundstrom Anyone have any experience with kernel management using salt? I basically want to ensure that a specific kernel is installed and that the server boots from that kernel. Making sure that the kernel is installed is easy using pkg but the boot part is harder. Would not want to push a grub.cfg file...
13:17 ebbex I'm deploying a webapp, and in my app1/config.sls I'd like to figure out if I'll be dumping a nginx-config or an apache-config. Can I send this info into the app1/config.sls from the top.sls? Or can I check if I've also used "- nginx" or "- apache" from the top.sls file?
13:24 yuhl left #salt
13:24 yuhl joined #salt
13:24 Nahual joined #salt
13:30 numkem joined #salt
13:45 m4rk0 ebbex, You should add Your *-config as pillar if I understand Your question correctly...
14:00 gh34 joined #salt
14:08 ebbex m4rk0: You probably did, I was sorta under the impression that pillars were more for 'secrets' than general configuration.
14:09 xet7 joined #salt
14:11 ebbex https://pastebin.com/SZXQHgzG
14:11 mavhq joined #salt
14:12 ebbex But I suppose I can put that info in a pillar, and have the config include {{webserver}}/init.sls based on values I put in the pillar.
14:13 jas02 joined #salt
14:21 edrocks joined #salt
14:26 sayyid9000 joined #salt
14:28 babilen ebbex: Pillars are the perfect place for configuration
14:28 babilen (in fact most formulas are entirely pillar driven)
14:40 ebbex babilen: https://pastebin.com/a5He3UjS
14:41 ebbex Any suggestion as to how the tests work, or what else I should have in my pillars.
14:46 sayyid9000 joined #salt
14:49 jas02_ joined #salt
14:59 FuzzyVeg joined #salt
15:01 FuzzyVeg left #salt
15:02 enigmatyk joined #salt
15:08 jas02 joined #salt
15:20 racooper joined #salt
15:30 major joined #salt
15:31 mchlumsky joined #salt
15:37 oida joined #salt
15:37 dhwt joined #salt
15:39 cgiroua joined #salt
16:05 _JZ_ joined #salt
16:30 av_ joined #salt
16:30 jas02 joined #salt
16:32 Aleks3Y joined #salt
16:35 tobiasvdk joined #salt
16:42 tiwula joined #salt
16:46 pipps joined #salt
16:46 tobiasvdk Hi, does setting "cython_enabled" to True in the master/minion configuration improves the performance/lowers the cpu time?
16:49 saltslackbridge <gtmanfred> no, i believe it just allows using cython modules
16:49 saltslackbridge <gtmanfred> which is what the modules for salt enterprise are written in
16:49 saltslackbridge <gtmanfred> compiled to*
16:49 tom[] joined #salt
16:49 pipps joined #salt
16:51 tobiasvdk gtmanfred: thx!
16:51 hammer065 joined #salt
17:03 sayyid9000 joined #salt
17:04 jas02 joined #salt
17:15 stanchan joined #salt
17:20 aldevar left #salt
17:28 Praveen_ joined #salt
17:31 pipps joined #salt
17:42 DammitJim joined #salt
17:42 xet7 joined #salt
17:44 manji joined #salt
17:56 Trauma joined #salt
18:03 edrocks joined #salt
18:10 DoomPatrol mmm formulas ftw, (e.g. ferm formula makes iptables sooo simple)
18:13 toanju joined #salt
18:39 wwalker anyone have a URL to a good tutorial on salt testing?  "TESTING YOUR SALT STATES WITH KITCHEN-SALT" and "Test Kitchen style testing for Salt" I've read.
18:41 saltslackbridge <gtmanfred> have you followed the getting started on the kitchen.saltstack.com? https://kitchen.saltstack.com/docs/file/docs/gettingstarted.md
18:57 wwalker gtmanfred: thank you.  that's what I was looking for :-)
19:04 oida joined #salt
19:05 numkem joined #salt
19:05 wwalker gtmanfred: where is the file requirements supposed to come from "pip install -r requirements
19:06 xet7 joined #salt
19:06 saltslackbridge <gtmanfred> https://github.com/gtmanfred/wordpress-formula/blob/master/requirements.txt
19:06 saltslackbridge <gtmanfred> just whatever you need to run your test suite
19:06 saltslackbridge <gtmanfred> also, probably worth looking at inspec if you wanna write ruby instead.
19:07 jas02 joined #salt
19:07 pipps joined #salt
19:08 saltslackbridge <gtmanfred> all that we are managing is kitchen-salt the provisioner, do the verifier however you want, and there are a ton of ways to do that. https://kitchen.ci/docs/getting-started/adding-test
19:08 sh123124213 joined #salt
19:10 wwalker so, when we say "testing with kitchen-salt" it really means "kitchen-salt will do the vagrant or docker setup for you to run your separately written tests" ?
19:10 pipps joined #salt
19:11 saltslackbridge <gtmanfred> kitchen-salt will run the salt states that you are trying to test
19:12 saltslackbridge <gtmanfred> then you can have extra tests to make sure the states ran correctly if you want
19:13 sh123124213 any news on when 2016.11.9 branch will be created ?
19:13 saltslackbridge <gtmanfred> it already exists
19:14 saltslackbridge <gtmanfred> if you want to know more about the release, there is a releases channel on the community slack linked in the /topic
19:15 sh123124213 ahm, I did ask the correct question about branch but I was looking at tags. why did this change and you don't tag anymore ?
19:15 pipps joined #salt
19:16 saltslackbridge <gtmanfred> we have a branch to stablize the release, and once it is stable a tag will be made on the branch, then released, and the branch will be deleted
19:18 saltslackbridge <gtmanfred> https://docs.saltstack.com/en/latest/topics/development/contributing.html#dot-release-branches
19:18 saltslackbridge <gtmanfred> info there
19:25 major joined #salt
19:25 numkem joined #salt
19:27 sh123124213 cool, thanks. Is there anyway I can see which tickets are blocking the release or which tests are failing ?
19:28 pipps joined #salt
19:30 saltslackbridge <gtmanfred> that information is in the releases channel on slack
19:36 sh123124213 thanks again :)
19:36 pipps joined #salt
19:38 wwalker does kitchen-salt have a default top.sls?  I've removed all references to wordpress from the .kitchen.yml and am still getting "Specified SLS 'wordpress' in environment 'base' is not available on the salt master"
19:40 saltslackbridge <gtmanfred> Did you destroy and recreate the vm so that no top. Sls gets laid down?
19:41 wwalker ah, thank you
20:04 __number5__ joined #salt
20:11 gh34 joined #salt
20:23 oida joined #salt
20:26 pipps joined #salt
20:27 pipps joined #salt
20:27 aldevar joined #salt
20:30 pipps joined #salt
20:35 evilem joined #salt
20:37 jas02 joined #salt
20:40 oida joined #salt
20:42 Hybrid joined #salt
20:45 lkthomas_ joined #salt
20:46 lkthomas__ joined #salt
21:00 pipps joined #salt
21:03 pipps joined #salt
21:04 pipps joined #salt
21:05 pipps joined #salt
21:05 pipps joined #salt
21:14 deadpoet joined #salt
21:15 darkalia joined #salt
21:16 pipps joined #salt
21:16 eightyeight getting "Unable to manage file: Jinja variable 'extra_port' is undefined" in a highstate
21:17 eightyeight config is relatively straight forward. 'extra_port' is set to False, unless a grain is matched, then it's set to "443"
21:17 eightyeight any ideas why the compile would say it's undefined?
21:17 eightyeight i can provide sanitized config pastebins if necessary
21:17 saltslackbridge <gtmanfred> yeah, a sanatized gist would be helpful
21:18 eightyeight ok. one sec.
21:22 kojiro joined #salt
21:25 wwalker eightyeight: when I have that problem, it is usually because I have an error in top.sls that prevents that file from being parsed for that minion.
21:26 eightyeight gtmanfred: here is the gist https://gist.github.com/atoponce/41ada01d88c5cef6b5ec727773133d16
21:26 eightyeight wwalker: interestingly enough, other jinja variables work as expected
21:26 eightyeight it's only setting the extra ssh port that is failing
21:27 saltslackbridge <gtmanfred> if the fqdn is not set in that list, then the extra_ssh_port is not passed to the context
21:27 hatifnatt Hi. Time to time I see people use '|json' or '|yaml' filters, but I can't find info about them in Salt or Jinja docs. Is there any reference?
21:28 hemebond hatifnatt: https://docs.saltstack.com/en/latest/ref/renderers/all/salt.renderers.jinja.html
21:28 eightyeight gtmanfred: the problem i'm having is server1-3 not getting the extra ssh port set, despite the config on line 37 of the server.sls
21:28 hemebond eightyeight: The grain is definitely set?
21:28 whytewolf hemebond: https://docs.saltstack.com/en/latest/ref/renderers/all/salt.renderers.jinja.html#salt.utils.jinja.SerializerExtension
21:28 eightyeight yes
21:28 saltslackbridge <gtmanfred> it doesn’t look like a grain
21:29 whytewolf nevermind hemebond got to it first. and i tagged the wrong person
21:29 gtmanfred it is just getting set in the context
21:29 hemebond whytewolf: ☺
21:29 gtmanfred {% if grains['fqdn'] in [ 'server1.example.com', 'server2.example.com', 'server3.example.com' ] %}
21:29 gtmanfred extra_ssh_port: "443"
21:29 gtmanfred {% endif %}
21:29 gtmanfred that isn't a grain
21:29 gtmanfred that is a context for the file.managed
21:30 saltslackbridge <gtmanfred> oh
21:30 saltslackbridge <gtmanfred> i see the defaults
21:30 saltslackbridge <gtmanfred> nevermind
21:30 pipps joined #salt
21:30 saltslackbridge <gtmanfred> but it still stands, the only grain you are comparing is fqdn
21:30 saltslackbridge <gtmanfred> extra_ssh_port is not a grain
21:31 hemebond Actually, if they're getting a variable not found error, that suggests the template is broken.
21:32 hemebond is "extra_port" different to "extra_ssh_port"?
21:32 eightyeight that's a typo in the gist
21:35 eightyeight that's not how it stands in my config
21:35 eightyeight (admittedly, i've been trying a few different things)
21:35 saltslackbridge <gtmanfred> actually, eightyeight, try unindenting the extra_ssh_port line by one layer, it is farther indented than the defaults is
21:35 hemebond So the actual variable is called 'extra_port'?
21:35 eightyeight hemebond: yes. "extra_port" is the variable. double/triple-checked
21:35 hemebond gtmanfred: I thought that too, but the indentation should be okay plus there are the defaults.
21:35 hemebond Is that not how defaults works?
21:35 wwalker {% if extra_ssh_port %}
21:35 hemebond (admittedly I've never seen the use of defaults until now)
21:35 wwalker never mind
21:35 hemebond eightyeight: Can you fix your Gist to be closer to what it actually is? And just have the relevant stuff?
21:35 hemebond Having variables with different names to the error is confusing.
21:35 eightyeight sure
21:36 eightyeight updated
21:36 hemebond Try fixing the indentation of context as gtmanfred suggested.
21:37 saltslackbridge <gtmanfred> that is the only thing i can think of, though it seems weird if it is an issue
21:37 hemebond Should be two spaces of indentation, not four (though it shouldn't matter to YAML we have seen it matter)
21:37 eightyeight fair, although the rest of the variables are getting set in the config
21:37 hemebond Also those Jinja lines will leave indentation too.
21:37 eightyeight if i put "# {{ extra_port }}" in the sshd_config, i can see it's "False"
21:38 saltslackbridge <gtmanfred> probably good to switch all the {% to {%- so it clears out the extra whitespace so that it is pure yaml
21:38 hemebond ^
21:38 edrocks joined #salt
21:39 eightyeight i'm not familiar with this
21:39 saltslackbridge <gtmanfred> http://jinja.pocoo.org/docs/2.10/templates/#whitespace-control
21:39 eightyeight {%-if extra_port %}Port {{ extra_port }}{%-endif %}
21:39 eightyeight ^ that?
21:39 hemebond Correct
21:40 whytewolf I think he meant in the yaml that defines extra_port
21:40 eightyeight interestingah
21:40 whytewolf so that it doesn't add a bunch of whitespace you might not be accounting for
21:40 eightyeight s/interesting//
21:40 pipps joined #salt
21:41 sayyid9000 joined #salt
21:41 pipps joined #salt
21:44 eightyeight just double-checked, by setting "# {{ grains['fqdn'] }}" in the sshd_config, to verify that the actual grain is getting matched correctly, and it is
21:44 eightyeight "# server2.example.com"
21:44 hemebond Have you fixed the indentation?
21:44 eightyeight yes
21:44 eightyeight i'll update the gist with the current state
21:46 eightyeight updated, both the server.sls and sshd_config
21:46 whytewolf would be nice to see how it renders also
21:47 eightyeight i can get a (sanitized) gist of that
21:47 whytewolf :+1:
21:47 hatifnatt hemebond: Thanks! Not very easy to find :)
21:47 eightyeight uno mentos
21:47 cwright joined #salt
21:47 whytewolf hatifnatt: it is the first link for me if i google "saltstack yaml jinja"
21:49 shanth joined #salt
21:51 ahrs joined #salt
21:51 hatifnatt whytewolf: My search was "saltstack |json" and I found nothing :)
21:51 wryfi joined #salt
21:52 saltslackbridge <gtmanfred> searching for operators on google is just the worst
21:52 hemebond That probably would have searched for saltstack OR json
21:53 eightyeight whytewolf: first comment of that gist, has the compiled output
21:53 pipps joined #salt
21:53 hemebond And you still get the variable not found error?
21:54 eightyeight no. currently, it's "False" in the sshd_config
21:55 shanth how can i do jinja filtering to match something in the hostname? for example, matching if a hostname contains seattle. {% if grains['id'] = '*seattle*' %} something like this
21:55 saltslackbridge <gtmanfred> sounds like you need to try managing all the whitespace by switching to {%- and also try removing the # comments, and use something like {#- to put the comments in jinja so it doesn’t interfere with the final yaml structure
21:55 saltslackbridge <gtmanfred> {%- if ‘seattle’ in grains.id %}
21:56 whytewolf could also build a dict before hand then just pass that to context instead of trying to render the dict
21:56 eightyeight whytewolf: what do you mean?
21:57 JawnAuz joined #salt
21:58 hemebond - context: {% mydict|json %}
21:58 whytewolf ^
21:59 saltslackbridge <gtmanfred> i don’t think you need to pass it through json
21:59 saltslackbridge <gtmanfred> and also, it would be {{ }}
21:59 saltslackbridge <gtmanfred> it isn’t an action
21:59 hemebond Oh yeah ^
21:59 whytewolf ^^
22:00 hemebond I think I've always used the json filter because of issues with unicode prefixes and funny characters
22:00 saltslackbridge <gtmanfred> ahh, that is not a bad idea
22:00 whytewolf I know XenophonF lives by the yaml filter. either one should be good for this
22:01 hemebond eightyeight: Can you gist the output of state.show_sls for the state?
22:01 eightyeight sure
22:02 hemebond What version of salt-minion are you on?
22:03 shanth thanks gtmanfred will try that
22:03 eightyeight 2016.11.8
22:03 pipps joined #salt
22:06 hemebond The next thing to try (after gisting that state.show_sls output) is put everything into context, removing defaults.
22:07 eightyeight https://gist.github.com/atoponce/41ada01d88c5cef6b5ec727773133d16#gistcomment-2324238
22:10 pipps joined #salt
22:12 eightyeight hemebond: you mean with a ton of if/else statements?
22:12 hemebond Yeap
22:12 eightyeight i guess i could try that. ugly, but if it works...
22:13 whytewolf or ... a map.jinja
22:14 eightyeight back to "Comment: Unable to manage file: Jinja variable 'extra_ssh_port' is undefined"
22:15 hemebond Well, your variable is called extra_port so there's something wrong somewhere else.
22:15 hemebond Are you highstating or applying just this state?
22:15 hemebond state.apply server
22:15 eightyeight updated the gist
22:16 hemebond There's no extra_ssh_port in that Gist.
22:16 hemebond And you haven't commented out defaults.
22:17 eightyeight oh. i missed that. i just took 'extra_port' out of defaults (seeing as though that's what i'm working on). left the rest.
22:17 eightyeight there is no extra_ssh_port
22:17 eightyeight oh. heh.
22:17 eightyeight i see
22:21 eightyeight gist updated (correctly). "Comment: Unable to manage file: Jinja variable 'extra_port' is undefined"
22:22 hemebond You haven't removed defaults.
22:22 eightyeight not all, correct. just extra_port
22:22 eightyeight the rest all work
22:22 eightyeight it's just extra_port that is failing
22:22 hemebond I want to see what happens with no defaults at all.
22:22 eightyeight ok
22:23 hemebond Also, if there's any more to that error message please add that to the Gist.
22:31 eightyeight gist updated
22:32 hemebond I still see defaults.
22:33 eightyeight chasing those down is going to be a royal pita. sshd_config is extended elsewhere, where i would have to manage sftp_jail, the the ssh_* ciphersuites, which i really don't want to chase down
22:33 hemebond What?
22:34 eightyeight there are other SLS configs referencing ssh_ciphers & sftp_jail
22:34 pipps joined #salt
22:35 eightyeight everything works, _except_ extra_port. it's the thing i've been fighting for longer than i care to admit
22:35 eightyeight sftp_jail gets set correctly as necessary, as do all the others. only extra_port fails
22:35 hemebond Are you saying there are things outside the Gist that affects the template?
22:40 pipps joined #salt
22:40 eightyeight hemebond: yes: https://gist.github.com/atoponce/41ada01d88c5cef6b5ec727773133d16#gistcomment-2324262
22:41 hemebond Those files have states that are modifying the same file?
22:42 hemebond *Those state files
22:42 eightyeight yes. they are extending /etc/ssh/sshd_config
22:42 eightyeight each with a `- context:' as necessary
22:43 hemebond Well that shouldn't matter.
22:43 hemebond I just want you to put everything into the context variable in the problem state and remove the defaults variable.
22:43 eightyeight oh. shit. i think i just caught it
22:45 hemebond Used the wrong variable name in a state somewhere?
22:45 eightyeight nope. nvm.
22:45 eightyeight fml
22:45 eightyeight (thought i caught a bug in my top.sls)
22:51 eightyeight is there a better grain to reference a unique minion than fqdn?
22:51 eightyeight server_id perhaps?
22:51 saltslackbridge <gtmanfred> grains.id
22:51 saltslackbridge <gtmanfred> will be the minon_id
22:51 saltslackbridge <gtmanfred> which by definition needs to be unique
22:52 saltslackbridge <gtmanfred> minion_id*
22:52 saltslackbridge <gtmanfred> also, since you are running this in the states, you could just use the minion matcher stuff
22:52 saltslackbridge <gtmanfred> https://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.match.html
22:53 eightyeight i may move to pillars. dobbs knows this salt config needs some ... love
22:55 eightyeight what's the syntax for logical OR statements in an if conditional for jinja?
22:55 * eightyeight looks
22:56 saltslackbridge <gtmanfred> if whatever or whatever2
22:56 eightyeight thx
22:56 saltslackbridge <gtmanfred> http://jinja.pocoo.org/docs/2.10/templates/#logic
22:57 hemebond eightyeight: Is it just server.sls being applied to the problem server?
22:57 hemebond Or do you have other SSH-related states being applied?
22:58 eightyeight for those 3 servers (server1, server2, and server3), it's only server.sls, afaik.
23:01 hemebond You can confirm using state.show_top
23:01 eightyeight it's mind-boggling how all the other jinja variables get set _EXCEPT_ "extra_port"
23:02 eightyeight i just went through all the other servers, by hand, one-by-one, verifying they're working as expected
23:02 hemebond Well, according to your Gist, that's the only variable being set in context.
23:03 eightyeight yup
23:03 hemebond Which is why I suggested moving everything into context to test.
23:03 eightyeight and that's the only place that server is referenced for anything ssh
23:03 eightyeight yeah. that's just so much more work. heh
23:03 eightyeight why the others get set correctly, except for that one though?
23:04 hemebond It's literally copy+paste
23:04 hemebond I don't know. That's why I'm trying to eliminate variables.
23:05 eightyeight i wonder what happens if i set the default to "2222" from "False"
23:07 eightyeight the sshd_config gets set to "Port 2222" rather than "Port 443". heh
23:07 * eightyeight steps away
23:07 eightyeight thx hemebond, whytewolf, gtmanfred (and anyone else i may have missed) for your help
23:10 hemebond ?
23:13 * whytewolf doesn't feel like he really did anything
23:14 * hemebond feels unfulfilled
23:15 saltslackbridge <gtmanfred> yeah, that was super anti climactic
23:16 * hemebond demands closure.
23:20 stanchan joined #salt
23:20 scooby2 Anyone seen salt-minion do this before? I can salt-ping the client but the master shows the client did not respond for any other command. https://pastebin.com/Z79KiEiW
23:22 scooby2 ignore that i guess its setproctitle
23:24 jpsharp How can I change the shell that salt executes its commands as?  I use zsh as my interactive shell, but apparently some of the commands that salt-minion emits makes it choke.
23:24 hemebond jpsharp: `shell` usually.
23:25 hemebond You would have to check the execution module or state module you're using.
23:30 eightyeight ok. i stepped away. had my coffee. bitched about this issue with a coworker.
23:30 eightyeight coming at it with renewed enthusiasm for the last 30 minutes, before heading home for the day
23:31 eightyeight i think i'm going to create another (le sigh) state file, and move the logic there, then reference the state file in the top.sls, rather than if logic
23:31 eightyeight if that doesn't work, serious salt config rework states->pillars, here we go
23:32 hemebond :-|
23:34 Edgan eightyeight: states to pillars? you aren't already using pillars?
23:34 eightyeight partially
23:34 eightyeight some stuff has been moved over
23:34 eightyeight not everything
23:34 eightyeight ... and moving to a separate state worked
23:34 eightyeight whelp
23:34 Edgan eightyeight: so you are saying moving hard coded values into pillars?
23:35 hemebond I've just tested this setup myself and it's working fine, though I am on 2016.3.8
23:37 hashwagon Is it possible to wildcard myminionname to myminion* in a statefile? {% if grains['host'] == 'myminion*' %} this doesn't seem to work.
23:37 eightyeight we set this salt config up before saltstack was a company (i personally know and have worked with tom)
23:37 hemebond hashwagon: Can probably use "(2018-01-18 11:52:59) saltslackbridge: <gtmanfred> https://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.match.html"
23:37 eightyeight so, it's been a learning experience as we've gone along over the years
23:38 eightyeight and there are all sorts of growing pains in the config, and as a result, needs a cleanup
23:38 eightyeight however, everyone who has had a hand in building out the config have since left, and i'm all that's left
23:38 eightyeight heh
23:42 hemebond So did you ever move everything into context?
23:42 hemebond And test without defaults?
23:42 hashwagon hemebond, thanks I'm looking at that now.
23:53 eightyeight huh
23:54 eightyeight TIL order matters in your top.sls
23:54 hemebond Yup
23:54 saltslackbridge <gtmanfred> yes
23:54 eightyeight i'm still unclear as to why extra_port was not getting set, but heh
23:54 saltslackbridge <gtmanfred> order matters everywhere
23:55 saltslackbridge <gtmanfred> it runs top down
23:55 hemebond Except Pillars.
23:55 hemebond No wait...
23:59 hashwagon I was able to accomplish what I posted above with {% if grains['host'].startswith("myminion") %}

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary