Perl 6 - the future is here, just unevenly distributed

IRC log for #salt, 2018-01-24

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:00 saltslackbridge joined #salt
00:06 pipps joined #salt
00:11 pipps joined #salt
00:16 cyteen joined #salt
00:18 RandyT joined #salt
00:18 RandyT joined #salt
00:22 threwahway joined #salt
00:28 aCodinMa_ joined #salt
00:29 RandyT joined #salt
00:29 RandyT joined #salt
00:49 pipps joined #salt
00:53 mariusv joined #salt
00:53 mariusv joined #salt
00:57 aCodinMan joined #salt
01:01 pwhack joined #salt
01:02 pwhack joined #salt
01:03 stewgoin joined #salt
01:13 gmoro joined #salt
01:14 evle joined #salt
01:16 aCodinMa_ joined #salt
01:18 aCodinMan joined #salt
01:21 shiranaihito joined #salt
01:23 darix joined #salt
01:36 RandyT joined #salt
01:36 RandyT joined #salt
01:36 djinni` joined #salt
01:36 bildz joined #salt
01:43 snath joined #salt
01:44 pipps joined #salt
01:58 RandyT joined #salt
01:58 RandyT joined #salt
02:15 nomeed joined #salt
02:26 aypea[2] joined #salt
02:33 XenophonF jhujhiti: I can show you some stuff.
02:35 XenophonF jhujhiti: https://github.com/irtnog/salt-states/blob/development/irtnog-co/openldap-provider.sls
02:36 XenophonF This creates a writable DIT rooted at o=IRTNOG and stored in /var/lib/ldap/irtnog.
02:37 XenophonF It has to create the DIT using root credentials, so it connects over IPC with a SASL bind.
02:38 XenophonF Once the olcDatabase objects are updated (in the case of olcDatabase={1}monitor,cn=config) or created (in the case of olcDatabase={3}mdb,cn=config), Salt connects via the IPC interface using a simple bind with the root credentials specified during database creation.
02:39 XenophonF That works even though the object doesn't technically exist yet.
02:40 XenophonF Once re-connected, it creates the organization starting from the root, o=IRTNOG.
02:42 XenophonF At some point I will add a slapd consumer (read-only replica), or I might try my hand at a multi-master setup.
02:56 cro joined #salt
02:56 XenophonF I also need to add the necessary configs for LDAPS and whatnot.
02:56 deuscapturus joined #salt
02:56 XenophonF HTH
02:57 ilbot3 joined #salt
02:57 Topic for #salt is now Welcome to #salt! <+> Latest Versions: 2016.11.8, 2017.7.2 <+> Support: https://www.saltstack.com/support/ <+> Logs: http://irclog.perlgeek.de/salt/ <+> Paste: https://gist.github.com/ <+> See also: #salt-devel, #salt-offtopic, and https://saltstackcommunity.herokuapp.com (for slack) <+> We are volunteers and may not have immediate answers
03:00 aCodinMan joined #salt
03:00 aCodinMan joined #salt
03:01 zerocool_ joined #salt
03:02 deuscapturus joined #salt
03:03 pipps joined #salt
03:03 zerocool_ joined #salt
03:04 evle2 joined #salt
03:18 aCodinMan joined #salt
03:23 zerocoolback joined #salt
03:24 zerocoolback joined #salt
03:25 zerocoolback joined #salt
03:25 zerocoolback joined #salt
03:34 stduolc joined #salt
03:34 saltslackbridge joined #salt
03:38 RandyT joined #salt
03:38 RandyT joined #salt
03:47 threwahway_ joined #salt
03:59 threwahway joined #salt
04:02 onlyanegg joined #salt
04:16 swa_work joined #salt
04:25 zerocoolback joined #salt
04:31 aypea[2] hi. this may be a dumb question, but where does pkg.installed come from? I look at the docs for the pkg module and then at my specific execution module (aptpkg) but can't see any info on it
04:34 whytewolf well pkg.installed is a state module.function. https://docs.saltstack.com/en/latest/ref/states/all/salt.states.pkg.html#salt.states.pkg.installed
04:34 aypea[2] I /just/ found that. thanks. :)
04:42 masber joined #salt
05:05 NightMonkey joined #salt
05:15 zerocoolback joined #salt
05:23 aCodinMan joined #salt
05:24 zerocoolback joined #salt
05:28 heyimawesome joined #salt
05:46 onlyanegg joined #salt
05:50 impi joined #salt
05:56 lkthomas folks, I am using https://github.com/saltstack-formulas/apache-formula formular, so for different sites, I should define different sls files in pillar directory, am I correct ?
06:22 iggy or pull the data from a database with some sort of ext_pillar or ....
06:23 iggy really whatever makes the most sense for your use case
06:25 iggy if you are talking about vhosts then you may have to keep them all in one file unless you start playing around with pillar merging
06:28 lkthomas I see, thanks
06:30 zerocoolback joined #salt
06:30 indistylo joined #salt
06:33 aruns joined #salt
06:34 mk-fg joined #salt
06:34 mk-fg joined #salt
06:46 indistylo joined #salt
06:50 sybix joined #salt
06:51 mk-fg joined #salt
06:51 mk-fg joined #salt
06:53 sybix joined #salt
06:53 RandyT joined #salt
06:53 RandyT joined #salt
06:55 indistylo joined #salt
06:56 Zachary_DuBois joined #salt
06:59 aruns joined #salt
07:01 LocaMocha joined #salt
07:03 nledez joined #salt
07:05 cyteen joined #salt
07:05 LocaMocha joined #salt
07:08 lkthomas what is the proper way to include file.managed into one section? I got foncliting ID
07:08 lkthomas conflicting*
07:08 nledez joined #salt
07:13 impi joined #salt
07:17 lkthomas nevermind, found the solution
07:17 lkthomas by creating multiple ID
07:20 Ricardo1000 joined #salt
07:24 taylorbyte if i reference a variable that may or may not exist in an init.sls file e.g.    {{ var }}    how have a fallback/default variable that i know does exist? Similar to https://stackoverflow.com/a/35107741 but the method shown in that link doesn't seem to work maybe its only for ansible.
07:24 evle3 joined #salt
07:28 sjorge joined #salt
07:45 pualj joined #salt
07:51 zerocoolback joined #salt
07:52 Church- joined #salt
07:54 Church- So stupid question on managing networks. I have my salt master set to use it's private interface since it was only working on a private lan, however I also want it to manage two other vps's among our prod environment sitting in another cloud provider's DC. What would be the best way to manage them? Just have the master go back to using a public interface?
07:57 hemebond Church-: Can't have Salt Master listen on all interfaces?
07:58 artur-ba joined #salt
07:58 Church- Thought it was insecure technically to have it listen on public interfaces? And can I?
07:58 hemebond taylorbyte: |default()
07:58 sjorge joined #salt
07:58 hemebond taylorbyte: Does default not work for you?
07:59 hemebond Church-: Depends on your network.
07:59 Church- Nevermind, forget what the default was. Bit of an idiot this late at night.
07:59 Church- hemebond: Hmm, what does it depend on exactly?
07:59 hemebond Church-: If you don't want it public you could use VPNs.
07:59 taylorbyte hemebond: doesn't seem to, i must be doing something else wrong then
07:59 Church- True, could just set up another vpn.
08:00 threwahway_ joined #salt
08:01 Church- hemebond: Let me ask the better question, what security issues if any could result from me running it on the default interface?
08:02 hemebond Church-: By default Salt Master listens on all interfaces.
08:03 hemebond Security issues? Hmmm. I don't know of any to be honest.
08:03 nledez joined #salt
08:03 nledez joined #salt
08:03 hemebond The worst would be something DDOSing your master?
08:03 hemebond I think there's a page in the docs about security issues.
08:07 tpaul joined #salt
08:16 threwahway joined #salt
08:19 aviau joined #salt
08:22 nledez joined #salt
08:25 zerocoolback joined #salt
08:26 RandyT joined #salt
08:26 RandyT joined #salt
08:29 lkthomas how to properly override / adding new variable on map.jinja file without actually modifying it ?
08:29 lkthomas I am not sure touching map.jinja is a good option, what do you think ?
08:29 hemebond lkthomas: Why do you need to touch it at all?
08:30 lkthomas hemebond, example: https://gist.github.com/lkthomas/05d73becb1cb2a5896aee20117dd4863
08:30 lkthomas dynamic_cfg_dir is missing on map.jinja
08:31 lkthomas I am thinking edit map.jinja to add that variable
08:31 hemebond Normally map.jinja is used to merge some default settings, OS-specific settings, and pillar data into one structure (each overwriting the previous)
08:31 hemebond So really you would just put it into your pillar.
08:32 lkthomas so under nagios: I should add another line call dynamic_cfg_dir, correct ?
08:32 aldevar joined #salt
08:32 hemebond I'm not sure what you mean.
08:32 hemebond Is this an existing formula or something?
08:33 lkthomas yes existing formula
08:33 hemebond Got a link?
08:33 lkthomas https://github.com/saltstack-formulas/nagios-formula/
08:34 hemebond Okay so that map.jinja already does the merging for you.
08:34 lkthomas so if I do salt-call state.sls nagios.server.dynamic, it complains about nagios.dynamic_cfg_dir is missing
08:34 hemebond merge=salt['pillar.get']('nagios:lookup:cgi')
08:34 lkthomas for cgi yes
08:34 hemebond merge=salt['pillar.get']('nagios:lookup:nagios')
08:34 hemebond ^ that's for nagios.
08:34 hemebond So if you import nagios from the map.jinja it will include any data you put under that pillar
08:36 lkthomas hemebond, hmm: https://gist.github.com/lkthomas/103c98f7764dfb223dbe18e7efe9343b
08:37 taylorbyte hemebond: got | default()  to work , i  was just using an array not an object somewhere.  Can i check 2 variables then go to default  e.g. {{ var1 | var2 | default() }} ?
08:37 hemebond It needs to be under nagios:lookup:nagios
08:37 hemebond Not just nagios:
08:38 hemebond taylorbyte: Hmm, you might be able to nest the defaults, e.g., {{ var1 | default(var2 | default('poop')) }}
08:38 hemebond I haven't tested, obviously :-)
08:38 taylorbyte oh yeah good idea
08:39 lkthomas hemebond, seems "lookup" is special
08:39 lkthomas I have seen couple pillar example data have that
08:39 darioleidi joined #salt
08:39 v0rtex joined #salt
08:39 hemebond lkthomas: It's not special, it's just a ...
08:40 hemebond thing... we do...
08:40 hemebond :-P
08:40 hemebond Convention!
08:40 lkthomas wait, does lookup is a reserve wording or I could put anything on it when merge ?
08:40 lkthomas nagios:screwup:cgi ?
08:40 hemebond You can put anything into it.
08:40 lkthomas I see
08:40 lkthomas thanks
08:40 hemebond What? no, the map.jinja is looking for nagios:lookup:nagios
08:41 hemebond Putting things under blah:lookup is a convention for formulas so the overrides don't conflict with other pillar data under blah:
08:41 darioleidi joined #salt
08:42 lkthomas I see, well it doesn
08:42 lkthomas it doesn't seems working *
08:42 hemebond Can you paste the relevant data?
08:42 lkthomas https://gist.github.com/lkthomas/c16061d5d6fad77df82dc8285a4decc4
08:44 hemebond You've got it under nagios:lookup not nagios:lookup:nagios
08:44 hemebond Check map.jinja, it shows the pillar path that it will merge.
08:45 darioleidi joined #salt
08:46 lkthomas hemebond, thanks a lot!
08:46 lkthomas I think I know what I am doing now, LOL
08:46 diegows joined #salt
08:48 hemebond 👍
08:48 babilen lkthomas: The meaning of :lookup: in pillar is derived from "lookup table" and refers to values set in defaults.yaml and the os family map.
08:48 lkthomas babilen, I see
08:48 babilen The idea is that there are values users genuinely want to set and those they don't normally tinker with, but should still be able to override. Data in foo:lookup: falls in the latter category
08:49 lkthomas ok
08:49 babilen So, basically you do all data munging in map.jinja and present a completely rendered dictionary to your states. That data would already include defaults for various platforms and user provided data
08:50 lkthomas yeah okay
08:51 v0rtex joined #salt
08:53 babilen http://paste.debian.net/hidden/77e49b99/ exemplifies that (and uses deep merging of datastructures)
08:55 babilen And I noticed a mistake in that I forgot the :lookup: merge on line 49 :)
08:56 babilen Actually .. might want to move that to the merges on line 73
08:57 ipsecguy_ joined #salt
09:00 mike25de joined #salt
09:03 RandyT joined #salt
09:03 RandyT joined #salt
09:08 nikeshm nkuttler:  hi
09:09 haam3r_ joined #salt
09:09 nikeshm i am getting SSL issue http://paste.openstack.org/show/651700/
09:09 lkthomas LOL, I need to fix attribute one by one
09:09 nikeshm i used ngrok to get public url
09:10 nikeshm and following http://bencane.com/2014/07/17/integrating-saltstack-with-other-services-via-salt-api/
09:10 nebuchadnezzar joined #salt
09:10 nikeshm i am trying to set webhook
09:11 nikeshm in my github repo
09:11 mattfoxxx joined #salt
09:11 lkthomas thanks hemebond, appreciate your help
09:13 mike25de hi all
09:14 kiorky joined #salt
09:18 nkuttler nikeshm: please ask in channel
09:19 nikeshm asked
09:19 hemebond 👍
09:21 darioleidi joined #salt
09:30 cyteen joined #salt
09:31 Mattch joined #salt
09:32 colegatron joined #salt
09:33 zerocoolback joined #salt
09:34 zerocoolback joined #salt
09:35 zerocoolback joined #salt
09:36 zerocoolback joined #salt
09:36 pbandark joined #salt
09:36 zerocoolback joined #salt
09:37 zerocoolback joined #salt
09:38 yuhl joined #salt
09:41 RandyT joined #salt
09:41 RandyT joined #salt
09:45 darioleidi joined #salt
09:47 RandyT joined #salt
09:47 RandyT joined #salt
09:49 oida joined #salt
09:50 zulutango joined #salt
09:52 darioleidi joined #salt
09:59 cablekevin service.running (order: last) does not seem to work
09:59 cablekevin i want to restart a service after a cmd.run has been performed
10:00 jrenner joined #salt
10:01 saltslackbridge <mts-salt> you could use 'require'
10:01 saltslackbridge <mts-salt> or other requisites
10:01 colegatron left #salt
10:03 cablekevin doesn't seem to want to work let me pastebin it
10:03 cablekevin https://pastebin.com/E9ndpVHq
10:05 saltslackbridge <mts-salt> the require line probably wants to be a list, prefix with -
10:05 indistylo joined #salt
10:06 cablekevin ...
10:06 cablekevin I think i need more coffee
10:07 cablekevin Thanks, i overseen that single dash missing
10:07 saltslackbridge <mts-salt> not a problem, sometimes it just needs a fresh set of eyes :slightly_smiling_face:
10:08 cablekevin Hehe for sure, again, thanks! :)
10:21 tpaul joined #salt
10:25 indistylo joined #salt
10:26 Elsmorian joined #salt
10:31 indistylo joined #salt
10:36 jhauser joined #salt
10:38 shiranaihito joined #salt
10:47 threwahway_ joined #salt
11:10 darioleidi joined #salt
11:19 Creme joined #salt
11:19 pbandark1 joined #salt
11:28 evle1 joined #salt
11:36 indistylo joined #salt
11:39 indistylo joined #salt
11:45 gmoro joined #salt
11:48 RandyT joined #salt
11:48 RandyT joined #salt
11:54 ereslibre joined #salt
11:54 ereslibre hello! general question: do you know a way to make salt only render an orch sls (without executing anything, just render it on stdout)?
11:58 saltslackbridge <mts-salt> you may want to look at slsutil.renderer
11:58 saltslackbridge <mts-salt> can be used for any sls
12:00 ereslibre thank you! that will help, I just found out a non-conventional way, call to the orchestration with salt-run -l debug and add a typo somewhere
12:00 ereslibre thanks! :)
12:03 zerocoolback joined #salt
12:12 shiin joined #salt
12:13 shiin I'm having trouble with salt-master 2017.7.2 on Debian Jessie. After upgrading from a 2016 version it immediately consumes 100% cpu on 4 cores and slows down the system with a load around 6.
12:15 shiranaihito joined #salt
12:19 saltslackbridge <mts-salt> never heard of that specifically, but you may want to try cutting parts of your setup out until it stops just to see if you can spot the cause
12:19 cablekevin joined #salt
12:20 saltslackbridge <mts-salt> for example, empty the top.sls for states and/or pillars
12:23 cyteen joined #salt
12:24 shiin I am trying things like that, yeah.
12:24 shiin default master config, purge install, cache clear, now I'm going to remove and reinstall all dependencies
12:25 aruns__ joined #salt
12:25 evle joined #salt
12:25 ebbex In a init.sls, can I check for and include map.jinja files? {% if exists(map-ubuntu-16.jinja) include file %} {% elif exists(map-ubuntu.jinja), include file %} {% else include map.jinja %}, or something along those lines?
12:26 zerocoolback joined #salt
12:26 saltslackbridge <ryan.walder> `salt.pillar.file_exists('path/to/file.jinja')`
12:26 saltslackbridge <ryan.walder> that's for pillar, should work with states as well i think
12:27 saltslackbridge <ryan.walder> but it does mean you can't use gitfs
12:27 babilen ebbex: You might just want to include it and allow for it to be missing, but setting "ignore_missing: True"
12:28 ebbex i stumbled upon this, but doesn't seem to be implemented; https://github.com/saltstack/salt/issues/20010
12:29 ebbex babilen: Won't that include all files it finds? (i'm trying to replicate with_first_found from ansible if that tells you anything.)
12:30 nikeshm hi
12:31 nikeshm disable_ssl is not working for me
12:31 saltslackbridge <mts-salt> i don't know if we're using jinja 2.2, but it looks like you can include from a choice of files; http://jinja.pocoo.org/docs/2.10/templates/#include
12:31 nikeshm i used it in /etc/salt/master
12:31 nikeshm even though i got ssl issue
12:32 babilen ebbex: It would include all and simply not error out if one is missing. What kind of datastructure are you trying to model with that?
12:33 babilen ebbex: I use something like http://paste.debian.net/hidden/77e49b99/ to incorporate various settings (example for Xen)
12:33 babilen Maybe something like that with a pillar driven approach might come in handy?
12:33 babilen Also look into pillarstack if you haven't already
12:35 saltslackbridge <ryan.walder> holy cow, `ignore_missing: True` in the pillar loading takes my topfiles down from 88 lines of horrible jinja file checks to 17 lines
12:35 babilen saltslackbridge: \o/
12:35 babilen *happy-dance*
12:35 saltslackbridge <ryan.walder> best discovery of the day. many thanks!
12:35 babilen You are most welcome
12:36 xet7 joined #salt
12:36 babilen What kind of optional data are you including if I may ask? (always interesting to see other setups)
12:37 saltslackbridge <ryan.walder> I run a topless pillar, give me 2 secs and I'll do a gist
12:38 babilen sure
12:41 saltslackbridge <ryan.walder> old: https://gist.github.com/ryanwalder/d56b9d43c95c9aa5250207fa45c58827 new: https://gist.github.com/ryanwalder/c33545a2f2c7d42724a16d762c44c22f
12:44 nikeshm Not starting 'salt.loaded.int.netapi.rest_cherrypy'. Options 'ssl_crt' and 'ssl_key' are required if SSL is not disabled.
12:45 babilen saltslackbridge: That's *soo* much nicer. This makes me rather happy :)
12:45 saltslackbridge <mts-salt> babilen: the bridge isn't a real user btw :slightly_smiling_face:
12:46 saltslackbridge <ryan.walder> IKR, I've been running this for a few years at home, and was explaining it to the new work folks and this makes it so much easier to visualise!
12:46 babilen I know, but it is my bit of defiance to the Slack bridge
12:46 saltslackbridge <ryan.walder> heh
12:46 babilen (and Slack usernames don't tab complete in IRC)
12:46 saltslackbridge <mts-salt> fairy snuff
12:47 saltslackbridge <mts-salt> (you could use slack where they do... :) )
12:48 babilen Well, if SaltStack were to officially move the channel to Slack, then I'd use Slack
12:48 saltslackbridge <ryan.walder> i started using slack when my irc bouncer dies, ended up staying
12:48 babilen I prefer open source and open protocols/decentralised infrastructure where possible
12:49 saltslackbridge <mts-salt> the separate channels in slack make it much more useful imo. having mac and windows in their own channels keeps the chat out of general for example
12:49 babilen I might copy some of those idea, ryan .. I would just have to make that work without necessarily having to enforce a strict naming scheme
12:49 babilen We could easily have #salt, #salt-windows, #salt-osx, ... on IRC
12:49 saltslackbridge <mts-salt> plus the salt peeps seem to be using slack more than irc
12:50 babilen ^ that's the actual reason
12:50 babilen SaltStack company bought into Slack, so people who work there don't want to also idle on IRC
12:50 babilen (but not miss out)
12:50 ebbex babilen: Hmm, this seems promising. Will merge overwrite existing keys, and which way? Seems I need to go from "defaults" -> "specific".
12:50 babilen I use Slack for k8s, but just dislike the bridging
12:50 saltslackbridge <mts-salt> explains the slack integration too
12:50 babilen ebbex: It would, yeah
12:51 ebbex so include map, then include more specific map, then most specific map, with ignore_missing?
12:52 babilen ebbex: You would essentially merge more specific ones later. But also check out https://gist.github.com/ryanwalder/c33545a2f2c7d42724a16d762c44c22f and https://docs.saltstack.com/en/latest/ref/pillar/all/salt.pillar.stack.html
12:52 babilen In the end, I found it to be advantageous to write generic states that are entirely data (i.e. pillar) driven
12:53 babilen Configuring a box then boils down to presenting the right data to it
12:53 saltslackbridge <mts-salt> now if only i could import yaml into pillar...
12:53 babilen And you have a single place to define the entire behaviour, rather than mixing specific configuration all over the place
12:55 babilen saltslackbridge: import_yaml ?
12:55 tpaul left #salt
12:56 saltslackbridge <mts-salt> tried it, couldn't make it work with relative paths. as soon as it went into pillar the entire pillar came back empty due to a (hidden) rendering error
12:56 saltslackbridge <mts-salt> there's an open issue about it
12:56 babilen Ah, relative ..
12:56 saltslackbridge <mts-salt> we're using git_pillar, so yes
12:56 babilen Do you have the issue around? I remember that problem, but couldn't track it down in time
12:57 babilen We're using git_pillar also
12:58 babilen → lunsj
13:01 saltslackbridge <mts-salt> i can't find it now :S
13:07 leoxlin joined #salt
13:08 leoxlin left #salt
13:09 mavhq joined #salt
13:09 indistylo joined #salt
13:16 darioleidi joined #salt
13:23 Kelsar joined #salt
13:26 viq mts-salt: also the small difference of slack desktop client wanting to use about 2GB of RAM, and a CLI IRC client using somewhere in range of 100-200MB ;)
13:27 viq Though that's more for #salt-offtopic ;)
13:40 saltslackbridge <ryan.walder> babilen: I use it at home split on hypens (prod-blah-nginx-01 or whatever) so the naming scheme is a little more flexible but it's easily adaptable as long as you have a vaugely consistent naming scheme
13:40 artur-ba joined #salt
13:44 artur-ba left #salt
13:45 arturb joined #salt
13:45 mattfoxxx joined #salt
13:46 darioleidi joined #salt
13:46 arturb joined #salt
13:48 gh34 joined #salt
13:48 Hybrid joined #salt
13:50 artur-ba joined #salt
13:52 artur-ba left #salt
13:52 artur-ba joined #salt
13:53 arturb joined #salt
13:54 huddy joined #salt
13:54 numkem joined #salt
13:54 arturb left #salt
13:54 arturb joined #salt
13:57 XenophonF I use import_yaml, import_text, and import_json in Pillar SLSes all the time
13:58 colegatron joined #salt
13:58 Larri joined #salt
13:58 XenophonF mts-salt: Any render errors would be logged on the master.  What do you see?  Can you post them to gist.github.com or ix.io or something?
13:58 XenophonF also Pillar-driven configs FTW
13:59 saltslackbridge <mts-salt> local pillar is fine, it fails with git_pillar
13:59 XenophonF That's what I'm using.
13:59 Elsmorian joined #salt
13:59 saltslackbridge <mts-salt> could you post a gist by any chance?
14:00 XenophonF I'll do you one better - https://github.com/irtnog/salt-pillar-example/blob/master/login/example/com/'
14:00 XenophonF s/'//
14:01 Elsmoria_ joined #salt
14:01 saltslackbridge <mts-salt> i see import_text but not import_yaml
14:01 mchlumsky joined #salt
14:01 XenophonF same difference
14:01 saltslackbridge <mts-salt> does it just work the same? because we tried import_yaml with a relative path and it just bombed
14:02 XenophonF sorry my powers of clairvoyance aren't working today, so I'd need to see the actual error message from the Salt Master log file to help you figure out what broke
14:03 saltslackbridge <mts-salt> i'd have to reconfigure to try it, we took it out because it was stopping everything else from working
14:04 XenophonF you don't need to re-create it
14:04 oyvindmo joined #salt
14:05 XenophonF just look for the render errors in the master log file from whenever you were trying it
14:05 arturb Hi. I am working with salt and I had a wall with one think which is pretty weird. I am sending a request using curl to salt to execute action (install apache: command state.sls apach) and it works without a problem. But when I am sending the same data, the same headers using python requests application is installed on selected minion but I am not receiving a response from master
14:11 mchlumsky joined #salt
14:11 saltslackbridge <mts-salt> XenophonF: the log only shows one line
14:11 saltslackbridge <mts-salt> 2018-01-17 08:40:32,496 [salt.pillar      ][CRITICAL][27] Pillar render error: Error encountered while render pillar top file.
14:12 saltslackbridge <mts-salt> one line, repeated for each attempt
14:14 saltslackbridge <mts-salt> perhaps it doesn't work in top, only in leaf
14:15 mchlumsky joined #salt
14:15 mike25de joined #salt
14:15 * mike25de hi guys - is there a documented procedure to update the salt-minions to match the version of the master (i updated the master already)? thanks in advance
14:18 coldbrewedbrew_ joined #salt
14:23 deuscapturus_ joined #salt
14:27 XenophonF mts-salt: You can use import_yaml and friends in top files, but the top file data is only used for targeting.
14:27 XenophonF What exactly are you doing in the top file?
14:28 XenophonF The Pillar top.sls should look like the States top.sls
14:29 saltslackbridge <mts-salt> correct. we want to have a single place to define some key variables which also define filters that we'd like to use so that only certain minions get certain data. the simplest example would be network-specific variables that filter based on cidr
14:29 XenophonF top-level keys are all environment names, second-level keys are target designators, and the second-level keys' values are lists of SLS targets
14:30 XenophonF can you post your top file?
14:34 saltnoob58 joined #salt
14:35 saltnoob58 hi
14:35 saltnoob58 does anyone know of any convenient ready things for salt to communicate with a random api that doesn't have it's own module, namely hp ucmdb?
14:36 saltslackbridge <mts-salt> XenophonF: can do, but not right away. i'm supposed to be working on another project now :slightly_smiling_face:
14:36 saltslackbridge <ryan.walder> you'd need to write a module afaik
14:37 saltslackbridge <ryan.walder> you could probably get a headstart if there is already python api bindings for it but thats about it
14:37 saltslackbridge <ryan.walder> saltnoob58 ^
14:40 saltnoob58 i suspected as much. I've done for a different api in ansible a solution with like three curl tasks per actual action, but salt doesn't allow storing a token you get from the http query and using it in the next http query. Maybe I can just call httm modules from inside a custom module :|
14:41 saltnoob58 ugh, i hate having to go out of the cm tool to do cm things
14:41 saltnoob58 i bet nobody has heard of any already made things to collect and compose data to feed to ucmdb either
14:41 saltslackbridge <mts-salt> you can use command output in a jinja variable to re-use in the same file if that's a viable alternative
14:42 saltnoob58 i might be very wrong, but since jinja variables in salt are resolved before runtime i can't store a command output in a variable and use it in the same state
14:43 saltnoob58 otherwise it's exactly what i did in ansible, store the authentiaction token in a variable and put variable inside the json of the next http POST and get a ghetto api "module"
14:45 saltslackbridge <ryan.walder> you could be filthy and write/read the results to files with a chains `cmd.run`s
14:45 saltslackbridge <mts-salt> might be easier to put it in a (managed) script and call that...
14:45 saltslackbridge <ryan.walder> or that
14:45 saltslackbridge <mts-salt> i've done exactly that for vm provisioning on a local kvm host
14:47 major joined #salt
14:47 saltslackbridge <ryan.walder> You can make scripts stateful as well so it's not terrible
14:47 saltslackbridge <ryan.walder> https://github.com/ryanwalder/mounts-formula/blob/master/mounts/files/safe-format
14:47 saltslackbridge <ryan.walder> check the end of the script
14:50 saltslackbridge <mts-salt> nice. i haven't need to use that yet, but i'll try to remember it when i do :slightly_smiling_face:
14:50 aruns__ joined #salt
14:51 saltslackbridge <ryan.walder> It's especially good if you're using highstates/states as
14:51 saltslackbridge <ryan.walder> given a highstate should run with 0 changes on a configured system
14:51 saltslackbridge <ryan.walder> so using a returner into graphite or similar you can see if things start chaging
14:52 cgiroua joined #salt
14:52 saltslackbridge <mts-salt> my solution was to use requisite to skip the cmd.run and so have no changes that way
14:52 saltslackbridge <ryan.walder> yeah, `cmd.wait` or similar works a lot of the time
14:52 saltslackbridge <mts-salt> i used onlyif but the result is the same
14:54 saltnoob58 sometimes i look at all the solutions and advices and think it's just easier to become a python developer and just do everything i ever want in a python script and just call that with salt
14:55 gh34 joined #salt
14:58 pualj joined #salt
14:58 ouemt joined #salt
15:00 doubletwist joined #salt
15:04 domel joined #salt
15:06 edrocks joined #salt
15:06 domel joined #salt
15:06 domel left #salt
15:07 domel_ joined #salt
15:08 major joined #salt
15:10 hammer065 joined #salt
15:12 saltslackbridge <ryan.walder> or become a python dev and extend salt to do the things you need!
15:13 kojiro joined #salt
15:17 Tucky joined #salt
15:28 DammitJim joined #salt
15:30 major joined #salt
15:36 major joined #salt
15:46 DanyC joined #salt
15:52 jhujhiti XenophonF: just saw your reply from last night about openldap. thanks, this is a perfect start. i'm thinking about multimaster too
16:09 Elsmorian joined #salt
16:11 tiwula joined #salt
16:12 _JZ_ joined #salt
16:13 edrocks joined #salt
16:16 major joined #salt
16:19 snath joined #salt
16:22 deuscapturus joined #salt
16:40 Elsmoria_ joined #salt
16:41 threwahway joined #salt
16:43 tzero joined #salt
16:45 racooper joined #salt
16:45 mTeK joined #salt
16:47 XenophonF jhujhiti: awesome - let me know if you figure it out, because I need a clue  ;)
16:48 XenophonF ryan.walder: I'm calling it DevOops from now on.
16:54 pipps joined #salt
16:55 saltslackbridge <ryan.walder> :)
17:00 Deliant joined #salt
17:01 DanyC joined #salt
17:04 ecdhe joined #salt
17:07 Shirkdog joined #salt
17:11 major joined #salt
17:14 Lionel_Debroux joined #salt
17:25 oida joined #salt
17:26 racooper joined #salt
17:31 jbailey joined #salt
17:38 major joined #salt
17:39 simmel joined #salt
17:43 nixjdm joined #salt
17:44 Creme joined #salt
17:50 stanchan joined #salt
17:51 twiedenbein joined #salt
17:52 bantone joined #salt
17:54 Creme joined #salt
17:56 stanchan joined #salt
17:56 Deliant joined #salt
17:57 taylorbyte if i want to layer dictionaries and combine them into 1 do i use .get() with merge e.g. {%- for file in map.service[service_name].get('files', merge=map.defaults.files) %}
17:58 onlyanegg joined #salt
18:03 major joined #salt
18:06 LostSoul joined #salt
18:06 Creme joined #salt
18:13 edrocks joined #salt
18:28 pipps joined #salt
18:29 pipps joined #salt
18:30 nebuchadnezzar joined #salt
18:36 stanchan joined #salt
18:39 stanchan joined #salt
18:47 xet7 joined #salt
18:48 aCodinMan joined #salt
18:56 evle joined #salt
18:58 aCodinMan joined #salt
18:59 Aleks3Y joined #salt
19:05 saltslackbridge joined #salt
19:25 edrocks joined #salt
19:27 jbailey joined #salt
19:29 stanchan joined #salt
19:42 jbailey joined #salt
19:44 stanchan joined #salt
19:44 ajw0100 joined #salt
19:47 Elsmorian joined #salt
19:56 irated joined #salt
19:57 ymasson joined #salt
20:04 tiwula joined #salt
20:05 indistylo joined #salt
20:11 cro joined #salt
20:11 saltslackbridge joined #salt
20:26 Hybrid joined #salt
20:34 Trauma joined #salt
20:42 XenophonF taylorbyte: that uses the Python accessor, so I'm not sure that will work
20:42 XenophonF https://docs.python.org/2/library/stdtypes.html#dict.get
20:45 Hybrid joined #salt
20:51 ajw0100 joined #salt
20:53 aCodinMan joined #salt
20:55 aCodinMan joined #salt
20:55 tapoxi joined #salt
21:00 XenophonF you could try map.service[service_name]['files']+map.defaults.files
21:00 XenophonF but that doesn't guarantee de-deuplicates
21:00 taylorbyte XenophonF: after scrolling down a little bit on the link you gave me the descriptions of setdefault() and update() caught my attention. https://stackoverflow.com/a/9139961 is close to what i want but instead of a default value for all unset keys i was wanting a set of backup keys of the same names to use if they arent specified in the first dict
21:03 XenophonF I'd do something like this: https://github.com/irtnog/openssh-formula/blob/master/sshd/map.jinja#L88
21:03 XenophonF where I'd load the default values into a variable, and then update them from map.service[service_name]
21:04 XenophonF or better yet
21:04 XenophonF since you probably aren't following the whole defaults.yaml/map.jinja pattern like in my example, you should probably use the |default filter
21:04 XenophonF http://jinja.pocoo.org/docs/dev/templates/#default
21:05 XenophonF so it'd look like `{%- for file in map.service[service_name]['files']|default(map.defaults.files) %}`
21:05 stanchan joined #salt
21:05 XenophonF if the files key has a value, it uses that, otherwise it uses the value of map.defaults.files
21:06 XenophonF I abuse the heck out of that in https://github.com/irtnog/shibboleth-formula/.
21:06 Creme left #salt
21:07 XenophonF e.g., https://github.com/irtnog/shibboleth-formula/blob/master/shibboleth/sp/lib.jinja
21:09 taylorbyte XenophonF: ok might have to try | default() in the for line, i have been using | default() on every individual variable in the loop but its now very messy and i have a defaults.yaml > map.jinja > import map with context setup but its getting complex also
21:09 viq joined #salt
21:10 XenophonF might be unavoidable when you're iterating over keys like with your service map there
21:12 aCodinMa_ joined #salt
21:17 stanchan joined #salt
21:17 taylorbyte XenophonF: i've used update() like https://github.com/irtnog/openssh-formula/blob/master/sshd/map.jinja#L88 before but i thought it was just appending to a variable, so in that line 88 does default_settings have some key/values and distro_map has more and maybe even has some keys that are the same which will then overwrite the keys in default_settings? if so that's what i'm after i think
21:18 taylorbyte appending to a dict *
21:22 pcgod_ joined #salt
21:25 aldevar left #salt
21:26 spiette joined #salt
21:26 pcgod_ left #salt
21:27 pualj joined #salt
21:27 pcgod joined #salt
21:27 doubletwist So I see how to set something like "pkg: 'packagename'" in jinja based on os family and whatnot. But I'm having trouble figuring out how to make it a list of multiple packages
21:27 doubletwist example [not working]  'pkgs': ['package1','package2','package3'],
21:28 doubletwist in map.jinja that is
21:29 Heartsbane joined #salt
21:29 Heartsbane joined #salt
21:33 racooper joined #salt
21:39 aCodinMan joined #salt
21:40 doubletwist nm, figured it out
21:47 XenophonF doubletwist: here's a neat trick - https://github.com/irtnog/salt-states/blob/development/augeas/init.sls
21:48 wryfi joined #salt
21:52 major joined #salt
21:53 XenophonF I wish the |yaml filter was smarter and could deal with scalars
21:54 sjorge joined #salt
21:56 stanchan joined #salt
21:56 major joined #salt
21:56 ConkyAxis joined #salt
21:59 ConkyAxis left #salt
22:03 doubletwist I ended up copying the way it was done in the zabbix-formula
22:03 doubletwist I was forgetting the for loop in init.sls
22:04 aCodinMan joined #salt
22:04 tracphil joined #salt
22:07 colttt joined #salt
22:18 aCodinMan joined #salt
22:22 cgiroua joined #salt
22:33 jhauser joined #salt
22:41 Elsmorian joined #salt
22:44 aCodinMan joined #salt
22:49 aCodinMa_ joined #salt
22:52 aCodinMan joined #salt
22:54 fxhp joined #salt
23:11 pipps joined #salt
23:17 pipps joined #salt
23:19 pipps joined #salt
23:20 pipps joined #salt
23:21 pipps joined #salt
23:28 aCodinMa_ joined #salt
23:30 aCodinMan joined #salt
23:34 tzero joined #salt
23:40 aCodinMan joined #salt
23:42 aCodinMa_ joined #salt
23:44 tracphil joined #salt
23:44 aCodinMan joined #salt
23:46 aCodinMa_ joined #salt
23:50 aCodinMan joined #salt

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary