Perl 6 - the future is here, just unevenly distributed

IRC log for #salt, 2018-02-01

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:02 pipps joined #salt
00:09 zerocoolback joined #salt
00:16 onlyanegg joined #salt
00:31 pipps joined #salt
00:35 Church- So question, is it possible to use conditionals in state files?
00:36 Church- For example I only want to apply part of the state file if the target minion has say a certain string of characters in it's name.
00:39 whytewolf Church-: https://docs.saltstack.com/en/latest/topics/jinja/index.html
00:42 pipps joined #salt
00:46 Church- whytewolf: Figured it'd be using jinja. So using grains I can get the minion name I assigned to the host then?
00:47 whytewolf the grain is id
00:47 whytewolf you can also use the match module
00:47 whytewolf https://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.match.html
00:48 MTecknology +1 to the match module
00:48 Church- Very good to know, thanks guys.
00:50 onlyanegg joined #salt
00:53 cgiroua joined #salt
00:55 pipps joined #salt
00:57 jmedinar joined #salt
01:00 jmedinar Hello. How can I test in Jinja if a variable starts with "string"....
01:01 saltslackbridge <gtmanfred> `whatever.startswith('string')`
01:04 jmedinar Thanks
01:09 shiranaihito joined #salt
01:13 pipps joined #salt
01:13 APLU joined #salt
01:13 pipps joined #salt
01:27 av_ joined #salt
01:41 kettlewe_ joined #salt
02:00 zerocoolback joined #salt
02:06 tiwula joined #salt
02:08 Zxcvb joined #salt
02:09 Bicchi joined #salt
02:10 Bicchi left #salt
02:25 tiwula joined #salt
02:33 XenophonF I'm pretty far down this particular rabbit hole already, but does anyone have a Moodle deployment formula they'd like to share?
02:39 zerocoolback joined #salt
02:57 ilbot3 joined #salt
02:57 Topic for #salt is now Welcome to #salt! <+> Latest Versions: 2016.11.8, 2017.7.2 <+> Support: https://www.saltstack.com/support/ <+> Logs: http://irclog.perlgeek.de/salt/ <+> Paste: https://gist.github.com/ <+> See also: #salt-devel, #salt-offtopic, and https://saltstackcommunity.herokuapp.com (for slack) <+> We are volunteers and may not have immediate answers
02:58 XenophonF I'm writing Jinja code that reads YAML code and writes PHP code.
02:58 XenophonF The last time around, it was rendering XML.
02:58 XenophonF Something is very wrong with me.  ;)
02:59 whytewolf you are using XML and PHP of coarse there is something wrong with you :P
03:01 nomeed joined #salt
03:09 pipps joined #salt
03:38 tzero joined #salt
03:46 evle joined #salt
04:22 heyimawesome joined #salt
04:28 aarontc joined #salt
04:38 Church- ^^^
04:39 gswallow joined #salt
04:40 lompik joined #salt
04:56 LocaMocha joined #salt
05:00 cyteen__ joined #salt
05:31 MTecknology Why wouldn't you do that with a custom module?
06:02 mrBen2k2k2k joined #salt
06:02 indistylo joined #salt
06:03 pualj joined #salt
06:04 euidzero joined #salt
06:06 Church- Hmm, is there a way to pass variables to state files?
06:06 Church- Remember reading something about using pillars to do it, but bit beyond me at the moment.
06:07 whytewolf https://docs.saltstack.com/en/latest/topics/tutorials/pillar.html#setting-pillar-data-on-the-command-line
06:09 Church- whytewolf: Can I declare that in a state file however?
06:09 Church- I'm assuming yes.
06:10 whytewolf well. it is just pillar. so you access it like normal pillars
06:10 Church- Heh, haven't really touched pillars yet.
06:10 Church- Off to the docs.
06:12 Church- Okay, yeah this I can use.
06:19 MTecknology Church-: remote execution -> states -> pillar -> jinja -> magic.  :)
06:20 Church- whytewolf: So quick question, I have an ssh sls file declared, what's the matter with this exacly. https://bpaste.net/show/c42230732588
06:20 Church- Probably something obviously, but not too sure based on the docs.
06:20 Church- Just want to run this state file if the conditional passes.
06:21 MTecknology !targeting
06:21 Church- ?
06:21 MTecknology https://docs.saltstack.com/en/latest/topics/targeting/
06:22 Church- Ahhhh.
06:22 MTecknology Church-: your spacing is wrong, and that's not at all how selections are done.
06:22 Church- Heh, wrong on all counts. Oh well, bound to happen.
06:22 MTecknology avoid jinja when it's not actually needed
06:23 Church- Noted.
06:24 MTecknology I'd suggest starting off w/ reading the tutorial until it gets too confusing for us to answer questions.
06:25 XenophonF Church-: You can do a lot without Jinja.  YAML is surprisingly descriptive.
06:25 Church- Noted and noted.
06:25 XenophonF e.g., I ripped all the Jinja out of my states top file because I learned how to do YAML back references
06:26 Church- MTecknology: So reading the section on targeting by globbing.
06:26 MTecknology I'm not sure I've ever stuck jinja in a top.sls
06:26 XenophonF https://github.com/irtnog/salt-states/blob/master/top.sls
06:26 Church- With the examples they give do those needs to be in a top file, or can I define it in other files?
06:26 * whytewolf shrugs. I wrote my entire top in jinja
06:26 XenophonF I had to add a little back in because of a few conditionals
06:26 XenophonF but it is a lot cleaner than past versions
06:26 XenophonF IMO
06:26 MTecknology XenophonF: Yes! Things like that should be avoided!
06:27 whytewolf the top file is for targetting the states for a highstate. however you can call states directly.
06:27 XenophonF My Pillar top file has almost no Jinja, too.
06:27 XenophonF https://github.com/irtnog/salt-pillar-example/blob/master/top.sls
06:27 Church- whytewolf: Well yes, I meant that I have for an example a file called rancher-host.sls and it has the following contents and gave off the following error when applied.
06:28 whytewolf this is insanity https://github.com/whytewolf/dyn_salt_top
06:28 * MTecknology is scared to look
06:29 whytewolf you've seen it MT. and asked why i didn'twrite it in python
06:29 Church- https://bpaste.net/show/a47e49e3c7fa
06:29 XenophonF MTecknology: it's less than 10 lines ;)
06:29 MTecknology ah..
06:29 MTecknology I remember this :)
06:29 Church- whytewolf: Okay, this is interesting.
06:29 XenophonF whytewolf: you could probably get it a little shorter by using |yaml
06:29 whytewolf Church-: don't need the - match when it is glob. it is the default. and - ssh/ssh should be indented
06:30 Church- Ah.
06:30 whytewolf XenophonF: most likely. I rushed it
06:31 MTecknology Church-: don't use whytewolf's concoction! (not until you can clearly explain what it's doing) :)
06:31 Church- Eyep
06:32 XenophonF Church-: stay away from the Jinja, otherwise you'll end up writing recursive macros that pretty-print XML
06:32 XenophonF https://github.com/irtnog/shibboleth-formula/blob/master/shibboleth/sp/lib.jinja#L140
06:32 Church- Huh, okay so I indented and it's still giving off an error.
06:32 Church- Least I'm not writing recursive macro's in a kernel module. Debugging that was an interesting couple days.
06:32 whytewolf does /srv/salt/ssh/ssh.sls or /srv/salt/ssh/ssh/init.sls exist?
06:32 Church- whytewolf: The former exists.
06:32 XenophonF Church-: indent line 2 only two spaces
06:33 XenophonF change ssh/ssh to ssh.ssh
06:33 XenophonF and whytewolf is right: glob match is the default for top files
06:33 Church- Still nothing, here it is currently.
06:34 XenophonF well, technicall compound match is the default for top files, glob match is the default for the CLI
06:34 MTecknology Church-: you didn't wanna do the tutorial & ask Q's thing? :(
06:35 Church- MTecknology: Oh I'm going through the tutorial, only difference is I replaced a fe bits.
06:35 Church- https://bpaste.net/show/83b7ede61c23
06:35 MTecknology Why do you want to type ssh twice?
06:36 whytewolf okay. what is the error?
06:36 whytewolf and what is the command you are putting in
06:36 XenophonF see you all on the flip side
06:36 whytewolf see you XenophonF
06:36 * MTecknology goes to crawl in bed w/ XenophonF
06:37 whytewolf I should be going soon also. getting late here.
06:37 MTecknology It's not even 0100 here yet
06:37 Church- Heh, 2am where I am.
06:38 Church- I'll hold off and experiment more. Catch you guys later rather then keep you up.
06:38 whytewolf it is only 22:30 here
06:39 whytewolf have a good night all
06:39 Church- Night
06:54 pualj joined #salt
06:56 MTecknology three more episodes and I'll have finished binge watching Lost...
07:19 MTecknology Church-: how's the reading going?
07:20 Church- Eh drinking and getting ready for nap. I've worked almost two days straight aside from a 2-3hr nap each day.
07:20 Church- So none at all. :P Doing that tomorrow.
07:24 indistylo joined #salt
07:24 MTecknology my drink is almost gone
07:25 MTecknology Church-: you really should try to understand the basics of salt before diving in. That directional thing of mine was a "building blocks" attempt.
07:26 archive joined #salt
07:26 Church- Aye kinda figured. Read through some of the tutorials but not enough for it to stick I guess.
07:26 Church- Ah well, s'what tomorrows for.
07:26 MTecknology salt is big and complex, and easy to over-complicate because you missed docs that say "here's the simple way"@
07:27 MTecknology after you finish the tut, I have something for you.
07:27 Church- Noted.
07:36 matches joined #salt
07:39 Tucky joined #salt
07:41 matches left #salt
07:42 jbailey joined #salt
07:54 zerocoolback joined #salt
08:11 aldevar joined #salt
08:24 Morrolan joined #salt
08:26 Hybrid joined #salt
08:26 zerocoolback joined #salt
08:31 jrenner joined #salt
08:40 stanchan joined #salt
08:45 darioleidi joined #salt
08:55 nikeshm hi
08:55 nikeshm i am getting issue with salt-cloud and openstack
08:55 nikeshm i am following https://docs.saltstack.com/en/latest/topics/cloud/openstack.html
08:56 nikeshm MalformedResponseException in <libcloud.compute.drivers.openstack.OpenStack_1_1_NodeDriver object
08:56 nikeshm XenophonF : there
09:02 DanyC joined #salt
09:05 pbandark joined #salt
09:05 cyteen joined #salt
09:13 mbologna joined #salt
09:15 mikecmpbll joined #salt
09:16 jas02 joined #salt
09:17 indistylo joined #salt
09:19 jas02 joined #salt
09:33 pualj joined #salt
09:34 Mattch joined #salt
09:35 pualj joined #salt
09:35 pualj joined #salt
09:39 pualj joined #salt
09:46 indistylo joined #salt
10:06 yuhl joined #salt
10:14 pualj joined #salt
10:17 pualj joined #salt
10:21 pualj joined #salt
10:22 oida joined #salt
10:24 pualj joined #salt
10:28 aruns joined #salt
10:28 pualj joined #salt
10:40 pualj joined #salt
10:48 pualj joined #salt
10:48 pualj joined #salt
10:50 pualj joined #salt
11:08 m0nky_ joined #salt
11:09 shanth_ joined #salt
11:10 lordcirth_work_ joined #salt
11:10 dem joined #salt
11:10 Laogeodritt joined #salt
11:11 MK_FG joined #salt
11:11 MK_FG joined #salt
11:11 LostSoul_ joined #salt
11:11 esharpmajor_ joined #salt
11:11 socket- joined #salt
11:12 JoshL joined #salt
11:12 chutzpah joined #salt
11:12 Rubin joined #salt
11:12 CeBe joined #salt
11:12 ___[0_0]___ joined #salt
11:12 jrenner joined #salt
11:12 simonmcc joined #salt
11:12 theblazehen joined #salt
11:13 phtes joined #salt
11:13 tobiasvdk joined #salt
11:13 TomJepp joined #salt
11:13 Church- joined #salt
11:13 saltstackbot joined #salt
11:16 nomeed joined #salt
11:16 nledez joined #salt
11:16 nledez joined #salt
11:17 indistylo joined #salt
11:18 pbandark joined #salt
11:22 defsdoor joined #salt
11:26 c4rc4s joined #salt
11:45 pbandark joined #salt
11:46 indistylo joined #salt
11:55 kiorky joined #salt
11:55 megamaced joined #salt
11:59 JohnnyRun joined #salt
12:26 kettlewell joined #salt
12:32 pualj_ joined #salt
12:34 zerocoolback joined #salt
12:45 jas02 joined #salt
12:52 nikeshm hi
12:55 nikeshm how can i provide username in https://docs.saltstack.com/en/latest/topics/cloud/openstack.html
12:55 nikeshm for ssh inside virtual machine
12:56 jas02 joined #salt
13:01 jas02 joined #salt
13:05 nikeshm like for centos it is is cirros
13:05 nikeshm for ubuntu, default it takes ubuntu
13:06 evle1 joined #salt
13:06 tiwula joined #salt
13:14 jas02 joined #salt
13:19 aruns joined #salt
13:20 XenophonF sorry nikeshm was taking my beauty rest
13:20 XenophonF didn't work, sadly, still ugly
13:20 XenophonF so let me take a gander at the docs there
13:22 Nahual joined #salt
13:25 XenophonF so for ssh inside the virtual machine, you need that built into the image somehow
13:26 XenophonF like in AWS, all the images have a client (ec2-config or whatever it's called) that grabs the SSH key from instance metadata and installs that for you
13:26 XenophonF or in VMware, VMware Tools talks to the hypervisor to get the custom settings (I forget ATM what that's called specifically - it's been a while)
13:27 XenophonF You can either hard-code a username and SSH public key in your images, or you can set up some generic mechanism that grabs the key or runs a script from the OpenStack equivalent of instance metadata
13:29 XenophonF you, as the image builder, could make those usernames whatever you want
13:30 XenophonF as for that NodeDriver error, it looked yesterday like an authentication problem
13:32 cgiroua joined #salt
13:43 jas02 joined #salt
13:44 izombie joined #salt
13:44 izombie Does pip state support constraints parameter?
13:46 mchlumsky joined #salt
13:53 aruns__ joined #salt
13:56 jas02 joined #salt
13:57 gh34 joined #salt
14:00 mchlumsky joined #salt
14:01 yujunz joined #salt
14:03 mikecmpb_ joined #salt
14:05 ik__ joined #salt
14:05 ik__ left #salt
14:13 Tenyun[m] joined #salt
14:13 viq[m] joined #salt
14:19 jas02 joined #salt
14:24 mikecmpb_ i'm trying to require a whole state file as described here: https://docs.saltstack.com/en/latest/ref/states/requisites.html#require-an-entire-sls-file
14:24 mikecmpb_ however, i can't get it to work i keep getting:      Comment: The following requisites were not found:
14:24 mikecmpb_ require:
14:24 mikecmpb_ sls: passenger
14:25 saltslackbridge <mts-salt> the contents of 'require' is a list, so needs an indent and hyphen
14:25 saltslackbridge <gtmanfred> Did you also include that sls in the state run?
14:25 mikecmpb_ https://gist.github.com/mikecmpbll/5d9ba725a6efd20eee50e63f96a39b92
14:25 mikecmpb_ aw fuck sake.
14:25 mikecmpbll saltslackbridge : thanks, i'm in moron-mode today.
14:26 mikecmpbll oh hold on, i do have an ident and a hyphen
14:26 mikecmpbll just takes them out in the log output
14:26 mikecmpbll see gist.
14:26 saltslackbridge <mts-salt> could you add the output into the gist?
14:27 saltslackbridge <gtmanfred> Remove the .init from the require
14:28 mikecmpbll done, refresh
14:28 mikecmpbll argh, i didn't have that init in before, i was trying stuff
14:28 mikecmpbll i want it to require salt/passenger/init.sls
14:28 mikecmpbll it seems to include it just fine
14:29 saltslackbridge <gtmanfred> Yes, but that is just passenger
14:29 saltslackbridge <gtmanfred> Init is the default state in a directory
14:29 mikecmpbll yep
14:29 saltslackbridge <mts-salt> does passenger apply on its own?
14:29 mikecmpbll yes.
14:29 jas02 joined #salt
14:30 saltslackbridge <mts-salt> time to check debug logs in that case
14:31 jas02 joined #salt
14:32 mikecmpbll debugging with salt-call atm
14:33 XenophonF mikecmpbll: Don't do that.
14:33 mikecmpbll XenophonF : how come?
14:34 XenophonF Requisites shouldn't refer to anything outside of the SLS file in which they occur.
14:34 mikecmpbll why?
14:34 XenophonF Because it gets super confusing and makes debugging individual SLSes impossible without include, which might result in surprising side effects.
14:35 XenophonF It's the SaltStack equivalent of spaghetti code.
14:35 mikecmpbll i see.
14:35 XenophonF The same goes for include and extend.
14:35 XenophonF Those are useful tools but generally, you shouldn't need them except in very special cases.
14:35 mikecmpbll i can't see how not to do that without having a tremendous amount of duplication.
14:36 XenophonF You don't need to duplicate anything.
14:36 XenophonF You need to learn to trust the ordering of SLSes in top.sls.
14:36 XenophonF It's OK to assume, for example, that Apache and MariaDB and PHP are already installed and configured when running your Moodle states.
14:36 XenophonF (I happen to be working on that right now.)
14:37 mikecmpbll hm. i like the concept that state.apply moodle handles all the requisites for moodle
14:37 saltslackbridge <mts-salt> i'm going to have to disagree on that. explicit ordering makes for easier maintenance for someone who didn't work on the other parts
14:37 mikecmpbll i generally thought that was the point.
14:37 XenophonF it makes it possible for me to run `salt-call state.apply moodle saltenv=development` and not have that pull in a ton of extra stuff.
14:37 mikecmpbll precisely the opposite idea to what i had :p
14:37 XenophonF Oh, I'm not saying there isn't an ordering.  I'm saying, that's what top.sls is for.
14:38 XenophonF There are a (very few) cases where you might need to do things like depend on multiple other SLS files.
14:38 mikecmpbll interesting perspective. i'll certainly bear it mind.
14:38 XenophonF I call those glue SLSes.
14:38 XenophonF Here's an example:
14:38 saltslackbridge <mts-salt> i've used extend so that i can provide defaults for most servers, and for a handful i include a small state that extends to apply a more specific state
14:39 XenophonF I have a tomcat SLS (from tomcat-formula) that deploys Apache Tomcat.
14:39 XenophonF I have a shibboleth.idp SLS (from shibboleth-formula) that deploys Shibboleth Identity Provider.
14:39 racooper joined #salt
14:39 XenophonF I can run them independently and they work just fine.
14:39 XenophonF Outside of development though, I want IdP config changes to trigger a container restart.
14:40 XenophonF So separate from both formulas, I've written a tomcat.shibboleth-idp SLS that glues the two formulas together.
14:40 XenophonF https://github.com/irtnog/salt-states/tree/development/tomcat/shibboleth-idp.sls
14:40 XenophonF If someone wants to use my shibboleth-formula to deploy the IdP using Jetty instead of Tomcat, they can.
14:41 XenophonF But the glue is limited to just the one SLS.
14:42 XenophonF mts-salt: I think what you've described makes understanding the behavior of state.apply very difficult.
14:43 XenophonF on the flip side, you have something like apache-formula, which uses include and cross-SLS requisites all over the place
14:43 XenophonF and in some cases gets those wrong
14:43 mikecmpbll could it be that there isn't a state in passenger/init.sls, just another include?
14:43 XenophonF (which reminds me to file that PR this week)
14:43 mikecmpbll (sorry, preoccupied with this issue rn, will read later)
14:44 XenophonF mikecmpbll: are you including an SLS that includes another SLS?  if so, I don't think that will work.  include isn't recursive.
14:44 mikecmpbll yes. the include works recursively just fine.
14:45 mikecmpbll the require, maybe not
14:47 XenophonF ok
14:47 XenophonF I sit corrected :)
14:51 pualj joined #salt
14:53 mikecmpbll yeh, couldn't find any states in passenger/init.sls so it borked.
15:09 garphy joined #salt
15:13 pualj joined #salt
15:18 mrBen2k2k2k joined #salt
15:22 ouemt joined #salt
15:28 socket- Hey all, I am trying to get gitfs_remotes working, and i think the master is setup correctly, but the minion keeps saying "Could not find file from saltenv 'base', u'salt://touch/init.sls'".  I don't see the sls in the minions cached files
15:29 socket- this is my masterconf: https://apaste.info/m3ma
15:32 socket- this is my minion log: https://apaste.info/wmWv
15:35 mikecmpb_ joined #salt
15:35 saltslackbridge <mts-salt> do you intend to have both states and pillar in git?
15:35 swa_work joined #salt
15:38 nixjdm joined #salt
16:02 cgiroua joined #salt
16:14 _JZ_ joined #salt
16:23 Bryson joined #salt
16:39 c4rc4s joined #salt
16:43 englishm_work joined #salt
16:47 Hybrid joined #salt
16:56 nikeshm XenophonF : ssh_username
16:56 nikeshm some one suggested in slack
16:56 nikeshm so i used
16:57 nikeshm but getting this issue
16:57 nikeshm Error: There was a profile error: Command 'echo "put  /tmp/tmp0C4j8u /tmp/.saltcloud-7f3d1ead-40e7-413c-bdf6-9c1913dcc2bb/minion.pem" | sftp -oStrictHostKeyChecking=no -oUserKnownHostsFile=/dev/null -oControlPath=none -oPasswordAuthentication=no -oChallengeResponseAuthentication=no -oPubkeyAuthentication=yes -oIdentitiesOnly=yes -oKbdInteractiveAuthentication=no -oIdentityFile=/root/.ssh/id_rsa -oPort=22 cirros@10.0.0.3' failed. Exit
16:58 nikeshm yesterday issue was in url and tenant_id
16:59 nikeshm today i used correct url and tenand id
16:59 nikeshm so it worked
16:59 saltslackbridge <mts-salt> does that ssh key let you manually ssh to that destination?
17:01 saltslackbridge <gtmanfred> ssh -oIdentityFile=/root/.ssh/id_rsa -oPort=22 cirros@10.0.0.3
17:02 nikeshm yes\
17:02 nikeshm ssh -oIdentityFile=/root/.ssh/id_rsa -oPort=22 cirros@10.0.0.3  is working
17:03 aldevar left #salt
17:12 aruns__ joined #salt
17:12 nikeshm http://paste.openstack.org/show/658337/\
17:13 saltslackbridge <gtmanfred> sh: /usr/libexec/sftp-server: not found
17:14 saltslackbridge <gtmanfred> set `use_sftp: False` in your cloud profile, so that it will use scp
17:14 saltslackbridge <gtmanfred> or fix your machine, because that is terrible if you don’t have sftp-server installed
17:14 saltslackbridge <gtmanfred> actually
17:14 saltslackbridge <gtmanfred> https://docs.saltstack.com/en/latest/topics/cloud/misc.html#selecting-the-file-transport
17:14 saltslackbridge <gtmanfred> set `file_transport: scp` that is way better
17:15 sjorge joined #salt
17:15 Edgan gtmanfred: Salt needs file_transport: rsync. Rsync beats scp in every way.
17:15 saltslackbridge <gtmanfred> PRs appreciated
17:16 saltslackbridge <gtmanfred> we went with scp and sftp, because it is usually single files transfered, and not directories
17:16 saltslackbridge <gtmanfred> and anything that has ssh should have one of those
17:16 Edgan gtmanfred: yeah, wouldn't be hard. rsync's local/remote format is the same
17:17 saltslackbridge <gtmanfred> also, it sounds like he is actually using the test vm options in openstack, cirros, which won’t work, you can’t install salt on that
17:17 Edgan gtmanfred: I have found rsync is faster even for big single files. It also does deltas, and can do partials.
17:17 saltslackbridge <gtmanfred> what big single files are you transfering for salt cloud?
17:17 saltslackbridge <gtmanfred> it should only be the minion config, the keys and the bootstrap script
17:17 saltslackbridge <gtmanfred> probably less than 2M
17:17 Edgan I don't use salt-cloud. I wrote my own better tool, but currently stuck with terraform.
17:19 Edgan Though I am hoping salt-cloud gets better with the rewrite.
17:20 saltslackbridge <gtmanfred> oh it will, once i have like… more than 2 hours of free time
17:20 BitBandit joined #salt
17:22 Church- Morning folks
17:33 yuhl joined #salt
17:36 Lionel_Debroux_ joined #salt
17:39 Bryson joined #salt
17:39 sjorge joined #salt
17:46 vexati0n stupid question: with dockerng, how should I authenticate to a registry that uses a JSON file as a password?
17:46 vexati0n (google)
17:46 pipps joined #salt
17:48 cyteen joined #salt
17:50 saltslackbridge <gtmanfred> if you manually do a docker login on the commandline with that, then salt’s docker module will just work with it
17:50 vexati0n also how do i /not/ run all the docker commands as root?
17:51 saltslackbridge <gtmanfred> but, as for using the salt module to login, if you do not find out a way to do it, then please open an issue about it on github so that it can be added
17:51 saltslackbridge <gtmanfred> as for not running docker commands as root, everything is run through the docker pypi library, so it will be run as the user that salt-minion runs as
17:54 vexati0n that's annoying since some things on this machine need to be root but docker isn't one of them
17:55 pipps joined #salt
17:55 vexati0n oh well. so wtith auth, can i cheat by copying another user's config.json file to /root/.docker and then running the dockerng state?
17:55 saltslackbridge <gtmanfred> you could run it as a different user, and set the sudo_user to root https://docs.saltstack.com/en/latest/ref/executors/all/salt.executors.sudo.html
17:56 saltslackbridge <gtmanfred> or you could have docker listening on a tcp port, and have a different minion manage the actual docker container stuff
17:57 scbunn joined #salt
17:57 aldevar joined #salt
18:01 scbunn joined #salt
18:05 sjorge joined #salt
18:06 tzero joined #salt
18:14 Hybrid joined #salt
18:16 pppingme joined #salt
18:24 aruns__ joined #salt
18:25 wwalker https://gist.github.com/wwalker/957a49d190738989bc1b6620589ee420    Why can't I get pillar merging to work?
18:25 sjorge joined #salt
18:30 oida joined #salt
18:32 gmoro_ joined #salt
18:33 mikecmpbll joined #salt
18:34 DammitJim joined #salt
18:34 tzero joined #salt
18:37 mrBen2k2k2k_ joined #salt
18:41 pipps joined #salt
18:45 yuhl joined #salt
18:48 pipps joined #salt
18:50 MTecknology Church-: are you a salt savant yet? :)
18:50 lordcirth_work_ wwalker, can you add your pillar top.sls please?
18:51 MTecknology wouldn't "pillar.get base" make a bit more sense?
18:51 Church- MTecknology: Idiot savant? Sure. :P
18:53 Church- MTecknology: So I've seen a couple different modules and state files for managing users. What's the best to deploy a user account and set it's password as well.
18:53 saltslackbridge <gtmanfred> https://github.com/saltstack-formulas/users-formula
18:53 saltslackbridge <gtmanfred> https://docs.saltstack.com/en/latest/topics/development/conventions/formulas.html
18:55 pipps joined #salt
18:56 MTecknology Church-: What I do- https://github.com/MTecknology/saltstack-demo/blob/master/states/sys/users/init.sls &&
18:56 MTecknology s/&&//
19:08 pipps joined #salt
19:08 evle3 joined #salt
19:08 tzero joined #salt
19:15 MTecknology Church-: and an actual sample pillar (instead of forcing guesses)  http://dpaste.com/3EYVRRF
19:15 Church- MTecknology: 404
19:15 MTecknology http://dpaste.com/2ZAWTNC **
19:18 ymasson joined #salt
19:18 pualj joined #salt
19:19 MTecknology When gauth is enabled on a system, admins gotta pass fw rules, pre-shared key auth, user/pass auth, and then also 2FA (gauth). Since it's such a pain and in my home environment, I also have a pair of bastion hosts for each vlan that I do the painful auth with. Then it's just key & pw auth from there, and salt manages the installed keys.
19:48 Trauma joined #salt
19:51 pppingme joined #salt
19:57 cain_ joined #salt
19:58 cain_ Hi, i have an issue where I have multiple directories listed under pillar_roots, but it seems like the top.sls file from the first one is all that is being used - is there a way to make it merge top.sls files? I have two different directories each defining a different set of pillar data
19:59 cain_ what im saying is that only data from the first directory listed under pillar_roots seems to be loaded (the pillars from the next directory arent showing up, unless i change the order)
20:01 pipps joined #salt
20:03 pppingme joined #salt
20:06 pipps joined #salt
20:07 pualj_ joined #salt
20:08 pipps99 joined #salt
20:14 concerti joined #salt
20:16 aldevar joined #salt
20:16 Church- MTecknology: Ugh you just reminded me, this should make things a blast setting up 2fa for ssh. /s >_>
20:17 Church- Still, I have a ways to go before fully grokking state files correctly.
20:18 nixjdm joined #salt
20:22 defsdoor joined #salt
20:28 jas02 joined #salt
20:33 onlyanegg joined #salt
20:38 pipps joined #salt
20:44 pipps joined #salt
20:45 MTecknology Church-: stuff in that demo is stuff I've used in the past (long since improved, but still useful)
20:52 Bryson joined #salt
21:00 bbbryson joined #salt
21:01 jas02 joined #salt
21:04 Church- Aye. Just trying to get my packing state files fixed up. Not the correctly versioned packages for some. Guess I have the wrong string.
21:08 lordcirth_work_ Anyone have a quick method of targeting Intel or AMD CPU machines?
21:08 lordcirth_work grains.get cpu_model contains the manufacturer, but other stuff too
21:15 lordcirth_work Got it, {% set vendor_id = salt.status.cpuinfo()['vendor_id'] %}
21:19 gvengel joined #salt
21:21 gvengel Does Saltstack have an analog to Puppet's virtual resources? https://puppet.com/docs/puppet/5.3/lang_virtual.html
21:22 lordcirth_work gvengel, what exactly do you need to do?
21:22 saltslackbridge <gtmanfred> kind of i think? https://docs.saltstack.com/en/latest/ref/states/providers.html
21:22 saltslackbridge <gtmanfred> i am not sure if it is closer to providers or jinja macros
21:22 saltslackbridge <gtmanfred> https://docs.saltstack.com/en/latest/topics/jinja/index.html#macros
21:23 gvengel I want to create states which define a unix group and a list of users which are members of that group. I also want to create the user accounts too. The problem is users overlap between groups.
21:24 gvengel With Puppet, I can use define the users as virtual resources, then have the group "realize" the users by tag.
21:28 gvengel i.e. the state "foo" creates a group "foo" and accounts for "bob" and "alice", state "bar" creates the group "bar" and accounts for "alice" and "eve". However, I do not want to replicate the code for creating alice's account, as it more than just creating the account, it sets up ssh keys, home directory's, etc.
21:31 onlyanegg joined #salt
21:36 aldevar left #salt
21:38 jas02 joined #salt
21:41 gvengel Maybe I should rephrase the question. What is the typical way to deal with states that need to define a common resource, but may not be aware of each other. For instance, an apache and nginx solution might both want to define the www-data user and group.
21:44 gvengel I understand that I could put the www-data user in common state file, and then "include" it, but are there other tools for conflict resolution?
21:48 zimablue joined #salt
21:49 blah_ joined #salt
21:50 zimablue joined #salt
21:51 zimablue hey, sorry beginner question - I can't get a salt state file to call my custom execution module even though it works just running it as a command?
21:51 saltslackbridge <gtmanfred> include would probably be the best way.  Alternatively, you could use pillars to handle that
21:51 zimablue confused whether I need to prefix with module.x or what is going on
21:51 saltslackbridge <gtmanfred> zimablue how are you calling it as a command?
21:52 zimablue salt "*" conda_mod.create
21:52 saltslackbridge <gtmanfred> are you using the module.run state to call it? or are you trying to run an execution module as a state module
21:52 saltslackbridge <gtmanfred> states run state modules, if you want to run an execution module in a state, then use the module.run, or the better option is make a state module that is idempotent, and then use that instead
21:52 zimablue I'm not using the module.run, that soudns like what I need to do
21:53 zimablue is a state module also a python module?
21:53 saltslackbridge <gtmanfred> :slightly_smiling_face:
21:53 saltslackbridge <gtmanfred> yes
21:53 saltslackbridge <gtmanfred> and it uses execution modules
21:53 zimablue sorry for these stupid questions, I have genuinely read the docs and googled I'm apparently just thick
21:53 saltslackbridge <gtmanfred> https://docs.saltstack.com/en/latest/ref/states/
21:53 saltslackbridge <gtmanfred> no worries :slightly_smiling_face:
21:53 zimablue so execution modules are the ones in _modules?
21:53 saltslackbridge <gtmanfred> yes, and state modules go in _states
21:55 zimablue thanks that looks like a good doc motherload, I hadn't seen that bit
21:55 zimablue heavy as all hell will probaly help
21:55 saltslackbridge <gtmanfred> Here is the salt tutorial that talks about using states https://docs.saltstack.com/en/latest/topics/tutorials/states_pt1.html
22:06 pipps joined #salt
22:07 cgiroua joined #salt
22:10 tzero joined #salt
22:10 zimablue so I can now getting working if I call it as a state module
22:10 zimablue but if I try to use module.run it doesn't find it, even though it's in _modules
22:12 zimablue https://gist.github.com/FalseProtagonist/3fe24d79c1f8e7976cdbeb19551735de
22:13 saltslackbridge <gtmanfred> to use that format you need to add the `use_superseeded:` option listed on the modules.run page
22:13 saltslackbridge <gtmanfred> also, you will want to assign it an empty dict
22:14 saltslackbridge <gtmanfred> use_superseded:   - module.run
22:14 saltslackbridge <gtmanfred> comments left on the gist
22:15 zimablue thanks so much man, I saw that option on the page but I had no idea which two syntaxes it was distinguishing as they all look the same to me
22:16 saltslackbridge <gtmanfred> yeah, unfortunately the guy who made that change broke the docs for the functions
22:24 zimablue ok I got that second way working, a slight pause as I modified salt.minion and didn't bounce the service for ten minutes it took me to remember to do that
22:24 zimablue thanks gtman you're a hero
22:25 zimablue last question - so an execution module is something that's not idempotent that I'd use as a building block to build an idempotent state module?
22:27 saltslackbridge <gtmanfred> exactly
22:28 zimablue =)
22:28 tzero joined #salt
22:30 saltslackbridge <gtmanfred> all execution modules that are loaded by the minion are available in the `__salt__` object in the state module functions
22:30 saltslackbridge <gtmanfred> https://github.com/saltstack/salt/blob/2017.7/salt/loader.py#L494
22:35 xet7 joined #salt
22:57 pipps joined #salt
23:01 pipps99 joined #salt
23:02 dxiri joined #salt
23:18 caincc joined #salt
23:21 yujunz joined #salt
23:25 jmedinar joined #salt
23:26 zerocoolback joined #salt
23:27 jmedinar Hello. I have a grain 'osrelease' as '6.9' ... How can I use that in a sls file to compare something like...
23:27 jmedinar {% if grains['osrelease'] <= 7 %}
23:27 jmedinar out of the box is not taken as the result is a string ... how can I take it as a number?
23:35 saltslackbridge1 joined #salt
23:42 jmedinar got it... {% if grains['osrelease_info'][0] <= 7 %}
23:42 jmedinar thanks anyway!
23:49 pipps joined #salt
23:52 pipps99 joined #salt
23:58 Hybrid joined #salt

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary