Perl 6 - the future is here, just unevenly distributed

IRC log for #salt, 2018-02-05

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
01:09 shiranaihito joined #salt
01:16 MTecknology Neighbour: That seems odd.. Why is it called acme if it's not using acmetool?
01:17 MTecknology or is acme the generic interface that LE came up with?
01:28 jas02 joined #salt
01:48 sedawkvim joined #salt
02:09 Kelsar joined #salt
02:21 tzero joined #salt
02:28 K0HAX joined #salt
02:36 tiwula joined #salt
02:37 zerocoolback joined #salt
02:40 Larry joined #salt
02:58 ilbot3 joined #salt
02:58 Topic for #salt is now Welcome to #salt! <+> Latest Versions: 2016.11.8, 2017.7.2 <+> Support: https://www.saltstack.com/support/ <+> Logs: http://irclog.perlgeek.de/salt/ <+> Paste: https://gist.github.com/ <+> See also: #salt-devel, #salt-offtopic, and https://saltstackcommunity.herokuapp.com (for slack) <+> We are volunteers and may not have immediate answers
03:09 justan0theruser joined #salt
03:16 lompik joined #salt
03:20 Church- Yo folks
03:20 Church- MTecknology: Still drunk?
03:21 MTecknology not yet
03:22 Church- heh
03:27 MTecknology sup?
03:28 Church- Not much, editing some salt states, watching movies and drinking beer. You?
03:28 MTecknology I picked up 4 L of craft brew recently released at a nearby brewery- coconut stout
03:29 saltslackbridge <randy> I could use some alcohol
03:29 saltslackbridge <randy> LDFI hurts my head enough that I need it
03:32 Church- Nice, drinking a hard grape soda.
03:32 Church- Is tasty.
03:32 Church- Then I have three days off this week from my night job.
03:32 Church- No hundred hours for me this week, no sir. I get to fucking relax.
03:32 * MTecknology points at #salt-offtopic
03:33 Church- Woops, apolgoes.
03:34 zerocoolback joined #salt
03:43 brokensyntax joined #salt
03:44 hemebond Opinion time: should a formula automatically disable features that aren't requested (but might be default) or should the disabling be explicitly requested through, e.g., a pillar?
03:45 Bryson joined #salt
03:48 Church- MTecknology: Quick question, in a state file standardizing and setting up ssh server's across my fleet. What's the best way to have it restart the ssh file after applying the changes? Just cmd.run 'systemctl reload sshd' is what I have for now.
03:48 Church- s/ssh file/ ssh server/
03:48 wongster80 joined #salt
03:49 MTecknology Church-: look at my demo
03:50 Church- Heh, link again?
03:50 MTecknology too much work
03:50 Church- Wanna pin it to my homepage whenever I have this stupid question.
03:50 Church- Heh, fine I'll grep logs.
03:51 JPT joined #salt
04:25 zerocoolback joined #salt
05:08 zerocoolback joined #salt
05:17 ouemt_ joined #salt
05:22 zerocoolback joined #salt
06:13 Lionel_Debroux joined #salt
06:14 inad922 joined #salt
06:17 pualj joined #salt
06:39 pualj joined #salt
06:49 stanchan joined #salt
07:05 zerocoolback joined #salt
07:06 zulutango joined #salt
07:09 justan0theruser joined #salt
07:35 jas02 joined #salt
07:37 Ricardo1000 joined #salt
08:00 darioleidi joined #salt
08:08 pualj joined #salt
08:08 aldevar joined #salt
08:15 jrenner joined #salt
08:18 saltslackbridge <mthibaut858> Hey all.. Is there a way for a jinja macro to return a dict object? Right now it returns a string representation of the object, not the object
08:19 Tucky joined #salt
08:20 pualj joined #salt
08:20 Hybrid joined #salt
08:22 colttt joined #salt
08:28 hoonetorg joined #salt
08:32 lkthomas LOL I just fsck myself with a rebase, shit
08:36 zerocoolback joined #salt
08:45 rgrundstrom joined #salt
08:51 mikecmpbll joined #salt
08:51 sjorge Morning folks, anyone at cfgmgmtcamp?
08:54 pualj joined #salt
09:00 pualj joined #salt
09:03 pualj joined #salt
09:12 ahrs joined #salt
09:16 bdrung_work joined #salt
09:17 pualj joined #salt
09:23 zerocoolback joined #salt
09:30 Mattch joined #salt
09:31 cyborg-one joined #salt
09:34 cyborg-one left #salt
09:45 zerocoolback joined #salt
09:53 CrummyGummy joined #salt
09:55 zerocoolback joined #salt
10:07 GrisKo joined #salt
10:29 xet7 joined #salt
10:30 Grauwolf joined #salt
10:38 evle joined #salt
10:49 GrisKo joined #salt
10:57 inad922 joined #salt
10:58 yuhl joined #salt
11:13 yidhra joined #salt
11:18 viq I whish I was there
11:21 fredvd joined #salt
11:30 phs^ joined #salt
11:34 phs^ joined #salt
11:35 phs^ joined #salt
11:36 phs^ joined #salt
11:36 phs^ joined #salt
11:37 phs^ joined #salt
11:38 pualj joined #salt
11:52 DanyC joined #salt
11:54 oida joined #salt
11:57 Hybrid joined #salt
11:59 zerocoolback joined #salt
12:01 aviau joined #salt
12:06 pualj joined #salt
12:25 evle joined #salt
12:27 zerocoolback joined #salt
12:29 tys_ joined #salt
12:48 jas02_ joined #salt
12:48 XenophonF joined #salt
12:48 vb29 joined #salt
12:49 jas02_ joined #salt
12:49 vb29 Hi
12:51 vb29 I am using SaltStack to download a package from my Nexus repository and everytime I execute the state I get this error      "Comment: <urlopen error [Errno 10061] No connection could be made because the target machine actively refused it> "
12:51 vb29 anybody has any idea what is causing this issue?
12:51 jas02 joined #salt
12:51 vb29 I am able to download this using python script and also with powershell script but not with saltstack
13:00 nielsk joined #salt
13:10 saltslackbridge <mts-salt> what do debug logs show?
13:13 Vaelatern joined #salt
13:14 vb29 2018-02-05 14:09:04,138 [salt.loaded.int.module.artifactory][DEBUG   ][21808] File C:\work\deployment\1.62.3\server-agent-1.62.3-winx64.zip already exists, checking checksum...
13:14 vb29 2018-02-05 14:09:04,138 [salt.loaded.int.module.artifactory][DEBUG   ][21808] Downloading content from https://nexus.repo.com:8081/repository/releases/com/server//server-agent/1.62.3/server-agent-1.62.3-winx64.zip.sha1
13:14 vb29 2018-02-05 14:09:05,151 [salt.state       ][ERROR   ][21808] <urlopen error [Errno 10061] No connection could be made because the target machine actively refused it>
13:15 vb29 this is what is logged when I enable debug log
13:15 saltslackbridge <mts-salt> if that's the same url then i'd suggest there might be a difference in proxy configuration used between the working and non-working methods
13:16 vb29 there is no proxy configuration existing
13:17 vb29 this is my stage environment where I have 4 windows minions and this works fine on 3 of them but fails on 1 server
13:18 viq and using your script, do you authenticate to artifactory?
13:18 vb29 yes
13:19 vb29 and the credentials are same when I use saltstack
13:19 viq Did you put them in the state?
13:19 vb29 yes I do :)
13:19 Nahual joined #salt
13:20 vb29 artifactory.downloaded:
13:20 vb29 - artifact:
13:20 vb29 artifactory_url: {{ pillar['repository_url'] }}
13:20 vb29 repository: '{{ repo_name }}'
13:20 vb29 group_id: ''
13:20 vb29 artifact_id: {{ pkg_name }}
13:20 vb29 packaging: 'zip'
13:20 vb29 classifier: '{{ pillar['win_arch'] }}'
13:20 vb29 version: '{{ pkg_version }}'
13:20 vb29 username: {{ pillar['repo_username'] }}
13:20 vb29 password: {{ pillar['repo_password'] }}
13:20 vb29 - target_dir: '{{ config_agents.download_loc }}\{{ pkg_version }}'
13:20 vb29 - failhard: True
13:20 viq please use gists or other paste sites
13:20 vb29 sorry I was pasting it there but by mistake I did it here..its on a different screen..my apologies
13:21 viq ;)
13:22 viq you could try going deeper and enable 'trace' or even 'all' log level
13:22 vb29 https://pastebin.com/Zz45E0zx
13:22 vb29 ok...I will  try that now
13:24 coredumb how do you guys handle pkg install and config in a chroot with salt?
13:26 vb29 we have a script which performs the installation
13:27 vb29 so after download the packge is extracted and then the installation is performed using the bat script, its basically a service which gets installed
13:29 Hybrid joined #salt
13:37 gh34 joined #salt
13:40 vb29 nopes...changing the log level doesn't help...same message with same info...nothing extra
13:41 K0HAX joined #salt
13:48 Hybrid joined #salt
13:49 pualj joined #salt
13:49 Cadmus joined #salt
13:59 jas02 joined #salt
14:05 zerocoolback joined #salt
14:08 DammitJim joined #salt
14:12 hasues joined #salt
14:13 DammitJim is it OK to put logic in templates where decisions for configuration files are done based on grains?
14:14 DammitJim or does one do that in the state file?
14:14 gmoro joined #salt
14:18 pbandark joined #salt
14:21 saltslackbridge <mts-salt> the state would decide if an update should be applied, the template would determine what goes into that update
14:28 BitBandit joined #salt
14:28 nomad_fr joined #salt
14:28 nomad_fr hi
14:29 DammitJim thanks saltslackbridge
14:31 viq vb29: not even couple lines up, explaining what's going on?
14:31 viq vb29: also something to research, what library does salt use to talk to artifactory, and what library does your script use? What versions? What user agent presented? Maybe you could get something from artifactory logs?
14:36 concerti joined #salt
14:37 nomad_fr I'm trying to use dictionnary inside sls : https://framabin.org/?dd20b2f0f548c54d#mxYA/0I8VFgmMdHFrpiUX9E8uPUw/noid9znZ1oyqtk=
14:38 nomad_fr I'd like to setup a dictionnary for : user1 { ip:x.x.x.x, comment:'bla', vol:vol1, clef:ssh-rsa ... } ti fill an ssh authorized_keys of a specified user
14:38 gmoro_ joined #salt
14:39 nomad_fr for several users ...
14:39 nomad_fr but I think I'm really doing it the wrong way
14:39 nomad_fr in fact I wan't it as simple as possible
14:40 nomad_fr I've some option and a command taht are the same for all users and some others that I wanted to put in variables like dictionnary
14:40 Naresh joined #salt
14:42 nomad_fr in the end I want to have in my authorized keys something like : from="192.168.0.2",command="/home/marty/authorized.sh user1",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty,no-user-rc ssh-rsa AAAA...EwWot
14:44 saltslackbridge <mts-salt> i guess it depends on what needs to change and how. if it doesn't change at all then a file.managed  with static content would be best. if it does change then you're looking at putting the variables into pillar and using jinja in a template
14:46 nomad_fr I know how to do it with a file.managed static, but has a part of all line would be the same, I'm trying to do it an other way
14:47 eseyman joined #salt
14:47 nomad_fr I'm trying do put the variable part of each line in dictionnary to fill them
14:48 racooper joined #salt
14:48 saltslackbridge <mts-salt> so you'd need to use jinja to expand the content
14:49 vb29 viq: no...not a single line more related to the error
14:50 vb29 viq: yes...I am checking Nexus logs...lets see if I can find anything there
14:50 saltslackbridge <mts-salt> vb29: the log shows a url. can you reach that from that machine?
14:51 saltslackbridge <mts-salt> https://nexus.repo.com:8081/repository/releases/com/server//server-agent/1.62.3/server-agent-1.62.3-winx64.zip.sha1
14:54 nomad_fr thanks, will have a look at jinja
14:54 saltslackbridge <ryan.walder> nomad_fr: you mean something like this? https://gist.github.com/ryanwalder/dfc2df7708597994373b4f2d18bccbfe
14:54 vb29 saltstackbridge: Yes it can be reached from the machine using - web browser, python script, bat script but not with Salt
14:55 saltslackbridge <ryan.walder> You can do it that way but looping over pillar is way better
14:55 socket- Hey all, as soon as I switched from zeromq to tcp i noticed a StreamClosedError. Any ideas what's causing this error? https://apaste.info/Jq80
14:57 saltslackbridge <mts-salt> vb29: that exact url, looking for the hash file?
14:57 saltslackbridge <mts-salt> because it times out for me
14:58 vb29 the url is protected
14:58 K0HAX joined #salt
14:59 vb29 as in it can be accessed within our office network
14:59 vb29 and I am at my workplace so I can open it :)
15:00 saltslackbridge <mts-salt> without further information i'm not sure how to help. if it was me i'd be resorting to a network trace
15:01 vb29 and yes I downloaded the file using bat script to the location where salt is also trying to download it. So it finds the file and then it is trying to download the hash file but after that the connection is terminated
15:02 saltslackbridge <mts-salt> and if you run the state locally with -l trace there's no further information?
15:03 jas02 joined #salt
15:04 saltslackbridge <mts-salt> could you pastebin the entire log from running that trace?
15:04 vb29 https://pastebin.com/5WSDwGJL
15:04 mchlumsky joined #salt
15:05 saltslackbridge <mts-salt> is that the entire log?
15:05 vb29 that was a previous link..pasting it now
15:05 vb29 1 min
15:08 nomad_fr ryan.walder: thanks
15:08 nomad_fr ryan.walder I will have a look
15:13 K0HAX joined #salt
15:18 babilen https://docs.saltstack.com/en/latest/topics/releases/2017.7.3.html :)
15:19 vb29 saltslackbridge: https://pastebin.com/QcQ3HXFs
15:20 c4rc4s joined #salt
15:23 saltslackbridge <mts-salt> both logs show an entire second between the url log entry and the error. if you're certain there are no proxies involved, even software proxy like anti-virus, then i can't see any way other than getting a network trace to find out what it's trying to do
15:25 vb29 any suggestions on how do I get that as I can't find anything in my Nexus logs as well :(
15:26 viq vb29: if you remove the .zip file, does it get correctly re-downloaded?
15:26 saltslackbridge <mts-salt> depends on the platform. assuming it's the windows minion then wireshark
15:27 vb29 viq: If i remove the file or rename it then I get this error           'URLError' object has no attribute 'code'
15:27 viq ...buh?
15:27 vb29 saltslackbridge: thanks for the suggestion..I will try that
15:29 viq vb29: can you remove the destination file, and paste the full log of that run?
15:30 vb29 destination file as in ?
15:31 vb29 you mean delete the .zip and run it again?
15:31 viq C:\work\deployment\1.62.3\server-agent-1.62.3-winx64.zip
15:31 viq yes
15:31 vb29 ok
15:31 darioleidi joined #salt
15:32 viq Something like https://paste.debian.net/ may be friendlier than pastebin ;)
15:32 vb29 sure :)
15:34 yujunz joined #salt
15:37 vb29 viq:  https://paste.debian.net/1008905/
15:40 _JZ_ joined #salt
15:43 viq It sounds somewhat like an issue with urllib
15:43 saltslackbridge <gtmanfred> switch it over and try requests or tornado
15:44 vb29 but if I use python then it downloads it :)
15:44 saltslackbridge <gtmanfred> https://docs.saltstack.com/en/latest/topics/tutorials/http.html#configuring-libraries
15:44 viq gtmanfred: won't it get overriden? https://github.com/saltstack/salt/blob/2017.7/salt/modules/artifactory.py#L14
15:44 vb29 just python....I import urllib in python shell and use 'urllib.urlretrieve'
15:45 saltslackbridge <gtmanfred> oh bummer it is using urllib directly https://github.com/saltstack/salt/blob/2017.7/salt/modules/artifactory.py#L501
15:45 saltslackbridge <gtmanfred> that should be switched to using http.query
15:46 saltslackbridge <gtmanfred> it only uses http_client for error codes
15:46 DammitJim joined #salt
15:47 ouemt_ joined #salt
15:48 vb29 so it is not urllib problem, or?
15:52 saltslackbridge <gtmanfred> well, it is using urllib, so it could be
15:52 saltslackbridge <gtmanfred> the module is just using urllib directly instead of http.query like i thought it was
15:56 ouemt_ joined #salt
16:03 tobiasvdk Hi, is it possible to deploy custom grains modules via e.g. Debian package rather than having them in the _grains directory (in the file_roots)?
16:04 viq tobiasvdk: it should be, just put them in proper directory with the rest of grains and I'd expect them to be picked up
16:06 zerocoolback joined #salt
16:07 tobiasvdk which is the "proper directory"? which config do I need to change?
16:07 zerocoolback joined #salt
16:10 mchlumsky joined #salt
16:11 viq On my debian box it's /usr/lib/python2.7/dist-packages/salt/grains/
16:11 viq dpkg -L salt-common | grep grain
16:11 tobiasvdk makes sense, thx!
16:13 pipps joined #salt
16:13 swills joined #salt
16:13 swills joined #salt
16:14 viq Mind you, that's my guess I never attempted it, etc. Also, you'll need to tell minion to reload grain modules, or restart it.
16:14 ouemt_ joined #salt
16:16 tobiasvdk ok, I'll test it
16:17 pipps joined #salt
16:17 swills_ joined #salt
16:20 mavhq joined #salt
16:22 xet7 joined #salt
16:26 stanchan joined #salt
16:29 heaje joined #salt
16:35 vb29 left #salt
16:43 cyteen joined #salt
16:44 stanchan joined #salt
16:55 pipps joined #salt
16:59 Bryson joined #salt
17:09 aldevar left #salt
17:27 doubletwist What is the purpose of ""  merge=salt['pillar.get']('config:lookup'))
17:27 doubletwist in map.jinja [ignore the "" ]
17:31 Trauma joined #salt
17:31 whytewolf it mergess that pillar into the resulting grains.filter_by
17:32 Edgan whytewolf: Wouldn't the config:lookup just end up being defaults?
17:32 whytewolf why would it. it is being pulled from pillar. hence the pillar.get
17:34 Edgan whytewolf: I have seen people do this in a map.jinja. Lets say it was called openssh. openssh isn't set, and then say {% set openssh = salt['pillar.get']('openssh:lookup') %}
17:35 whytewolf that is different
17:35 Edgan whytewolf: In that case, IMHO, just skip the pillar usage, and put the defaults in yaml directly in the map.jinja.
17:35 whytewolf he was pointing to merge= which is a argument to the grains.filter_by
17:36 armyriad joined #salt
17:37 doubletwist I'm still so dang confused
17:37 MTecknology formulas tend to cause confusion
17:38 MTecknology lots of magic
17:38 whytewolf this isn't even a formula only thing. this is just grains.filter_by logic
17:39 DanyC joined #salt
17:40 doubletwist So basically the conclusion I'm coming to, is it's almost impossible to have a set of default data, which can be overridden by map.jinja and which can subsequently be overridden again by data in pillar
17:40 whytewolf it is actually easy
17:40 doubletwist Do tell
17:40 whytewolf you are over complicating it.
17:41 doubletwist or point to an example of a formula doing this would be optimal for me
17:41 Edgan doubletwist: that isn't impossible
17:42 cro joined #salt
17:43 DanyC_ joined #salt
17:44 doubletwist Edgan: Well spent about 16 hours trying to accomplish just that with no success. I can get data from defaults.yaml, or map.jinja or pillar, but not get anything to override anything else. It's just one source at a time I can seem to reference [in init.sls or a file template]
17:44 Edgan doubletwist: https://cygnusx-1.org/formula.txt
17:45 jas02 joined #salt
17:47 Edgan doubletwist: and here is your example with defaults, overrides in the map.jinja, and then pillars overrides of that
17:47 Edgan doubletwist: https://paste.fedoraproject.org/paste/HH6LMGpLrFfO-BiaHi~how
17:49 doubletwist I'll try to unravel it and see if I can get something like that working.
17:50 doubletwist If I'm not defining grains do I need:  {% set openssh = salt['pillar.get'](defaults.state.name ~ ':' ~ grain.env ~ ':' ~ grain.cluster, default=toplevel, merge=True) %}  ? Or can I set the previous line as 'openssh' instead of toplevel?
17:50 whytewolf doubletwist: also, when you access it you access the value from map.jinja NOT from pillar.get
17:51 jas02 joined #salt
17:51 yn^ joined #salt
17:51 Edgan doubletwist: You use the grains to layer the pillars, but you could have one level of override with pillars if you want.
17:51 yn^ joined #salt
17:52 yn^ joined #salt
17:52 doubletwist I don't know what you mean by "use the grains the layer the pillars"
17:52 Edgan doubletwist: https://paste.fedoraproject.org/paste/JwdwoERffXkBnylW-pbAog
17:53 yn^ joined #salt
17:53 Edgan doubletwist: It goes like this:
17:53 Edgan doubletwist: First you have the defaults yaml object in the map.jinja, like https://paste.fedoraproject.org/paste/JwdwoERffXkBnylW-pbAog
17:53 yn^ joined #salt
17:54 Edgan It has the a dir, two files, and one name in it.
17:54 yn^ joined #salt
17:54 doubletwist Ok
17:54 Edgan Then we merge in the os data to add pkgs and service name
17:54 Edgan per distro/release
17:54 doubletwist ok makes sense
17:55 Edgan {% set os_map_addition = salt['grains.filter_by'](os_specific, grain='os', merge=defaults) %}  which this does by match with the os grain
17:55 doubletwist right
17:55 Edgan merge=defaults says start with defaults and merge in os_specific
17:56 whytewolf other way around. merge= gets merged ontop of the resulting grain
17:57 Edgan {% set toplevel = salt['pillar.get'](defaults.state.name, default=os_map_addition, merge=True) %}   says the defaults are os_map_addition, find the pillar named openssh, and merge it into os_map_addition
17:58 Edgan doubletwist: So we so far have going defaults -> os_map_addition(os_specific) -> toplevel(pillar)
17:58 doubletwist Ok I'm with you so far
17:58 Edgan doubletwist: So we are layering one set over the other each time
17:58 whytewolf Edgan: no you are going os_map_addition(os_specific) -> defaults -> pillar
17:58 whytewolf merge= goes ontop of not the starting point
17:59 Edgan whytewolf: I heard you, but I am trying to get him to get it.
17:59 Edgan whytewolf: the os thing is done differently than normal
18:00 Edgan whytewolf: since defaults and os_specific don't directly overlap, it doesn't really matter which order the merge is done in that case
18:00 doubletwist Edgan: Well for my use they may overlap
18:00 Edgan doubletwist: now look at, https://paste.fedoraproject.org/paste/HH6LMGpLrFfO-BiaHi~how
18:00 whytewolf yes, but it is important to get order right if there is overlap
18:00 Edgan whytewolf: yes, but I am trying to get him to just grok it
18:01 Edgan doubletwist: {% set openssh = salt['pillar.get'](defaults.state.name ~ ':' ~ grain.env ~ ':' ~ grain.cluster, default=toplevel, merge=True) %} would be more like
18:01 cyteen joined #salt
18:01 Edgan doubletwist: {% set openssh = salt['pillar.get'](defaults.state.name ~ ':' ~ grains['env'] ~ ':' ~ grains['cluster'], default=toplevel, merge=True) %}
18:02 Edgan doubletwist: The first way is some of my own jinja magic
18:03 doubletwist I think I've got it up to the 'set toplevel' - and I'm getting the impression that since i'm not likely to use/set _grains/map.jinja - that I don't need that last line? [I understand that slightly changes the 'set toplevel' if I don't use the last line
18:04 doubletwist I can just use "{% set openssh = toplevel %}" instead
18:05 Edgan doubletwist: https://paste.fedoraproject.org/paste/bypoqqz5Fie-3IYDoeYwxQ
18:05 Edgan doubletwist: There are examples of what you could then do in pillars
18:05 doubletwist And that this as currently stated won't work quite right if there are overlapping settings
18:05 Edgan doubletwist: ignore the os stuff, we could make it
18:06 doubletwist Well I need the os stuff. As a matter of fact, I may also need to set some items based on osmajorrelease as well
18:06 saltslackbridge <mts-salt> i have to ask, are these needed in map, or just merged automatically by pillar?
18:07 Edgan doubletwist: https://paste.fedoraproject.org/paste/dXKRPL60M6V9mD~WGPa1Xw
18:07 Edgan doubletwist: yes, but understand the basics first
18:07 saltslackbridge <mts-salt> personally i've found that auto-merging by pillar is the easiest thing to grasp first. trying to add in jinja merging is a whole level above
18:09 Edgan mts-salt: I find merging in pillars directly to be silliness. Defaults should be in with the code, and IMHO directly in the map.jinja instead of a defaults.yaml.
18:09 Edgan doubletwist: https://paste.fedoraproject.org/paste/bypoqqz5Fie-3IYDoeYwxQ with https://paste.fedoraproject.org/paste/dXKRPL60M6V9mD~WGPa1Xw
18:09 Edgan doubletwist: do you understand it?
18:11 saltslackbridge <mts-salt> i believe that to be a matter of opinion, depending entirely on individual usage. the one thing i've found with salt is that are usually several different ways of solving any given problem, and different people choose different ways, and defend those choices as "best".
18:12 saltslackbridge <mts-salt> for example, merging only in pillar can be defended by saying all of the config is in one place and can easily be understood by someone who needs to maintain an existing system but hasn't worked on all of the individual parts
18:12 Edgan mts-salt: By putting the defaults with the code I can open source the formula, and it is more understandable. One of the issues with any formula that depends directly on pillars is people tend to do a poor job with the pillar examples.
18:12 doubletwist It's the "million ways to do everything" that is actually making salt [and my tests with puppet and ansible] more difficult, as a new learner
18:13 Edgan doubletwist: and with salt it is just yaml+jinja most of the time. With Chef you get all of ruby thrown in.
18:13 Edgan doubletwist: do you understand how the two urls above work together?
18:13 saltslackbridge <mts-salt> @edgan: for formulas, i can understand that. however i would strongly suggest that a beginner avoid formulas at all costs, and spend some time learning the basics before jumping off the side of a boat into deep sea
18:13 doubletwist Personally, the way set forth in the saltstack template-formula, with defaults.yaml, map.jinja then pillar makes the most sense to me conceptually, except for the part where it's not working like I think it's supposed to me
18:14 doubletwist Edgan: yes, I believe so
18:14 doubletwist Well, No, not part of it
18:14 doubletwist Again, the grains thing and multiple instances of the items in the pillar are a bit confusing
18:15 Edgan mts-salt: I understand it for the beginner, just show them states. But as soon as you start touching pillars, use formulas. Directly references pillars in states gets crazy, fast.
18:15 doubletwist And I *really* don't think I'm going to need anything like that any time soon. We're not doing anything nearly that complex
18:15 saltslackbridge <mts-salt> and those would be the basics i'm referring to
18:15 Edgan doubletwist: Actually, you will need this stuff as soon as you want to do a password per env, or cluster
18:16 doubletwist or more accurately, formulas that I clone from saltstack formulas and tweak for my own usage work great. But when I try to do my own formula from scratch using the same method it isn't working
18:16 Edgan doubletwist: But if you are only trying to do os related stuff, do it all in the map.jinja and ignore pillars
18:16 saltslackbridge <mts-salt> it depends on your scale. a new environment is always going to grow, and i still suggest that formulas are not the way to being that journey; instead they should be considered as a way to move up to a new level once the basics have been firmyl grasped and at states are implemented  and working without them
18:16 saltslackbridge <mts-salt> s/being/being/
18:16 saltslackbridge <mts-salt> begin!
18:17 Edgan doubletwist: like
18:17 saltslackbridge <mts-salt> ok, my typing is getting worse. time to eat
18:18 Edgan doubletwist: https://paste.fedoraproject.org/paste/OE4bNBNZQS0xKTic738dnQ
18:18 doubletwist Edgan: I've been doing that with host/app-specific pillars [ie /srv/pillar/postfix/init.sls for common settings for most hosts and mail clients and maybe something like /srv/pillar/postfix/server.sls for mail server specific settings
18:18 Edgan doubletwist: That takes all the pillar/grain stuff out
18:18 Edgan doubletwist: Then you can just build a map of osmajorrelease to setting
18:19 doubletwist The last one I understand, except I think we're still in the place where overlapping settings/entries won't work as I need?
18:19 Edgan doubletwist: https://paste.fedoraproject.org/paste/SZgtf5moUQZNI2poTCU4lg
18:19 jas02 joined #salt
18:20 Edgan doubletwist: The version based on whytewolf's feedback
18:20 Edgan doubletwist: That version os will always win over defaults
18:20 cgiroua joined #salt
18:21 doubletwist And will pillar data win over the os_specific?
18:21 Edgan doubletwist: no, I stripped out pillars of that version
18:22 Edgan doubletwist: https://paste.fedoraproject.org/paste/n19D-Y334UBdNmJAK4XozA
18:22 Edgan doubletwist: That is the fixed version with just toplevel pillars, no per env+cluster
18:23 doubletwist Ok. I think that's what I need. I'll give it a try with the formula I'm writing.
18:23 doubletwist Thanks so much for your help
18:24 dvdmuckle joined #salt
18:24 Edgan doubletwist: I recommend playing with the jinja, and see how it reacts to changes. It will help you write it on your own.
18:25 Edgan doubletwist: This is part of salt that isn't really documented anywhere well, even in the books.
18:25 doubletwist Yeah I've been doing that with the defaults.yaml -> maps.jinja -> pillar method used on saltstack-formulas. That's how I discovered it wasn't working like I thought it was supposed to
18:32 Edgan doubletwist: Here is a further example of the env+cluster pillar stuff, https://paste.fedoraproject.org/paste/xj-3XZcnkNxBinKJMjHf4Q
18:32 doubletwist For env I'm using separate salt-masters for each env
18:33 wongster80 joined #salt
18:33 Edgan doubletwist: yeah, we currently do that here, I recently started. I do it by AWS account instead of env.
18:33 Edgan doubletwist: It is more efficient when more than one env is in the same account.
18:34 Edgan doubletwist: 'G@naming:env:prod and G@naming:cluster:foobar'  <---  This is grain matching. With the grain being naming, with the sub-elements being env and cluster.
18:35 Edgan doubletwist: It is safe in pillars for not sensitive data, but not for passwords.
18:36 doubletwist right
18:36 Edgan doubletwist: Though I am working on a way to do grain like matching safely in the pillar top.sls
18:37 doubletwist only sensitive data I expect [not there yet] is maybe private keys for SSL certs [web/mail servers] - and I was planning to use eyaml and most of our targeting I expect to be done by minion id
18:37 Edgan doubletwist: In newer versions of salt the id grain is hardcoded. So you can slice it in jinja, turn into variables and then do jinja if statements in the pillar top.sls
18:37 Edgan doubletwist: eyaml, as in hiera?
18:38 doubletwist er right, wrong product ;) I was originally researching puppet. I guess for salt it'd be something like gpg renderer to encrypt pillar data?
18:39 Edgan doubletwist: actually, there is salthiera, which we are currently using. I am converting it to the gpg renderer you mentioned.
18:39 doubletwist whatever the solution the plan is to encrypt pillar data, and target it only to systems that need it
18:39 Edgan doubletwist: Though I have chosen to do it by pillar sls file instead of per element for performance.
18:39 doubletwist encrypt sensitive pillar data that is
18:40 Edgan doubletwist: So far the gpg renderer has worked well for me
18:42 MTecknology I have yet to run into a situation where gpg rendering isn't sufficient.
18:44 Edgan MTecknology: I could see per value encryption being a bottleneck at scale. Though limiting scope of secrets to just who needs them in top.sls also helps a lot.
18:46 MTecknology heh.. I just made a massive (>40k lines) commit where I broke a "nodes" pillar structure from something where *all* minions got *all* data for *all* minions into something where minions only get their own data and have that data stored in a separate file, instead of a 14,000 line file.
18:47 MTecknology Now I want to learn/understand this magic pillar layering thing because I need to rework a massive pile of WTF a legacy guy made that we can't debug.
18:48 Edgan MTecknology: hahaha
18:49 jas02 joined #salt
18:50 Edgan mts-salt: His pile of legacy stuff is why I say I don't think you should let people get too deep without learning pillar/jinja magic. You will just build tech debt that someone else will have to pay. With the someone else being an actual someone, or your future self.
18:51 Edgan MTecknology: I am willing to help. :)
18:51 MTecknology I fought with my old boss for sooooo long on that pillar clusterfuck... they even had to build a custom "node_cfg" module to support the logic of this weird pillar structure thingy.
18:52 doubletwist Edgan: I understand the value in that, but sometimes people don't have time to study for a couple months to learn the complex bits. Sometimes we need to get something simple in place first.
18:52 MTecknology doubletwist: then start simple and build as you learn
18:52 Edgan MTecknology: My "current" setup is basically a form of your clusterfuck using salthiera, but at least it is broken into files instead of one monster file.
18:52 doubletwist That's what I'm trying to do
18:52 Edgan doubletwist: Shouldn't take months
18:52 doubletwist Edgan: Some of us learn faster than others.
18:53 Edgan doubletwist: If there was better documentation it would be a matter of hours
18:53 doubletwist And some of us have more time to work on this than others
18:53 doubletwist Yeah, better documentation would be fantastic
18:53 MTecknology Salt has a logical learning progression, from execution modules, to states, to pillar, to learning how to turn states into generic templates driven by data from pillar.
18:54 Edgan doubletwist: My father for months has been saying I should write my own book. Though really it only needs to be a few chapters added to existing books.
18:54 doubletwist As it is I'm over a year into this [after some false starts with Puppet and Ansible before finally settling on Salt] and don't even have any real systems managed by salt yet.
18:55 doubletwist not even dev systems
18:55 MTecknology Edgan: I'm probably going to re-roll this stuff formula-style so that they can get their precious "defaults overridden by node config" logic out of the door. When I get a good template in place, I'll have the fun of ripping out the use of this devil forsaken module.
18:56 MTecknology Best part... the .get() function doesn't even follow the convention where the default value is the second arg.
18:56 Edgan doubletwist: I started with Puppet on Linux desktops. I dabbled in Ansible and Chef. Then I switched to Salt.
18:56 MTecknology Wanna see?!
18:56 Edgan MTecknology: sure
18:56 doubletwist If I take much longer, my boss is going to start wondering what the hell I've been doing for a year+
18:57 Edgan doubletwist: You would have been better off going to a Salt class a year ago. :)
18:57 doubletwist The only salt classes I've seen were for Enterprise. Is that still going to be useful if using free?
18:57 Edgan doubletwist: 90% is probably the same
18:57 doubletwist I have gone through some online courses [we subscribe to Pluralsight]
18:58 doubletwist And what method are they going to teach for handling default data overridden by pillar? :)
18:58 Edgan doubletwist: don't know
18:59 Edgan doubletwist: I have seen two smart people go down the hiera road, because no one explains the pillar/jinja magic. I know one used puppet before, and I suspect the other did too.
18:59 MTecknology Edgan: https://gist.github.com/MTecknology/e682d42278e1114b93b2ca6a10162b6e
19:01 Edgan MTecknology: interesting
19:01 Edgan MTecknology: So do it in python instead of jinja
19:01 MTecknology hm?
19:02 oeuftete joined #salt
19:02 Edgan MTecknology: both basically do what I do in jinja in python
19:02 whytewolf the salt classes that saltstack sells acutally don't cover enterprise
19:02 whytewolf it is all fundmentals os salt administration
19:03 Edgan doubletwist: {% set subdomain = salt['grains.get']('fqdn').partition('.')[2].partition('.')[2] %}
19:03 Edgan doubletwist: See how it uses .partition?
19:03 doubletwist Maybe I'll look into that. Will probably have to be next fiscal year [April] as I'm already set to do MS SQL on Linux training [ugh] and RHEL training this year
19:03 Garo_ joined #salt
19:04 Edgan doubletwist: One key thing that makes jinja WAY more powerful is you can use python methods on jinja objects. Once you fully wrap your brain around it, you need python a lot less.
19:05 doubletwist well I don't know python either so not much danger of me using a lot of it :)
19:06 doubletwist Spent the last 15 years able to do everything I needed in bash, and the last 10 years using rdist for config management [yeah I know]
19:06 Edgan doubletwist: If you are going to get serious into Salt, do yourself a favor and take this class. https://www.edx.org/course/introduction-computer-science-mitx-6-00-1x-11
19:06 swills joined #salt
19:07 MTecknology Edgan: If you don't discount old.py as one of the ugliest things you could come up with, I can't take your opinions seriously.
19:07 doubletwist I've taken [and even passed] some intro classes for C/C++ in the very distant past :)
19:08 MTecknology I'm trying to render this module obsolete by better design so it can be ripped out and stomped on.
19:08 doubletwist But yeah I'll take a look at that course
19:08 Edgan MTecknology: yours is clearly more elegant
19:09 BitBandit joined #salt
19:12 whytewolf doubletwist: also. go to saltconf and take the training classess they offer before the con. there is a lot of stuff that gets covered that helps.
19:16 MTecknology ^ +1
19:17 Edgan +1
19:17 MTecknology saltconf + preconf is an exceptional learning experience, especially if you pick the right courses for your experience.
19:17 MTecknology sessions*
19:17 doubletwist yeah unless it happens in dallas/ftworth area, that's not likely to happen. Work doesn't pay for conferences and I can't afford to go on my own
19:18 doubletwist Hell, this is the first time in 7 years they've been willing to pay for training.
19:18 Edgan doubletwist: yeah, it is Salt Lake City
19:18 MTecknology ya, it's definitely not the cheapest conference to attend.
19:19 MTecknology It takes up 100% of my educational budget plus a few bucks extra.
19:19 whytewolf "CFO: What happens if we train them and they leave? CEO: What happens if we don’t and they stay?" one of my fav quotes about training
19:19 * MTecknology likes that
19:19 doubletwist hehe
19:19 Edgan whytewolf: yeah, way too much of the former and not enough of the later
19:19 Edgan whytewolf: They cross their fingers and open you spend your free time.
19:20 doubletwist Well, the managers who wouldn't approve training are gone. We're under some new management that seems to actually understand the value of training as well as not treating their employees like crap
19:20 MTecknology whytewolf: counter to the former- be good at writing documentation and keep up on it
19:20 Edgan doubletwist: good to hear, but the bad management just moved to a new company to infect them :\
19:21 Edgan MTecknology: The CFO just sees it as investment lost. Plus the documentation just "slows" down innovation in a startup.
19:22 whytewolf MTecknology: documentation is great after you found the issue. Training helps in finding the issue in the first place
19:22 MTecknology Edgan: If you're in a place that doesn't give you time to write proper documentation, then you probably should be looking to get out anyway
19:22 Edgan MTecknology: That is most startups in SV.
19:23 MTecknology Not ones I've run into...
19:23 doubletwist I have (some) time for documentation. I just really suck at it
19:23 DammitJim joined #salt
19:23 MTecknology In most cases, it's because nobody wants to do it because it's not fun.
19:24 Edgan MTecknology: I have seen so much dev thrown together crap, and that is stuff you should take the time to do right before documentation.
19:24 whytewolf I try and document before i build. if i can
19:25 jas02 joined #salt
19:25 MTecknology I don't care what anyone claims, there's *ALWAYS* time for documentation. You can either take the time to do it now, or during re-discovery when crap goes south
19:26 Church- Remidns me, need to tidy up my documentation.
19:27 whytewolf eh. at the bank it was always "okay. don't forget to document" and then 5 min later. why isn't this project done. forget the documentation
19:27 Edgan whytewolf: Never time to do it right, but always time to do it over.
19:28 whytewolf ugh i hate that worse then bad documentation. I have actually asked a few of my bosses to their face if they were not going to give me time to do it right, when they wanted me to start to do it over...
19:29 whytewolf at the bank the answer was next week
19:29 whytewolf :(
19:29 whytewolf glad I am out of there
19:31 MTecknology I've never had to argue too hard for time to document. As long as you prioritize fires, it's usually not hard to convince a company to give you a day or two to properly document a project.
19:32 MTecknology I guess I have a skewed sample size, though... I have one large enterprise where I pretty much just ran my own show and the rest were clients of mine that paid a lot of money and valued not losing what I learned.
19:33 doubletwist Edgan: Obviously I'm still missing or not understanding something. Just a very basic thing but I'm getting an error: https://paste.fedoraproject.org/paste/SBe42pqCbQveUB1li08TiQ
19:34 concerti joined #salt
19:34 whytewolf that is slightly skewed. I have had a mixed bag. one place gave me all the time i needed to do the job right. but i left for more money. another place actually told me that why was i spending so much time on documentation they had me if it broke
19:34 doubletwist Edgan: Note: I won't have 'configfile' and 'logfilemaxsize' in the defaults for real, it's not even being used yet. Was going to use that to test overriding data from pillar in the next step
19:35 Edgan doubletwist: sanity check, what version of salt?
19:35 doubletwist 2017.7.1
19:36 whytewolf oh, i see the problem.
19:36 pualj joined #salt
19:36 doubletwist PEBCAK? :)
19:37 whytewolf grains.filter_by filters what ever is in that first argument. not the whole thing. so if you want to select in os_secific it NEEDS to be that first argument
19:37 Edgan whytewolf: can you show the rewritten version?
19:38 whytewolf one moment
19:39 Edgan whytewolf: I am guessing you mean, {% set os_map_addition = salt['grains.filter_by'](os_specific, grain='os', merge=defaults) %}  ??
19:40 whytewolf yes, but that also changes how clamav.freshclam.pkg will end up
19:41 MTecknology what's the cleanest saltstack-formula I can use that uses a defaults list?
19:41 * whytewolf shrugs.
19:41 saltslackbridge <gtmanfred> a defaults.yaml?
19:41 whytewolf I don't use formulas so never had the time to study them
19:41 saltslackbridge <gtmanfred> https://github.com/gtmanfred/wordpress-formula/blob/master/wordpress/defaults.yaml
19:42 whytewolf oh wordpress is clean. skips the map.jinja even
19:42 doubletwist Why would you not use formulas?
19:42 saltslackbridge <gtmanfred> yar
19:43 whytewolf doubletwist: because almost everything i do sits on so many edge cases that they almost never do what i need
19:44 MTecknology what's the point of everything being underneath "lookup:" in formulae?
19:44 whytewolf and i could either write code to glue them together. or just right my own stuff that does what i need
19:45 Trauma joined #salt
19:45 Edgan doubletwist: try what I said, which is my original style
19:46 Edgan doubletwist: I flipped it after whytewolf's original comments
19:46 whytewolf MTecknology: not really sure. I always thought it was a in case you had your own code that existed outside of the formula
19:49 doubletwist ok
19:50 MTecknology The current logic I'm trying to convert to formula-logic is defining a list of "checks" as well as "check groups" which are lists of checks and it uses macros and jinja and other mystical voodoo to expand each "check group" to a json file with an expand "check" for each "check" listed in the "check group".
19:52 aldevar joined #salt
19:52 MTecknology the whole stack of what might be written to a config is stored in a pillar structure shared between all minions, but it seems like the perfect setup for a defaults.yml merged with pillar overrides.
19:53 doubletwist Edgan: Well, that does get past that error, but as whytewolf said, it trys to install the wrong package [clamav-freshclam instead of clamav-update]
19:57 ymasson joined #salt
20:04 ECDHE_RSA_AES256 joined #salt
20:09 pipps joined #salt
20:10 pipps joined #salt
20:16 magnus1 joined #salt
20:17 doubletwist What type of object is that being used [and merged] in the map.jinja? Just a hash?
20:21 pipps joined #salt
20:21 doubletwist Waitaminute.
20:22 doubletwist Isn't "{% set clamav = salt['pillar.get'](defaults.state.name, default=os_map_addition, merge=True) %}" doing the exact same thing as the command commonly used to load settings from default.yaml? just that it's being defined in maps.jinja instead here?
20:30 schemanic joined #salt
20:35 pipps joined #salt
20:39 onovy joined #salt
20:41 pipps99 joined #salt
20:42 pipps_ joined #salt
20:44 Topic for #salt is now Welcome to #salt! <+> Latest Versions: 2016.11.9, 2017.7.3 <+> Support: https://www.saltstack.com/support/ <+> Logs: http://irclog.perlgeek.de/salt/ <+> Paste: https://gist.github.com/ <+> See also: #salt-devel, #salt-offtopic, and https://saltstackcommunity.herokuapp.com (for slack) <+> We are volunteers and may not have immediate answers
20:47 rubenb joined #salt
20:50 stanchan joined #salt
20:52 pipps joined #salt
20:53 oida joined #salt
20:53 pipps joined #salt
20:57 pipps joined #salt
20:58 pipps joined #salt
20:59 pualj joined #salt
21:00 pipps joined #salt
21:02 neobryyte joined #salt
21:06 pipps joined #salt
21:09 pipps joined #salt
21:11 Edgan doubletwist: you get it working?
21:12 doubletwist Edgan: Almost I think. Still testing
21:12 Edgan doubletwist: awesome
21:17 viq Given structure {"body": "alerts":["alert1","alert2"]} would the way to work with that in jinja be {% for alert in body["alerts"] %}  ?
21:18 gtmanfred yeah or body.alerts
21:18 Neighbour the structure isn't correct
21:19 Neighbour is it "body":"alerts" or "alerts":["alert1", "alert2"] ?
21:19 gtmanfred well it would be {"body": {"alerts": ["alert1", "alert2"]}}
21:19 Neighbour that's better :)
21:19 viq Yeah, that's me trying to simplyfy a large blob of json I got, without being too used to json :P
21:20 Neighbour every squiggly counts :)
21:20 viq gtmanfred: thank you, again :)
21:20 viq MORE SQUIGGLIES FOR CTHULHU
21:20 gtmanfred i prefer to call them mustaches
21:23 stanchan joined #salt
21:28 doubletwist Edgan: Nope, still not working
21:28 whytewolf I like calling them flair. as in my code has lots of flair
21:29 Edgan doubletwist: give me what you have and I will try
21:29 doubletwist I can't get past this. if I use whytewolf's order, it gets processes ok but default overrides os_family_map. If I use your order, I get that same error
21:29 Edgan doubletwist: One solution would be make no overlap, put it all in the map/case statement. Though I will see if I can do better.
21:30 doubletwist Edgan: https://paste.fedoraproject.org/paste/SBe42pqCbQveUB1li08TiQ
21:30 whytewolf I would go with the no overlap. or make the overlap make sense.
21:30 om2 joined #salt
21:30 doubletwist The whole point of having defaults + os-specific mapping is to have overlap
21:31 whytewolf no it isn't
21:31 whytewolf it is to reduce code reuse
21:31 Edgan doubletwist: Is it really the same error my way?
21:31 doubletwist that's the error your way
21:32 Edgan doubletwist: his way?
21:32 doubletwist whytewolf's way doesn't give that error but tries to install "clamav-freshclam" [from defaults] instead of "clamav-update" from os map
21:32 whytewolf doubletwist: try this
21:32 whytewolf https://gist.github.com/whytewolf/0758ae7b7f3ae871cb30d682c72a8c6e
21:32 whytewolf as your code
21:33 whytewolf err, dicts i mean not the entirety of code
21:33 Edgan whytewolf: default? Shouldn't that be whatever his default OS is like Ubuntu?
21:33 whytewolf it is a default for an unmatched item. which is what he is trying to use that overlap to do
21:34 Edgan whytewolf: But it is grain matching, and default doesn't equal anything
21:34 LostSoul joined #salt
21:34 whytewolf if os_family isn't in the list it will use default
21:35 Edgan doubletwist: change "{% set os_map_addition = salt['grains.filter_by'](defaults, grain='os', merge=os_specific) %}" back to "{% set os_map_addition = salt['grains.filter_by'](os_specific, grain='os', merge=defaults) %}"
21:35 Edgan doubletwist: and then try it his way
21:36 afics is it possible to restart a service on changes to certain files while reloading it on changes to other files?
21:36 doubletwist I added the default entries and tried both ways on the set os_map_addition. Now they both give that same dict error
21:36 stanchan joined #salt
21:36 whytewolf should not be getting a dict error on that
21:37 Edgan doubletwist: I added a comment to his, https://gist.github.com/whytewolf/0758ae7b7f3ae871cb30d682c72a8c6e
21:39 whytewolf ugh, looks like i just lost a couple of grand.
21:39 viq how so?
21:39 Edgan whytewolf: cryptocurrency?
21:39 whytewolf 1500 point drop in stocks
21:39 gtmanfred dow lost 1100 today
21:39 viq whoa, what happened?
21:40 gtmanfred concern about the fed raising interest rates started last week
21:40 Edgan whytewolf: This isn't the first hit it has taken, and it can easily bounce back
21:40 gtmanfred this is just a continuation of the sell off
21:40 pbandark joined #salt
21:40 whytewolf Edgan: yeah. it just sucks losing that money i know i will get it back at some point
21:41 KolK joined #salt
21:42 Edgan whytewolf: Just looked at mine and I am up a little since when I last looked.
21:43 whytewolf let me atually check mine I was just going off of the drop havn't actually logged in
21:43 doubletwist Edgan: using a copy/paste frrom your comment it tries to install clamav-freshclam
21:43 Edgan doubletwist: on RedHat?
21:43 doubletwist yup
21:43 doubletwist os_family:
21:44 doubletwist RedHat
21:44 whytewolf doubletwist: what is the output of grains.get os_family
21:44 gtmanfred mine has pretty much stayed the same through this sell off.
21:44 Edgan doubletwist: what is the other "default" OS? Ubuntu?
21:44 whytewolf huh. yeah actually looks like mine hasn't budged today...
21:45 Edgan doubletwist: change default to whatever it actually is
21:45 whytewolf must have been some odd stocks that dropped like that instead of the market as a whole
21:45 gtmanfred well, it is worth mentioning that 20% of the dow jones gains over the last year are the fact that boeing grew at 43%
21:45 doubletwist In other words, give up on defaults
21:46 Edgan gtmanfred: exactly
21:46 Edgan doubletwist: I don't see it that way
21:46 whytewolf 43%? that was unmaintable
21:46 gtmanfred right
21:46 gtmanfred so it is just a reversion to the mean
21:46 Edgan doubletwist: How many distros do you have? and if you add CentOS, the default of Ubuntu won't do it any good
21:46 viq gtmanfred: since you're around, do you prefer here, slack or github? https://github.com/saltstack/salt/issues/45853#issuecomment-363181948  - could you please walk me through running this manually? Sorry :(
21:46 gtmanfred all we have to wait now is if this affects the orangutan or not
21:47 Edgan doubletwist: the defaults are things that are the same across all, the map is for the things that vary per distro
21:47 pipps joined #salt
21:48 gtmanfred viq: i prefer github when talking about issues, but first, check what version of websocket is installed.  then if it is the right one, open up the file, copy it to a new file, and see if that function can run normally in a file called whatever.py
21:48 doubletwist That sucks. The defaults [to me] should be overridable. yeah, it's a 'default' - but sometimes one system/type maybe won't use that default, so lets override
21:49 viq yeah, I have 0.46. I'll ask in the issue then.
21:49 gtmanfred viq: basically, take the code and troubleshoot it
21:50 whytewolf doubletwist: none of this has to do with overriding. it is all about merge order. item a is your base. the first merge item gets merged over that. and then the next item gets merged over that. you just need to a. find the right order. and b. understand what is being done. Edgan has given some good advice beyond my little items that i jump in with
21:50 viq So basically "python2 /usr/lib/python2.7/site-packages/salt/engines/slack.py" ?
21:50 doubletwist whytewolf: Then why can the override order ONLY work with os-map overriding defaults?
21:51 doubletwist Sorry flip that - it only works with 'defaults' overriding the os mapping.
21:51 cyteen joined #salt
21:51 gtmanfred viq: no
21:51 doubletwist But I want the os mapping to override the defaults. And for pillar data to override os mapping.
21:52 doubletwist And for that info to be accessible from both the formula/init.sls and from a template.
21:52 gtmanfred viq: copy it to a new file and try to see if it can actually connect to prove your point
21:52 gtmanfred viq: https://www.youtube.com/watch?v=F_wylxumcPY
21:52 gtmanfred that is a talk at saltconf that was about debuging salt
21:53 doubletwist Using the defaults.yaml method [from salt-formulas/template-formaul] it all works as I want *except* that I can't seem to reference the data from the os mapping or the defaults from the template - but it works from the init.sls
21:53 viq Thank you
21:54 whytewolf wait from the template?
21:54 whytewolf what do you mean by from the template
21:54 Edgan doubletwist: I can show you a copy tricks to be able to test the merging of jinja more easily
21:57 Edgan doubletwist: Do you get what I am saying about defaults for OS level stuff doesn't really work?
22:00 doubletwist Well it does work with the default.yaml method. I just can't seem to reference the data from a template for some reason, though every indication suggests that I should be able to do so.
22:01 Edgan doubletwist: what import line are you using for defaults.yaml?
22:02 whytewolf well, how are you passing it to the template or are you pulling the map.jinja in the template? details man
22:02 doubletwist hold on I'll show
22:03 pipps joined #salt
22:05 whytewolf btw. for the record. liberal use of {{ variable }} in places and rendering that can really help speed up your understanding of what is going on with this
22:05 doubletwist https://paste.fedoraproject.org/paste/PUMQi05a8~Pzb4ahIs8yLA
22:06 Edgan whytewolf: I was going to say content: {{ variable }} in a file.managed to right a tmp file, and then use salt call
22:07 whytewolf eh, i just cp.get_template instead of file.managed
22:07 doubletwist It installs the correct package on a redhat system. If I put "logfilemaxsize: 50M" in pillar, it uses that. If I remove that from the pillar, it removes that line instead of using the "20M" configured in the map.jinja
22:07 saltslackbridge <gtmanfred> @vicviq i updated the other issue with an explaination
22:08 neobryyte joined #salt
22:08 Edgan whytewolf: does it output to the console?
22:09 whytewolf no, a file. for console i use this https://github.com/whytewolf/salt-debug
22:09 whytewolf or you can use cp.get_file_str to grab the rendered file and output it to the console
22:09 Edgan whytewolf: with content and file.managed mine will output to the console and the file
22:10 Edgan whytewolf: So you can directly see the change
22:10 oida joined #salt
22:11 KolK Hello, I'm new to salt. I have a few servers (bare metal and vms) to manage. Two of them are running FreeBSD 11. I have installed py36-salt (2017.7.2). I sometimes have to run state.apply job twice before it is completed.
22:11 KolK First time it always doesn't end
22:12 Edgan KolK: hangs, or run twice to make all changes?
22:12 KolK I think it hangs
22:12 KolK But second time it succeed all steps
22:12 whytewolf Edgan: lots of different ways to do it. they all amount to the same thing. render and look at the render to see what is going on
22:12 doubletwist q
22:13 Edgan KolK: Could be a freebsd only bug, may just need to be debugged. You can run salt-call -l trace on the system to get very detailed answers
22:13 KolK Edgan: After few steps it hangs. I kill it with saltutil.kill_job and than start again.
22:13 KolK Edgan: Ok, thank you, I'll try
22:14 Edgan KolK: I think you want salt-call -l trace state.highstate  and it will be very vebose, so you might want salt-call -l trace state.highstate 2>&1 | less
22:15 Edgan KolK: Generally you do want -l trace and not -l debug. Very often I find -l debug not good enough.
22:15 afics joined #salt
22:17 MTecknology Is there any easy way to debug macros aside from using logic to step through them?
22:18 KolK Edgan: I see these logs :-) I think they will help me, big thanks :-)
22:23 viq gtmanfred: yeah, I was, thank you
22:25 jpsharp joined #salt
22:26 jpsharp I'm trying to create a custom salt execution module, but all I get is 'module' is not available when I try to call it from the salt command line.  i'm sure I'm issing something simple.
22:27 Edgan jpsharp: what directory are you putting in and what command are you running to test it?
22:28 jpsharp I zipped up the module, put in the /srv/salt/_modules directory on the master, did a "sync_call" which showed the module, and then I tried to run the module via "salt 'theminionhostname' astsalt.full_reload 1"
22:28 viq gtmanfred: if you're saying that "touch master" should fix salt-master trying to accesss /var/cache/salt - it didn't. Should I post all current configuration in ticket?
22:28 saltslackbridge <gtmanfred> yes
22:29 viq ok
22:29 saltslackbridge <gtmanfred> well
22:29 saltslackbridge <gtmanfred> ok
22:29 saltslackbridge <gtmanfred> looks like it does not fix it
22:29 saltslackbridge <gtmanfred> but if you move the master.d/master.conf to just be `master` it will work
22:30 saltslackbridge <gtmanfred> your problem is you are specifying the conf_file in master.d/master.conf
22:30 saltslackbridge <gtmanfred> delete that
22:30 saltslackbridge <gtmanfred> and it might work too
22:31 saltslackbridge <gtmanfred> yeah, do a `touch master` and sed -i ‘/conf_file/d’ master.d/master.conf
22:31 saltslackbridge <gtmanfred> and it will work
22:32 jpsharp and when I do a "sys.list_modules 'a*'" the module doesn't show up.
22:33 Edgan jpsharp: why zip it?
22:33 jpsharp I was just going by the recommendations from here: https://docs.saltstack.com/en/develop/ref/modules/index.html
22:33 Edgan jpsharp: I don't zip mine. I just have _modules/debug.py
22:33 saltslackbridge <gtmanfred> i wouldn’t call that a recommendation
22:34 saltslackbridge <gtmanfred> i would say, that is a way you can do it… only do it that way if you absolutely need to
22:34 jpsharp Hmm.  Okay.  I'll give that shot.
22:34 Edgan jpsharp: plus a zip in a git repo isn't awesome
22:34 jpsharp it's not in a git repo right now, but you're right.
22:34 Edgan jpsharp: can't git diff a zip
22:34 viq gtmanfred: turns out having "conf_file: ./master.d/master.conf" in "./master.d/master.conf" is a dumb idea, without it I don't get the cache access errors anymore. I get different ones, but they seem to be of a different nature
22:34 djinni` joined #salt
22:35 saltslackbridge <gtmanfred> i didn’t get any errors once i deleted that and touched master
22:35 * viq nods
22:36 viq I'm getting stuff like https://pbot.rmdir.de/nJ1d6XdTG4mZltUev-JFsA but that may be just incomplete virtualenv
22:36 Edgan gtmanfred: https://github.com/saltstack/salt/issues/44145 ?
22:36 saltslackbridge <gtmanfred> i have never seen that error, so i would guess your assumption is correct
22:38 pipps99 joined #salt
22:51 jpsharp Edgan: I unzipped the module and just put directory tree in /srv/salt/_modules and that fixed it.  I guess it doesn't like .zip
22:52 Edgan jpsharp: :)
23:14 pipps99 joined #salt
23:15 cliluw joined #salt
23:43 pipps joined #salt
23:44 pipps99 joined #salt
23:46 cyteen joined #salt

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary