Perl 6 - the future is here, just unevenly distributed

IRC log for #salt, 2018-02-20

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:19 Felgar joined #salt
00:21 masber joined #salt
00:25 sh123124213 joined #salt
00:32 dhwt joined #salt
00:39 lkthomas joined #salt
00:59 rkhadgar joined #salt
01:06 Psi-Jack joined #salt
01:07 exarkun joined #salt
01:49 Trauma joined #salt
02:05 Felgar joined #salt
02:29 cyborg-one joined #salt
02:36 copec joined #salt
02:41 mavhq joined #salt
02:41 evle joined #salt
02:57 ilbot3 joined #salt
02:57 Topic for #salt is now Welcome to #salt! <+> Latest Versions: 2016.11.9, 2017.7.3 <+> Support: https://www.saltstack.com/support/ <+> Logs: http://irclog.perlgeek.de/salt/ <+> Paste: https://gist.github.com/ <+> See also: #salt-devel, #salt-offtopic, and https://saltstackcommunity.herokuapp.com (for slack) <+> We are volunteers and may not have immediate answers
03:06 snc left #salt
03:12 zerocoolback joined #salt
03:23 cyborg-one left #salt
03:41 jrj hello. i want to understand how works formulas on chrony example - https://github.com/salt-formulas/salt-formula-chrony
03:41 jrj i can not find any pillar files there. is they missed?
04:28 gnomethrower joined #salt
04:31 exarkun joined #salt
04:46 XenophonF jrj: you must create the pillar files on your Salt Master and assign them to minions, similar to state files
04:47 XenophonF https://docs.saltstack.com/en/latest/topics/tutorials/pillar.html
04:53 jrj XenophonF, I try now to create pillar files, with trial and error way. there is no example
04:55 jrj and i can not estimate if thats formulas are correct. they was added a year ago. maybe it is not actual for current salt version...
04:56 onslack joined #salt
04:57 onslack joined #salt
04:57 gtmanfred jrj: Worth mentioning that those are maintained by a different group.  saltstack-formulas is the "official" formulas org.  You will have to contact either thru issues, or checkout the launch pad page on that GitHub repo
04:58 onslack joined #salt
04:58 onslack <gtmanfred> test
04:58 gtmanfred hrm
05:00 onslack joined #salt
05:00 onslack <gtmanfred> test
05:03 jrj i'm not really need oficial formulas. i think. i want to create simple states for chrony service for clients and for server. and trying to follow best practice - keep simple, divide server part from clietn part and use template for config file and pillar for data. but it is not so simple =)
05:03 jrj maybe someone can recomment working example of sate for any simple service?
05:11 MTecknology https://github.com/MTecknology/saltstack-demo ?
05:11 MTecknology the ntp stuff is simple anyway
05:11 onslack joined #salt
05:16 onslack joined #salt
05:16 onslack <gtmanfred> test
05:16 gtmanfred perfect
05:16 onslack /me <gtmanfred> tests
05:17 * gtmanfred is dissappointed
05:17 jrj MTecknology, yes. thats why i study it as example for "right" state
05:17 jrj thanks for link
05:18 onslack joined #salt
05:18 onslack ACTION <gtmanfred> thinks it is fixed
05:20 onslack joined #salt
05:21 * onslack <gtmanfred> thinks
05:21 gtmanfred perfect
05:26 Eugene what
05:35 jrj MTecknology, your example for one os and with static config file. i have no issues with this config. i want to create "right" state for Debian/Centos env and with own config for internal ntp server and clients. anyway nice organized files =)
05:44 MTecknology It's pretty trivial to add support for another OS using pillar, but it's complexity I don't need/want in my env
06:01 jrj i need this. so i triyng to study how to do it in correct way. without need to rewrite wahole states some time later... thanks anyway. will study further.
06:06 exarkun joined #salt
06:11 onslack <gtmanfred> I use defaults.yml <https://github.com/gtmanfred/wordpress-formula/blob/master/wordpress/defaults.yaml>
06:13 zulutango joined #salt
06:14 pualj joined #salt
06:14 ymasson joined #salt
06:24 dagb joined #salt
06:24 golodhrim joined #salt
06:33 LocaMocha joined #salt
06:35 tobiasBora joined #salt
06:45 pppingme joined #salt
07:00 Hybrid joined #salt
07:04 mrBen2k2k2k_____ joined #salt
07:20 Ricardo1000 joined #salt
07:32 sh123124213 joined #salt
07:42 Vaelatern joined #salt
07:44 cyteen joined #salt
07:46 pualj joined #salt
07:47 exarkun joined #salt
07:51 aldevar joined #salt
07:58 xet7 joined #salt
08:05 Tucky joined #salt
08:15 Hybrid joined #salt
08:24 cewood joined #salt
08:27 saltnoob58 joined #salt
08:27 saltnoob58 hello. Is it possible to call and use a virtual execution module in a custom grain, namely pkg?
08:27 saltnoob58 or does it have to be a real one and I need to make the virtual logic myself again if i want it?
08:32 MTecknology virtual is mosty a way of sanity checking a module's run-time before allowing it to load or for providing an alias as an entry-point into modules specific to the OS they run on
08:35 saltnoob58 because i think i can just run pkg.list_pkgs from commandline and have it work, my thought was that i should be able to do import salt.modules.pkg or something like that and use it like a real module, with salt checking the OS to see which real module to use
08:36 MTecknology yup, it should work
08:39 saltnoob58 i might me mistaken about something. import salt.modules.pkg says no such module pkg was found. Am I looking in the wrong place?
08:41 hoonetorg joined #salt
08:47 golodhrim|work joined #salt
08:51 MTecknology I gotta sleep... if someone doesn't answer you, ping me later and I'll try to help
08:52 saltnoob58 okay. i'll keep trying to just find the damn virtual module itself in the filesystem
08:52 saltnoob58 good sleep
08:56 inad922 joined #salt
09:08 Dr_Jazz joined #salt
09:19 hemebond joined #salt
09:24 IdoKaplan joined #salt
09:26 IdoKaplan Hi, I'm using the state "system.join_domain"  in order to join windows machine to domain. i have managed to join to machine to the domain, but when I use "restart: True", the restart trigger to start only after 5 mins and I would like to restart immediately. Can someone help an idea? Thanks!Ido
09:26 mage__ joined #salt
09:27 exarkun joined #salt
09:29 saltnoob58 can you like to the documentation of the module you're using? i can't see "join_domain" under salt.modules.system
09:30 saltnoob58 and if the 5 minute wait is some kind of hard wired module behaviour you could maybe put a watch on your state that restarts it right away?
09:31 IdoKaplan https://docs.saltstack.com/en/latest/ref/states/all/salt.states.win_system.html
09:31 IdoKaplan https://github.com/saltstack/salt/issues/44166
09:32 Mattch joined #salt
09:32 IdoKaplan I see that there is already an issue on it, I trying to understand when the fix should be released
09:32 indistylo joined #salt
09:37 saltnoob58 as with all fixes, not soon enough. You could dig through the code and apply the fix yourself, but i recommend putting a watch that reboots your host immediately, instead of relying on the restart parameter
09:38 saltnoob58 https://docs.saltstack.com/en/latest/ref/states/requisites.html#watch
09:40 aruns joined #salt
09:41 aruns joined #salt
09:43 hemebond Doesn't look like that pull request was merged.
09:46 indistylo joined #salt
09:47 yidhra joined #salt
09:57 saltnoob58 it might have been completely lost among the business on where to merge which things
09:57 rainbowtux joined #salt
09:58 aruns joined #salt
09:58 saltnoob58 you can also always check the diff and hotfix your salt installation with it if you find it acceptable
09:58 hemebond Does it work if you restart manually?
09:59 hemebond Like, as you suggested, saltnoob58, could it not be worked around using a reactor?
10:02 saltnoob58 as i understand, if you set restart: True it just calls win_systme.reboot state, but with default values, which you can't change. If you call it "manually" via a watch you should be able to set the timeout. Or even use outside commands to do the reboot
10:04 rainbowtux Is there a way to update the config of a virtual machine using salt-cloud? e.g. adding CPU? I know there is no straight-forward way to do it, but for such an essential thing, perhaps someone has a workaround?
10:05 saltnoob58 biggest workaround is cmd.run. After that you look if there's execution modules or states that do what you want with it so you dont have to put your commandline into cmd.run
10:06 saltnoob58 that's starting from worstcase though
10:09 saltnoob58 argh why is something so simple from commandline in salt so difficult to do not from commandline >:(
10:11 saltnoob58 wait, if virtual module depends on grains to know what module to use, and grains are not available inside grains, is it completely impossible to use virtual modules inside custom grains?
10:12 saltnoob58 though I could copy to my custom grain the python code that collects os grains, then using that make my own switch to import and use a certain module depending on what os is found
10:12 saltnoob58 which is a huge pain
10:14 Miuku rainbowtux: As far as I know, there is no way - it's only for creating/destroying.
10:16 IdoKaplan saltnoob58: I thought about the idea to call it "manually" but it's not working so good - can you please help ? https://pastebin.com/qdU6zPed
10:21 saltnoob58 If the "result" of the watched state is True, the watching state will execute normally, and if it is False, the watching state will never run.
10:21 saltnoob58 and the join_domain returns true even when host is already joined
10:21 saltnoob58 sounds like a not stateful state
10:21 ct16k joined #salt
10:22 ct16k joined #salt
10:22 ct16k joined #salt
10:22 ct16k joined #salt
10:23 ct16k joined #salt
10:23 tobiasBora joined #salt
10:23 ct16k joined #salt
10:25 IdoKaplan saltnoob58: Thank you. Do you have an idea how to solve it without editing the code?
10:26 golodhrim|work joined #salt
10:26 saltnoob58 by editing the code. or writing new code. If the part that's supposed to check wether you did a thing or not is working, you can't really run things "only when a thing was done"
10:27 hemebond onchanges
10:28 saltnoob58 wait, watch is not onchanges?
10:28 saltnoob58 i must apologize if that's so
10:28 saltnoob58 i recommended the wrong thing then
10:28 saltnoob58 damn you, confusing salt terminology!
10:29 saltnoob58 https://docs.saltstack.com/en/latest/ref/states/requisites.html#onchanges
10:29 IdoKaplan I'm checking
10:31 hemebond watch is only useful if the state function has a mod_watch attribute/parameter.
10:32 hemebond e.g., service.running
10:33 saltnoob58 you could watch a state that onchanges a state, for cases when you can't put everything into one state that runs if something changes. Daisy chain your states
10:34 saltnoob58 but yeah i just had those two confused
10:34 IdoKaplan onchanges didn't work - the machine was added to the domain, but request didn't happen - "State was not run because none of the onchanges reqs changed"
10:35 IdoKaplan request=restart
10:35 hemebond Can you paste the highstate result?
10:35 hemebond And your states.
10:36 hemebond If it was joined to the domain surely it resulted in a change.
10:36 IdoKaplan https://pastebin.com/XwcjZqEZ
10:36 IdoKaplan This is the output
10:37 IdoKaplan This is the state - https://pastebin.com/iB31Ufcc
10:38 saltnoob58 this is not as pretty as your first paste, but it seems that even though computer was added 'changes': {}, is empty. Agains blame the win_system state
10:39 hemebond It definitely joined the domain?
10:39 IdoKaplan yes
10:42 hemebond What salt version are you on?
10:42 rainbowtux Miuku: hi... we seem to have a lot of common interests :-) thanks for replying... pity though
10:43 IdoKaplan 2017.7.2
10:44 hemebond Are you able to run it on the minion itself with `salt-call state.apply -l debug`?
10:44 hemebond And paste the output.
10:44 hemebond Though it will definitely have secrets.
10:45 hemebond The code suggests changes will be empty if an error occurred.
10:47 hemebond Oh wait.
10:47 hemebond The state module doesn't seem to set changes at all.
10:49 IdoKaplan https://pastebin.com/NppJEAWJ
10:54 hemebond Yeah if onchanges needs a non-empty changes value then it's never going to work.
10:55 IdoKaplan Do you have an idea what can I do?
10:57 hemebond if you edit salt/states/win_system.py on the minion to ...
10:57 hemebond Well.
10:57 IdoKaplan joined #salt
10:58 hemebond If you edit salt/states/win_system.py on the minion to return changes, does it work?
11:01 megamaced joined #salt
11:05 Ivoz joined #salt
11:06 IdoKaplan joined #salt
11:07 exarkun joined #salt
11:09 pbandark joined #salt
11:10 saltnoob58 joined #salt
11:11 onslack <mts-salt> will do. how does your bridge handle threads? :D
11:14 msmith joined #salt
11:18 onslack <mts-salt> test
11:19 aruns__ joined #salt
11:24 nikeshm joined #salt
11:25 nikeshm hi
11:25 nikeshm is the oxygen released for salt-cloud
11:25 onslack <mts-salt> oxygen doesn't have a release date yet, no
11:26 nikeshm https://github.com/saltstack/salt/tree/oxygen  - what is this
11:26 nikeshm https://github.com/saltstack/salt/tree/oxygen.rc1
11:27 nikeshm ok i see
11:27 nikeshm https://github.com/saltstack/salt-cloud
11:28 nikeshm it should come here r8
11:30 onslack <mts-salt> there are tags for it as it's a work in progress, but it's not available as a general release. i suspect you can try it out if you need something from it
11:32 babilen You can install from git, but it hasn't been released yet
11:32 hemebond IdoKaplan: You back?
11:33 IdoKaplan hemebond: yes, i'm here.
11:33 babilen It's also quite easy to backport changes you're after by placing the respective modules into _modules on file_tree and syncing them
11:33 hemebond I didn't realise you had returned.
11:33 babilen IdoKaplan: ^ might be interesting for you as well
11:33 IdoKaplan hemebond: i'm trying to find some workaround because i don't know to edit the code
11:33 hemebond IdoKaplan: Is there a grain associated with the domain?
11:33 babilen That way you can "hot fix" problems quite easily
11:34 babilen IdoKaplan: Has the patch been released already?
11:34 babilen (just not made it into an official salt release)
11:34 IdoKaplan Not sure that I understand
11:34 hemebond babilen: It seems to be a problem with the state module.
11:34 babilen Has the issue you are trying to fix been reported and is there a patch?
11:35 babilen (i.e. do we know how to fix it already?)
11:35 hemebond Even though changes are made the changes dict is empty.
11:35 hemebond It never gets updated.
11:35 babilen "I haven't touched anything"
11:35 hemebond (the changes dict)
11:35 babilen "Yes you have!"
11:35 babilen "Prove it!"
11:35 babilen So .. we don't know how to fix the issue? Is there a bug report?
11:36 hemebond It can be fixed by changing the join_domain method to return something in ret['changes']
11:36 hemebond Though I was going to suggest a workaround using grains.
11:38 IdoKaplan Can you please elaborate about the workaround?
11:38 hemebond Is there a grain for the domain?
11:41 hemebond babilen: Is the changes dict free-form?
11:41 saltnoob58 is it possible to run more than one execution module at once from commandline? Like salt-ssh '*' "module1.thing && module2.thing'  or is it just not done and orchestrators and such are the proper tool?
11:41 hemebond saltnoob58: Only one.
11:43 saltnoob58 i suspected as much. What I want to do is an aberration anyway
11:44 babilen hemebond: It is, yes
11:44 nikeshm babilen mts-salt : thanks
11:45 nikeshm any link between openstack-salt and salt cloud
11:45 babilen saltnoob58: hehe .. if it feels wrong, you probably shouldn't do it
11:45 nikeshm which is better
11:46 oarmstrong joined #salt
11:46 oarmstrong joined #salt
11:46 oarmstrong joined #salt
11:46 mikecmpbll joined #salt
11:46 babilen nikeshm: You might want to look at something like Terraform also
11:46 saltnoob58 using salt for my task feels wrong, but i gotta pay the bills somehow. A man chooses, an office lemming obeys
11:47 babilen What's your task?
11:47 saltnoob58 and what feels right doesnt work :)
11:47 hemebond Salt goes with everything. Blood-pressure be damned.
11:48 oarmstrong hi there. was just wondering if there's any documentation as for why salt-minion rpm has a restart as part of the post install scriptlet? it's very un-rpm like to do this and caused me big problems last week
11:48 saltnoob58 to find the holy... wait, no, that's lancelot. To collect grain like data from many hosts and send it somewhere. I wanted to shove pkg.list_pkgs into a custom grain but that's not working really well. And since virtual modules depend on grain info which is not available inside custom grains i think its outright impossible
11:49 hemebond That's definitely Salt Mine territory.
11:50 babilen You could define a salt mine function with https://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.aptpkg.html#salt.modules.aptpkg.version
11:50 viq babilen: you beat me to suggesting mine ;)
11:50 babilen Depends on what "send it somewhere" really means and what's the intended use
11:50 babilen Well, hemebond beat me (but only because I tried to get the link)
11:50 babilen :)
11:51 babilen In the end .. #salt beat #noanswer
11:51 viq Ah, indeed :)
11:52 saltnoob58 at the moment send it somewhere is pipe it to python and from there it's tip top. And mine either doesnt play well with salt-ssh or creates a new ssh connection every time you query a mineitem from it or is just somehow confusing
11:52 saltnoob58 as long as i can put everything i want into grains, which is not very long, i dont need mine, just grains
11:53 babilen salt-ssh is ..
11:53 saltnoob58 sigh, some things are so easy from the commandline
11:53 saltnoob58 salt-ssh is previous directory?
11:53 babilen What are you actually trying to do?
11:53 hemebond If you're using salt-ssh them you're doing things manually already.
11:54 babilen no .. SSH just isn't the right transport for orchestration/configuration management
11:54 nikeshm babilen: i am learning saltstack for infrastructure as a code
11:54 babilen And an SSH agent is not the right agent for that usecase also
11:54 nikeshm any useful lniks for IAC
11:55 nikeshm how to use saltstack for IAC : any useful links for use cases
11:55 saltnoob58 i'm really trying to collect grainlike data, like all ipv4/6s, hostnames, uuids, etc, over ssh because not allowed to install an agent into every machine
11:55 saltnoob58 and store it in ucmdb
11:56 saltnoob58 wanted to leverage salt-ssh parallelization, grains premade scripts that collect data. And a bunch of premade execution modules
11:56 hemebond Storing temporal data in grains is definitely unpleasant.
11:56 babilen nikeshm: Well, that's a *huge* field! In the end you have many pieces of the puzzle. Salt is great for continuously managing the "state" of services and configuration of your boxes. I haven't used salt-cloud, much, but I always felt that it is a bit out of place and lacking. There are tools such as Terraform that are, IMHO, better suited for the provisioning bit
11:56 nikeshm so i selected openstack for IAC
11:59 nikeshm ok
12:00 babilen saltnoob58: You are already installing an agent (openssh-server) though ;)
12:00 nikeshm is any one else used salt-cloud for Infrastructure as a code in salt-community for any Infrastructure
12:00 babilen saltnoob58: But if you decide to solve that usecase in the manner you describe, writing a custom grain that essentially returns the output of pkg.version is the right approach
12:01 zerocoolback joined #salt
12:02 babilen saltnoob58: And you are referring to HP's cmdb?
12:02 saltnoob58 im not the one installing openssh, and its masterless so teams dont hijack the master position. But well that's my near last resort, to duplicate the virtual functionality in a custom grain, then call the appropriate real modules which luckily is possible from inside grains
12:03 saltnoob58 except i'll have to duplicate the functionality of OS grains because that's needed to decide which module to use, and grains arent available inside grains
12:03 saltnoob58 and I am referring to HP UCMDB, yes
12:04 saltnoob58 if i put it inside a custom grain, per others suggestions i then directly pipe it to a python script which works just fine, loop through the dict, do things, compose a json and upload it via restapi
12:05 hemebond Why can't you just do multiple requests?
12:06 Miuku grains inside grains. grainception?
12:06 saltnoob58 that's why i was asking about running two things on one command. But multiple requests double the amount of ssh connections, and with several k hosts thats quite a bit of overhead
12:06 saltnoob58 and then it's more than one --out json dict
12:07 saltnoob58 so it needs extra processing to associate the things from the first request to the things from the second request
12:07 hemebond Seems like you're using the most difficult solution.
12:07 hemebond Merging a few dicts should be easy.
12:08 saltnoob58 maybe, i'm investigating which would be the least pain in the ass
12:08 onslack <mts-salt> ooc would a single shell script run the commands you want and give you output you can parse? :)
12:09 saltnoob58 thats simplest option number two
12:10 saltnoob58 but then different outputs need storing and merging before gettin fed to python app, or handling separately inside python app
12:11 saltnoob58 everything in grains together mitigates this nicely, though has it's own problems
12:11 hemebond Could write a custom execution module.
12:12 hemebond Make it collect and sort the info on the minion and return it all together.
12:14 onslack <mts-salt> "everything in grains together" simply means it's easier to parse by python. you can use many different formats that could be easy to parse. you could even write a python script rather than shell script
12:15 hemebond This is being done with a shell script?
12:16 onslack <mts-salt> i'm suggesting that it could be, if you're already limited to using ssh
12:16 babilen Yeah, sounds as if a custom execution module is the way to go here
12:16 babilen No need for grains, really
12:19 pcdummy joined #salt
12:19 pcdummy joined #salt
12:19 saltnoob58 well thats another option, make a module that runs a bunch of masterless salt-calls inside the temp dir made by salt ssh
12:19 onslack <mts-salt> if you've got a custom module then you can call the python directly, no need to shell out
12:19 hemebond ^
12:21 saltnoob58 i just said since it's more descriptive and understandable to say salt-call when it's really a bunch of weird __salt__['weird']
12:21 saltnoob58 sigh, there's no option where i dont have to write a bunch of extra stuff, no matter how simple or not simple it is :)
12:24 onslack <mts-salt> whatever you do has to be simpler than doing it all by hand! :)
12:24 hemebond Well, if it's a one-off thing why does it matter if you're connecting multiple times?
12:24 hemebond Where does that restriction come from?
12:25 saltnoob58 not a one off thing. Once a day thing, so if someone makes a new host or changes an ip, the automagic catches it and people dont have to update cmdb by hand
12:25 hemebond Oh. Execution module.
12:25 onslack <mts-salt> "if someone makes a new host" ? does that mean they'll also update the salt roster?
12:26 saltnoob58 a network magic thing updates the list of all networks and ips, and an automagic thing create a roster based on that
12:27 onslack <mts-salt> wow, ok. automation by convention :)
12:28 saltnoob58 would be nice if scan roster accepted a list of networks, wouldnt need this automation. But since the automation is there a check to see if IP has mac present has snuck in and discards about 9k IPs
12:29 saltnoob58 even with 100+ batchszie and 1 sec ssh timeout thats still a bunch of time :)
12:30 onslack <mts-salt> perhaps you'd benefit from arpwatch or similar to note ip addresses that are in use
12:30 saltnoob58 that part is taken care of by the networking team and handles the watching which ip addresses are in use
12:33 onslack <mts-salt> =b
12:33 saltnoob58 the good and the bad when you're not allowed to touch more than half of the infrastructure :)
12:37 onslack <ryan.walder> anyone have any idea why an initial state.apply (file.recurse) would fail with `KeyError: 'file.source_list'` then work fine the 2nd time?
12:37 onslack <mts-salt> is it relying on something that hasn't been applied yet?
12:37 onslack <ryan.walder> nope
12:38 onslack <mts-salt> compare the debug logs?
12:39 onslack <ryan.walder> the first one throws a couple of errors loading modules that are irrelevant (pip, win_file) but not on the 2nd run
12:39 onslack <mts-salt> i suggest that win_file is aliased to file under windows :)
12:40 onslack <ryan.walder> Sure, if I was on windows I might care ;)
12:40 onslack <mts-salt> since your error references file, i'd look there
12:40 onslack <ryan.walder> the things is that no changes are being made to the minon that would change how salt does stuff
12:40 onslack <ryan.walder> so if it fails it should fail on both runs
12:41 onslack <mts-salt> except that the initial highstate will be pulling back grains
12:41 onslack <mts-salt> and maybe more
12:42 onslack <ryan.walder> hmm
12:42 onslack <ryan.walder> if that is the case if I run another state first then the failing one second it should be fine
12:42 onslack <mts-salt> if in doubt, wade through `-l all` :D
12:43 onslack <ryan.walder> as in 2 seperate runs
12:43 onslack <mts-salt> i have a habit of running test.ping first for that exact reason, yes
12:43 onslack <ryan.walder> hardly a production ready solution
12:43 meena joined #salt
12:43 meena o/~ hello happy people o/~
12:43 meena i made a huge mistake.
12:44 onslack <mts-salt> submit an issue?
12:44 meena it's probably just a syntax issue, but it's rather boring to go chasing that with kitchen verify (or travis)… is there any possibility to just test if my jinja file has sensible syntax?
12:45 onslack <mts-salt> render it using cp.get_file_str then throw the result through a yaml linter? :)
12:45 onslack <ryan.walder> @mts-salt, not a first run issue
12:45 pcdummy joined #salt
12:45 pcdummy joined #salt
12:45 onslack <mts-salt> ah ok. worth a thought. i guess it's '-l all' then
12:46 onslack <ryan.walder> wouldn't be so annoying if it wasn't the official salt-formula ;)
12:46 onslack <mts-salt> heh
12:46 onslack <mts-salt> be thankful you don't work with windows. half of the "official" examples just don't work
12:46 meena (funny that the slack channel is not documented on website…)
12:46 saltnoob58 oh, and whoever thinks a single custom execution module is a wonderful thing, do you have any examples how to call a virtual module from inside python without shelling out?
12:46 onslack <ryan.walder> I'm tnakful I don't have to work with windows every day
12:47 saltnoob58 and without making my own switch to check things and choose the appropriate module
12:48 onslack <mts-salt> meena: it's right up there on <https://saltstack.com/community/>
12:48 onslack <ryan.walder> hmm, ok, so the formula was doing something to salt, who knew installing the salt-master fucked with the salt-minion
12:48 meena @mts-salt it's not here https://docs.saltstack.com/en/latest/topics/
12:49 msmith joined #salt
12:49 meena anyway… how do i validate syntax / integrity of my … stuff, before sending it out to servers?
12:49 saltnoob58 meena: https://docs.saltstack.com/en/latest/topics/#irc
12:49 onslack <mts-salt> hehe
12:49 indistylo joined #salt
12:50 saltnoob58 at least salt websites are not hp websites. Hoo boy, everything is there, but try finding anything
12:50 coredumb meena: take a look at how the test framework is doing
12:50 coredumb will give you some ideas
12:51 meena saltnoob58: i've *obviously* found the irc channel, i just didn't find the slack…
12:51 meena coredumb: it literally doesn't. it just executes it, and if it fails it fails.
12:51 meena see, https://travis-ci.org/saltstack-formulas/zookeeper-formula/builds/343768543#L2519
12:51 onslack <mts-salt> saltnoob58: i suspect you might want to look at something like <https://docs.saltstack.com/en/latest/ref/clients/index.html#salt.loader.minion_mods>
12:52 meena i've already found https://github.com/saltstack/salt/issues/802 … and it doesn't really help that they all say… yeah, i'm coming from puppet and i'd really like to have that thing again…
12:52 hemebond saltnoob58: You can't just salt['pkg.list_upgrades'] ?
12:52 coredumb well it executes your stuff _outside_ of your environnement
12:52 coredumb that's one way of catching your syntax errors
12:53 saltnoob58 hemebond: from the examples i've seen i have to import something, and just pkg doesn't exist as a .py file and i haven't been able to call it
12:53 hemebond Tried salt['pkg.list_upgrades']()?
12:54 onslack <mts-salt> the python api i just linked imports salt'loader
12:54 meena coredumb: booting a docker virtualmachine, installing salt, then running a command that fails and spits out a *lot* of text is not the most comfortable of development cycles for catching errors like: you forgot a comma here
12:54 coredumb agreed
12:55 onslack <mts-salt> yeah i test locally first, then push up to the master when it's working
12:55 coredumb although you can go without docker and do the test yourself to remove a lot of the verbosity
12:55 coredumb :D
12:55 meena imagine automating that process in emacs
12:55 saltnoob58 hemebond: would i need to import something? salt.modules? salt.modules.pkg? that last one not found btw
12:56 meena coredumb: i don't wanna *execute* whatever horrendous code i'm writing on my laptop tho :O
12:56 hemebond saltnoob58: I don't believe so.
12:56 coredumb like mts-salt I'm usually developing my formulas where I can locally run them until I'm happy with the result ...
12:57 saltnoob58 i have a suspicion that salt engine uses that loader when i run pkg.whatever from commandline so just using __salt__['virtual.module'] isn't even supposed to work
12:57 onslack <mts-salt> give a little while, the people who would know are just about getting up and will be along shortly :D
12:57 hemebond I don't know what that means. Did salt['pkg.list_upgrades']() work?
12:58 saltnoob58 well, i've been testing either in standalone python scripts, or in grains, both of which need to load modules, haven't yet tried inside an execution module
13:04 meena what does this »» Rendering SLS 'base:zookeeper' failed: Jinja variable 'dict object' has no attribute 'distro_install' «« mean?
13:04 meena (i fixed the else issue)
13:04 saltnoob58 hemebond: inside a properly placed execution module     thelist = __salt__['pkg.list_upgrades']() works
13:04 saltnoob58 so at least inside execution modules the situation is simpler
13:05 saltnoob58 well at least i know that :)
13:07 saltnoob58 hmm, i wonder if i had all the necessary salt modules loaded i could do the same things inside a grain...
13:08 kiorky_ joined #salt
13:11 hemebond 👍  no grains
13:13 IdoKaplan hemebond: So what can I do with join_domain? :(
13:13 saltnoob58 but i love grains :( they save me the miniscule effort of writing like 7 __salt__[grains.get] and the writing, compiling all the things into a dict and returning it
13:13 hemebond IdoKaplan: Wrap your "reboot" state in some Jinja that checks the domain.
13:14 hemebond Include the reboot state _only if_ the domain is _not_ what you want it to me.
13:14 hemebond And just have the reboot state "require" the join_domain state.
13:15 IdoKaplan hemebond: i'm trying to find a way to check how the machine was joined to domain but restart is in pending.
13:15 hemebond mm?
13:15 hemebond What do you mean?
13:15 saltnoob58 {% if domain!= pillar[the domain you're trying to join] %} then reboot(): requisite:join_domain()
13:16 saltnoob58 i think he tried to check if domain is correct && there's a restart waiting for the default 5 minutes present
13:16 hemebond Just to be clear, that ^ is pseudocode :-)
13:16 saltnoob58 oh yeah dont copy paste anything i write here ever
13:17 saltnoob58 i love salt, want to use it, learn python and jinja too :D
13:17 hemebond I thought reboot was false.
13:18 IdoKaplan hemebond: When I join a machine to a domain, it's recommended to trigger a reboot afterwards (group policy, etc'). when I execute the state to "join_domain"  with "restart: false", the domain grain will be added (before the restart), so I cannot add another state of system.reboot
13:19 hemebond IdoKaplan: You don't need to.
13:20 hemebond You apply join_domain and the reboot state at the same time.
13:20 hemebond Grain won't exist yet so both states are included.
13:20 hemebond But afterwards, if you highstate, only the join_domain state will be included because the grain will exist.
13:21 IdoKaplan hemebond: ohhhhh, nice. I understood :)
13:21 hemebond 👍
13:21 IdoKaplan hemebond: i'm on it..thank you, I will update
13:22 Nahual joined #salt
13:28 JohnnyRun joined #salt
13:28 saltnoob58 woah, weird
13:29 saltnoob58 wait, not weird
13:30 saltnoob58 had a different subcommand in custom module and was wondering why had different sudo requirement than builtin module
13:34 meena the main problem with testing in test-kitchen something that's written in python is that i can't just stick `require 'pry' ; binding.pry` in there to debug
13:34 edrocks joined #salt
13:36 IdoKaplan hemebond: thank you! now it works :)
13:36 hemebond 👍
13:38 hemebond left #salt
13:39 pualj joined #salt
13:40 saltnoob58 still, the state itself should both return changes and have a better restart: True
13:41 saltnoob58 maybe needed to make tickets?
13:48 pualj joined #salt
14:05 _JZ_ joined #salt
14:08 saltnoob58 curious thing.  __salt__['grains.items']() does not return custom grains
14:10 saltnoob58 wait no, even that's a lie
14:10 saltnoob58 is the only thing about salt that's consistent my being wrong?
14:11 saltnoob58 also alt-tabbing out of ubuntu for windows will eat up your scrollback, never use ubuntu for windows, kids
14:15 aruns__ joined #salt
14:20 DammitJim joined #salt
14:22 LocaMocha joined #salt
14:30 XenophonF meena: that error means some Jinja code in the zookeeper SLS references a dictionary key named `distro_install`, but that key isn't defined
14:31 XenophonF check that SLS for any references to `distro_install` and work your way backwards to where it's supposed to be defined
14:31 meena XenophonF: yeah, i noticed that at the bottom there's always a zk hash, that's filled with the variables declared above
14:35 onslack <gtmanfred> It doesn't,and I am not sure if a good way to handle it.
14:36 onslack <gtmanfred> First I am going to handle file uploads,copying them to gist/YouTube/imgur
14:39 cgiroua joined #salt
14:45 pualj joined #salt
14:47 XenophonF meena: do you have a link to the updated code?
14:47 meena XenophonF: https://github.com/saltstack-formulas/zookeeper-formula/pull/66
14:50 XenophonF ugh that formula is full of spaghetti
14:52 meena XenophonF: it wasn't me :(
14:52 onslack <mts-salt> in case you missed it, the bridge is using my email address rather than my nick
14:54 XenophonF I know.  Some of these older formulas need tender, loving refactoring.
14:54 XenophonF hang on, let me fork this, merge your pull into my fork, and try it myself
14:54 XenophonF the travis log is unreadable
14:56 indistylo joined #salt
14:56 meena XenophonF: is that because of travis, or because of test-kitchen? or because of (my) bad code?
14:57 evle joined #salt
14:57 XenophonF The raw log file is full of escape sequences and other non-ASCII garbage.
14:57 XenophonF like, wtf is that?
14:57 XenophonF so I blame Travis :)
14:57 meena XenophonF: download, then less -SR
14:59 XenophonF ok my fork's up to date, let me add that to my Salt master and see what's what
14:59 XenophonF how are you testing this?
15:00 meena bundle exec kitchen verify
15:00 XenophonF ah
15:02 BitBandit joined #salt
15:04 XenophonF so without running this, I see some problems
15:04 XenophonF oh wait never mind - I misread the if statement
15:07 meena XenophonF: if there;s anything to make that clearer, please do tell
15:08 XenophonF meena: which OS has zookeeper packages, and which repos do I need to add to make that happen?
15:08 meena XenophonF: debuntu has them, not sure if centos has them, but, if not, WHY NOT?
15:10 XenophonF hey, haven't you heard?  it's all cloud devops now, we just deploy straight from a git repo using our CI pipelines, none of this packaging or release engineering or support crap
15:10 meena XenophonF: https://github.com/deric/puppet-zookeeper/blob/master/manifests/params.pp#L45
15:11 akrus joined #salt
15:11 JPaul joined #salt
15:11 akrus hello everyone!~
15:12 XenophonF hang on meena I have to download and install Debian
15:15 * Miuku takes XenophonF's temperatures.
15:15 Miuku Oh dear, heavy fever.
15:16 meena hehehe
15:25 hoonetorg joined #salt
15:31 Micromus joined #salt
15:32 mikecmpb_ joined #salt
15:33 racooper joined #salt
15:38 meena btw, main motivation today to switch this installation to pkg.installed was https://github.com/saltstack/salt/issues/45893
15:38 pualj_ joined #salt
15:38 meena most distros provide *usable* versions of zookeeper.
15:46 GrisKo joined #salt
15:49 beardedeagle joined #salt
15:51 tiwula joined #salt
16:02 vsi138 joined #salt
16:08 indistylo joined #salt
16:10 _beardedeagle joined #salt
16:20 mikecmpbll joined #salt
16:23 DickerDackel joined #salt
16:27 DickerDackel joined #salt
16:29 GrisKo joined #salt
16:29 DickerDackel left #salt
16:29 DickerDackel joined #salt
16:30 DickerDackel Next try: Hi
16:32 megamaced joined #salt
16:33 DickerDackel Can anybody give me a pointer, how to deploy a multi-tier application (e.g. webstuff, database, perhaps Storage) via Salt?  I'm pretty comfortable with having all kind of server flavours managed by salt, but I just can't wrap my head around how to create a state for e.g. AppX that spans multiple target servers with multiple configurations.
16:37 DickerDackel States seem to be organized "the other way round", starting from targeting servers and bringing them to conform the defined state.  But from an app point of view, I start with the app, would hang the various servers below that and then the states within these.
16:38 DickerDackel So, is there some kind of "bundle" where I could wrap multiple states on multiple machines in one tidy package?
16:38 meena DickerDackel: hrm… maybe you might wanna look into event based infrastructure?
16:39 DickerDackel Hmm, I thought, that would be like monitoring and stuff, but I'll check the docs for that.  Thanks...
16:41 meena DickerDackel: what an event means to you simply depends on your timescale
16:41 DickerDackel Already reading... :)  I've used the event
16:42 meena it could be used for monitoring, sure, or you could just react to it yourself (well, via salt)
16:42 meena \o/
16:42 DickerDackel queue to follow state activity in the past, but I'll know more in 15min...
16:44 onslack <mts-salt> do you plan to deploy to existing minions, or spin up new ones to handle the application?
16:45 meena so, basically, "are you updating an existing thing, or doing blue-green deployment"
16:51 DickerDackel Hmm, I don't get how the event system will help...  I'd imagine more s/t like a meta state.
16:51 DickerDackel Like so: https://gist.github.com/DickerDackel/29652fbe73a40b7a256ac9e2d1d89464
16:51 ingy joined #salt
16:52 onslack <mts-salt> if you already have the states created then you'll either need to run a multi-minion highstate, or wrap it all in an orchestrate state. but that does assume you already have the states
16:52 onslack <mts-salt> this is why i asked if you intend to deploy to existing minions or not
16:53 onslack <mts-salt> the next most important question then becomes who/what decides which minions are to be used
16:53 onslack <tmacey> Can someone refresh my memory of how to initialize a Python REPL session to be able to access the python representation of a pillar dict?
16:54 onslack <tmacey> I'm trying to find out whether the sub-dictionaries in a nested YAML file are actually being represented as an ordered dict internally
16:54 DickerDackel Ah, sorry.  Haven't used irc for a long time and thought, you were talking to s/b named <mts-salt> @-)
16:55 onslack <mts-salt> DickerDackel: conversations overlap a lot on irc :)
16:56 DickerDackel So to answer the question: I have minions deployed on all containers on the host.  'multi-minion highstate' looks like what's I'll google next :)
16:57 whytewolf DickerDackel: actually. look up salt orchestration
16:58 onslack <mts-salt> it depends on what you intend to control and configure. orchestration is useful to run multiple things across minions but i'm still not sure how those things get there or get configured
16:58 DickerDackel whytewolf: Had already read about orchestration, but that read more like "how to fire 50 webservers up".  But I'll read again...
16:59 whytewolf it is about controlling what you do across minions.
16:59 onslack <mts-salt> in my setup i'd have to add pillar config and states to use it against a given minion or minions, after which a highstate then performs the deploy
16:59 onslack <mts-salt> orchestration wouldn't help in that case
17:00 whytewolf it would if you orchestrat the creation of pillars ;)
17:01 onslack <mts-salt> an orchestration state that configures the system? neat... if i was doing it often enough to justify
17:01 onslack <mts-salt> but yes. figure out the states to deploy, then backtrack to figure out how to add config for those states. i might use that
17:02 onslack <mts-salt> still, the first step is still to do it once before you can automate the automation :)
17:03 whytewolf very true. know your system.
17:04 pualj_ joined #salt
17:05 DickerDackel Doing it once for a lab test seems simple enough.  A state to create a vhost, unzip wordpress, applied to web-node-x, another one to fire up a db instance and create a user to db-node-y, config in a pillar.
17:05 DickerDackel My problem (i guess) is joining both together, and properly parametizing (is that a word?) the states to make them more abstract.
17:06 DickerDackel "parameterizing" :)
17:07 onslack <mts-salt> well the states would need to exist, then /something/ associates the right ones with the right minion, as well as the config for each of them, after which those states would then need to be applied to those minions
17:07 DickerDackel Gotta try to get a better understanding of the orchestration.  Thanks for the pointers.
17:07 whytewolf DickerDackel: https://docs.saltstack.com/en/latest/topics/orchestrate/orchestrate_runner.html#more-complex-orchestration
17:08 onslack <mts-salt> orchestration is perfect for the top level, but the states and their config do have to be created first
17:09 onslack <mts-salt> i can't get my head around how you'd determine which minions to use beforehand, unless that's passed in as a parameter to the initial orchestrate call, or have some cunning way to allocate them  dynamically
17:10 whytewolf I tend to use inline pillar for targetting
17:10 onslack <mts-salt> i'm more used to static minions rather than dynamic, so targetting would be how i do it, yes. spinning up a new minion and then using that is a whole different thing tho :)
17:11 whytewolf salt-run state.orch do.the.thing pillar='{"webs":"web*","db":"db101"}'
17:12 onslack <mts-salt> heh. that's going to be fun with git_pillar :)
17:13 DickerDackel .oO( definitely gotta re-read the chat log when I've gotten a better understanding of the orchestration stuff )
17:13 cewood joined #salt
17:13 whytewolf why, inline pillar gets merged into pillar. and with orch that first pillar is passed to the orchestration, you can decide to pass it on to the states later
17:13 aldevar left #salt
17:14 onslack <mts-salt> we don't have any static pillar. it's all in git
17:14 whytewolf doesn't matter where it is
17:14 onslack <mts-salt> so if orchestration needs to change something then it needs to create a git commit
17:14 whytewolf why
17:14 whytewolf I'm not talking about changing pillars I'm talking about temp adding pillars
17:15 onslack <mts-salt> because our pillar is /only/ in git
17:15 whytewolf https://github.com/whytewolf/salt-phase0-orch/blob/master/orch/packs/mysql/install.sls
17:15 onslack <mts-salt> so you're saying have an orchestration state that makes some changes that can never be audited or reproduced?
17:16 whytewolf no, and unless you are targetting the master ... it isn't going to know about your pillar anyway
17:16 onslack <mts-salt> our environment is setup to configure and control everything. teardown and recreate are part of that
17:17 onslack <mts-salt> so if something is to be changed then it needs to be possible to re-do it using git-committed config
17:17 onslack <mts-salt> we use git for audit, change control, and approval
17:18 onslack <mts-salt> so my use case for orchestration would be to define which host(s) to deploy something to, have it make the necessary config changes - in git - and then apply the states to actually do the deploy
17:19 whytewolf okay, so than in your case yes you have to define everything before hand.
17:19 onslack <mts-salt> yep. foot firmly shot i'm sure :)
17:20 whytewolf thats what I love about salt. so many ways to shoot your foot
17:22 Aleks3Y joined #salt
17:49 swa_work joined #salt
17:53 jhauser joined #salt
18:09 weylin joined #salt
18:13 XenophonF meena: sorry ran out of time to mess with zookeeper today
18:16 GrisKo joined #salt
18:19 Edgan XenophonF: what about zookeeper?
18:20 edrocks joined #salt
18:26 XenophonF that other person was having problems getting a PR to zookeeper-formula past some Travis CI checks
18:28 Edgan ah
18:34 ymasson joined #salt
18:39 tiwula joined #salt
19:09 wongster80 joined #salt
19:13 aldevar joined #salt
19:15 gmacon joined #salt
19:17 swa_work joined #salt
19:23 cyteen joined #salt
19:28 mikecmpbll joined #salt
19:32 exarkun joined #salt
19:43 swa_work joined #salt
19:47 hemebond joined #salt
19:58 dhwt__ joined #salt
20:04 Hybrid joined #salt
20:07 meena Edgan, XenophonF: i've brought it to a level where it's…uhm, failing consistently…ish.
20:10 DammitJim joined #salt
20:23 tkharju joined #salt
20:25 Hybrid joined #salt
20:42 aldevar left #salt
20:45 exarkun joined #salt
20:53 Hybrid joined #salt
20:56 tiwula joined #salt
21:01 mavhq joined #salt
21:08 FL1SK joined #salt
21:14 lordcirth_work The command line example for file.check_file_meta is obsolete.
21:14 brokensyntax joined #salt
21:14 inad922 joined #salt
21:15 Hybrid joined #salt
21:16 lordcirth_work Or not, just unclear
21:20 onslack <chris.ruscio> For TLS over the TCP transport, both the master (<https://docs.saltstack.com/en/latest/ref/configuration/master.html#ssl>) and the minion (<https://docs.saltstack.com/en/latest/ref/configuration/minion.html#ssl>) config have SSL sections. What is the keyfile supposed to be on the minion side? Are individual client certificates required?
21:21 Edgan meena: consistently is important
21:21 Edgan meena: I can give you a working formula, though I don't know how it compares
21:23 Edgan meena: XenophonF: I was curious, because I recently was working with Salt and zookeeper. I had to backport the recently added zookeeper state to 2017.7.3, and then bugfix it.
21:25 onslack <chris.ruscio> Err, please disregard. Just found the answer - <https://docs.saltstack.com/en/latest/topics/transports/tcp.html>
21:26 edrocks joined #salt
21:28 gswallow joined #salt
21:42 sh123124213 joined #salt
21:42 mikecmpbll joined #salt
22:04 edrocks joined #salt
22:20 meena Edgan: i've been working on kafka & zookeeper with a mentee…
22:20 meena he's working with Salt in his new company… and… i've never touched it until a month ago
22:32 trogdorunique joined #salt
22:33 frots joined #salt
22:33 haam3r_ joined #salt
22:38 trogdorunique joined #salt
22:47 trogdor_unique joined #salt
22:49 hoolio joined #salt
23:08 trogdorunique joined #salt
23:10 trogdorunique Hey folks, I'm looking into managing windows network file shares (create/modify/delete) on Windows 2k8 - 2k16 with salt. I don't see a way to do that in salt currently other than custom powershell scripts or custom salt modules and my google-fu hasn't turned a more straight forward solution.
23:11 trogdorunique anyone else managing file shares on older oses that may be able to point me in the right direction?
23:43 demize joined #salt
23:45 ntropy joined #salt

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary