Perl 6 - the future is here, just unevenly distributed

IRC log for #salt, 2018-02-27

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:17 zerocoolback joined #salt
00:20 thelocehiliosan joined #salt
00:58 justanotheruser joined #salt
01:08 upb joined #salt
01:11 aviau joined #salt
01:12 darix joined #salt
01:21 diepes joined #salt
02:23 lompik joined #salt
02:23 onlyanegg joined #salt
02:39 shortdudey123 joined #salt
02:57 ilbot3 joined #salt
02:57 Topic for #salt is now Welcome to #salt! <+> Latest Versions: 2016.11.9, 2017.7.4 <+> Support: https://www.saltstack.com/support/ <+> Logs: http://irclog.perlgeek.de/salt/ <+> Paste: https://gist.github.com/ <+> See also: #salt-devel, #salt-offtopic, and https://saltstackcommunity.herokuapp.com (for slack) <+> We are volunteers and may not have immediate answers
02:58 exarkun joined #salt
03:26 nixjdm joined #salt
03:29 LT^ joined #salt
03:29 dxiri joined #salt
03:38 evle joined #salt
04:13 LT^ joined #salt
04:13 LT^ joined #salt
04:17 dxiri joined #salt
04:38 exarkun joined #salt
04:47 rjc joined #salt
04:57 Aleks3Y joined #salt
05:17 IdoKaplan joined #salt
05:40 aruns__ joined #salt
05:43 IdoKaplan joined #salt
05:52 dxiri joined #salt
05:57 IdoKaplan joined #salt
05:58 lkthomas folks, what's the simplest way to test map file ?
06:05 onlyanegg joined #salt
06:07 MTecknology salt-cloud -m
06:07 MTecknology it asks for a confirmation before making changes
06:14 IdoKaplan joined #salt
06:14 zulutango joined #salt
06:19 exarkun joined #salt
06:22 IdoKaplan Hi, Is it possible to ignore "Pillar failed to render"? I.E, I would like that the highstate will execute even though without fixing the render issue.
06:22 Pjusur joined #salt
06:36 LocaMocha joined #salt
06:39 MTecknology IdoKaplan: really?..
06:40 tobiasvdk joined #salt
06:42 aldevar joined #salt
06:43 MTecknology and then you run away because the answer didn't change..
06:49 Hybrid joined #salt
06:56 jas02 joined #salt
06:57 jas02 joined #salt
07:05 aldevar joined #salt
07:05 onlyanegg joined #salt
07:07 Hybrid joined #salt
07:08 shortdudey123 joined #salt
07:08 masber joined #salt
07:17 lkthomas https://gist.github.com/lkthomas/d0c1cfcb31867a4b052fff86c8c756a1
07:17 lkthomas file /etc/ethers is empty, anyone know why ?
07:21 karlthane joined #salt
07:29 sh123124213 joined #salt
07:33 CrummyGummy joined #salt
07:37 aldevar joined #salt
07:52 masber joined #salt
07:52 Pjusur joined #salt
07:54 aruns joined #salt
07:58 exarkun joined #salt
08:00 aldevar joined #salt
08:04 lkthomas nevermind, fixed
08:05 pualj joined #salt
08:08 dagb left #salt
08:12 Tucky joined #salt
08:19 Hybrid joined #salt
08:27 GrisKo joined #salt
08:30 Ricardo1000 joined #salt
08:34 cewood joined #salt
08:37 Tucky joined #salt
08:37 wongster80 joined #salt
08:44 om2 joined #salt
08:53 dRiN joined #salt
08:58 onlyanegg joined #salt
09:04 mikecmpbll joined #salt
09:08 onslack <mts-salt> IdoKaplan: if you can't fix the broken bits, remove them. no-one should publish broken /anything/ to live. that's what environments are for
09:12 pualj_ joined #salt
09:14 masber joined #salt
09:18 sodium joined #salt
09:19 `mist joined #salt
09:30 Mattch joined #salt
09:38 exarkun joined #salt
09:42 pualj_ joined #salt
09:46 bdrung_work joined #salt
09:48 aruns__ joined #salt
09:52 pualj_ joined #salt
09:53 Udkkna joined #salt
10:03 aruns__ joined #salt
10:09 permalac joined #salt
10:10 aruns joined #salt
10:13 Dabuti joined #salt
10:14 Dabuti Hello guys, I just created a reactor which fires an sls file, is there an easy way to get the output of this sls file ?
10:14 Dabuti I mean, I am basically running a highstate and I would like to know its output
10:15 Miuku MTecknology: Did you say you were toying around with proxmox? :)
10:16 hemebond Dabuti: All jobs, even ones started by reactors, can be found in the job cache.
10:18 Dabuti hemebond: but how can I know which job it was ?
10:19 hemebond Dabuti: You can filter jobs by minion ID.
10:19 pualj_ joined #salt
10:19 Dabuti hemebond: I got a job machine. which runs: ssh saltmaster-machine "salt-cloud -m mapfile", so it creates virtualmachines, then a reactor runs a highstate
10:20 Dabuti how can I get the output in the job machine? :P
10:20 hemebond I don't know what that means.
10:21 Dabuti Ok, I'll try to research in internet, thanks anyway
10:21 hemebond salt-run jobs.list_jobs
10:21 hemebond Just do that on your master and go through the output.
10:24 Dabuti ok, thank you
10:26 nkuttler joined #salt
10:31 oida joined #salt
10:33 saltnoob58 joined #salt
10:42 kshlm left #salt
10:47 `mist joined #salt
10:47 saltnoob58 any idea how to narrow down which of my 4k salt-ssh minions is the one giving me a "Failure deploying thin" error?
10:47 saltnoob58 the error itself doesnt say
10:48 onslack <mts-salt> 3999 tests? :D
10:50 saltnoob58 that was my next thought, to loop through a not roster with bash and just connect. But while salt throws an error into not stdout it also duplicates an error into --out too, which is what confused me at first
10:50 saltnoob58 so basically i had to > to.file , ignore the console errors and grep
10:51 babilen I guess "salt-run manage.up" doesn't work with salt-ssh :)
10:52 babilen saltnoob58: You were the person who wasn't "allowed" to deploy any additional services, weren't you?
10:53 lkthomas https://gist.github.com/lkthomas/5d1a0975d1a0b304ba90a45ecae70ab1
10:53 lkthomas anyone know why it's fail ?
10:53 saltnoob58 no agents allowed! nobody wants them to interfere with elections and stuff
10:55 saltnoob58 and manage.up might work. With salt-ssh you never know
10:55 lkthomas nevermind
10:55 lkthomas looks like something screw up within the file
10:57 aanriot joined #salt
10:58 onlyanegg joined #salt
11:02 aanriot joined #salt
11:08 gmoro joined #salt
11:12 evle joined #salt
11:19 exarkun joined #salt
11:32 saltnoob58 hunting down why salt-ssh can't get a custom grain on just one host where manually running the custom grain python script with the proper user works is just so fun :)
11:35 ACz joined #salt
11:37 sh123124213 anybody has a working saltstack kubernetes config that works with the module ?
11:41 Ricardo1000 joined #salt
11:45 bebeszi joined #salt
11:45 bebeszi hi all, i have configured my gitfs on salstack, added repositories
11:46 bebeszi files are visible in salt-run fileserver.list_file
11:46 bebeszi what can i do to apply sls file from gitfs to my minion?
11:47 ACz left #salt
11:51 saltnoob58 just run state.apply?
11:51 bebeszi doesn't work :(
11:51 zerocoolback joined #salt
11:51 saltnoob58 is your master config pointing to the dir where the git sls files live?
11:51 saltnoob58 doesn't work is progress, any error messages or anything?
11:57 zerocoolback joined #salt
12:04 armin joined #salt
12:11 saltnoob58 why is gitfs so popular anyway compared to checking out a repo and running from that? Do people have salt write pillars or whatever and this way dont need to commit and push?
12:18 onslack <ryan.walder> why bother writing a state to manage cloning a repo managing it's dependencies when salt can just do it for you?
12:19 bebeszi saltnoob58: so after configuring gitfs do i have to create a folder on local drive?
12:20 saltnoob58 is your gitfs not mounted anywhere?
12:21 bebeszi nope
12:21 onslack <ryan.walder> bebeszl does `salt-call cp.list_states` show your states?
12:23 onslack <ryan.walder> also error messages rather then "doesn't work" are kinds helpful ;)
12:23 onslack <ryan.walder> s/kinds/kinda
12:29 bebeszi saltnoob58: ok, doone
12:29 bebeszi works, thanks!
12:30 saltnoob58 i didnt even tell you to do anything :) you mounted the fs and it worked? that's how usually fs-es work :) though i dont know if salt can smartly pull out gitfs out of the ether
12:31 bebeszi saltnoob58: rubberduck method :D
12:31 saltnoob58 i mean it is in the "cloud", it's theoretically possible to "mount" it into memory or something
12:36 saltnoob58 dont forget the fstab
12:36 gmoro joined #salt
12:37 gmoro joined #salt
12:43 dynamicudpate joined #salt
12:43 cablekevin joined #salt
12:47 Kelsar joined #salt
12:47 saltnoob58 or your gitfs will get unmounted after a reboot and your salt master wont work anymore
12:48 bebeszi oh, thx
12:48 onslack <mts-salt> we've got the git source in master config, no gitfs
12:54 dendazen joined #salt
12:59 onlyanegg joined #salt
12:59 exarkun joined #salt
13:10 thelocehiliosan joined #salt
13:20 Nahual joined #salt
13:26 schemanic joined #salt
13:29 _xor joined #salt
13:35 Simon___ joined #salt
13:35 Simon___ left #salt
13:37 saltnoob58 do you have a separate master for testing new/changed states and whatevs?
13:41 dwfreed joined #salt
13:42 edrocks joined #salt
13:47 indistylo joined #salt
13:53 saltnoob58_ joined #salt
13:58 saltnoob58_ gah, i have more hosts where custom grains aren't running :o
14:00 nkuttler i write unit tests for grains. can't afford to push broken grains..
14:01 indistylo joined #salt
14:01 nkuttler if they break on some minions, do you have different minion versions installed? python?
14:01 nkuttler that would be the first thing to check. after that, there might just be bugs in the grain code itself that are triggered on some hosts..
14:04 oida joined #salt
14:05 saltnoob58_ ssh, no minions. Different python versions. adding a print main() onto the end of the grain in the cache and running manually works
14:07 kiorky joined #salt
14:08 gh34 joined #salt
14:08 saltnoob58_ well some of them dont have a function in an imported module, but others do
14:09 rgrundstrom joined #salt
14:09 saltnoob58_ yay, two separate problems :)
14:09 nkuttler it would be too easy otherwise!
14:11 saltnoob58_ i wonder if i can tell salt-ssh to use python3 where present
14:15 saltnoob58_ ugh, nobody has made their services deployable in 5 minutes so can't demand they redeploy to newer OS with not EOF python version
14:26 thelocehiliosan joined #salt
14:34 edrocks joined #salt
14:35 GrisKo joined #salt
14:36 saltnoob58_ is it at all possible to tell salt-ssh to not use system default python on minion?
14:39 exarkun joined #salt
14:40 pualj joined #salt
14:40 XenophonF saltnoob58_: docs say that salt-ssh supports Python 3.x; what's not working?
14:41 XenophonF are you using a version of salt-ssh older than 2017.7.0?
14:43 tknight joined #salt
14:44 saltnoob58_ i have a host with 2.6 and 3.x. How do I tell salt-ssh to use 3.x and not the system default?
14:44 saltnoob58_ using 2017.7.2
14:45 onlyanegg joined #salt
14:48 inetpro joined #salt
14:50 XenophonF what's your target O/S?
14:51 saltnoob58_ unix/linux, mostly centos and debian but potentially some weird stuff, but no windows
14:51 XenophonF you might be able to muck with alternatives(1) and change the default python
14:51 saltnoob58_ change system default on the minion?
14:51 XenophonF oops that's alternatives(8)
14:52 XenophonF yeah
14:52 dodge-lint joined #salt
14:52 saltnoob58_ not an option, god knows what that might break on 4k other people's hosts :(
14:53 saltnoob58_ if i could i'd gladly have them all just upgrade to latest 3.x
14:53 saltnoob58_ but if everyone agreed that would take years
14:54 saltnoob58_ and if i had agents allowed could just setup minions in virtualenvs easily
14:55 saltnoob58_ maybe i can hack the core source somehow and change python binary path in salt_argv
14:56 XenophonF Why do you want to run salt-ssh in an unsupported configuration?
14:56 theloceh1liosan joined #salt
14:57 XenophonF I get it if you're working on 2to3 stuff for Salt itself, but if you're just deploying things, I'd just let the minion do its thing.
14:57 XenophonF If you're deploying something else using Salt, and that something else requires Python 3.x, you don't need to run the minion under Python 3.x to get that deployment done
14:57 XenophonF e.g., https://github.com/irtnog/salt-states/tree/development/satosa/init.sls
14:58 saltnoob58_ i have custom grains that need python 2.7+, so on 2.6 they dont work
14:58 XenophonF can you port those grains to Python 2.6?
14:58 saltnoob58_ i have a lot of minions, some of whom will not be 2.7+, and best I can hope from their owners is side by side newer python installations
14:59 XenophonF OK, I get it, but that doesn't look like a supported config with salt-ssh OOTB
14:59 saltnoob58_ maybe, but you probably understand why i dont want to port nice working things to something with EOF in 2013 :)
15:01 _JZ_ joined #salt
15:01 XenophonF oh hell yes I get it
15:01 XenophonF but that's also why I don't support operating systems that run code EOL-ed in 2013
15:02 saltnoob58_ well, they run new code too, side-by-side :) both legacy and non legacy
15:03 saltnoob58_ obviously im wrong and it's not like it seems, but if salt-ssh in the end has salt_argv that run /usr/bin/python2.6 /var/tmp/.random/salt-call more stuff why is it so hard to replace that 2.6 with something else
15:04 XenophonF man that's a great question
15:06 XenophonF what's stopping you from installing salt-minion on these systems?
15:06 XenophonF https://docs.saltstack.com/en/latest/topics/tutorials/salt_bootstrap.html#install-using-python
15:07 XenophonF that should let you use the newer python installed on those older O/Ses
15:07 saltnoob58_ security concerns, permissions, teams using their own local masters that hijack the minion from my more global master
15:07 saltnoob58_ basically im not allowed :(
15:10 XenophonF bummer
15:11 saltnoob58_ should have demanded ansible for agentless setups :( though it might be just as bad, i havent had to use it this hyperspecifically before either :)
15:13 XenophonF saltnoob58_: d00d check out the --python2-bin and --python3-bin flags to salt-ssh
15:13 XenophonF https://docs.saltstack.com/en/latest/ref/cli/salt-ssh.html
15:13 saltnoob58_ i think that just affects on the master which is used to make the thin client, they dont do anything on the minion
15:14 saltnoob58_ i need 2.7 because salt doesn't have ootb way to run only some commands as sudo so i hacked it inside some of the grains and python just runs sudo something and returns output :)
15:16 saltnoob58_ guess i'll just port it to 2.6 and say goodbye to the beautiful subprocess.check_output :(
15:16 XenophonF this has instructions for running a self-contained minion - https://docs.saltstack.com/en/latest/topics/development/hacking.html#running-a-self-contained-development-version
15:17 XenophonF basically you install your own minion in its own venv, and modify its paths to not clobber a pre-existing install
15:17 jas02_ joined #salt
15:17 XenophonF but yeah porting the custom grain to Python 2.6 sounds like the only solution
15:17 XenophonF sucks though
15:17 XenophonF there's way too much magic in the SaltStack code base
15:18 saltnoob58_ not enough
15:18 XenophonF I haven't figured out where salt-ssh gets its python.
15:18 saltnoob58_ my understanding is it follows symlinks of /usr/bin/python and that's it
15:19 jas02 joined #salt
15:19 XenophonF yeah I wouldn't be surprised if it just called `/usr/bin/env python`
15:20 rook_ joined #salt
15:25 XenophonF are you sure the --python2-bin flag doesn't do what you want?
15:27 XenophonF also, I think I found it
15:27 XenophonF the logic that selects the Python runtime
15:27 XenophonF salt.client.ssh
15:28 XenophonF so salt/client/ssh/__init__.py
15:28 XenophonF look at the definition of SSH_SH_SHIM
15:28 XenophonF the shell script loops over PYTHON_CMDS="python3 python27 python2.7 python26 python2.6 python2 python"
15:29 saltnoob58_ well i've tried with --python3-bin flag but salt_arvs still has 2.6
15:30 XenophonF assuming you aren't logging into the root user, maybe you can alter $PATH to point at a directory that contains a suitable python3 or python27 executable (or symlink to same)?
15:31 XenophonF https://github.com/saltstack/salt/blob/2017.7/salt/client/ssh/__init__.py#L130
15:32 saltnoob58_ i do have a dedicated salt-ssh user on the minions, i can do whatever i want to him
15:32 XenophonF https://github.com/saltstack/salt/blob/2017.7/salt/client/ssh/__init__.py#L150
15:32 yidhra joined #salt
15:35 saltnoob58_ worked for 2 years with ansible, never had to write or read a line of python, with salt, like first week of using salt python all the way :D
15:35 saltnoob58_ but it's time to clock out and use alcohol to forget all the solutions I have seen in irc and github
15:35 saltnoob58_ good night
15:36 saltnoob58_ or other time of day
15:37 jas02 joined #salt
15:41 cgiroua joined #salt
15:45 om2 joined #salt
15:46 onlyanegg joined #salt
15:46 tiwula joined #salt
15:52 jas02 joined #salt
15:56 jas02 joined #salt
16:03 dxiri joined #salt
16:06 XenophonF g'night!
16:09 jas02 joined #salt
16:11 zerocoolback joined #salt
16:16 Rr4sT joined #salt
16:17 nixjdm joined #salt
16:17 jas02 joined #salt
16:19 exarkun joined #salt
16:22 rmelero joined #salt
16:23 jas02 joined #salt
16:24 jas02 joined #salt
16:31 zerocoolback joined #salt
16:33 zerocoolback joined #salt
16:36 mattfoxxx joined #salt
16:41 jas02 joined #salt
16:51 onlyanegg joined #salt
16:52 jas02 joined #salt
16:55 hasues joined #salt
17:06 dxiri joined #salt
17:08 cewood joined #salt
17:17 Pjusur joined #salt
17:21 swa_work joined #salt
17:27 ricky_ joined #salt
17:32 v12aml joined #salt
17:41 cyteen joined #salt
17:41 BitBandit joined #salt
17:48 jas02 joined #salt
17:49 racooper joined #salt
17:52 schemanic_ joined #salt
17:53 sayyid9000 joined #salt
17:54 rivyn joined #salt
17:54 rivyn How can I make a salt function only execute if a file exists?
17:57 rivyn I am trying to use postgres_cluster.absent within an SLS that also pkg.removes postgresql-common.  When postgresql-common isn't installed, postgres_cluster throws an error.
17:59 exarkun joined #salt
18:00 onslack <mts-salt> you could could make it depend on a state that uses file.exists ?
18:03 rivyn will that work in the case that the file doesn't exist?
18:06 rivyn https://gist.github.com/caseyallenshobe/dfb216b9a2b2b3afecaca09eae63fc72  <-- this is the SLS
18:06 rivyn ideally it wouldn't have the postgresql_common package installed as a prerequisite for postgres_cluster.absent
18:06 rivyn but that's all I've been able to figure out so far
18:09 mikecmpbll joined #salt
18:10 edrocks joined #salt
18:15 jas02 joined #salt
18:18 ymasson joined #salt
18:20 pcdummy rivyn: do you search for something like "watch": https://docs.saltstack.com/en/latest/ref/states/requisites.html ?
18:20 pcdummy rivyn: or maybe just "require"
18:20 jas02 joined #salt
18:23 mpanetta joined #salt
18:31 wongster80 joined #salt
18:41 dxiri joined #salt
18:46 hohum joined #salt
18:47 hohum sorry for asking basic questions but I just made a top file and my salt minions aren't doing anything.   Do I have to do something to apply top.sls?
18:48 jas02 joined #salt
18:48 indistylo joined #salt
18:54 jpsharp salt '*' state.apply
18:57 hohum okay that worked
18:57 hohum thanks
18:57 hohum is there a way to get salt-minion to auto-apply state?
18:57 hohum on startup
18:57 hohum cos I tried restarting salt-minion and it just sort of sat there
18:57 hohum and did nothing
18:58 pcdummy hohum: not sure you want that.
18:58 jas02 joined #salt
18:58 pcdummy hohum: "state.apply" needs some resources - if you boot up a lot of maschines all will run state.apply at the same time.
19:00 pcdummy hohum: if you realy want it and your on a systemd system make a small .service script that runs "salt-call state.apply" on bootup and depends on the salt-minion service.
19:09 jas02 joined #salt
19:12 jas02 joined #salt
19:13 zmalone joined #salt
19:21 jas02 joined #salt
19:22 jas02 joined #salt
19:39 exarkun joined #salt
19:39 edrocks joined #salt
19:39 onslack <j4ckn1x> hi guys! someone has a "better" or more exhaustive doc or tutorial on how to deal with saltstack and docker containers? somehow i'm not able to run custom containers which are proven working and are provisioned via saltstack. i'm always receiving: 'Unable to perform start: 500 Server Error: Internal Server Error for url: <http+docker://localunixsocket/v1.35/containers/myApp/start>'
19:45 rmelero joined #salt
19:48 onslack <j4ckn1x> is it possible to paste code snippets in here?
19:55 jas02 joined #salt
19:56 edrocks joined #salt
19:58 jas02 joined #salt
20:00 pcdummy gtmanfred: time to help me out with the LXD salt-cloud driver I'm writing: https://gist.github.com/pcdummy/e8ba889179509a6c79f3d6103322f1a9 - it doesn't load: "Could not LazyLoad lxd.get_configured_provider: 'lxd.get_configured_provider' is not available."
20:36 Hybrid joined #salt
20:39 rmelero joined #salt
20:41 pcdummy Fixed: $ salt-call saltutil.sync_all
20:56 tkharju joined #salt
20:57 schemanic joined #salt
20:57 edrocks joined #salt
20:57 schemanic Hello, Is it bad if the minon gets ahead of the master by a minor version?
20:58 schemanic I just spun up an ec2 instance from salt-cloud and it created it at salt 2017.7.4 whereas my master is 2017.7.2
20:59 schemanic and now my states will not return
20:59 hemebond schemanic: Your master should be the same or newer.
20:59 hemebond Did it connect?
20:59 hemebond It should at least respond.
20:59 hemebond They're not that far apart.
20:59 hemebond And they're the same major version.
20:59 hemebond test.ping work?
21:00 schemanic hemebond, I can test.ping the minion, but when I call highstate I just timeout
21:01 hemebond Does the job ever return? Any error in the minion log?
21:02 schemanic No errors in /var/log/salt/minion
21:02 hemebond So does the job return?
21:02 hemebond Have you checked the job cache for the result?
21:02 hemebond salt-run jobs.list_jobs
21:03 schemanic it says 'minion did not return'
21:03 hemebond salt-run jobs.lookup_jid 12332445 --output=highstate
21:03 hemebond Yes, but that's just the salt CLI.
21:03 hemebond All that does is poll the job cache for a certain amount of time.
21:03 hemebond You can change its timeout with --timeout=300 (for 5 minutes)
21:05 schemanic Okay so the job seems to be there, but it doesn't seem to say what happened to it
21:05 hemebond What do you mean?
21:05 schemanic there's no 'outcome' list or similar
21:05 hemebond lookup_jid will fetch job details.
21:05 hemebond I think you're looking at the wrong job.
21:05 schemanic 20180227155959140143:
21:05 schemanic ----------
21:05 schemanic Arguments:
21:05 schemanic - salt.minion
21:05 schemanic Function:
21:05 schemanic state.apply
21:05 schemanic StartTime:
21:05 schemanic 2018, Feb 27 15:59:59.140143
21:06 schemanic Target:
21:06 schemanic *XA
21:06 hemebond Don't paste in here
21:06 schemanic Target-type:
21:06 schemanic glob
21:06 hemebond Use a paste bin.
21:06 schemanic User:
21:06 schemanic sudo_dnasar
21:06 schemanic that's the latest one
21:06 onlyanegg joined #salt
21:07 schemanic okay
21:07 schemanic so it looks like things kept happening after it told me the minion didn't return
21:07 hemebond If you do `salt minion state.apply --async` it will give you the job ID which you can then use to lookup the result yourself.
21:07 hemebond Yes, the timeout you're seeing is just the salt command-line tool.
21:07 hemebond It doesn't mean the job isn't still running on the minion.
21:08 schemanic do jobs tell you that they're in progress?
21:08 hemebond Not really, no.
21:08 hemebond If there's nothing returned it is either still running or the minion failed completely.
21:09 schemanic what am I supposed to see in the list jobs command if something is wrong?
21:10 hemebond The minion will return a fail result if your highstate generates an error.
21:11 mianosm I'm looking at https://docs.saltstack.com/en/latest/ref/configuration/master.html#master-large-scale-tuning-settings - and wondering will this suffice for ~50,000 minions to 1 master?
21:11 mianosm Or do I need to get clever and start configuring some X:Y in terms of masters:minions...
21:12 hemebond mianosm: 50k minions? wow. Not sure. Depends on the master specs and how many minions you'll be highstating/manipulating at the same time.
21:14 mianosm hemebond: Yea, the scaling is global. :-/ Initial build up will likely be about 100-1000 at a time (over 24 hours). The post deployment adjustments will likely be less than once a week (think change control before pushing changes).
21:15 hemebond I think there might also be issues if the master is restarted and the minions try to connect at once. You might DDOS yourself.
21:15 hemebond But if you're scaling slowly you can probably test and monitor as you go.
21:16 mianosm The thought was master of masters - with a master in each region (continent or country), and then a singular master of master...but there is a _very_ strong desire to keep things as absolutely simple as possible.
21:17 hemebond Yeah, master->master->minion can help. I've seen some people around here that use that.
21:19 exarkun joined #salt
21:19 mbologna joined #salt
21:28 schemanic is there a way to test file content before running a state?
21:28 rivyn what is the relationship between salt states and salt execution modules?
21:29 hemebond schemanic: Test how? What kind of file?
21:29 rivyn there appears to be equivalents of each.
21:29 hemebond rivyn: Most states use the execution modules to do the work.
21:29 schemanic I'm dealing with Freshclam on CentOS and I was commenting out a line that is uncommented in the stock config file. Well now that line isn't in the stock config file and my new minions are breaking
21:29 rivyn from an SLS file, do you always use one or the other?
21:29 schemanic so now I want to test if the commented line is in the file before I try to comment it
21:29 rivyn how does it know whether the function specified is a state or a module?
21:30 hemebond schemanic: Depends how you're editing the file.
21:30 hemebond Check the documentation for the state module function you're using.
21:30 rivyn check for what?
21:30 hemebond rivyn: If you're writing in a state file, it's states. If you're running stuff directly from the command line, it's an execution module :-)
21:30 hemebond rivyn: That was for schemanic
21:31 rivyn ok, so cmd.run is both a state and a module?
21:31 rivyn I don't understand the difference
21:31 hemebond rivyn: State modules are for enforcing state.
21:31 hemebond execution modules are for executing changes.
21:32 rivyn ok
21:32 schemanic hemebond, I think I want to do a conditional salt.file.contains
21:32 hemebond The cmd.run state module has things like `unless` and `onlyif`
21:32 hemebond schemanic: I doubt that.
21:32 hemebond Try to think in terms of idempotent states/changes.
21:32 hemebond "The file should look like this"
21:33 hemebond not "If this is here do this, then this, if that's okay, then this" type scripting process.
21:33 hemebond schemanic: How are you creating the ClamAV config?
21:34 schemanic I'm not creating this particular file. CentOS creates /etc/sysconfig/freshclam that typically has a line in it that says 'comment me to enable automatic runs'
21:34 schemanic I had a state that comments that line
21:35 hemebond And what were you using to do that?
21:35 schemanic file.comment
21:35 hemebond Can you paste your state to a pastebin?
21:35 schemanic sure
21:35 hemebond That should work fine to comment a line.
21:36 hemebond And paste the error you're getting too.
21:37 schemanic https://gist.github.com/devinnasar/a7397cde946880e6ca74db9f91bb9487
21:37 onlyanegg joined #salt
21:38 hemebond "Note that you _need_ the leading ^, otherwise each time you run highstate, another comment char will be inserted."
21:39 hemebond What's the error?
21:39 schemanic the error is that the string isn't there to comment
21:39 schemanic because freshclam must have updated and stopped including that line there
21:39 hemebond Paste please. I've never used this state so I'm not familiar with it.
21:40 theloceh1liosan ~
21:40 schemanic refresh the paste, I commented on it
21:40 hemebond Does the state actually fail?
21:40 lordcirth_work file.comment ought to have an option for that I think
21:41 lordcirth_work Result: False is a fail
21:42 hemebond Ah, true. The state module doesn't have an option to ignore missing patterns.
21:43 schemanic yeah, I just want it to try, and if it can't then move on
21:43 lordcirth_work schemanic, congrats, you just found a PR to make :P
21:43 schemanic I dont understand what that is
21:43 lordcirth_work sorry, a pull request.  To add that feature
21:44 schemanic Is there documentation on how to call execution modules in the sense of a conditional?
21:44 schemanic like, if salt.modules.contains whatever
21:44 lordcirth_work I think you'd use jinja for that?
21:44 schemanic yes I understand
21:44 schemanic my point is that I forget the syntax and I'd like to look it up
21:44 hemebond {%- salt['file.contains']('blah') %}
21:45 schemanic salt['the.module
21:45 schemanic salt['the.module'](params, default)
21:45 schemanic gotcha
21:46 hemebond You might as well just change your state to use module.run to call file.comment
21:47 hemebond Or one of the other file module functions to remove the line.
21:48 hemebond or just just file.line
21:48 hemebond To remove the line outright.
21:48 hemebond *states.file.line
21:50 schemanic does file.line fail if it can't find the line?
21:51 hemebond quiet: Do not raise any exceptions. E.g. ignore the fact that the file that is tried to be edited does not exist and nothing really happened.
21:51 hemebond Oh, that's for the entire file.
21:51 hemebond Pass. I don't edit files like this.
21:52 aldevar left #salt
21:54 schemanic Pass as in you're no longer endorsing the method, or Pass as in 'the state passes if nothing happens'?
21:54 hemebond Pass as in I don't know so I can't answer :-)
21:54 hemebond I don't see any parameter that explicitly mentions quiet failures if the line isn't found.
21:54 hemebond So you'll need to test it.
21:55 hemebond I don't know how these functions work because I've not used them.
21:55 hemebond I tell ClamAV "this is your config. do it."
21:55 schemanic kk
21:56 Nazca joined #salt
21:58 XenophonF it's probably "better" (for values of...) to manage the whole file
22:00 XenophonF alternatively, use file.replace with a negative backreference and ignore_if_missing set to True
22:03 XenophonF sorry you wouldn't need the reference, just ^Example.* with a replacement text of ''
22:06 jhauser joined #salt
22:06 schemanic okay, well file.line just isnt working
22:06 hemebond That sounds about right :-D
22:06 schemanic it doesn't seem to fail hard, which is good
22:06 schemanic but it also wont change the file
22:06 hemebond Paste your state and we'll see if we can help.
22:07 hohum hey how come when I do something like this inside of an sls file it doesn't work: http://dpaste.com/12WZTQJ
22:07 hohum what am I doing wrong?
22:07 hohum if I remove the jinja templating stuff it works
22:07 hohum but I don't want it on every OS
22:07 onlyanegg joined #salt
22:07 hemebond hohum: What is the error?
22:07 hemebond Is that the entire state?
22:08 hohum yeah
22:08 hohum it's the entire state
22:08 hohum and there is no error
22:08 hohum it just doesn't execute
22:09 hohum it's a CentOS 7 system, so I'm assuming grain['os'] == 'RedHat'
22:09 hemebond Does it work if you use {%- if salt['grains.get']('os') == 'RedHat' %}
22:09 jmedinar joined #salt
22:09 XenophonF the os grain on CentOS is not RedHat, but CentOS
22:09 XenophonF you probably want to check os_family grain instead
22:10 hemebond You can check grains from the command line using grains.get
22:10 XenophonF or grains.items to get the whole list, like this:
22:10 XenophonF salt-call grains.items
22:10 XenophonF salt-call grains.get os
22:10 hohum aha!
22:10 hohum thank you!
22:11 schemanic https://gist.github.com/anonymous/b09aa86ef244916ce2c47290e58417f3
22:12 XenophonF I've never used file.line.
22:13 hohum what os_family would FreeBSD fall under? ;)
22:13 XenophonF Use file.replace, like this: https://github.com/irtnog/salt-states/blob/development/cron/init.sls
22:13 XenophonF FreeBSD
22:14 XenophonF the real question is what os would a minion on TruOS/PC-BSD report?
22:14 XenophonF those values come from Python, IIRC
22:15 XenophonF schemanic: if you use file.replace, make sure to set ignore_if_missing=True
22:15 XenophonF although you might not need that
22:16 XenophonF since you check for the file's existence in the first place
22:18 jmedinar does anyone has an example on how to add a new parameter into the httpd.conf file?... or how can I tell file.line to add something after something else ?
22:19 jmedinar the question is not clear... the problem is not how to add something after a pattern is found...
22:19 jmedinar the problem is that the pattern might be multiple lines
22:19 jmedinar #
22:19 jmedinar # AddType allows you to add to or override the MIME configuration
22:19 jmedinar # file mime.types for specific file types.
22:19 jmedinar #
22:19 XenophonF don't
22:19 XenophonF manage the whole file
22:19 schemanic XenophonF, that worked
22:19 jmedinar and I want to ensure... AddType text/css .css is there added
22:20 XenophonF or maybe use the apache state module
22:20 XenophonF https://docs.saltstack.com/en/latest/ref/states/all/salt.states.apache.html
22:22 jmedinar thats interesting... the values in the example are the ones supported?
22:22 XenophonF no idea, never used it myself but i think it's generic
22:22 jmedinar thanks will give it a try
22:23 XenophonF you'd have to look at the source to salt.modules.apache
22:24 jmedinar yup I am into it. Is not well documented
22:24 XenophonF yeah, it needs TLC
22:29 hemebond file.line just doesn't seem to work.
22:36 hemebond Oooooh, you can't use ^ and $
22:36 hemebond And also delete seems to use content instead of match.
22:37 hemebond Terrible functions.
22:37 om2 joined #salt
22:37 * pcdummy is proud #46231
22:37 pcdummy https://github.com/saltstack/salt/pull/46231#pullrequestreview-99873191
22:38 hemebond 👍
22:40 pcdummy https://github.com/saltstack/salt/issues/46233 <-- this will allow us to generate a key from a minion and preseed another minion with it.
22:40 jose1711 joined #salt
22:41 hemebond D-:
22:42 jose1711 hello, please (how) is it possible to use grains or output of salt function inside another function from bash? something like salt '*' network.ping 'grains[..]'
22:42 jose1711 i've tried with curly braces but seems like it is not interpreted as jinja template
22:45 pcdummy jose1711: salt \* grains.item oscodename --out text
22:45 pcdummy theres also out json
22:45 pcdummy and theres a json for bash
22:45 pcdummy ahh no you want something else, right?
22:46 hemebond | pipes |
22:46 jose1711 i want to feed oscodename (or output of any other function call) to a different salt function
22:46 hemebond salt minion grains.get oscodename | awk something something "I don't know awk"
22:46 jose1711 okay, so i do this by calling salt multiple times. then i should forget about parallelism
22:47 pcdummy jose1711: then you have write a script that calls salt once and calls the second function with output of the first
22:47 pcdummy jose1711: what about writing a state for your usecase?
22:47 hemebond Or a custom execution module
22:48 jose1711 custom execution module makes sense. thank you, i will look into that
22:49 pcdummy jose1711: you can put it in "<salt-base>/_modules/" and sync it with "salt \* saltutil.sync_modules"
22:59 exarkun joined #salt
23:18 thelocehiliosan joined #salt
23:43 Aleks3Y joined #salt
23:44 jmedinar joined #salt
23:47 jmedinar I found a workaround to add multiple lines on the apache configuration after some pattern is found... https://pastebin.com/CcaKpWBz
23:47 jmedinar but I am getting the following error
23:47 jmedinar ReaderError: unacceptable character #x0008: special characters are not allowed
23:47 jmedinar related to a character I need to set... I already tried to escape the character
23:48 jmedinar but doesnt seem to be working
23:49 jmedinar any idea how to escape them?

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary