Perl 6 - the future is here, just unevenly distributed

IRC log for #salt, 2018-03-21

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:09 onlyanegg joined #salt
00:27 thelocehiliosan joined #salt
00:37 thelocehiliosan joined #salt
00:54 Yamazaki-kun that FreeBSD fix isn't in packages yet (yes, /latest). added it to my poudriere build list
00:58 Airwave joined #salt
01:03 anthonyshaw left #salt
01:04 Airwave I'm moving from Puppet to Salt, and reading through the documentation I'm wondering what Salt functionality I should be using to replace exported resources from Puppet. E.g. in Puppet each node is generating the configuration file for it to be monitored by Icinga, which is then collected on the Icinga master. Would the Salt Mine be what I use in place of this?
01:07 hemebond Airwave: Yes, or you could generate it using grains or something instead (top-down).
01:07 Airwave hemebond: What are the pros and cons of each approach?
01:08 hemebond Hmm
01:08 hemebond I always hated the bottom-up approach.
01:09 hemebond Usually because it meant I had to update the minion/node before I could then update the Icinga server.
01:09 Airwave That's true, that is sort of an annoyance with the way I do it in Puppet.
01:09 hemebond I use my Icinga2 formula https://github.com/hemebond/icinga2-formula and generate the hosts using pillars.
01:10 hemebond I just loop though the grains cache with different filters.
01:11 hemebond I also use reactors so that if a new minion is added to an environment Icinga2 will automatically update itself.
01:11 hemebond *the Icinga2 minion
01:13 Airwave hemebond: Thanks, I'll take a look at that. Looks like it'll teach me a lot on how to do this in practice.
01:15 hemebond Airwave: A snippet of a pillar file for my Icinga2 master https://pastebin.com/cagpsC1t
01:15 hemebond Where "prefix" is the minion name/hostname prefix I use for each environment.
01:16 hemebond For one-off hosts I just put the data in the pillar myself.
01:16 Airwave hemebond: I see. Thanks, this is gonna help a lot.
01:30 darix joined #salt
01:47 shiranaihito joined #salt
02:14 rlefort joined #salt
02:16 zerocoolback joined #salt
02:56 ilbot3 joined #salt
02:56 Topic for #salt is now Welcome to #salt! <+> Latest Versions: 2016.11.9, 2017.7.4 <+> RC for 2018.3.0 is out, please test it! <+> Support: https://www.saltstack.com/support/ <+> Logs: http://irclog.perlgeek.de/salt/ <+> Paste: https://gist.github.com/ <+> See also: #salt-devel, #salt-offtopic, and https://saltstackcommunity.herokuapp.com (for slack) <+> We are volunteers and may not have immediate answers
03:20 hemebond tzero: If you want to watch a file on the minion file system, then you need to use inotify or something.
03:20 hemebond The only changes Salt knows about are changes made to files it manages.
03:20 hemebond So if you were pushing the file from the Salt master, it would see any change you made and push the file out again and trigger any dependencies.
03:29 tzero the original file is preseeded with terraform, which also bootstraps the salt minion; I can't check the cert/key into the salt repos, so I guess the next best thing is playing the perms game
03:30 tzero but thanks anywho,at least I rtfm'd correctly
03:31 mechleg joined #salt
03:33 hemebond You could use an `unless` check on your file.copy that compares the MD5 hash of each file.
03:33 hemebond That would be a regular bash command.
03:47 whytewolf ... file.managed can use a local file as a source ... just a hint...
03:53 tzero whoa, that was simple, thanks whytewolf. I can see `unless` coming in handy very soon as well, thanks for both suggestion
03:55 hemebond Wow, I didn't know that.
03:56 whytewolf thats cause you've been around the block a few times hemebond. you might remeber when it wasn't an option.
03:57 hemebond Oooh, I see.
04:18 hammer065 joined #salt
04:18 aruns__ joined #salt
04:38 dezertol joined #salt
05:19 MTecknology I also did not realize that was supported.
05:45 aldevar joined #salt
06:01 aruns joined #salt
06:16 thelocehiliosan joined #salt
06:21 mechleg1 joined #salt
06:21 sauvin_ joined #salt
06:23 Hybrid joined #salt
06:31 masber joined #salt
06:37 packeteer joined #salt
06:38 lordcirth_work joined #salt
06:42 Hybrid joined #salt
06:43 Yamakaja joined #salt
06:45 tyx joined #salt
06:49 frew joined #salt
07:06 masber joined #salt
07:18 aruns__ joined #salt
07:32 fxhp joined #salt
07:36 jas02 joined #salt
07:44 darioleidi joined #salt
08:07 Tucky joined #salt
08:26 Ricardo1000 joined #salt
08:33 Pjusur joined #salt
08:37 lowkeyfred joined #salt
08:40 tvinson joined #salt
08:45 jas02 joined #salt
08:46 jas02 joined #salt
08:47 jas02 joined #salt
08:51 _val_ joined #salt
08:51 _val_ joined #salt
09:04 darioleidi joined #salt
09:10 jas02 joined #salt
09:13 andrew2 joined #salt
09:18 jas02 joined #salt
09:20 masber joined #salt
09:22 goya joined #salt
09:23 jas02 joined #salt
09:24 jesusaur joined #salt
09:26 jas02 joined #salt
09:30 Mattch joined #salt
09:36 dmaphy joined #salt
09:40 GrisKo joined #salt
09:41 Naresh joined #salt
09:42 cewood joined #salt
09:48 CrummyGummy joined #salt
09:59 jas02 joined #salt
10:08 Hydrosine joined #salt
10:08 tyx joined #salt
10:11 mikecmpbll joined #salt
10:17 inad923 joined #salt
10:18 jas02 joined #salt
10:19 edrocks joined #salt
10:24 jas02 joined #salt
10:36 inad922 joined #salt
10:40 LGee joined #salt
10:40 LGee hello guys
10:41 LGee where can I file a bug report for the docs?
10:44 onslack <msmith> create an issue? <https://github.com/saltstack/salt/issues>
10:47 babilen Or fix it and open a PR?
10:47 LGee It's not a big deal, typofix level
10:47 onslack <msmith> pr then
10:48 LGee ok
10:48 babilen https://docs.saltstack.com/en/latest/topics/development/contributing.html has information on how to contribute
10:48 LGee thanks, will do
10:49 babilen Thank you!
10:49 onslack <msmith> that's the one. couldn't find it
10:49 Cadmus Hello, I've got a salt statement that takes ages (like, over an hour) to run, how do I increase the timeout for just this one things?
10:49 onslack <msmith> what timeout? the job runs, right?
10:50 Cadmus Well it's still going right now, but it's come back with a "Minion did not respond" after 300s, but I can see something is still happening, what this means though (as it's in an orchestrator) is later states have not been run
10:51 onslack <msmith> that's a generic error, sure. best to check the job list to see what's happening with that job
10:52 onslack <msmith> it may be that the minion is too busy to respond to the master's request for progress, and i'm not aware of anything that you can reconfigure to change that :/
10:52 Hybrid joined #salt
10:53 Cadmus Too busy? Ah, yes the CPU load is rather high on this thing, it's a test machine so a little anemic, I'll see what happens in future.
10:53 hoverbear Hmm I'm having trouble getting myy salt master to listen on a specific IPv6 interface
10:53 ebbex can I spec dicts/vars in the pillar/top.sls or must i always include a separate sls?
10:53 babilen ebbex: The latter
10:54 hoverbear If I enable `ipv6: True` and set `interface: "fe80::%vtnet1/64"` on the master... It should be listening on vnet1 right?
10:54 ebbex babilen: aw shucks.
11:09 aruns joined #salt
11:10 Hybrid joined #salt
11:12 jas02 joined #salt
11:27 jas02 joined #salt
11:33 hoverbear Hmmm even tring to bind to `fe80::` doesn't seem to work
11:35 armin joined #salt
11:39 jas02 joined #salt
11:40 petererer hoverbear, don't think you want the /64 in there?
11:40 hoverbear petererer: I tried without and it fails to bind as well :(
11:40 hoverbear I actually can't get any ipv6 address/interface to bind other than `::` :(
11:41 petererer Is the address actually assigned to the interface?
11:42 onslack <msmith> does the interface have more than one address configured?
11:43 hoverbear I'm using the ipv6 address I see from `ifconfig`
11:44 hoverbear So I see `vtnet1` has the `inet6: fe80::c42d:bff:fe02:aa46%vtnet1`, and I put that in for my master listen address, fails to bind
11:47 petererer Doesn't seem to work for me either.
11:48 petererer Binding to a specific address works but not with an interface. And you need an interface for a fe80:: link-local address.
11:48 onslack <msmith> try without the %vtnet1, just the numbers?
11:49 hoverbear `WARNING: Unable to bind socket fe80::c42d:bff:fe02:aa46:4505, error: [Errno 49] Can't assign requested address; Is there another salt-master running?`
11:49 hoverbear And I confirmed with `lsof -i` that nothing is listening there
11:51 hoverbear Even trying with python raw doesn't work 🤔 https://gist.github.com/Hoverbear/1757a82d8f84c4ae2602413e11ee6f8d
11:53 turambar joined #salt
11:54 turambar hello. I don't know if this is the right place to ask for new features but I think it'd be helpful if salt had lldp information as a grain. there is some support for lldp through napalm but that's a different scope, in my opinion
11:54 babilen turambar: A wishlist bug on GH is probably the best place
11:56 ebbex Does the 'extend' work on lists in pillars? I'd like to take users listed both [pillar/users/dev.sls, pillar/users/qa.sls] and have my salt/users.sls take care of all.
11:57 turambar babilen: thanks, I'll go that route :)
11:59 babilen ebbex: You might be looking for https://docs.saltstack.com/en/latest/ref/configuration/master.html#pillar-merge-lists
11:59 om2 joined #salt
12:04 jas02 joined #salt
12:05 onslack <msmith> turambar: there's nothing stopping you from writing your own grain module and using/publishing that, if you'd like to contribute :)
12:10 turambar onslack: you are right and currently, I'm considering doing just that ;)
12:12 jas02 joined #salt
12:12 thelocehiliosan joined #salt
12:15 GrisKo joined #salt
12:15 jas02 joined #salt
12:16 svg joined #salt
12:16 ebbex babilen: Yup, thanks! :)
12:17 babilen hf
12:18 babilen ebbex: btw, users-formula comes in quite handy: https://github.com/saltstack-formulas/users-formula
12:18 svg joined #salt
12:25 svg left #salt
12:26 indistylo joined #salt
12:28 hoverbear Has anyone managed to get salt to bind to a non `::` ipv6 socket?
12:31 jas02 joined #salt
12:32 Nahual joined #salt
12:33 jas02 joined #salt
12:33 hoverbear Bah I see, digitalocean doesn't do private ipv6
12:36 jas02_ joined #salt
12:48 OliverUK joined #salt
12:48 rlefort joined #salt
12:50 mianosm 'private v6'?
12:50 mianosm you mean a unique local?
12:52 fl3sh joined #salt
12:55 edrocks joined #salt
12:57 hoverbear mianosm: They do not provide their private network interfaces (which are on a vlan with your other VMs) with ipv6 support
12:58 mianosm I only see my one interface, and it has a global and link local address, why would you want anything else/more?
12:58 hoverbear mianosm: I have two. I would like to have services only accessible on my private network
12:59 hoverbear https://gist.github.com/Hoverbear/5fdd9c2b27b72e94e3069cf5c680d8c8
13:01 pf_moore joined #salt
13:02 kojiro joined #salt
13:12 * Miuku ponders what a hoverbear looks like. I know a hovercat..
13:13 hoverbear https://avatars0.githubusercontent.com/u/130903?s=460&amp;v=4
13:15 kojiro We have some logic at the top of a bunch of sls files. Something like {% set release = salt["pillar.get"](foobar:release, 0) %} and then later on in the sls if statements around that.
13:15 kojiro Any suggestions how to abstract this so we don't have it in like 30% of templates?
13:19 onslack <msmith> other than put it in its own file and include that, no
13:21 babilen kojiro: Target different SLS based on that pillar data?
13:22 kojiro babilen: you mean by wrapping includes in {% if %} expressions?
13:22 babilen Or adopt the formula convention, define defaults in default.yaml and adapt in map.jinja based on various grains/merging pillar/...
13:22 babilen kojiro: An actual example would probably help
13:23 kojiro that's fair. lmswicd
13:23 jas02 joined #salt
13:24 thelocehiliosan joined #salt
13:27 evle1 joined #salt
13:30 onslack <msmith> if the content itself can be moved to a different sls file then you can indeed include/exclude in top.sls, but if it's just conditional parts then that's not so simple
13:31 gh34 joined #salt
13:31 aruns joined #salt
13:49 Hybrid joined #salt
13:52 GrisKo joined #salt
13:56 zerocoolback joined #salt
14:03 beardedeagle joined #salt
14:05 racooper joined #salt
14:08 zerocoolback joined #salt
14:09 gomerus[m]1 joined #salt
14:10 ThomasJ|m joined #salt
14:12 cgiroua joined #salt
14:12 nebuchadnezzar hello
14:15 kojiro hello
14:20 Ricardo10001 joined #salt
14:20 fernie joined #salt
14:37 inad922 joined #salt
14:46 AstraLuma So there's the minion-local message bus and the global message bus, right? And reactors/thorium run on the master and listen to the global bus, right?
14:59 Deliant joined #salt
14:59 cgiroua joined #salt
15:02 cgiroua_ joined #salt
15:02 DammitJim joined #salt
15:03 lordcirth_work Are there any modules for BMC/iLom/ out of band management config, or should I make one?
15:07 DammitJim for a state to download a bz2 file from a repository and install the file
15:08 DammitJim do you guys host the file on the salt master or use some kind of wget every time the minion has to get it?
15:09 lordcirth_work DammitJim, depends: how big is the file, how often do you expect it to change, and if it changes, do you want to automatically get the latest version?
15:09 DammitJim no on the version (I have to control that for testing purposes)
15:09 DammitJim file is about 22M
15:10 DammitJim so far I have just put files like these in a files directory under the state
15:11 lordcirth_work DammitJim, 22M is a bit big for the salt fs.  I'd use an http:// source instead
15:11 lordcirth_work specify a hash for security
15:11 DammitJim oh, good point about the hash
15:12 DammitJim thanks!
15:12 inad922 joined #salt
15:12 DammitJim if there is no hash provided, I can still create my own, right?
15:13 nebuchadnezzar I have an issue setting up network of minions, I need 1) configure systemd-networkd, 2) to stop interface, 3) restart systemd-networkd, but it looks like salt-minion stop the process as soon as the connection with the master is closed. Any hints?
15:15 lordcirth_work DammitJim, yeah, just download it and hash it
15:15 lordcirth_work As long as you trust the file the first time
15:15 lordcirth_work Also makes sure it won't change by accident
15:16 DammitJim OK, I'm freaking out over here... I think in this case I'm just going to store it
15:16 DammitJim thanks for the info, though... it's very good stuff I need to start looking at
15:28 xet7 joined #salt
15:32 GrisKo joined #salt
15:32 whytewolf AstraLuma: reactors run on the master yes, however engines such as thorium can run on either the master or minion. it depends on how they were coded.
15:32 _JZ_ joined #salt
15:33 whytewolf if engines are run on a minion they only get that minions event bus
15:33 mrBen2k2k2k joined #salt
15:34 AstraLuma whytewolf: is that documented anywhere? Eg, there's some notation about a minion_start event, but I don't see it on the salt-api view of the event bus.
15:35 AstraLuma But how to write engines is basically undocumented.
15:35 whytewolf https://docs.saltstack.com/en/latest/topics/engines/index.html
15:36 ten10baby joined #salt
15:38 jas02 joined #salt
15:38 zer0def wait, engines can run on a minion?
15:39 whytewolf yes
15:39 zer0def so every minion has it's own bus that's not propagated to the master?
15:40 whytewolf no, the events get propagated to the master. but if you want to do something about them locally you can
15:40 whytewolf also, engines can do more then event based stuff
15:41 zer0def am i assuming correctly that the tag is the same or does it contain a particular minion's id, like regular events do?
15:42 whytewolf it should be the same
15:42 zer0def the same as if the engine was running on the master, that is
15:42 thelocehiliosan joined #salt
15:43 zer0def would the event propagated have any markers in data indicating it came from that minion, then?
15:43 indistylo joined #salt
15:44 c4rc4s joined #salt
15:44 whytewolf you mean like data['id'] that is inserted into events
15:45 zer0def in the simplest (and most probable) case, yeah, data['id'] containing minion's id
15:46 Hybrid joined #salt
15:55 nebuchadnezzar So, is there a way to tell the minion to apply highstate from time to time to make sure the configuration is OK? I mean if someone screw up the network I want salt to come and fix it, but it looks like that not having a connection to the master make the minion to hangs :-/
16:00 cgiroua joined #salt
16:01 mahafyi joined #salt
16:02 mahafyi hello. I have been able to install salt-minion on debian testing (buster , amd64) with apt-get by using equivs for python-tornado.
16:03 gh34 joined #salt
16:04 mahafyi yesterday, i mentioned that is was not installing due to higher version in tornado.
16:04 lordcirth_work nebuchadnezzar, cron?
16:06 onslack <msmith> mahafyi: this is a known problem, yes. there's a new version about to release that will pin the version of tornado
16:06 tiwula joined #salt
16:07 onslack <msmith> nebuchadnezzar: minion schedule may do what you're after
16:07 mahafyi oh ok , thanks onslack
16:08 onslack <msmith> onslack is the bot's name
16:09 mahafyi well thanks anyhow msmith and onslack
16:10 nixjdm joined #salt
16:11 MTecknology mahafyi: did you install salt from the salt repo? If you stick with the distro-supplied version, that almost never happens.
16:11 MTecknology three cheers for reproducible-builds! :D
16:14 mahafyi MTecknology, on Debian stable no problems at all. But on Buster (testing), salt-minion has , among other dependencies, salt-common, which in turn looks for python-tornado (> 4.3 and < 5). But tornado version in debian 10 is 5.0.0-1 and hence the apt-get install failed.
16:16 onslack <msmith> then perhaps you'll need to include a repo with an older version
16:17 mahafyi_ joined #salt
16:17 MTecknology mahafyi: I'm not really sure that's what I was curious about. could you pbin "apt-cache policy salt-master"?
16:19 mahafyi_ left #salt
16:20 mahafyi joined #salt
16:20 mahafyi MTecknology : I will do it tomorrow. I do not have access now.
16:21 MTecknology no worries- it was just to satisfy my curiousity, since a fix is coming.
16:28 mavhq joined #salt
16:44 thelocehiliosan joined #salt
16:47 ecdhe joined #salt
16:48 lordcirth_work joined #salt
17:02 jas02 joined #salt
17:13 inad922 joined #salt
17:23 edrocks joined #salt
17:26 jas02 joined #salt
17:34 inad922 joined #salt
17:38 kuromagi joined #salt
17:38 CheckYourSix joined #salt
17:38 Hazelesque joined #salt
17:39 cyraxjoe joined #salt
17:39 Laogeodritt joined #salt
17:40 Kelsar joined #salt
17:49 hatifnatt joined #salt
17:51 jas02 joined #salt
17:54 Trauma joined #salt
18:11 jas02 joined #salt
18:13 hatifnatt Hello. Any ideas how to workaround this issue on Debian 9 https://github.com/saltstack/salt/issues/45383 ?
18:17 mikecmpbll joined #salt
18:18 onslack <msmith> the last comment has a workaround
18:19 hatifnatt onslack: It doesn't work on Debian
18:22 onslack <msmith> btw all i'm doing is using google. try `dpkg-reconfigure locales` to ensure the one you want is generated, and apply it as the default
18:23 onslack <msmith> for reference, this is the page i'm reading: <https://wiki.debian.org/Locale>
18:24 legreffier joined #salt
18:29 aldevar joined #salt
18:29 hatifnatt Ofcourse I have default UTF-8 system locale. But salt reset it to 'C' https://github.com/saltstack/salt/blob/95be4e47002dda3e36bc8e15a080a1ecbcdc5ba4/salt/modules/cmdmod.py#L498
18:31 onslack <msmith> wrapped in `reset_system_locale`, which you can set to false it seems. there are likely to be other issues for this, but i'm heading out now
18:32 legreffier how can i set a grains (i can use in another state) with the output of a cmd.run (_without_ relying on jinja)...
18:33 legreffier can't find any documentation about this (.. this doesn't seem like a crazy goal , right ?)
18:33 hatifnatt > which you can set to false it seems. But unfortunately I have no idea how.
18:41 legreffier https://framabin.org/?4195ba3bedad4a63#2OywmeOwdAntGHMpuIuQaUETmEreyn5a/M7zxIXvMkw= might be clearer this way
18:42 hatifnatt legreffier: You mean only using state modules, and without using execution modules?
18:43 legreffier hatifnatt: i'm not sure what execution module means :/
18:47 legreffier hatifnatt: i can use either , but I definitely shouldn't use the {{ cmd.run("cool cmd to run") }}, but when using the state module... i don't know how to put the result in a variable or grains i re-use late in the state.
18:48 legreffier later*
18:50 Edgan hatifnatt: There are per distro/release repos for salt. Debian 9's is https://repo.saltstack.com/#debian
18:52 hatifnatt Edgan: I have Salt already installed...
19:02 exarkun joined #salt
19:06 ymasson joined #salt
19:06 OliverUK joined #salt
19:18 nixjdm joined #salt
19:19 cewood joined #salt
19:24 Miuku Very salty.
19:24 jas02 joined #salt
19:26 zerocoolback joined #salt
19:27 Deliant joined #salt
19:35 Trauma joined #salt
19:38 jas02 joined #salt
19:47 Hybrid joined #salt
19:47 fernie joined #salt
19:57 tyx joined #salt
19:59 jas02 joined #salt
20:12 Trauma joined #salt
20:20 Guest73 joined #salt
20:24 tyx joined #salt
20:47 eekrano joined #salt
20:52 rlefort joined #salt
21:31 thelocehiliosan joined #salt
22:00 swa_work joined #salt
22:00 Guest73 joined #salt
22:06 rlefort joined #salt
22:06 Trauma joined #salt
22:14 Trauma joined #salt
22:18 exarkun joined #salt
23:04 masber joined #salt
23:05 thelocehiliosan joined #salt
23:19 Vaelatern joined #salt
23:58 exarkun joined #salt

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary