Perl 6 - the future is here, just unevenly distributed

IRC log for #salt, 2018-05-03

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:00 onslack joined #salt
00:12 zerocoolback joined #salt
00:29 cgiroua joined #salt
00:39 JacobsLadd3r joined #salt
00:50 mpanetta joined #salt
01:09 cliluw joined #salt
01:25 onslack <gtmanfred> doubletwist: yes
01:38 cyp3d_ joined #salt
01:58 ilbot3 joined #salt
01:58 Topic for #salt is now Welcome to #salt! <+> Latest Versions: 2017.7.5, 2018.3.0 <+> Support: https://www.saltstack.com/support/ <+> Logs: http://irclog.perlgeek.de/salt/ <+> Paste: https://gist.github.com/ <+> See also: #salt-devel, #salt-offtopic, and https://saltstackcommunity.herokuapp.com (for slack) <+> We are volunteers and may not have immediate answers
02:02 shiranaihito joined #salt
02:25 evle joined #salt
02:31 alvinstarr joined #salt
02:44 mrBen2k2k2k joined #salt
02:48 tiwula joined #salt
02:50 bluenemo joined #salt
03:00 zerocoolback joined #salt
03:18 zerocoolback joined #salt
03:19 zerocoolback joined #salt
03:19 zerocoolback joined #salt
03:20 zerocoolback joined #salt
03:21 zerocoolback joined #salt
03:25 stooj joined #salt
03:59 MichaelRomig joined #salt
04:39 ntropy_ joined #salt
04:42 Udkkna joined #salt
04:58 nku joined #salt
05:14 sauvin joined #salt
05:36 xet7 joined #salt
05:45 aarontc joined #salt
05:51 ntropy_ left #salt
05:51 ntropy joined #salt
05:55 hoonetorg joined #salt
05:57 Valfor joined #salt
05:57 Valfor joined #salt
06:08 DanyC joined #salt
06:17 cbosdonnat joined #salt
06:17 cbosdonnat joined #salt
06:37 CrummyGummy joined #salt
06:50 hoonetorg joined #salt
06:56 inad922 joined #salt
06:58 haam3r joined #salt
07:02 Hybrid joined #salt
07:07 Tucky joined #salt
07:15 tyx joined #salt
07:25 netcho joined #salt
07:25 netcho joined #salt
07:27 zerocoolback joined #salt
07:36 jrenner joined #salt
07:37 rollniak joined #salt
07:38 stooj joined #salt
07:41 Tucky joined #salt
07:49 zerocoolback joined #salt
07:50 zerocoolback joined #salt
07:51 zerocoolback joined #salt
07:51 zerocoolback joined #salt
07:52 zerocoolback joined #salt
07:53 orichards joined #salt
08:01 DanyC joined #salt
08:02 briner joined #salt
08:14 Ricardo1000 joined #salt
08:25 Cluepon_ joined #salt
08:34 Mattch joined #salt
08:58 nku joined #salt
09:05 Elsmorian joined #salt
09:08 nku hrm, just upgraded to 2018, and file.recurse gives me a "Unable to manage file: 'utf8' codec can't decode byte 0xc3 in position 3: invalid continuation byte"
09:08 nku wth is salt trying to do with that file..
09:10 MTecknology probably mismatched latin/utf-8 encoding
09:11 nku it's binary data
09:11 nku anyway, i can just exclude it..
09:27 nku hrm, now i get a rendering error Jinja syntax error: no filter named 'strftime'; line 4.. that should still exist https://docs.saltstack.com/en/latest/topics/jinja/index.html#strftime
09:28 Udkkna joined #salt
09:33 nku looks like #46834
09:35 inad922 joined #salt
09:53 Rumbles joined #salt
10:02 Hybrid joined #salt
10:03 nebuchad` left #salt
10:03 nebuchadnezzar joined #salt
10:10 zulutango joined #salt
10:11 rollniak joined #salt
10:11 n1x0n joined #salt
10:30 defsdoor joined #salt
10:58 exarkun joined #salt
10:59 Pjusur joined #salt
11:05 Ricardo1000 joined #salt
11:09 ExtraCrispy joined #salt
11:11 Smokey joined #salt
11:12 Smokey left #salt
11:14 IsaacE joined #salt
11:14 IsaacE left #salt
11:21 DammitJim joined #salt
11:30 dendazen joined #salt
11:31 evle1 joined #salt
11:50 stooj joined #salt
11:53 zerocoolback joined #salt
12:08 Elsmorian joined #salt
12:15 gmoro joined #salt
12:19 Nahual joined #salt
12:22 hiroshi joined #salt
12:24 K0HAX joined #salt
12:24 Elsmoria_ joined #salt
12:27 kiorky joined #salt
12:42 o1e9 joined #salt
12:42 briner joined #salt
12:50 bluenemo joined #salt
12:53 jdipierro joined #salt
13:00 Hybrid joined #salt
13:05 onslack <haam3r> Hi! Seeing issue with using cmd.run from an orchestrate runner: "ERROR: Specified cwd '{u'creates': u'/etc/openvpn/keys/test.crt'}' either not absolute or does not exist""
13:05 onslack <haam3r> Seems like something is going amiss when using the creates parameter with cmd.run in 2018.3
13:05 briner joined #salt
13:07 mchlumsky joined #salt
13:25 racooper joined #salt
13:27 inad922 joined #salt
13:30 gh34 joined #salt
13:35 nixjdm joined #salt
13:35 englishm_work joined #salt
13:37 AngryJohnnie joined #salt
13:38 Elsmoria_ Does the Redis cache module support Redis Sentinel?
13:45 Elsmorian joined #salt
13:58 Elsmorian joined #salt
13:59 ooboyle joined #salt
14:12 cgiroua joined #salt
14:18 Rumbles joined #salt
14:24 Pomidora_ left #salt
14:24 briner joined #salt
14:26 Naresh joined #salt
14:34 dxiri joined #salt
14:48 StolenToast joined #salt
14:48 brokensyntax joined #salt
14:53 briner joined #salt
14:54 tiwula joined #salt
14:57 arlyon joined #salt
14:59 immune2iocane joined #salt
15:03 Elsmorian joined #salt
15:31 dezertol joined #salt
15:32 onslack <scub> Curious, anyone had luck getting highstate returners to run from a syndic?
15:35 Nahual Not with any good regularity.
15:37 Kelsar joined #salt
15:41 onslack <scub> Were you by chance using the scheduler to assert the returner to use, and if so, were you able to identify a means of having that data returned from the syndic instead of the minion itself?
16:00 immune2iocane joined #salt
16:03 stooj joined #salt
16:13 viq Is there a way to have say stateA with variable=X, but when including it from stateY tell it that variable=Y?
16:14 onslack <gtmanfred> use extend:
16:14 onslack <gtmanfred> <https://docs.saltstack.com/en/2017.7/ref/states/extend.html>
16:17 viq Ah, indeed, that's great, thanks!
16:30 cholcombe joined #salt
16:32 AngryJohnnie joined #salt
16:34 Trauma joined #salt
16:38 DanyC joined #salt
16:39 DanyC_ joined #salt
16:41 doubletwist What am I missing here? https://paste.fedoraproject.org/paste/ecQuFlpGdx14q-DyCdTuLQ
16:41 onslack <gtmanfred> args[‘pkgname’]
16:42 onslack <gtmanfred> args[‘state’]
16:42 onslack <gtmanfred> etc
16:42 doubletwist ok checking
16:42 jdipierro joined #salt
16:45 doubletwist worked past that error. Got other errors but I think I see the issue
16:45 doubletwist thx
16:49 NEOhidra joined #salt
16:49 rickflare2 joined #salt
16:51 doubletwist Cool, all seems to be working as expected now.
16:51 stankmack joined #salt
16:52 pfallenop joined #salt
16:52 ksa joined #salt
16:58 Elsmorian joined #salt
17:04 rivyn joined #salt
17:12 xet7 joined #salt
17:12 AngryJohnnie joined #salt
17:14 Trauma joined #salt
17:21 bluenemo joined #salt
17:22 JacobsLadd3r joined #salt
17:26 Rr4sT joined #salt
17:27 JacobsLadd3r joined #salt
17:30 systemdave joined #salt
17:30 DanyC joined #salt
17:43 sjorge joined #salt
17:51 al joined #salt
17:54 systemdave joined #salt
17:55 systemdave joined #salt
17:56 al joined #salt
18:06 dendazen joined #salt
18:08 sjorge joined #salt
18:12 ymasson joined #salt
18:27 immune2iocane joined #salt
18:31 jdipierro joined #salt
18:53 systemdave joined #salt
19:03 Elsmorian joined #salt
19:08 crux-capacitor is there a way to target minions using an If? for example salt -C "if G@ipv4 == G@custom_ip_grain" test.ping
19:09 onslack <gtmanfred> all targeting is an if
19:09 onslack <gtmanfred> but you can’t compare grain values
19:10 crux-capacitor ok thanks
19:12 Elsmorian joined #salt
19:12 arlyon joined #salt
19:28 scooby2 joined #salt
19:30 Wuodan joined #salt
19:30 Wuodan joined #salt
19:37 bluenemo joined #salt
19:39 AngryJohnnie joined #salt
19:50 arlyon joined #salt
19:55 Elsmorian joined #salt
19:59 briner joined #salt
20:05 evle1 joined #salt
20:16 stooj joined #salt
20:17 arlyon joined #salt
20:19 rollniak joined #salt
20:20 Elsmorian joined #salt
20:29 DammitJim joined #salt
20:29 DammitJim how do I find out when a state became available on salt?
20:29 evle1 joined #salt
20:29 DammitJim like on what version of salt it became available?
20:30 onslack <gtmanfred> usually it lists `..versionadded: 2017.7.4` or something on the docs page
20:31 DammitJim https://docs.saltstack.com/en/latest/ref/states/all/salt.states.rabbitmq_user.html
20:31 DammitJim I want to know when rabbitmq_user.present became a thing
20:31 onslack <gtmanfred> <https://docs.saltstack.com/en/2014.7/ref/states/all/salt.states.rabbitmq_user.html>
20:32 onslack <gtmanfred> added in 2014.7
20:32 onslack <gtmanfred> <https://docs.saltstack.com/en/2014.1/ref/states/all/salt.states.rabbitmq_user.html>
20:33 DammitJim how did you find that?
20:34 onslack <gtmanfred> i put in the versions
20:34 onslack <gtmanfred> into the url, and found the one that 404d
20:34 DammitJim :-P
20:35 whytewolf actually. it was in 2014.1 also. i don't think the module index documentation existed in 2014.1
20:35 whytewolf https://github.com/saltstack/salt/blob/v2014.1.10/salt/states/rabbitmq_user.py
20:36 whytewolf https://github.com/saltstack/salt/blob/0.11/salt/states/rabbitmq_user.py
20:36 whytewolf it is an old state
20:37 onslack <gtmanfred> yes, it has been around a while
20:41 DammitJim I'm surprised at my stupidity
20:41 DammitJim I don't understand why I ended up writing a bash script to be run from salt to create users
20:42 arlyon joined #salt
20:47 arlyon joined #salt
20:53 briner joined #salt
20:57 dendazen joined #salt
21:05 VR-Jack-H joined #salt
21:09 defsdoor joined #salt
21:11 defsdoor joined #salt
21:26 Versacce joined #salt
21:33 kveroneau joined #salt
21:34 kveroneau I have been using SaltStack for a bit now, and use it in my home for both home server, and Linux/Windows workstation administration.  Great product!
21:35 kveroneau Anyways, I have a question about how a salt minion works away from home, or rather when a minion is unable to communicate with the master, as in say a portable device like a laptop.
21:35 onslack <gtmanfred> what is your question?
21:36 kveroneau I know I could allow access to the master away from my home network, but if I say have the minion do "startup_state: 'highstate'", will the minion still perform the state apply, but use the local cache if the master cannot be contacted for the states?
21:37 kveroneau I know the minion has a local cached copy of the sls files and such from previous runs, so technically it should be-able to run a highstate without the master.
21:37 onslack <gtmanfred> no, it will try to connect to the master, and if it can’t it will hang, and eventually timeout
21:37 kveroneau :(  That sucks.
21:37 onslack <gtmanfred> because it still has to ask the master for the hash of the file, incase it has changed
21:38 onslack <gtmanfred> and if it can’t verify that the file it has is correct, why would it run anything?
21:38 kveroneau It would be a nice feature to have, for laptops can still do a highstate from a cron/task schedule to ensure a specific policy is set without the master.
21:38 onslack <gtmanfred> if you want to be able to run it without access to the master, you need to setup a local cache of the files, and then reference them with --local
21:38 onslack <gtmanfred> doing what you are suggesting is not reliable, and you end up with a bunch of minions that are miss configured
21:39 kveroneau Ah, yes.  I did think about something like that, but that would require a different setting from being in the home, to being portable and the setting needing to be dynamic.
21:40 onslack <gtmanfred> i mean, if you have them setup in /srv/salt on your minion, you can just run salt-call --local state.apply
21:40 kveroneau Yes, but I would still like an option in the minion config to allow for stale/cached config to be used in the event that the master cannot be contacted.
21:40 onslack <gtmanfred> I don’t think that will ever happen, because your cache could be stale, and there is almost no usecase for that
21:40 onslack <gtmanfred> if you have already applied that set of states, why do you need to apply it again
21:41 kveroneau The default would be to timeout of course, but at least having that option there for the odd user who may wish to use it, would be a nice feature.
21:41 onslack <gtmanfred> this isn’t chef or puppet that needs to run 100 times before it is successful
21:41 kveroneau I do have an OpenVPN configured, but since "startup_states" happens as soon as the machine boots, the VPN isn't yet established, so it will timeout when the service starts.
21:42 onslack <gtmanfred> add After=openvpn.service to /etc/systemd/system/salt-minion.service.d/vpn.conf
21:42 onslack <gtmanfred> so that the salt-minion service doesn’t start until your vpn is connected
21:42 onslack <gtmanfred> <https://coreos.com/os/docs/latest/using-systemd-drop-in-units.html>
21:42 onslack <gtmanfred> you can use that anywhere systemd is used
21:43 kveroneau I wish Windows laptops had systemd.  This isn't a problem with my Linux machines, as it is more configuratable.
21:43 onslack <gtmanfred> <https://support.microsoft.com/en-us/help/193888/how-to-delay-loading-of-specific-services>
21:43 whytewolf well, could also just go masterless minion.
21:44 onslack <gtmanfred> you can also have file_client: local, but still have the minion connected to a master to run remote execution commands
21:44 onslack <gtmanfred> (that was added in 2017.7)
21:44 kveroneau I am essentially using salt on my Windows portables to ensure a specific configuration with many services and telemetry turned off.  It also removed Administrators group from every account, so admining the system can only be done through salt.
21:45 kveroneau I am a very paranoid windows user haha
21:45 kveroneau So salt cannot be directly executed on the Windows machine by a user locally, as nobody has local admin rights.
21:46 MTecknology If you're paranoid, why would you use windows?
21:47 kveroneau :( Thin and ultrabooks are most compatible with Windows I find.
21:47 onslack <gtmanfred> not trying hard enough :P
21:47 kveroneau There has been recent work on getting these specific machines running better with Linux tho, so one day these machines will be converted.
21:48 * whytewolf has never been a fan of "ultrabooks" anyway. I want to feel my laptop.
21:48 kveroneau Salt does ease my paranoia, as it can usually ensure a very consistent state, and I can use diff to ensure no new services are added, along with other checks using salt.
21:49 kveroneau I love ultrabooks for their super portability, although they really power for anything too productive.  With the new bash shell in Windows, using it as a nice ssh/VcXsrv thin client.
21:50 kveroneau Anyways, I don't want to get off-topic here.
21:50 kveroneau *lack power
21:51 whytewolf My laptop weights 7 pounds. and does not lack power. and came with linux.
21:51 kveroneau An interesting suggestion for a future salt formula would be a formula for the paranoid windows user. :)
21:51 whytewolf [the power brick is another 7 pounds though]
21:52 kveroneau I have a Lenovo ThinkPad that nicely runs Linux natively, and I use that portably when I need a Linux machine for development.
21:52 scooby2 joined #salt
21:53 kveroneau One thing I wanted to eventually contribute to the Salt community, is a salt formula that mimics what ShutUp10 does, but without needing to use the software, and obviously more automated.
21:53 shanth joined #salt
21:53 whytewolf System76 Onkyo, [the original not the thin one they are about to put out]
21:54 kveroneau Nice, I heard many great things about System76.  Never purchased a machine from them yet, I may one day though.
21:55 MTecknology My main laptop is an M6800. It's extra massive with sane (non-nvidia) graphics. It's extra overkill. My travel laptop is a T540.
21:55 whytewolf I love it. even have salt on it in pop_os
21:55 kveroneau Oh, another thing.  When I last updated salt, I noticed that my inotify beacons broke, and I couldn't get them working again.
21:55 whytewolf which reminds me i need to actually use salt on it more
21:55 kveroneau I set the beacon through a state, rather than in the conf directory.
21:56 shanth anyone using syndic with salt? i really wish the top level salt master could push states without the states being on the syndic :(
21:56 * whytewolf wishes syndic was never born
21:56 onslack <gtmanfred> that won’t happen, because it puts all the load back on the master of masters, which is the opposite of the point of syndics
21:57 MTecknology shanth: syndics are just masters with a remote control..
22:00 kveroneau It would be nice if salt has a better ACL system where regular users can use salt, but without the need of changing a ton of permissions for log files and such.
22:00 shanth i'm in a unique situation where syndic appears to be the only solution
22:01 shanth and syndic is so so
22:01 whytewolf kveroneau: you mean like Enterprise. or Salt-api + pepper
22:02 shanth maybe salt proxy might be what i'm looking for then
22:02 kveroneau Currently, I am getting around this by running a service made in Python that calls the Salt API, and listens on a UNIX socket.  Then a thin tool talks over this socket to the service running as root to perform the actually salt command.
22:02 onslack <gtmanfred> salt-proxy is for running salt commands against devices that don’t have python, so you run the proxy minion on a different device
22:02 shanth ah
22:02 kveroneau The Salt-api is pretty cool.
22:02 onslack <gtmanfred> kveroneau <https://github.com/saltstack/pepper/>
22:03 shanth i'm in a pretty odd situation
22:03 kveroneau onslack, thank you for that.
22:03 onslack <gtmanfred> if you install that from git, and you also have salt installed, it will print out the returns as if you had made a call with the `salt` command instead of pepper
22:04 shanth two machines that are in failover mode, at best only one of them can talk directly to the salt master. if i use a syndic, they can both talk to the salt master, but now i have to sync states on the syndic all the time
22:04 onslack <gtmanfred> just use gitfs or another remote fileserver
22:04 whytewolf ^
22:04 shanth i tried extensively to get gitfs to work but it didn't seem to work for freebsd, this was a long time ago - i thought about trying it again
22:05 onslack <gtmanfred> <https://docs.saltstack.com/en/latest/ref/file_server/all/salt.fileserver.hgfs.html>
22:06 shanth cool
22:06 MTecknology I hope I never agan have to work in a mercurial repo... I know I'll have to, but I maintain hope.
22:06 shanth yeah we are using stash/bitbucket (atlassian) for our git
22:07 onslack <gtmanfred> mercurial is better than git imho, it has all the features of git, but they are not available by default, because 99% of people don’t need or use them
22:07 MTecknology What makes it better?
22:07 onslack <gtmanfred> it is simpler
22:07 * whytewolf used to pay for stash. before it became bitbucket. but then github gave me a free lifetime account
22:07 MTecknology bzr is simpler..
22:07 onslack <gtmanfred> yeah but bzr is garbage because it requires launchpad
22:08 MTecknology it doesn't require launchpad..
22:08 MTecknology I used to run a local bzr server
22:08 onslack <gtmanfred> well, it requires you sign the canonical licensing agreement in order to compile it from source
22:08 whytewolf RCS is simpler
22:08 * whytewolf runs
22:08 kveroneau onslack, I also prefer hg over git as well...  But like the VHS and Beta wars...
22:09 MTecknology I always felt like hg broke in weird/strange ways and noticed I was always searching for plugins to add or to enable.
22:09 hemebond I think my first encounter with Mercurial was BitBucket. And you couldn't even browse files on there at the time.
22:09 onslack <gtmanfred> sure for your usecase, and for mine, git is better, but I can get someone else started on mercurial in 5 minutes, but explaining git pull --rebase to them takes forever
22:10 hemebond How does hg do a rebase?
22:10 onslack <gtmanfred> it just does it by default, it doesn’t do the stupid merge by default thing
22:10 MTecknology To someone you can't explain a rebase to, they're still going to clutter the repo with an infinite number of empty merges
22:10 kveroneau Explaining Git vs Hg to a team of developers who has used Subversion for years...  Hg is much closer to Svn command-wise, and is usually much easier to pick up and use.
22:11 kveroneau But Git won the repo war, so we all need to accept Git as the supreme repo tool and move on. :(
22:11 shanth how does the pricing for salt enterprise work? is it per minion?
22:12 onslack <gtmanfred> yes
22:12 shanth is there a trial we can try?
22:12 onslack <gtmanfred> they do trials yes, but on a case by case basis
22:12 shanth it might be useful for our pci auditing
22:12 briner joined #salt
22:13 MTecknology kveroneau: that's kinda like saying vim won the editors war
22:13 MTecknology it's basically true, but there's always competition, and some of it isn't terrible
22:14 whytewolf vim didn't? doens't everything now come with a vim editor mode because almost no one can NOT use vim now?
22:14 whytewolf :P
22:14 kveroneau True, but hg repos are very rare when compared to git repos.  I personally use bitbucket.org as I prefer hg over git, and they support hg.
22:14 onslack <gtmanfred> tell that to facebook
22:15 onslack <gtmanfred> <https://code.facebook.com/posts/218678814984400/scaling-mercurial-at-facebook/>
22:15 MTecknology facebook.. the authority on all things sane
22:15 onslack <gtmanfred> praise them, or they will give me your home address
22:16 onslack <gtmanfred> granted, i don’t really want to come to montana
22:16 kveroneau Good for them, but I guess this article didn't make it too widespread in the industry, as git is still pretty dominant.
22:16 Trauma joined #salt
22:17 kveroneau My company usually follows the tech trends set by Netflix, as we are using a lot of libraries and tools developed by them.
22:19 kveroneau Sadly, my company didn't go with SaltStack, and I can only use it's glory at home, and for my personal cloud servers.
22:19 whytewolf Netflix has good ideas. and some that are not always tendable in every enviroment.
22:20 kveroneau I believe we are following their Microservice approach the most.  Using tools like Eureka for example.
22:21 whytewolf like, I love the idea of choas monkey. however. a lot of RDBMS Databases are not resilent enough to randomly have a server go away on them
22:21 kveroneau This is most likely the article our CTO read to make our current choices in Microservice development:  https://cloud.spring.io/spring-cloud-netflix/
22:21 zulutango joined #salt
22:22 MTecknology whytewolf: Isn't that the idea, though? If you're environment can't handle a little planned chaos, how is it ever going to handle the big time?
22:23 mpanetta joined #salt
22:24 kveroneau The microservices we created use a mix of Oracle and MapR, we haven't noticed any issues with either yet in terms of resilency.
22:25 whytewolf a lot of companies can't afford Oracle. There is also CockroachDB now.
22:25 kveroneau Spring has a shutdown endpoint that is called, so the DB/MapR connections are usually properly deconstructed before the service itself goes down.
22:25 LeProvokateur joined #salt
22:26 kveroneau If the service went down due to a crash, then that might cause some problems on the DB side with connections not being properly closed and left lingering.
22:29 whytewolf It has become way less of a problem then it used to be. but when ChoasMonkey was first released ... Someone at the company decided to try it on our setup. with out actually telling anyone.
22:31 whytewolf it was a newspaper. luckily it only nuked a webserver before we caught it.
22:43 arlyon joined #salt
22:46 kwork joined #salt
22:48 kwork joined #salt
23:03 baconbeckons joined #salt
23:06 b1nzy joined #salt
23:09 defsdoor joined #salt
23:23 masber joined #salt

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary