klsmithphd/salt-sandbox

trying out your scripts

Opened this issue · 2 comments

mduttaroy-devops commented

Hi Ken -

Thanks for your presentation and examples. The slides are great.

It was very useful to get it running with the Vagrantfile provided.

However I have a couple of issues, wondering you could suggest what may be going on.

I renamed the machines to saltMaster and saltMinion and salt installs fine in the master and minion. My hosts file and hostnames are fine. I can ping the machines from each other and move between machines i.e. between saltMaster and saltMinion.

However in the master (saltMaster):
sudo salt-key -L
just returns this:
Accepted Keys:
Unaccepted Keys:
Rejected Keys:

Does not seem to see the saltMinion.
And I have no /srv/salt directory in the master (saltMaster).

I was wondering if you may have any idea on what may be going on?

Any suggestions you have will be very helpful.

Thanks again for the tutorial.

Mono

klsmithphd commented

Mono,

Salt minions default to attempting to contact a host on the network named 'salt'. If you've changed the hostnames (especially in the /etc/hosts file in each of the VMs), then the salt minion won't know to look for the master at the new name.

It's possible to override the hostname for the master on each minion in the minion's /etc/salt/minion configuration file. See e.g., http://docs.saltstack.com/en/latest/ref/configuration/minion.html#master

If you do that, the minion should be able to find the master and will check in with a new minion key. (You'll need to restart the salt-minion process on the minion if you're doing this by hand.)

As for the second issue (there's no /srv/salt directory), that's correct --- that's something that'll need to be created on the master. I should clarify the slides on that point or have the Vagrantfile make that directory.

mduttaroy-devops commented

Hi Ken -

Thanks for your response. Appreciate that insight. I made the changes and
got things working. I wanted to update you.

Btw please note that I have mentioned that I have copied from your repo:
https://github.com/mduttaroy-devops/vagrant-salt-sandbox

Just thought I would run some of the changes by you to see what you think
and if you have some suggestions.

I hope it is helpful to you as well.

...
MASTER:

For the master I replaced your inline script: wget -O -
http://bootstrap.saltstack.org http://bootstrap.saltstack.org | sudo sh
-s -- -M -N

... to go with a config like below (you can see this in the Vagrantfile in
the repo). It installs only the master and not the minion as your script
does.

saltMaster.vm.provision :salt do |salt|
  salt.always_install = true
  salt.verbose = true
  salt.temp_config_dir = "/tmp"
  salt.install_type = "stable"

  •  salt.install_master = true*

  •  salt.no_minion = true*
    salt.minion_key = "saltConfs/saltMinion.pem"
    salt.minion_pub = "saltConfs/saltMinion.pub"
    salt.seed_master = {saltMinion: salt.minion_pub}

    salt.run_highstate = true

    end
    ...
    MINION:

For the minion I have been replaced your inline script: wget -O -
http://bootstrap.saltstack.org http://bootstrap.saltstack.org | sudo sh

saltMinion.vm.provision :salt do |salt|
  salt.always_install = true
  salt.verbose = true
  salt.temp_config_dir = "/tmp"
  salt.install_type = "stable"

  •  salt.install_master = false*

  •  salt.no_minion = false*
    salt.minion_config = "saltConfs/saltMinion.conf"
    salt.minion_key = "saltConfs/saltMinion.pem"
    salt.minion_pub = "saltConfs/saltMinion.pub"
    end

This installs only minion and not master in this particular vm
vagrant@saltMinion:~$ ps -fe | awk {'print $9'} | grep salt | uniq
/usr/bin/salt-minion

Thus commands on master (salt) such as:
sudo salt-key -L / -A
sudo salt * cmd.run date
sudo salt saltMinion test.ping

All do the right things in showing the minion to be saltMinion and such.

...
GENERAL QUESTIONS:

But a couple of questions linger regards where the keys are in salt-master
and minion.
As you know I called the minion saltMinion and called the key
saltMinion.pem/pub/conf, got it copied in Vagrant into master and got it
seeded as well.

So although everything works I was curious about a couple of things just
for my own sanity check.

  • On the salt-master, right after installing, when i run 'sudo ls -al
    /etc/salt/pki/master/minions/    '
  • I do not find the expected file: saltMinion.pub - which I believe
    should be in that directory: /etc/salt/pki/master/minions/?
  • sudo salt-key -L I do expectedly see *saltMinion as in: *

Accepted Keys:
Unaccepted Keys:
saltMinion
Rejected Keys:

  • But this file appears in this directory ('sudo ls -al
    /etc/salt/pki/master/minions/    ) after: sudo salt-key -A is run.
  • I did run updatedb and locate saltMinion on the machine between
    salt-key -L and -A but did not find the file.

++ I am curious where this file: saltMinion.pub is on salt-master
before the salt-key -A is run.

  • On the minion (saltMinion), right after installing, when i run 'sudo
    ls -al /etc/salt/pki/minion/    '
  • I see files: minion_master.pub, minion.pem, minion.pub.
  • But updatedb and locate on saltMinion (even after the key is accepted on
    salt-master    ) only finds it in the vagrant directory:

vagrant@saltMinion:$ sudo updatedb
vagrant@saltMinion:$ sudo locate saltMinion
/vagrant/saltConfs/saltMinion.conf
/vagrant/saltConfs/saltMinion.pem
/vagrant/saltConfs/saltMinion.pub

++ I am curious where this file: saltMinion.pub is on the minion
(saltMinion) even after the salt-key -A is run on the salt-master.

...
Ok then everything is updated. It will run self-contained.

Would love to hear on the questions above if you have some ideas and look
forward to your next lessons.

If you want me to work with you to try out your lessons and make sure
everything works and do any optimizations I have some time to do it.

i am trying to work through some formulas as well. Would love to get your
help on the postgres-formula and mysql-formula.

Best.

Mono
mobile: +1 (404) 664-3605

On Thu, May 29, 2014 at 8:26 AM, Ken Smith notifications@github.com wrote:

Mono,

Salt minions default to attempting to contact a host on the network named
'salt'. If you've changed the hostnames (especially in the /etc/hosts file
in each of the VMs), then the salt minion won't know to look for the master
at the new name.

It's possible to override the hostname for the master on each minion in
the minion's /etc/salt/minion configuration file. See e.g.,
http://docs.saltstack.com/en/latest/ref/configuration/minion.html#master

If you do that, the minion should be able to find the master and will
check in with a new minion key. (You'll need to restart the salt-minion
process on the minion if you're doing this by hand.)

As for the second issue (there's no /srv/salt directory), that's correct
--- that's something that'll need to be created on the master. I should
clarify the slides on that point or have the Vagrantfile make that
directory.


Reply to this email directly or view it on GitHub
#1 (comment)
.