ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Salt Minion Problems

    Scheduled Pinned Locked Moved Unsolved IT Discussion
    134 Posts 6 Posters 12.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • scottalanmillerS
      scottalanmiller @Romo
      last edited by

      @Romo said in Salt Minion Problems:

      @scottalanmiller said in Salt Minion Problems:

      The Salt Master has cached the public key for this node, this salt minion will wait for 10 seconds before attempting to re-authenticate

      That happens to all minions when they are waiting for the master to approve their key.

      Yeah, the master didn't have an /etc/hosts entry so it was pointing itself to a different Salt Master. So that was awfully confusing.

      1 Reply Last reply Reply Quote 1
      • scottalanmillerS
        scottalanmiller
        last edited by

        Ok, so after fixing the hostname on the master, fixing the /etc/hosts file and then checking the errors, we find that that weird ip local address there is NOT from the Minion, but from the Master itself. So the Minion has never checked in at all.

        # salt-key --list-all
        Accepted Keys:
        Denied Keys:
        ip-65-75-137-152.local
        Unaccepted Keys:
        ip-65-75-137-152.local
        Rejected Keys:
        [root@lab-lnx-william-salt ~]# systemctl status salt-minion
        ● salt-minion.service - The Salt Minion
           Loaded: loaded (/usr/lib/systemd/system/salt-minion.service; enabled; vendor preset: disabled)
           Active: inactive (dead) since Tue 2017-01-31 20:39:37 UTC; 2min 43s ago
          Process: 902 ExecStart=/usr/bin/salt-minion (code=exited, status=0/SUCCESS)
         Main PID: 902 (code=exited, status=0/SUCCESS)
        
        Jan 31 20:39:22 lab-lnx-william-salt systemd[1]: Starting The Salt Minion...
        Jan 31 20:39:23 lab-lnx-william-salt systemd[1]: Started The Salt Minion.
        Jan 31 20:39:37 lab-lnx-william-salt salt-minion[902]: [CRITICAL] The Salt Master has rejected this minion's public key!
        Jan 31 20:39:37 lab-lnx-william-salt salt-minion[902]: To repair this issue, delete the public key for this minion on the Salt Master and restart this minion.
        Jan 31 20:39:37 lab-lnx-william-salt salt-minion[902]: Or restart the Salt Master in open mode to clean out the keys. The Salt Minion will now exit.
        
        1 Reply Last reply Reply Quote 0
        • scottalanmillerS
          scottalanmiller
          last edited by

          Here is the current error on the minion. I'm guessing we have the same issue:

          [root@minion1 ~]# systemctl status salt-minion
          ● salt-minion.service - The Salt Minion
             Loaded: loaded (/usr/lib/systemd/system/salt-minion.service; enabled; vendor preset: disabled)
             Active: active (running) since Tue 2017-01-31 20:21:59 UTC; 23min ago
           Main PID: 1228 (salt-minion)
             CGroup: /system.slice/salt-minion.service
                     ├─1228 /usr/bin/python /usr/bin/salt-minion
                     ├─1237 /usr/bin/python /usr/bin/salt-minion
                     └─1241 /usr/bin/python /usr/bin/salt-minion
          
          Jan 31 20:44:27 minion1 salt-minion[1228]: [ERROR   ] The Salt Master has cached the public key for this node, this salt minion will wait for 10 seconds before attempting to re-authenticate
          
          RomoR 1 Reply Last reply Reply Quote 0
          • scottalanmillerS
            scottalanmiller
            last edited by

            Here are some issues in the /etc/hosts file that will definitely cause things to fail:

            192.168.1.97
            
            
            
            192.168.1.94 salt
            192.128.1.94 salt
            
            1 Reply Last reply Reply Quote 0
            • DashrenderD
              Dashrender
              last edited by

              All this because you use another DNS that's not part of the project and it has overlapping details for other testers/production. lol

              scottalanmillerS 1 Reply Last reply Reply Quote 0
              • scottalanmillerS
                scottalanmiller @Dashrender
                last edited by

                @Dashrender said in Salt Minion Problems:

                All this because you use another DNS that's not part of the project and it has overlapping details for other testers/production. lol

                No, you would need this to be correct either way.

                DashrenderD 1 Reply Last reply Reply Quote 0
                • RomoR
                  Romo @scottalanmiller
                  last edited by

                  @scottalanmiller check what does salt have as the minion_id as well, it is in /etc/salt/minion_id

                  1 Reply Last reply Reply Quote 0
                  • scottalanmillerS
                    scottalanmiller
                    last edited by

                    Also found the /etc/hosts file had a full double copy of itself in the same file. No idea how that got there.

                    1 Reply Last reply Reply Quote 0
                    • scottalanmillerS
                      scottalanmiller
                      last edited by

                      Salt Master will not allow me to delete the keys that are in there. I did a delete all and it said that it was, but it failed.

                      1 Reply Last reply Reply Quote 0
                      • WrCombsW
                        WrCombs
                        last edited by

                        okay. what do i need to do to fix it? sorry for the headache guys

                        scottalanmillerS 1 Reply Last reply Reply Quote 0
                        • WrCombsW
                          WrCombs
                          last edited by

                          well it looks like Scott fixed most of the problems. ( ish ) I just logged on to the server and all the things he pointed out as wrong, arent there anymore

                          DashrenderD 1 Reply Last reply Reply Quote 0
                          • scottalanmillerS
                            scottalanmiller @WrCombs
                            last edited by

                            @WrCombs said in Salt Minion Problems:

                            okay. what do i need to do to fix it? sorry for the headache guys

                            No idea.

                            1 Reply Last reply Reply Quote 0
                            • DashrenderD
                              Dashrender @scottalanmiller
                              last edited by

                              @scottalanmiller said in Salt Minion Problems:

                              @Dashrender said in Salt Minion Problems:

                              All this because you use another DNS that's not part of the project and it has overlapping details for other testers/production. lol

                              No, you would need this to be correct either way.

                              I'm sorry - correct what either way?

                              If he had no DNS entry for salt, sure it would fail and he would be told to put entries in /etc/hosts but since there was a working salt server in DNS, things appear to work, but really aren't going where expected...

                              So having an over lapping lab just made the situation harder - ultimately learning more I guess.

                              scottalanmillerS 1 Reply Last reply Reply Quote 0
                              • DashrenderD
                                Dashrender @WrCombs
                                last edited by

                                @WrCombs said in Salt Minion Problems:

                                well it looks like Scott fixed most of the problems. ( ish ) I just logged on to the server and all the things he pointed out as wrong, arent there anymore

                                Don't be - this is learning, sometimes you break things. Sometimes you don't. Scott digging into what you were doing exactly can be helpful in making guides that help future people learn with a little less pain.

                                @scottalanmiller can you pull a log of all of the commands he ran and perhaps find things like how the hosts file was completely doubled?

                                scottalanmillerS 1 Reply Last reply Reply Quote 0
                                • scottalanmillerS
                                  scottalanmiller @Dashrender
                                  last edited by

                                  @Dashrender said in Salt Minion Problems:

                                  @scottalanmiller said in Salt Minion Problems:

                                  @Dashrender said in Salt Minion Problems:

                                  All this because you use another DNS that's not part of the project and it has overlapping details for other testers/production. lol

                                  No, you would need this to be correct either way.

                                  I'm sorry - correct what either way?

                                  If he had no DNS entry for salt, sure it would fail and he would be told to put entries in /etc/hosts but since there was a working salt server in DNS, things appear to work, but really aren't going where expected...

                                  So having an over lapping lab just made the situation harder - ultimately learning more I guess.

                                  No really, it doesn't appear to work any more than if there is no entry at all.

                                  1 Reply Last reply Reply Quote 0
                                  • scottalanmillerS
                                    scottalanmiller @Dashrender
                                    last edited by

                                    @Dashrender said in Salt Minion Problems:

                                    @scottalanmiller can you pull a log of all of the commands he ran and perhaps find things like how the hosts file was completely doubled?

                                    My guess there is "vi mishap".

                                    WrCombsW 1 Reply Last reply Reply Quote 1
                                    • WrCombsW
                                      WrCombs @scottalanmiller
                                      last edited by

                                      @scottalanmiller id agree with that, but inly because i thought i was doing one thing. While doing something completely different..

                                      1 Reply Last reply Reply Quote 0
                                      • StrongBadS
                                        StrongBad
                                        last edited by

                                        vi is a killer, one wrong key press and anything might happen.

                                        WrCombsW F 2 Replies Last reply Reply Quote 2
                                        • WrCombsW
                                          WrCombs @StrongBad
                                          last edited by

                                          @StrongBad said in Salt Minion Problems:

                                          vi is a killer, one wrong key press and anything might happen.

                                          Which is where i believe i had some problems

                                          StrongBadS 1 Reply Last reply Reply Quote 0
                                          • StrongBadS
                                            StrongBad @WrCombs
                                            last edited by

                                            @WrCombs said in Salt Minion Problems:

                                            @StrongBad said in Salt Minion Problems:

                                            vi is a killer, one wrong key press and anything might happen.

                                            Which is where i believe i had some problems

                                            It's so easy, we've all done it.

                                            1 Reply Last reply Reply Quote 0
                                            • 1
                                            • 2
                                            • 3
                                            • 4
                                            • 5
                                            • 6
                                            • 7
                                            • 5 / 7
                                            • First post
                                              Last post