ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Changes occurring during every highstate

    IT Discussion
    saltstack state highstate
    1
    1
    458
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • ObsolesceO
      Obsolesce
      last edited by Obsolesce

      Every time a highstate is ran on my server, I get 4 or 5 of the same "changes" every single time.

      I don't know why, mostly because I don't really understand how the iptables / firewall commands and config file works.

      Here are the results of a typical highstate:

      Summary for tgserv
-------------
Succeeded: 53 (changed=4)
Failed:     0
-------------
Total states run:     53
Total run time:   19.117 s

      Here are the changes that occur every time:

      ----------
          ID: allow established
    Function: iptables.append
      Result: True
     Comment: Set iptables rule for allow established to: /usr/sbin/iptables --wait -t filter -A INPUT  -m state --state ESTABLISHED --jump ACCEPT for ipv4
     Started: 20:04:20.247043
    Duration: 154.919 ms
     Changes:   
              ----------
              locale:
                  allow established
----------
          ID: default to reject
    Function: iptables.append
      Result: True
     Comment: Set iptables rule for default to reject to: /usr/sbin/iptables --wait -t filter -A INPUT  --jump REJECT for ipv4
     Started: 20:04:20.402639
    Duration: 146.135 ms
     Changes:   
              ----------
              locale:
                  default to reject
----------
          ID: FedoraServer
    Function: firewalld.present
      Result: True
     Comment: 'FedoraServer' was configured.
     Started: 20:04:04.080759
    Duration: 15860.689 ms
     Changes:   
              ----------
              interfaces:
                  ----------
                  new:
                      - ens3
                  old:
----------
          ID: cockpit
    Function: service.running
      Result: True
     Comment: Service cockpit is already enabled, and is running
     Started: 20:04:03.257258
    Duration: 255.051 ms
     Changes:   
              ----------
              cockpit:
                  True

      I don't understand why they aren't considered to be staying in the correct state, what's making them change or not stick?

      1 Reply Last reply Reply Quote 0
      • 1 / 1
      • First post
        Last post