Salt Stack communication issues
-
In an attempt to learn more about Salt, I am setting up 1 master server, and 1 minion server. However, after many failed attempts, I cannot seem to get these 2 machines to communicate properly. Here's what I've done so far.
For the master server:
- Installed Fedora 26 server minimal install.
- Set static IP 192.168.1.60
- Set hostname to salt.
- Performed the install instructions, exactly according to this: https://mangolassi.it/topic/11812/installing-salt-master
For the minion server:
- Installed Fedora 26 server minimal install.
- Set static IP to 192.168.1.61
- Set hostname to minion-1
- Performed the install instructions exactly according to this: https://mangolassi.it/topic/11813/installing-a-salt-minion-on-centos-7
I can ping the master server from the minion by pinging the hostname salt. I get a response from the master. However, if I debug on the minion by running:
salt-minion -l debugI get the following output:
[root@minion-1 ~]# systemctl start salt-minion.service [root@minion-1 ~]# salt-minion -l debug [DEBUG ] Reading configuration from /etc/salt/minion [DEBUG ] Using cached minion ID from /etc/salt/minion_id: minion-1 [DEBUG ] Configuration file path: /etc/salt/minion [WARNING ] Insecure logging configuration detected! Sensitive data may be logged. [INFO ] Setting up the Salt Minion "minion-1" [DEBUG ] Created pidfile: /var/run/salt-minion.pid [INFO ] Starting up the Salt Minion [DEBUG ] AsyncEventPublisher PUB socket URI: /var/run/salt/minion/minion_event_08ccbf9282_pub.ipc [DEBUG ] AsyncEventPublisher PULL socket URI: /var/run/salt/minion/minion_event_08ccbf9282_pull.ipc [INFO ] Starting pull socket on /var/run/salt/minion/minion_event_08ccbf9282_pull.ipc [DEBUG ] SaltEvent PUB socket URI: /var/run/salt/minion/minion_event_08ccbf9282_pub.ipc [DEBUG ] SaltEvent PULL socket URI: /var/run/salt/minion/minion_event_08ccbf9282_pull.ipc [DEBUG ] Initializing new IPCClient for path: /var/run/salt/minion/minion_event_08ccbf9282_pub.ipc [DEBUG ] Reading configuration from /etc/salt/minion [DEBUG ] Please install 'virt-what' to improve results of the 'virtual' grain. [INFO ] Creating minion process manager [DEBUG ] Process Manager starting! [DEBUG ] Process Manager starting! [DEBUG ] Connecting to master. Attempt 1 of 1 [DEBUG ] Initializing new AsyncAuth for ('/etc/salt/pki/minion', 'minion-1', 'tcp://192.168.1.60:4506') [DEBUG ] Generated random reconnect delay between '1000ms' and '11000ms' (8709) [DEBUG ] Setting zmq_reconnect_ivl to '8709ms' [DEBUG ] Setting zmq_reconnect_ivl_max to '11000ms' [DEBUG ] Initializing new AsyncZeroMQReqChannel for ('/etc/salt/pki/minion', 'minion-1', 'tcp://192.168.1.60:4506', 'clear') [DEBUG ] SaltReqTimeoutError, retrying. (1/7) [DEBUG ] SaltReqTimeoutError, retrying. (2/7) [DEBUG ] SaltReqTimeoutError, retrying. (3/7) [DEBUG ] SaltReqTimeoutError, retrying. (4/7) [DEBUG ] SaltReqTimeoutError, retrying. (5/7) [DEBUG ] SaltReqTimeoutError, retrying. (6/7) [DEBUG ] SaltReqTimeoutError, retrying. (7/7) [ERROR ] Error while bringing up minion for multi-master. Is master at salt responding?I've done this before using CentOS7, but with Fedora, I am having issues. Not sure if it related to the OS or not.
Any ideas?
-
I don't see anywhere where you put salt into the /etc/hosts file of the minion, or put it into DNS. Is that maybe the issue?
-
@reid-cooper said in Salt Stack communication issues:
I don't see anywhere where you put salt into the /etc/hosts file of the minion, or put it into DNS. Is that maybe the issue?
I did. I can also ping salt from the minion and get a response from the master.
-
@fuznutz04 said in Salt Stack communication issues:
@reid-cooper said in Salt Stack communication issues:
I don't see anywhere where you put salt into the /etc/hosts file of the minion, or put it into DNS. Is that maybe the issue?
I did. I can also ping salt from the minion and get a response from the master.
Nothing shows up using this command on the master:
salt-key -L -
Did you open the right ports on the master?
Did you verify that master's process is running?
-
@black3dynamite said in Salt Stack communication issues:
@fuznutz04 said in Salt Stack communication issues:
@reid-cooper said in Salt Stack communication issues:
I don't see anywhere where you put salt into the /etc/hosts file of the minion, or put it into DNS. Is that maybe the issue?
I did. I can also ping salt from the minion and get a response from the master.
Nothing shows up using this command on the master:
salt-key -Lnegative. Just this:
[root@salt ~]# salt-key -L Accepted Keys: Denied Keys: Unaccepted Keys: salt Rejected Keys:The unaccepted key salt of course is the master itself.
-
@scottalanmiller said in Salt Stack communication issues:
Did you open the right ports on the master?
Did you verify that master's process is running?
I opened ports 4505 and 4506/tcp by issuing:
firewall-cmd --permanent --zone=public --add-port=4505-4506/tcp firewall-cmd --reload -
@scottalanmiller said in Salt Stack communication issues:
Did you verify that master's process is running?
Yes.
[root@salt ~]# systemctl status salt-master ● salt-master.service - The Salt Master Server Loaded: loaded (/usr/lib/systemd/system/salt-master.service; enabled; vendor preset: disabled Active: active (running) since Fri 2017-11-17 10:21:19 EST; 28min ago Main PID: 778 (salt-master) Tasks: 30 (limit: 19660) CGroup: /system.slice/salt-master.service ├─778 /usr/bin/python /usr/bin/salt-master ├─909 /usr/bin/python /usr/bin/salt-master ├─930 /usr/bin/python /usr/bin/salt-master ├─931 /usr/bin/python /usr/bin/salt-master ├─932 /usr/bin/python /usr/bin/salt-master ├─933 /usr/bin/python /usr/bin/salt-master ├─934 /usr/bin/python /usr/bin/salt-master ├─935 /usr/bin/python /usr/bin/salt-master ├─936 /usr/bin/python /usr/bin/salt-master ├─937 /usr/bin/python /usr/bin/salt-master ├─938 /usr/bin/python /usr/bin/salt-master └─939 /usr/bin/python /usr/bin/salt-master Nov 17 10:21:09 salt systemd[1]: Starting The Salt Master Server... Nov 17 10:21:19 salt systemd[1]: Started The Salt Master Server. -
@fuznutz04 said in Salt Stack communication issues:
@scottalanmiller said in Salt Stack communication issues:
Did you open the right ports on the master?
Did you verify that master's process is running?
I opened ports 4505 and 4506/tcp by issuing:
firewall-cmd --permanent --zone=public --add-port=4505-4506/tcp firewall-cmd --reloadAnd public is definitely the right zone?
-
@scottalanmiller said in Salt Stack communication issues:
@fuznutz04 said in Salt Stack communication issues:
@scottalanmiller said in Salt Stack communication issues:
Did you open the right ports on the master?
Did you verify that master's process is running?
I opened ports 4505 and 4506/tcp by issuing:
firewall-cmd --permanent --zone=public --add-port=4505-4506/tcp firewall-cmd --reloadAnd public is definitely the right zone?
FacePalm. There was only 1 zone listed on the firewall, and it was called FedoraServer. Opening the ports in this zone of course solved the issue.
-
@fuznutz04 said in Salt Stack communication issues:
@scottalanmiller said in Salt Stack communication issues:
@fuznutz04 said in Salt Stack communication issues:
@scottalanmiller said in Salt Stack communication issues:
Did you open the right ports on the master?
Did you verify that master's process is running?
I opened ports 4505 and 4506/tcp by issuing:
firewall-cmd --permanent --zone=public --add-port=4505-4506/tcp firewall-cmd --reloadAnd public is definitely the right zone?
FacePalm. There was only 1 zone listed on the firewall, and it was called FedoraServer. Opening the ports in this zone of course solved the issue.
I was wondering as FedoraServer is the default.
-
@fuznutz04 You ran into this "problem" because you used the netinstall iso.
With the DVD iso FedoraServer is the default. -
Learn something new every day. I'm so used to CentOS, so I'm not used to the differences with Fedora.
Thanks!
