Fedora Salt Master - New installation



  • I'm playing with Salt (and ansible) and both seem like viable options for managing Mac OS devices, however with salt, supposedly the easier of the systems to start learning and using I'm having an issue.

    Fedora Server 30

    yum install salt-master I tried DNF and it failed.

    systemctl enable salt-master.service
    systemctl start salt-master.service

    Loaded and active

    As I don't have DNS setup at the moment I changed the /etc/salt/master to list the IP as the master, rather than salt

    However when I configure an Mac OS laptop with the salt minion and go and check the salt-master I have this

    salt-master --log-level=debug
    /usr/lib/python2.7/site-packages/salt/scripts.py:102: DeprecationWarning: Python 2.7 will reach the end of its life on January 1st, 2020. Please upgrade your Python as Python 2.7 won't be maintained after that date.  Salt will drop support for Python 2.7 in the Sodium release or later.
    [DEBUG   ] Reading configuration from /etc/salt/master
    [DEBUG   ] Configuration file path: /etc/salt/master
    [WARNING ] Insecure logging configuration detected! Sensitive data may be logged.
    [INFO    ] Setting up the Salt Master
    [WARNING ] Unable to bind socket master-ip:4505, error: [Errno 98] Address already in use; Is there another salt-master running?
    [INFO    ] The Salt Master is shut down
    [DEBUG   ] Stopping the multiprocessing logging queue listener
    [DEBUG   ] closing multiprocessing queue
    [DEBUG   ] joining multiprocessing queue thread
    [DEBUG   ] Stopped the multiprocessing logging queue listener
    The salt master is shutdown. The ports are not available to bind
    

    What am I doing wrong here?



  • The master address was changed on the slave, and not the master.

    The slave can ping the master and the master can ping the slave.



  • @DustinB3403 said in Fedora Salt Master - New installation:

    yum install salt-master I tried DNF and it failed.

    User error, because yum redirects to dnf anyway.
    98c1cf46-3a1a-4944-a1d9-6e3c9f775a1b-image.png



  • @JaredBusch okay. . . maybe it just errorr'd out initially.

    In any case, the service is running and saying it can't use the default ports.

    Is there something else I'm missing here?



  • @DustinB3403 said in Fedora Salt Master - New installation:

    @JaredBusch okay. . . maybe it just errorr'd out initially.

    In any case, the service is running and saying it can't use the default ports.

    Is there something else I'm missing here?

    Turn off SELinux



  • If that fixes it, then you need to look at what you need to allow.



  • @JaredBusch said in Fedora Salt Master - New installation:

    @DustinB3403 said in Fedora Salt Master - New installation:

    @JaredBusch okay. . . maybe it just errorr'd out initially.

    In any case, the service is running and saying it can't use the default ports.

    Is there something else I'm missing here?

    Turn off SELinux

    Just disabled selinux and restarted the services, same error message.



  • @DustinB3403 said in Fedora Salt Master - New installation:

    [WARNING ] Unable to bind socket 10.200.105.188:4505, error: [Errno 98] Address already in use; Is there another salt-master running?

    Something is already bound to that port from the looks of it. Have you tried doing a netstat tulp to see what's listening?



  • @coliver said in Fedora Salt Master - New installation:

    ooks of it. Have you tried doing a netstat tulp to see what's listening?

    I disabled selinux, but didn't reboot the host. Restarting now to see if that changes it.



  • @coliver said in Fedora Salt Master - New installation:

    @DustinB3403 said in Fedora Salt Master - New installation:

    [WARNING ] Unable to bind socket 10.200.105.188:4505, error: [Errno 98] Address already in use; Is there another salt-master running?

    Something is already bound to that port from the looks of it. Have you tried doing a netstat tulp to see what's listening?

    Nothing should be using the port at all by default, this is the only service installed.



  • Do a...

    netstat -tulpn


  • If that isn't installed do...

    dnf install net-tools -y


  • sestatus
    SELinux status:                 disabled
    systemctl status salt-master.service
    
    ● salt-master.service - The Salt Master Server
    
       Loaded: loaded (/usr/lib/systemd/system/salt-master.service; enabled; vendor>
    
       Active: active (running) since Wed 2019-05-08 15:57:31 EDT; 1min 8s ago
    
         Docs: man:salt-master(1)
    
               file:///usr/share/doc/salt/html/contents.html
    
               https://docs.saltstack.com/en/latest/contents.html
    
     Main PID: 995 (salt-master)
    
        Tasks: 32 (limit: 2350)
    
       Memory: 451.5M
    
       CGroup: /system.slice/salt-master.service
    
               ├─ 995 /usr/bin/python2.7 /usr/bin/salt-master
    
               ├─1002 /usr/bin/python2.7 /usr/bin/salt-master
    
               ├─1004 /usr/bin/python2.7 /usr/bin/salt-master
    
               ├─1005 /usr/bin/python2.7 /usr/bin/salt-master
    
               ├─1008 /usr/bin/python2.7 /usr/bin/salt-master
    
               ├─1009 /usr/bin/python2.7 /usr/bin/salt-master
    
               ├─1010 /usr/bin/python2.7 /usr/bin/salt-master
    
               ├─1011 /usr/bin/python2.7 /usr/bin/salt-master
    
               ├─1018 /usr/bin/python2.7 /usr/bin/salt-master
    
               ├─1019 /usr/bin/python2.7 /usr/bin/salt-master
    
               ├─1020 /usr/bin/python2.7 /usr/bin/salt-master
    
               ├─1021 /usr/bin/python2.7 /usr/bin/salt-master
    
               └─1025 /usr/bin/python2.7 /usr/bin/salt-master


  • @scottalanmiller said in Fedora Salt Master - New installation:

    Do a...

    netstat -tulpn
    
    netstat -tulpn
    Active Internet connections (only servers)
    Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
    tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      799/sshd
    tcp        0      0 master-ip:4505     0.0.0.0:*               LISTEN      1004/python2.7
    tcp        0      0 master-ip:4506     0.0.0.0:*               LISTEN      1010/python2.7
    tcp6       0      0 :::22                   :::*                    LISTEN      799/sshd
    tcp6       0      0 :::9090                 :::*                    LISTEN      1/systemd
    udp        0      0 0.0.0.0:68              0.0.0.0:*                           914/dhclient
    udp        0      0 127.0.0.1:323           0.0.0.0:*                           755/chronyd
    udp6       0      0 ::1:323                 :::*                                755/chronyd


  • @DustinB3403 said in Fedora Salt Master - New installation:

    @scottalanmiller said in Fedora Salt Master - New installation:

    Do a...

    netstat -tulpn
    
    netstat -tulpn
    Active Internet connections (only servers)
    Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
    tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      799/sshd
    tcp        0      0 master-ip:4505     0.0.0.0:*               LISTEN      1004/python2.7
    tcp        0      0 master-ip:4506     0.0.0.0:*               LISTEN      1010/python2.7
    tcp6       0      0 :::22                   :::*                    LISTEN      799/sshd
    tcp6       0      0 :::9090                 :::*                    LISTEN      1/systemd
    udp        0      0 0.0.0.0:68              0.0.0.0:*                           914/dhclient
    udp        0      0 127.0.0.1:323           0.0.0.0:*                           755/chronyd
    udp6       0      0 ::1:323                 :::*                                755/chronyd
    

    There you go, a Python process is using those ports.



  • @scottalanmiller said in Fedora Salt Master - New installation:

    There you go, a Python process is using those ports.

    That's the salt-master. .



  • Full systemctl status as it was cut off before showing that Python is being used by this service.

     systemctl status salt-master.service
    ● salt-master.service - The Salt Master Server
       Loaded: loaded (/usr/lib/systemd/system/salt-master.service; enabled; vendor preset: disabled)
       Active: active (running) since Wed 2019-05-08 15:57:31 EDT; 5min ago
    	 Docs: man:salt-master(1)
    		   file:///usr/share/doc/salt/html/contents.html
    		   https://docs.saltstack.com/en/latest/contents.html
     Main PID: 995 (salt-master)
    	Tasks: 32 (limit: 2350)
       Memory: 454.6M
       CGroup: /system.slice/salt-master.service
    		   ├─ 995 /usr/bin/python2.7 /usr/bin/salt-master
    		   ├─1002 /usr/bin/python2.7 /usr/bin/salt-master
    		   ├─1004 /usr/bin/python2.7 /usr/bin/salt-master
    		   ├─1005 /usr/bin/python2.7 /usr/bin/salt-master
    		   ├─1008 /usr/bin/python2.7 /usr/bin/salt-master
    		   ├─1009 /usr/bin/python2.7 /usr/bin/salt-master
    		   ├─1010 /usr/bin/python2.7 /usr/bin/salt-master
    		   ├─1011 /usr/bin/python2.7 /usr/bin/salt-master
    		   ├─1018 /usr/bin/python2.7 /usr/bin/salt-master
    		   ├─1019 /usr/bin/python2.7 /usr/bin/salt-master
    		   ├─1020 /usr/bin/python2.7 /usr/bin/salt-master
    		   ├─1021 /usr/bin/python2.7 /usr/bin/salt-master
    		   └─1025 /usr/bin/python2.7 /usr/bin/salt-master
    
    May 08 15:57:30 localhost.localdomain systemd[1]: Starting The Salt Master Server...
    May 08 15:57:30 localhost.localdomain salt-master[995]: /usr/lib/python2.7/site-packages/salt/scripts.py:102: DeprecationWarning: Python 2.7 will reach the end of its life on January 1st, 2020. Please upgrade your Python as Python 2.7 w>
    May 08 15:57:31 localhost.localdomain systemd[1]: Started The Salt Master Server.


  • @DustinB3403 said in Fedora Salt Master - New installation:

    Full systemctl status as it was cut off before showing that Python is being used by this service.

    systemctl status salt-master.service
    ● salt-master.service - The Salt Master Server
    Loaded: loaded (/usr/lib/systemd/system/salt-master.service; enabled; vendor preset: disabled)
    Active: active (running) since Wed 2019-05-08 15:57:31 EDT; 5min ago
    Docs: man:salt-master(1)
    file:///usr/share/doc/salt/html/contents.html
    https://docs.saltstack.com/en/latest/contents.html
    Main PID: 995 (salt-master)
    Tasks: 32 (limit: 2350)
    Memory: 454.6M
    CGroup: /system.slice/salt-master.service
    ├─ 995 /usr/bin/python2.7 /usr/bin/salt-master
    ├─1002 /usr/bin/python2.7 /usr/bin/salt-master
    ├─1004 /usr/bin/python2.7 /usr/bin/salt-master
    ├─1005 /usr/bin/python2.7 /usr/bin/salt-master
    ├─1008 /usr/bin/python2.7 /usr/bin/salt-master
    ├─1009 /usr/bin/python2.7 /usr/bin/salt-master
    ├─1010 /usr/bin/python2.7 /usr/bin/salt-master
    ├─1011 /usr/bin/python2.7 /usr/bin/salt-master
    ├─1018 /usr/bin/python2.7 /usr/bin/salt-master
    ├─1019 /usr/bin/python2.7 /usr/bin/salt-master
    ├─1020 /usr/bin/python2.7 /usr/bin/salt-master
    ├─1021 /usr/bin/python2.7 /usr/bin/salt-master
    └─1025 /usr/bin/python2.7 /usr/bin/salt-master

    May 08 15:57:30 localhost.localdomain systemd[1]: Starting The Salt Master Server...
    May 08 15:57:30 localhost.localdomain salt-master[995]: /usr/lib/python2.7/site-packages/salt/scripts.py:102: DeprecationWarning: Python 2.7 will reach the end of its life on January 1st, 2020. Please upgrade your Python as Python 2.7 w>
    May 08 15:57:31 localhost.localdomain systemd[1]: Started The Salt Master Server.

    So the Salt-Master is running.



  • @coliver yea, it's running, but it can't use the ports it automatically setup to run. .

    Which is why I'm asking if I've missed something. .



  • @DustinB3403 said in Fedora Salt Master - New installation:

    @coliver yea, it's running, but it can't use the ports it automatically setup to run. .

    Which is why I'm asking if I've missed something. .

    We just determined that it is using those ports.



  • So what we now know is that the Salt Master is up and running, and it is using the right ports. So the original issue has been determined to not exist.

    So now that Salt is doing what it is supposed to be doing, is the issue something like that you can't connect from the client? If so, maybe you've not opened the firewall yet?



  • I was just thinking check the firewall...



  • I just did pkill salt-master and am checking salt-master --log-level=debug and have more output this time.



  • @DustinB3403 said in Fedora Salt Master - New installation:

    I just did pkill salt-master and am checking salt-master --log-level=debug and have more output this time.

    What are you looking for? I thought that it was fixed.



  • @scottalanmiller said in Fedora Salt Master - New installation:

    @DustinB3403 said in Fedora Salt Master - New installation:

    @coliver yea, it's running, but it can't use the ports it automatically setup to run. .

    Which is why I'm asking if I've missed something. .

    We just determined that it is using those ports.

    It wasn't starting because SELinux. it seems as it started after he disabled it.
    63821419-7754-4c2d-a2b7-9d2cab47e71b-image.png

    So now it is starting, but if it is still not tlaking, then that is likely because of the firewall as @Curtis said



  • @DustinB3403 said in Fedora Salt Master - New installation:

    I just did pkill salt-master and am checking salt-master --log-level=debug and have more output this time.

    You should not be killing or starting Salt manually. Use systemctl to start and stop. I think that's what is confusing you.



  • @JaredBusch said in Fedora Salt Master - New installation:

    @scottalanmiller said in Fedora Salt Master - New installation:

    @DustinB3403 said in Fedora Salt Master - New installation:

    @coliver yea, it's running, but it can't use the ports it automatically setup to run. .

    Which is why I'm asking if I've missed something. .

    We just determined that it is using those ports.

    It wasn't starting because SELinux. it seems as it started after he disabled it.
    63821419-7754-4c2d-a2b7-9d2cab47e71b-image.png

    So now it is starting, but if it is still not tlaking, then that is likely because of the firewall as @Curtis said

    Okay, so it is all fixed now?



  • @scottalanmiller said in Fedora Salt Master - New installation:

    @DustinB3403 said in Fedora Salt Master - New installation:

    I just did pkill salt-master and am checking salt-master --log-level=debug and have more output this time.

    You should not be killing or starting Salt manually. Use systemctl to start and stop. I think that's what is confusing you.

    I just tried that as a step because the dev github recommended it for another person who is having the same exact issue.

    Literally brand new install of Fed 30 Server.

    @JaredBusch, the service was always running, the ports have never worked.



  • @DustinB3403 said in Fedora Salt Master - New installation:

    @JaredBusch, the service was always running, the ports have never worked.

    Something is wrong there. The thing that is determing that the "ports do not work" was based on trying to start the Salt Master, but it was already running. That tells us that the ports were working.

    Other than that, why do you feel that the ports are not working?



  • firewall-cmd --list-ports
    4505/tcp 4506/tcp