我正在通过the SaltStack walk through在我的ec2群集上设置salt。我刚刚编辑了/etc/salt/minion并添加了我的盐大师的公共dns。
master: ec2-54-201-153-192.us-west-2.compute.amazonaws.com
然后我重新启动了小兵。在调试模式下,这将推出以下
$ sudo salt-minion -l debug
[DEBUG ] Reading configuration from /etc/salt/minion
[INFO ] Using cached minion ID: localhost.localdomain
[DEBUG ] loading log_handlers in ['/var/cache/salt/minion/extmods/log_handlers', '/usr/lib/python2.6/site-packages/salt/log/handlers']
[DEBUG ] Skipping /var/cache/salt/minion/extmods/log_handlers, it is not a directory
[DEBUG ] None of the required configuration sections, 'logstash_udp_handler' and 'logstash_zmq_handler', were found the in the configuration. Not loading the Logstash logging handlers module.
[DEBUG ] Configuration file path: /etc/salt/minion
[INFO ] Setting up the Salt Minion "localhost.localdomain"
[DEBUG ] Created pidfile: /var/run/salt-minion.pid
[DEBUG ] Chowned pidfile: /var/run/salt-minion.pid to user: root
[DEBUG ] Reading configuration from /etc/salt/minion
[DEBUG ] loading grain in ['/var/cache/salt/minion/extmods/grains', '/usr/lib/python2.6/site-packages/salt/grains']
[DEBUG ] Skipping /var/cache/salt/minion/extmods/grains, it is not a directory
[DEBUG ] Attempting to authenticate with the Salt Master at 172.31.21.27
[DEBUG ] Loaded minion key: /etc/salt/pki/minion/minion.pem
[DEBUG ] Loaded minion key: /etc/salt/pki/minion/minion.pem
果然,172.31.21.27是主人的私人IP。到目前为止看起来还不错。根据演练,下一步是接受主人的minions键:
"Now that the minion is started it will generate cryptographic keys and attempt to
connect to the master. The next step is to venture back to the master server and
accept the new minion's public key."
但是,当我转到主节点并查找新密钥时,我没有看到任何待处理的请求。
$ sudo salt-key -L
Accepted Keys:
Unaccepted Keys:
Rejected Keys:
ping测试也没有看到仆从:
$ sudo salt '*' test.ping
这就是我陷入困境的地方,我该怎么办才能起床并开始运作?
答案 0 :(得分:1)
关闭iptables并执行salt-key -L以检查密钥是否显示。如果是,那么您需要在主设备上打开端口4505和4506,以便minion能够连接到它。您可以lokkit -p tcp:4505 -p tcp:4506打开这些端口。
答案 1 :(得分:0)
您可能需要在salt master和minion 4505/4506之间添加security group的规则。 Salt master需要这些端口才能与奴才交流。