duplicated minion names reported by salt-key
820 views
Skip to first unread message
Jin M.
Jun 29, 2015, 10:07:42 AM6/29/15
to salt-...@googlegroups.com
With 2015.5.2, I noticed salt-key reported 12 denied minions but all 12 minions are also in accepted list. salt-key with -d will delete both minions. It is not a big deal to delete 12 minions entirely and recreate them.
But, how is this possible and is there an easy way to delete the denied key only? Thanks.
Jin.
But, how is this possible and is there an easy way to delete the denied key only? Thanks.
Jin.
Colton Myers
Jul 2, 2015, 12:25:28 PM7/2/15
to salt-...@googlegroups.com
Jin,
Yes, often denied keys will have the same name as an already-accepted minion. This is really the only reason a minion ends up in "denied", is if a minion of the same name was already accepted, but the keys don't match.
Currently, there's no way to delete one key without deleting both using `salt-key`. We should add such functionality, to just delete "denied" minions. Would you mind opening an issue for this feature?
That said, deleting these keys is still very easy. Just delete the key out of the /etc/salt/pki/master/minions_denied
Hope that helps.
--
Colton Myers
Platform Engineer, SaltStack
@basepi on Twitter/Github/IRC
--
You received this message because you are subscribed to the Google Groups "Salt-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to salt-users+...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Reply all
Reply to author
Forward
0 new messages