salt-master not accepting key request from minion
941 views
Skip to first unread message
Dennis Jacobfeuerborn
Mar 25, 2014, 8:06:12 PM3/25/14
to salt-...@googlegroups.com
Hi,
I've set up a master on my laptop and a minion in a VM but I cannot get the minion to register with the master. Doing a tcpdump on the master shows the minion offering its public key but for some reason the master seems to refuse to add it to the unaccepted key list.
On the minion I see this in the logs:
[INFO ] Waiting for minion key to be accepted by the master.
[DEBUG ] Loaded minion key: /etc/salt/pki/minion/minion.pem
[WARNING ] SaltReqTimeoutError: Waited 60 seconds
[INFO ] Waiting for minion key to be accepted by the master.
[DEBUG ] Loaded minion key: /etc/salt/pki/minion/minion.pem
[WARNING ] SaltReqTimeoutError: Waited 60 seconds
...
On the master I see this:
[DEBUG ] This salt-master instance has accepted 0 minion keys.
[DEBUG ] Updating fileserver cache
[DEBUG ] diff_mtime_map: the maps are the same
[DEBUG ] This salt-master instance has accepted 0 minion keys.
[DEBUG ] Updating fileserver cache
[DEBUG ] diff_mtime_map: the maps are the same
...
Any ideas what is going on here? The version is 2014.1.1.
Regards,
Dennis
I've set up a master on my laptop and a minion in a VM but I cannot get the minion to register with the master. Doing a tcpdump on the master shows the minion offering its public key but for some reason the master seems to refuse to add it to the unaccepted key list.
On the minion I see this in the logs:
[INFO ] Waiting for minion key to be accepted by the master.
[DEBUG ] Loaded minion key: /etc/salt/pki/minion/minion.pem
[WARNING ] SaltReqTimeoutError: Waited 60 seconds
[INFO ] Waiting for minion key to be accepted by the master.
[DEBUG ] Loaded minion key: /etc/salt/pki/minion/minion.pem
[WARNING ] SaltReqTimeoutError: Waited 60 seconds
...
On the master I see this:
[DEBUG ] This salt-master instance has accepted 0 minion keys.
[DEBUG ] Updating fileserver cache
[DEBUG ] diff_mtime_map: the maps are the same
[DEBUG ] This salt-master instance has accepted 0 minion keys.
[DEBUG ] Updating fileserver cache
[DEBUG ] diff_mtime_map: the maps are the same
...
Any ideas what is going on here? The version is 2014.1.1.
Regards,
Dennis
Matthew Williams
Mar 25, 2014, 10:09:16 PM3/25/14
to salt-...@googlegroups.com
What do you have for "master:" in your minion config? If not set, does 'salt' resolve to your laptop?
--
You received this message because you are subscribed to the Google Groups "Salt-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to salt-users+...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Dennis Jacobfeuerborn
Mar 26, 2014, 3:09:11 AM3/26/14
to salt-...@googlegroups.com
Yes, the minion has the IP 192.168.100.12 and the master 192.168.100.1. On the minion I have a /etc/hosts entry "192.168.100.1 salt" and as the tcpdump shows I see packets arriving on the master from the minion that contains that minions public key and the master system responds in some way:
...
08:00:50.041002 IP salt-minion1.local.46700 > nexusm.4506: Flags [P.], seq 13:882, ack 13, win 229, options [nop,nop,TS val 28650224 ecr 12946445], length 869
0x0000: 4500 0399 cdc8 4000 4006 2038 c0a8 640c E.....@.@..8..d.
0x0010: c0a8 6401 b66c 119a 16de e73a 24e7 0ce1 ..d..l.....:$...
0x0020: 8018 00e5 4cea 0000 0101 080a 01b5 2af0 ....L.........*.
0x0030: 00c5 8c0d 0000 0100 0200 0000 0000 0003 ................
0x0040: 5882 a46c 6f61 6483 a363 6d64 a55f 6175 X..load..cmd._au
0x0050: 7468 a269 64b2 7361 6c74 2d6d 696e 696f th.id.salt-minio
0x0060: 6e31 2e6c 6f63 616c a370 7562 da03 202d n1.local.pub...-
0x0070: 2d2d 2d2d 4245 4749 4e20 5055 424c 4943 ----BEGIN.PUBLIC
0x0080: 204b 4559 2d2d 2d2d 2d0a 4d49 4943 496a .KEY-----.MIICIj
0x0090: 414e 4267 6b71 686b 6947 3977 3042 4151 ANBgkqhkiG9w0BAQ
0x00a0: 4546 4141 4f43 4167 3841 4d49 4943 4367 EFAAOCAg8AMIICCg
0x00b0: 4b43 4167 4541 7878 6a37 6c6f 6e79 7367 KCAgEAxxj7lonysg
0x00c0: 4c64 6564 4859 6830 566d 0a33 6956 6259 LdedHYh0Vm.3iVbY
0x00d0: 7a6e 7353 5841 3264 7965 5354 624b 4b33 znsSXA2dyeSTbKK3
...
08:00:50.080766 IP nexusm.4506 > salt-minion1.local.46700: Flags [.], ack 882, win 240, options [nop,nop,TS val 12946486 ecr 28650224], length 0
0x0000: 4500 0034 80dc 4000 4006 7089 c0a8 6401 E..4..@.@.p...d.
0x0010: c0a8 640c 119a b66c 24e7 0ce3 16de ea9f ..d....l$.......
0x0020: 8010 00f0 4985 0000 0101 080a 00c5 8c36 ....I..........6
0x0030: 01b5 2af0
but after that all salt-key show me is this:
[root@nexusm ~]# salt-key
Accepted Keys:
Unaccepted Keys:
Rejected Keys:
The master simply doesn't seem to pick up the key but the log doesn't show why.
Regards,
Dennis
...
08:00:50.041002 IP salt-minion1.local.46700 > nexusm.4506: Flags [P.], seq 13:882, ack 13, win 229, options [nop,nop,TS val 28650224 ecr 12946445], length 869
0x0000: 4500 0399 cdc8 4000 4006 2038 c0a8 640c E.....@.@..8..d.
0x0010: c0a8 6401 b66c 119a 16de e73a 24e7 0ce1 ..d..l.....:$...
0x0020: 8018 00e5 4cea 0000 0101 080a 01b5 2af0 ....L.........*.
0x0030: 00c5 8c0d 0000 0100 0200 0000 0000 0003 ................
0x0040: 5882 a46c 6f61 6483 a363 6d64 a55f 6175 X..load..cmd._au
0x0050: 7468 a269 64b2 7361 6c74 2d6d 696e 696f th.id.salt-minio
0x0060: 6e31 2e6c 6f63 616c a370 7562 da03 202d n1.local.pub...-
0x0070: 2d2d 2d2d 4245 4749 4e20 5055 424c 4943 ----BEGIN.PUBLIC
0x0080: 204b 4559 2d2d 2d2d 2d0a 4d49 4943 496a .KEY-----.MIICIj
0x0090: 414e 4267 6b71 686b 6947 3977 3042 4151 ANBgkqhkiG9w0BAQ
0x00a0: 4546 4141 4f43 4167 3841 4d49 4943 4367 EFAAOCAg8AMIICCg
0x00b0: 4b43 4167 4541 7878 6a37 6c6f 6e79 7367 KCAgEAxxj7lonysg
0x00c0: 4c64 6564 4859 6830 566d 0a33 6956 6259 LdedHYh0Vm.3iVbY
0x00d0: 7a6e 7353 5841 3264 7965 5354 624b 4b33 znsSXA2dyeSTbKK3
...
08:00:50.080766 IP nexusm.4506 > salt-minion1.local.46700: Flags [.], ack 882, win 240, options [nop,nop,TS val 12946486 ecr 28650224], length 0
0x0000: 4500 0034 80dc 4000 4006 7089 c0a8 6401 E..4..@.@.p...d.
0x0010: c0a8 640c 119a b66c 24e7 0ce3 16de ea9f ..d....l$.......
0x0020: 8010 00f0 4985 0000 0101 080a 00c5 8c36 ....I..........6
0x0030: 01b5 2af0
but after that all salt-key show me is this:
[root@nexusm ~]# salt-key
Accepted Keys:
Unaccepted Keys:
Rejected Keys:
The master simply doesn't seem to pick up the key but the log doesn't show why.
Regards,
Dennis
Bruno Rogerio Fernandes
Mar 26, 2014, 1:39:15 PM3/26/14
to salt-...@googlegroups.com
There is any firewall on your master?
Colton Myers
Mar 28, 2014, 1:41:19 PM3/28/14
to salt-...@googlegroups.com
I would be interested in the answer to Bruno's question. Additionally, are both the master and minion 2014.1.1?
--
Colton Myers
rabi mishra
Jun 22, 2014, 12:57:34 PM6/22/14
to salt-...@googlegroups.com
I am facing the same issue on fedora 19 master and minion vms on vmware fusion.
both master and minion running
Salt: 2014.1.5
Python: 2.7.5 (default, Nov 12 2013, 16:18:42)
Jinja2: 2.6
M2Crypto: 0.21.1
msgpack-python: 0.1.13
msgpack-pure: Not Installed
pycrypto: 2.6.1
PyYAML: 3.10
PyZMQ: 13.0.0
ZMQ: 3.2.4
I can telnet 4505/4506 ports from the minion.
both master and minion running
Salt: 2014.1.5
Python: 2.7.5 (default, Nov 12 2013, 16:18:42)
Jinja2: 2.6
M2Crypto: 0.21.1
msgpack-python: 0.1.13
msgpack-pure: Not Installed
pycrypto: 2.6.1
PyYAML: 3.10
PyZMQ: 13.0.0
ZMQ: 3.2.4
I can telnet 4505/4506 ports from the minion.
Reply all
Reply to author
Forward
0 new messages