FAQ Database Discussion Community


Windows service controller: view `sc failure` settings for a service

windows,salt-stack,servicecontroller
I would like to view the current settings of sc failure for a service. Is this possible? Background: I'm setting up state configuration for services using Saltstack. Right now, when a service is set up, a command line is run to set the failure behaviour like: sc failure serviceName reset=...

Salt IIS configuration fails

iis,salt-stack,salt-contrib
I am trying to configure IIS on Windows 2012R2 x64 via salt. I downloaded and linked salt-contrib. Now when I run: salt-call --local iis.apppool_list I am getting the following error [Error 2] The system cannot find the file specified But when I am running salt-call --local cmd.run "C:\Windows\system32\inetsrv\appcmd.exe list APPPOOL"...

targeting salt minions using multiple grains

automation,salt,salt-stack,devops
In our infrastructure, we set multiple grains on the minion including an 'environment' and 'component' grain. Based on this, there can be multiple minions with the same component name, each in a different environment. I want to be able to select minions based on multiple grains instead of having to...

What open ports are required on firewall to allow for salt-stack remote execution?

zeromq,firewall,network-protocols,salt-stack
The documentation on saltstack appears to be unclear regarding what ports are required from the salt-master -> salt-minion (apparently none are required). It suggests that ports only need to be opened from the salt-minion -> salt-master. (See: http://docs.saltstack.com/en/latest/topics/tutorials/firewall.html) If however commands are executed remotely on the salt-master targeted to a...

Problems with basic usage of saltstack apache-formula

salt-stack
I'm new to Saltstack and I'm just trying to do some simple installs on a subset of minions. I want to include Environments so I have my file roots as: file_roots: base: - /srv/salt/base dev: - /srv/salt/dev qa: - /srv/salt/qa stage: - /srv/salt/stage prod: - /srv/salt/prod I set up the...

LINUX - saltstack cmd.run in a variable

linux,bash,shell,salt-stack
I know I can use sls to run commands from salt but I have a requirement to run certain commands via bash script. I need to store the result of the command into a variable. When running the following on the shell of the salt server it works and I...

Using SaltStack grains file with Vagrant

vagrant,salt,vagrantfile,salt-stack,vagrant-plugin
I would like to use minion.d/*.conf to provision a vagrant machine. Here is my Vagrant configuration: Vagrant.configure("2") do |config| ## Choose your base box config.vm.box = "precise64" ## For masterless, mount your salt file root config.vm.synced_folder "salt/roots/", "/srv/salt/" ## Use all the defaults: config.vm.provision :salt do |salt| salt.minion_config = "salt/minion"...

Using Vagrant with SaltStack, how do I start nginx after providing custom configuration

nginx,vagrant,salt-stack
I have a Vagrant boxset up to provision with salt. When I do a fresh vagrant up (after a vagrant destroy), nginx defaults to port 80 and the default welcome page, despite not being configured to. I can fix it by manually running sudo nginx -s reload inside the guest,...

How to get element from return statement with sls file

salt-stack
I have the following line in an .sls file, but it always seems to succeed whatever server I put in there: {% if salt['network.connect']('server.network.com', 80).result == True -%} When I run salt-call --local network.connect server.network.com 80 I get the following output: local: ---------- comment: Unable to connect to server.network.com on...

salt mine for all network interfaces

networking,salt-stack,collectd
I'm having difficulty configuring collectd.conf using the interface plugin through salt. The collectd.conf expects a list of network interfaces to monitor like: <Plugin interface> Interface "em1" Interface "em2" </Plugin> I've worked out that I need to use a salt mine to pull the grains into the master - which is...

Watch an application and restart it

salt-stack
I'm using saltstack minion on Windows. I would like to always check if an application is started. Restarts if it crashes. And also add the possibility to stop it. The application is not a Windows service. But I would like to simulate the service with saltstack. I've check the cmd.run...

Evaluate salt-stack's ext_pillar once for all minions

salt-stack
ext_pillar feature allows salt master to append dynamic data to each minion's pillar dictionary. This is achieved by salt master evaluating an eponymous python function on behalf of each minion during the pillar refresh stage. When a large number of minions is present in the stack, the ext_pillar function would...

State 'boto_rds.present' is unavailable. Ec2/saltstack

amazon-web-services,amazon-ec2,boto,amazon-rds,salt-stack
Im trying to create a RDS instance using boto_rds.present, the code looks like: rds_instance_abc: boto_rds.present: - name: learn_rds1 - allocated_storage: 10 - storage_type: gp2 - db_name: abc_testing - db_instance_class: db.t2.micro - engine: MySQL - master_username: root - master_user_password: root - region: us-east-1} - keyid: fsdfsdfsdfs - key: fsdfsdfsfsdfsdfsfsdfs After salt-call...

salt-stack highstate - find slow states

salt-stack
Running an initial install takes about 20 minutes, running a salt-call state.highstate takes about 6 minutes. That's not unreasonable, but I'd like to speed it up, but I'm not sure how to find the slowest states. Is there any way to find how long each state takes to run other...

Should I always use pillar.get instead of pillar['foo']?

salt-stack
I see in the pillar documentation that there are two ways to reference pillar data in an SLS. {{ pillar['foo'] }} and {{ salt'pillar.get' }} The pillar.get method handles nested pillar data better and allows to specify a default if the data isn't found in the pillar. But it's a...

How can I manage application binaries using SaltStack?

salt-stack
I would like to have Salt manage my application binaries that will be hosted on each minion. If possible, I would like Salt to: Ensure my program is always running Pull the latest binaries from the master server (but allow selecting application versions for specific minions) Not have to host...

What password or key does salt-cloud use to login to a newly created OpenStack VM minion?

openstack,rackspace-cloud,salt-stack
I'm using salt-cloud with Rackspace OpenStack cloud severs. I've setup the provider and a profile without explicitly setting any key or password settings. When I issue the command to create a new vm e.g. salt-cloud -p profile vmname the machine gets created quite happily and salt-cloud appears to be logging...

Salt-Stack control from Windows

salt-stack
I run Windows and I'd like to use Salt-Stack to configure an Ubuntu VirtualBox development/test environment on this Windows box and later deploy and control production Ubuntu boxes, preferably controlled from said Windows machine. I'm new to Salt-Stack and it seems running a Master is not supported on Windows (only...

Salt minion inside docker container?

architecture,docker,salt-stack
Do you run a salt minion inside a docker containers? Or do you only run a minion on the server which runs the docker containers? We don't use salt at the moment, but want to use it in the future. We are unsure how to layout our infrastructure in the...

EC2ResponseError: 401 Unauthorized using Saltstack boto_vpc module

amazon-web-services,amazon-ec2,boto,salt-stack,amazon-vpc
I'm trying to create a vpc using Saltstack and boto_vpc module. This is my state: vpc_create: module.run: - name: boto_vpc.create - cidr_block: '10.0.0.0/24' - vpc_name: 'myVpc' - region: 'us-east-1' - key: 'ADJJDNEJFJGNFKFKFKIW' - keyid: 'SJDJNFNEJUWLLLCLCLENNRBFLGSLSLKEMFUHE' The keys that I'm using are correct but I got this error: [INFO ] Running...

nginx non http port redirection

nginx,salt-stack
Theres a server in a customer that runs a nginx, a salt master daemon from saltstack and a secret web app that does secret things. Considerations: In this scenario, theres only one ip, only one server and multiple DNS records available; I have nginx running in port 80; And salt...

restrict commands that salt-minion is able to publish

salt-stack
configured the salt-stack environment like below: machine1 -> salt-master machine2 -> salt-minion machine3 -> salt-minion This setup is working for me and I can publish i.e. the command "ls -l /tmp/" from machine2 to machine3 with salt-call publish.publish 'machine3' cmd.run 'ls - /tmp/' How it's possible to restrict the commands...

Remove the empty lines left by Jinja2 variable definitions

jinja2,salt-stack
When writing template files using Jinja2 for Saltstack, I often define some variables at the beginning of the file. For example: {% set ip = grains['ip4_interfaces']['eth1'][0] %} {% set domain = pillar['company_domain'] %} {% set version = pillar['site_version'] %} {% set site_url = 'www.' + domain %} [...] Everything works...

Combining salt, docker and Amazon EC2 for hosting Python application

amazon-web-services,amazon-ec2,docker,salt,salt-stack
The situation we currently have in our company is: 3 python applications that can be spawned as many times as needed Single Amazon EC2 server that is hosting all those mentioned apps( 1 instance of each) CPU utilization ~30% periodic work we want to have done within 1hr takes 2hr...