Does Salt stack's minion ID correspond to the host IP address that i would be managing?
I'm researching about salt stack for my project and wanted to make certain that my comprehension was good.
The default minion id is the hostname of the minion. It checks socket.getfqdn(), /etc/hostname and /etc/hosts. If none of them give any names then it will probably end up as an IP address.
If that's not what you want, then you can configure it to be anything.
#/etc/salt/minion.d/my.conf
id: my-minion-id
Related
I had connected the salt master (10.1.x.x) to salt minion (10.2.x.x). Now I have changed the salt master(131.x.x.x) for existing salt minion and also I have changed the public key of new salt master in place /etc/salt/pki/minion. But the salt master still tring to connect old master . I checked in minion configuration file , no ip was configured for saltmaster. Can anyone tell me how did the salt-minion picks salt-master ip?
Salt minions will by default try to connect to a hostname called salt. If no IP is specified, and if minion is able to resolve salt, it will attempt to join that master.
It's possible that the hostname salt is pointing to old master's IP address. Something simple like ping salt from minion should be able to reveal some clues.
If it is indeed pointing to 10.1.x.x, then you have to change the DNS entry or etc/hosts entry to point to the new IP 131.x.x.x.
I'm connecting to a host using an IP address (ex. 123.123.123.123) rather than a hostname and I get this exception:
javax.net.ssl.SSLException: Certificate for <123.123.123.123> doesn't match common name of the certificate subject: abcdef.test.group
I can see the actual hostname of 123.123.123.123 in the debug output under 'peer alternative names' so I am guessing that the problem is because I am using the IP address and it's unable to resolve this to a hostname and so match against the peer host list.
I'm using the IP address because the local DNS has not been setup, and before I ask admins to update the /etc/hosts file to map that IP to a host I want to check that the problem is indeed that I am using an IP address.
As I've typed this in I've convinced myself that it is - but it would be good if someone else agreed.
After update of /etc/hosts file with the IP/hostname mapping all is well.
This is from my lecture slides in the web based systems section of Distributed Systems:
Which of the following hostnames are valid?
122.65.132.11.1.97
My_server
300.320.1.32
The answer is: All three can be valid depending on the scheme used.
I would have thought the answer would be that none are valid; can someone explain why all three could be valid?
First: the ip address is the actual name of the host. Everything else is DNS entry that maps to the ip address.
122.65.132.11.1.97 is a valid IPv6 ip address.
My_server is a valid DNS entry (which presumably could map to a legit host).
Corrected:
300.320.1.32 is a not a valid IPV4 ip address.
I am checking the internet connection of my computer and do not understand a few points.
The following is a result from $ netstat:
I do not understand why for some items in the list have localhost:xxxxx as their foreign address.
since netstat shows the internet connections, shouldn't this show IP addresses of outside my computer?
netstat per default tries to convert the data it finds into host names. It does so by reverse resolving the IP addresses via DNS.
For example, 127.0.0.1 gets replaced with localhost in this case.
The same happens with the ports, but there it doesn't happen via DNS, but via a file like /etc/services which provides a mapping between port numbers and service names.
You can prevent this with the netstat option -n.
All,
I have an IP address and I want to know all aliases within my organization that point to this IP. Is it possible?
For example I know the alias "TESTBOX" points to 119.119.119.119.
How can by just knowing the IP come up with the "TESTBOX" ?
Thanks,
M
Short answer: You can't.
You can try a reverse lookup on the IP address, but that will only show you the address that has been specifically allocated in the reverse DNS to that IP address.
Remember, aliases might exist only as an entry on a single machine's hosts file. They might also exist in a DNS server on the other side of the planet. However, if you're only interested in local DNS aliases, and your DNS servers allow zone transfers, then you can try listing every entry in every domain (eg. with host -l xyzzy.bigcorp.com) and searching the results for the IP address in question.