I'm running the same salt states on vagrant and on a cloud server. On vagrant the Started and Duration details show, but on the cloud server they don't.
I'm running masterless on v2014.7.5 (Helium)
Here's my vagrant config:
Vagrant.configure("2") do |config|
config.vm.box = "trusty64"
config.vm.network "private_network", ip: "192.168.33.11"
config.vm.synced_folder "saltMount/", "/srv/saltMount/"
config.vm.provision "salt" do |salt|
salt.minion_config = "minion"
salt.run_highstate = true
salt.colorize = true
salt.log_level = 'info'
salt.verbose = true
end
config.vm.provider "virtualbox" do |v|
v.memory = 1024
end
end
Here is my minion file:
master: localhost
file_client: local
failhard: True
state_verbose: True
file_roots:
base:
- /srv/saltMount/stateFiles
pillar_roots:
base:
- /srv/saltMount/pillars
And this is the command I'm running:
salt-call state.highstate -l info
What am I missing to get the Duration and Started on my cloud highstate?
(This is a followup question to: salt-stack highstate - find slow states )
Related
I'd like to disable the built-in windows local administrator account if it is enabled.
As salt.state.user.present doesn't support disabling accounts, I'm using salt.modules.win_useradd.update. However, it disables the account even if it is already disabled.
I can't use unless or onlyif because they only use results parsed from shell commands.
Is there a way to use the boolean value for [user.info][account_disabled] in salt.module.win_useradd.info's return data 'changes' dictionary as a requirement?
I'd like to do something like the following:
builtin_administrator:
module.run:
- user.info:
- name: Administrator
disable_builtin_administrator:
module.run:
- user.update:
- name: Administrator
- account_disabled: true
- require:
- module: builtin_administrator
- require:
- module: builtin_administrator['changes']['user.info']['account_disabled']['false']
You can see the results data changes dictionary from win_useradd.info in the output:
local:
----------
ID: builtin_administrator
Function: module.run
Result: True
Comment: user.info: Built-in account for administering the computer/domain
Started: 15:59:56.440000
Duration: 15.0 ms
Changes:
----------
user.info:
----------
account_disabled:
True
account_locked:
False
active:
False
comment:
Built-in account for administering the computer/domain
description:
Built-in account for administering the computer/domain
disallow_change_password:
False
expiration_date:
2106-02-07 01:28:15
expired:
False
failed_logon_attempts:
0L
fullname:
gid:
groups:
- Administrators
home:
None
homedrive:
last_logon:
Never
logonscript:
name:
Administrator
passwd:
None
password_changed:
2019-10-09 09:22:00
password_never_expires:
True
profile:
None
successful_logon_attempts:
0L
uid:
S-1-5-21-3258603230-662395079-3947342588-500
----------
ID: disable_builtin_administrator
Function: module.run
Result: False
Comment: The following requisites were not found:
require:
module: builtin_administrator['changes']['user.info']['account_disabled']['false']
Started: 15:59:56.455000
Duration: 0.0 ms
Changes:
Summary for local
------------
Succeeded: 1 (changed=1)
Failed: 1
------------
Total states run: 2
Total run time: 15.000 ms
I'm testing with a Windows 10 1903 masterless salt-minion 2019.2.1 (Fluorine) where I set use_superseded for module.run in the minion config file.
Thanks in advance!
I settled for this:
localuser.disable.administrator:
cmd.run:
- name: "Get-LocalUser Administrator | Disable-LocalUser"
- shell: powershell
- onlyif: powershell -command "if ((Get-LocalUser | Where-Object {($_.Name -eq 'Administrator') -and ($_.Enabled -eq $true)}) -eq $null) {exit 1}"
I am working on Mac OSX El Capitan 10.11.2. I am quite new to vagrant and this would be my first project in Symfony. I set up the environment to start my first symfony 4 project. Everything was installed correctly (including VirtualBox, Vagrant). I updated my hosts file, I edited Homestead.yaml and at the end when I wanted to access my domain (symf01.test) in Chrome I get a message that this site can't be reached and a text file is downloaded automatically, containing such information:
<?php
use Symfony\Component\Debug\Debug;
use Symfony\Component\HttpFoundation\Request;
require dirname(__DIR__).'/config/bootstrap.php';
if ($_SERVER['APP_DEBUG']) { unmask(0000);
Debug::enable();}
if ($trustedProxies = $_SERVER['TRUSTED_PROXIES'] ?? $_ENV['TRUSTED_PROXIES'] ?? false)
{ Request::setTrustedProxies(explode(',', $trustedProxies), Request::HEADER_X_FORWARDED_ALL ^ Request::HEADER_X_FORWARDED_HOST);}
if ($trustedHosts = $_SERVER['TRUSTED_HOSTS'] ?? $_ENV['TRUSTED_HOSTS'] ?? false)
{ Request::setTrustedHosts([$trustedHosts]);}
$kernel = new Kernel($_SERVER['APP_ENV'], (bool) $_SERVER['APP_DEBUG']);
$request = = Request::createFromGlobals();
$response = $kernel->handle($request);
$response->send();
$kernel->terminate($request, $response);
This is my Homestead.yaml file:
ip:"192.168.10.10"
memory: 2048
cpus: 1
provider: virtualbox
authorize: ~/.ssh/id_rsa.pub
keys:
- ~/.ssh/id_rsa
folders:
- map: /Users/username/Homestead/code/simba
to: /home/vagrant/simba
type: "nfs"
sites:
- map: symf01.test
to: /home/vagrant/simba/public
type: symfony
databases:
- homestead
# ports:
# - send: 50000
# to: 5000
# - send: 7777
# to: 777
# protocol: udp
# blackfire:
# - id: foo
# token: bar
# client-id: foo
# client-token: bar
# zray:
# If you've already freely registered Z-Ray, you can place the token here.
# - email: foo#bar.com
# token: foo
# Don't forget to ensure that you have 'zray: "true"' for your site.
This is what I get when I run serve nginx status
For future reference, this helped:
...
sites:
- map: symf01.test
to: /home/vagrant/simba/public
type: symfony
to
...
sites:
- map: symf01.test
to: /home/vagrant/simba/public
type: "symfony4"
Difference is in syntax. Value of type needs to be under quotes.
That type tells Homestead how to modify .htaccess files so that your websites can be properly accessed.
I am trying to generate the lets-encrypt certificate and here are the steps that I followed:
Under /srv/salt/pillars/minion I added the file init.sls
letsencrypt:
config: |
email = email
auth:
method: standalone
type: http-01
port: 8080
agree-tos = True
renew-by-default = True
domainsets:
mydomain:
- mydomain.com
After that I updated the salt_pillar:
# . update_salt.sh
# salt 'minion' state.sls letsencrypt
I got this result:
ID: letsencrypt-crontab-mydomain.com
Function: cron.present
Name: /usr/local/bin/renew_letsencrypt_cert.sh mydomain.com
Result: False
Comment: One or more requisite failed: letsencrypt.domains.create-initial-
cert-mydomain.com
Started:
Duration:
Changes:
------------
ID: create-fullchain-privkey-pem-for-mydomain.com
Function: cmd.run
Name: cat /etc/letsencrypt/live/mydomain.com/fullchain.pem \
/etc/letsencrypt/live/mydomain.com/privkey.pem \
> /etc/letsencrypt/live/mydomain.com/fullchain-privkey.pem && \
chmod 600 /etc/letsencrypt/live/mydomain.com/fullchain-privkey.pem
Result: False
Comment: One or more requisite failed: letsencrypt.domains.create-initial-cert-mydomain.com
Started:
Duration:
Changes:
What should I modify in my configuration to get the certificate?
I'm trying to execute a store procedure on a SQL Server 2008.
After about 30 seconds it ends in
SQLSTATE[HY000]: General error: 20003 Adaptive Server connection timed
out [20003]
I've checked if on the SQL Server remote connections are allowed and they are with a timeout of 600 seconds (default).
This is my config.yml
doctrine:
dbal:
default_connection: default
connections:
default: ...
mssql:
driver_class: \Lsw\DoctrinePdoDblib\Doctrine\DBAL\Driver\PDODblib\Driver
host: mssql_freetds
port: "%stage_database_port%"
dbname: "%stage_database_name%"
user: "%stage_database_user%"
password: "%stage_database_password%"
charset: UTF8
options:
timeout: 600 // I don't know if it's correct but it doesn't work even without this
And this is my code
$connection = $this->getDoctrine()->getManager('mssql')
->getConnection();
$stmt = $connection->prepare("Exec SP_MyStoreProcedure ?, ?");
$stmt->bindValue(1, $sd->format("Y-m-d") /* This is a date */);
$stmt->bindValue(2, $ed->format("Y-m-d") /* This is a date */);
$stmt->execute();
[EDIT]
So, i've found that i should configure time out on freetds configuration because of LswDoctrinePdoDblib. I'v edited the /etc/freetds/freetds.conf file but it still ends up connection after 30 seconds
/etc/freetds/freetds.conf
# $Id: freetds.conf,v 1.12 2007/12/25 06:02:36 jklowden Exp $
#
# This file is installed by FreeTDS if no file by the same
# name is found in the installation directory.
#
# For information about the layout of this file and its settings,
# see the freetds.conf manpage "man freetds.conf".
# Global settings are overridden by those in a database
# server specific section
[global]
# TDS protocol version
; tds version = 4.2
# Whether to write a TDSDUMP file for diagnostic purposes
# (setting this to /tmp is insecure on a multi-user system)
; dump file = /tmp/freetds.log
; debug flags = 0xffff
# Command and connection timeouts
timeout = 600
connect timeout = 600
[mssql_freetds]
host = 192.168.0.xx
port = 1433
timeout = 600
tds version = 8.0
client charset = UTF-8
text size = 20971520
[EDIT 2]
Nothing worked for timeout except this:
doctrine:
dbal:
default_connection: default
connections:
default: ...
mssql:
driver_class: \Lsw\DoctrinePdoDblib\Doctrine\DBAL\Driver\PDODblib\Driver
host: mssql_freetds
port: "%stage_database_port%"
dbname: "%stage_database_name%"
user: "%stage_database_user%"
password: "%stage_database_password%"
charset: UTF8
options:
2: 600 # 2 is the equivalent of \PDO::ATTR_TIMEOUT
But the store procedure should end in 17seconds, it waited 10 minutes ending with the same result. I don't know why. It seems to be a FREETDS/SQL SERVER bug or something like that...
[EDIT 3]
Found that the problem was a "NOT IN" clause in the SQL of the stored procedure. I had to replace it with a LEFT JOIN combined with a IS NULL clause in WHERE statement. There's also a "IN" clause but it works. I don't know if it's a FREETDS or a LswDoctrinePdoDblib issue.
This is really weird. I'm launching some windows 2012 servers into EC2 using salt-cloud. And tho I'm using this profile:
ec2_private_win_app1:
provider: company-nonpod-us-east-1
image: ami-xxxxxx
size: c4.large
network_interfaces:
- DeviceIndex: 0
PrivateIpAddresses:
- Primary: True
#auto assign public ip (not EIP)
AssociatePublicIpAddress: False
SubnetId: subnet-A
SecurityGroupId: sg-xxxxxx
#block_device_mappings:
# - DeviceName: /dev/sda1
# Ebs.VolumeSize: 120
# Ebs.VolumeType: gp2
# - DeviceName: /dev/sdf
# Ebs.VolumeSize: 100
# Ebs.VolumeType: gp2
tag: {'Engagement': '2112254190125', 'Owner': 'Tim', 'Name': 'production'}
And giving this command:
salt-cloud -p ec2_private_win_app1 USAB00005
The resulting server ends up in this subnet in AWS:
Subnet ID: subnet-B
I'm using salt-cloud version: salt-cloud 2016.9.0-410-gdedfd82
On a server running: CentOS Linux release 7.2.1511
Just what in the hell is going on?
It was a yaml formatting problem. I ran the yaml through an online yaml parser, and was able to correct the issue:
ec2_private_win_app1:
provider: company-nonpod-us-east-1
image: ami-xxxxx
size: c4.large
ssh_username: root
network_interfaces:
- DeviceIndex: 0
SubnetId: subnet-xxxxxx
PrivateIpAddresses:
- Primary: True
#auto assign public ip (not EIP)
AssociatePublicIpAddress: False
SecurityGroupId:
- sg-xxxxxx
Basically, I had to group the Subnet ID in the network_interfaces section in order for the servers to appear in the correct subnet.