So do you have to explicitly set mine data or are all grains available
by default? The example given above 'salt-call mine.get '*'
grains.items' did not provide any results when ran from my minions.
On Tue, Jul 15, 2014 at 8:53 AM, Daniel Jagszent wrote:
Hi Glenn,
mine data is available to all minions. The master queries all
minions (standard: every 60 minutes), caches the results, and
delivers these results to any minion that ask. You cannot
configure salt to only allow certain minions to access certain
mine data)
So it is not feasible for security related content (unless of
course it is stuff that all minions are allowed to see but then
it's not really security related content…).
The only built-in place for security related content is the pillar
system. You could, of course, write custom modules that handle
(e.g. I wrote one that generates random passwords and stores them
on the minion so I do not need to bother to set strong random
passwords everywhere).
Glenn E. Bailey III wrote:
Has no one else had any concerns about security and mine data?
The documentation isn't 100% clear on how they work.
On Mon, Jul 14, 2014 at 9:37 AM, Glenn E. Bailey III
wrote:
Odd,
Do you have any specific options on the master that would
allow for this? I am unable to reproduce the behavior.
On Sat, Jul 12, 2014 at 1:03 AM, Valentin Bud
wrote:
Hello Glenn,
I have just tried in my infrastructure, on one of my
minions, to
access the mine via salt-call.
$ sudo salt-call mine.get '*' grains.items
It works. I have also tried with a specific target, eg.
another minion.
It also works.
Best,
Valentin
On Fri, Jul 11, 2014 at 5:22 PM, Glenn E. Bailey III
<
[email protected]wrote:
Question,
Unless explicitly set in a state file is mine data
available to minions via some other method? RE could
a minion query the master in some sort of fashion to
retrieve information about another node if the data
is not presented via a state file?
--
"replicants are like any other machine. They're
either a benefit or a hazard. If they're a benefit,
it's not my problem."
--
You received this message because you are subscribed
to the Google Groups "Salt-users" group.
To unsubscribe from this group and stop receiving
emails from it, send an email to
salt-users+
[email protected]For more options, visit
https://groups.google.com/d/optout.--
You received this message because you are subscribed to
the Google Groups "Salt-users" group.
To unsubscribe from this group and stop receiving emails
from it, send an email to
salt-users+
[email protected]--
"replicants are like any other machine. They're either a
benefit or a hazard. If they're a benefit, it's not my problem."
--
"replicants are like any other machine. They're either a benefit
or a hazard. If they're a benefit, it's not my problem."
--
You received this message because you are subscribed to the
Google Groups "Salt-users" group.
To unsubscribe from this group and stop receiving emails from it,
send an email to salt-users+
[email protected]--
"replicants are like any other machine. They're either a benefit or a
hazard. If they're a benefit, it's not my problem."
--
You received this message because you are subscribed to the Google
Groups "Salt-users" group.
To unsubscribe from this group and stop receiving emails from it, send
an email to salt-users+
[email protected]For more options, visit
https://groups.google.com/d/optout.
