FAQ
Attempting to delete an pki key from a specific queue using the Salt Pepper
library.

The key fails to get deleted.


Python output filtered for readability.

deniedKeys = api_handle.low([{'client': 'wheel', 'fun': 'key.list',
'match': 'denied'}]);print
deniedKeys['return'][0]['data']['return']['minions_denied']

[u*'imgfactory-jump-3*', u'imgfactory-nm-1', u'imgfactory-nm-2']
delStatus = api_handle.low([{'client': 'wheel', 'fun':
'key.delete_dict', 'match': {'minions_denied':*'imgfactory-jump-3*'}}]);
print delStatus
{u'return': [{u'tag': u'salt/wheel/20150519191519508162', u'data': {u'jid':
u'20150519191519508162', u'return': {}, u'success': True, u'_stamp':
u'2015-05-19T19:15:20.389127', u'tag': u'salt/wheel/20150519191519508162',
u'user': u'jenkins', u'fun': u'wheel.key.delete_dict'}}]}
deniedKeys = api_handle.low([{'client': 'wheel', 'fun': 'key.list',
'match': 'denied'}]);print
deniedKeys['return'][0]['data']['return']['minions_denied']
[u'*imgfactory-jump-3*', u'imgfactory-nm-1', u'imgfactory-nm-2']

--
You received this message because you are subscribed to the Google Groups "Salt-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to salt-users+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Search Discussions

  • Seth House at May 28, 2015 at 1:03 am
    Your syntax looks correct. Though I am unsure of the exact format for the
    argument to `key.delete_dict` off the top of my head. It may be that the
    wheel function needs the CLI equivalent to the `--include-all` flag to
    delete a denied key. In any case this looks like a bug. I filed this issue
    below to track it.

    https://github.com/saltstack/salt/issues/24200
    On Tuesday, May 19, 2015 at 3:00:56 PM UTC-6, Rohit Sood wrote:

    Attempting to delete an pki key from a specific queue using the Salt
    Pepper library.

    The key fails to get deleted.


    Python output filtered for readability.

    deniedKeys = api_handle.low([{'client': 'wheel', 'fun': 'key.list',
    'match': 'denied'}]);print
    deniedKeys['return'][0]['data']['return']['minions_denied']

    [u*'imgfactory-jump-3*', u'imgfactory-nm-1', u'imgfactory-nm-2']
    delStatus = api_handle.low([{'client': 'wheel', 'fun':
    'key.delete_dict', 'match': {'minions_denied':*'imgfactory-jump-3*'}}]);
    print delStatus
    {u'return': [{u'tag': u'salt/wheel/20150519191519508162', u'data':
    {u'jid': u'20150519191519508162', u'return': {}, u'success': True,
    u'_stamp': u'2015-05-19T19:15:20.389127', u'tag':
    u'salt/wheel/20150519191519508162', u'user': u'jenkins', u'fun':
    u'wheel.key.delete_dict'}}]}
    deniedKeys = api_handle.low([{'client': 'wheel', 'fun': 'key.list',
    'match': 'denied'}]);print
    deniedKeys['return'][0]['data']['return']['minions_denied']
    [u'*imgfactory-jump-3*', u'imgfactory-nm-1', u'imgfactory-nm-2']
    --
    You received this message because you are subscribed to the Google Groups "Salt-users" group.
    To unsubscribe from this group and stop receiving emails from it, send an email to salt-users+unsubscribe@googlegroups.com.
    For more options, visit https://groups.google.com/d/optout.
  • Rohit Sood at May 29, 2015 at 2:07 am
    Thanks for checking on this.
    In our automation process, the AWS EC2 instances get a 'Name' tag and the
    minion id gets set to the tag value.

    We frequently recycle instances (terminate and recreate ) , ending up with
    stale keys in accepted/rejected/denied queues.

    I would like to cleanup the old keys in the accepted/rejected/denied queues
    whose name is identical to the newly created instance key name in the
    pending state .

    I propose an enhancement to the wheel functions to target specific queues.

    On a related note, how do keys end up in the denied queue ?

    ...Rohit
    On Wednesday, May 27, 2015 at 9:03:27 PM UTC-4, Seth House wrote:

    Your syntax looks correct. Though I am unsure of the exact format for the
    argument to `key.delete_dict` off the top of my head. It may be that the
    wheel function needs the CLI equivalent to the `--include-all` flag to
    delete a denied key. In any case this looks like a bug. I filed this issue
    below to track it.

    https://github.com/saltstack/salt/issues/24200
    On Tuesday, May 19, 2015 at 3:00:56 PM UTC-6, Rohit Sood wrote:

    Attempting to delete an pki key from a specific queue using the Salt
    Pepper library.

    The key fails to get deleted.


    Python output filtered for readability.

    deniedKeys = api_handle.low([{'client': 'wheel', 'fun': 'key.list',
    'match': 'denied'}]);print
    deniedKeys['return'][0]['data']['return']['minions_denied']

    [u*'imgfactory-jump-3*', u'imgfactory-nm-1', u'imgfactory-nm-2']
    delStatus = api_handle.low([{'client': 'wheel', 'fun':
    'key.delete_dict', 'match': {'minions_denied':*'imgfactory-jump-3*'}}]);
    print delStatus
    {u'return': [{u'tag': u'salt/wheel/20150519191519508162', u'data':
    {u'jid': u'20150519191519508162', u'return': {}, u'success': True,
    u'_stamp': u'2015-05-19T19:15:20.389127', u'tag':
    u'salt/wheel/20150519191519508162', u'user': u'jenkins', u'fun':
    u'wheel.key.delete_dict'}}]}
    deniedKeys = api_handle.low([{'client': 'wheel', 'fun': 'key.list',
    'match': 'denied'}]);print
    deniedKeys['return'][0]['data']['return']['minions_denied']
    [u'*imgfactory-jump-3*', u'imgfactory-nm-1', u'imgfactory-nm-2']
    --
    You received this message because you are subscribed to the Google Groups "Salt-users" group.
    To unsubscribe from this group and stop receiving emails from it, send an email to salt-users+unsubscribe@googlegroups.com.
    For more options, visit https://groups.google.com/d/optout.

Related Discussions

Discussion Navigation
viewthread | post
Discussion Overview
groupsalt-users @
postedMay 19, '15 at 9:00p
activeMay 29, '15 at 2:07a
posts3
users2

2 users in discussion

Rohit Sood: 2 posts Seth House: 1 post

People

Translate

site design / logo © 2021 Grokbase