New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Question: using salt-sproxy as a replacement for salt-ssh #179
Comments
Hi @dmacvicar. I've never used the Saltfile before, so first things first - let's clarify the $ tree /srv/salt
/srv/salt/
|-- pillar/
| |-- ssh.sls
| `-- top.sls
|-- states/
|-- files.sls
|-- pkgs.sls
|-- templates/
| `-- etc/
| `-- salt/
| `-- minion.jinja
`-- top.sls
base:
'*':
- ssh
proxy:
proxytype: ssh
user: root
priv: /home/mircea/.ssh/id_ed25519
pillar_roots:
base:
- /srv/salt/pillar
file_roots:
base:
- /srv/salt/states
sync_proxy: true
sync_executors: true
roster: file
roster_file: /etc/salt/roster
srv:
host: <IP address>
base:
'*':
- pkgs
- files
vim:
pkg.installed
ack:
pkg.installed
/etc/salt/minion:
file.managed:
- source: salt://templates/etc/salt/minion.jinja
- makedirs: true With that, I can run without any issues:
Can you confirm you're seeing the same with this setup? Also, what does |
oh. I got it.
I did not notice the timeout. |
Much of the time is spent resolving...
|
Ugh, that's huge. In my testing it was much smaller (under 0.5s, but still not negligible). I seem to recall some issues with this a few years ago, there might be a way to disable collecting the FQDN grain. |
Yep, seems to be this one: https://docs.saltstack.com/en/latest/ref/grains/all/salt.grains.core.html#salt.grains.core.fqdns. I put |
I think it should keep as "salty" as possible to avoid surprises with defaults. @mirceaulinic Everything seems to work now. Is my patch something that fixes anything for you? Should I do a PR? |
I think this is fine, if everything works well. I'll leave this thread open however, to hear more thoughts on the following:
I personally incline to do so (as the |
Actually, opened #182 for this. Thanks for the report @dmacvicar! |
@mirceaulinic It was not clear to me if I need to open a PR with the patch to add the args to the |
Hey @dmacvicar - I'm not sure I'm following, I thought you said it was working fine? But feel free to open a PR regardless, cheers. |
@mirceaulinic In order to be able to execute any function with arguments, I need to apply this patch: diff --git a/salt_sproxy/_proxy/ssh.py b/salt_sproxy/_proxy/ssh.py
index f729b21..9a44c2f 100644
--- a/salt_sproxy/_proxy/ssh.py
+++ b/salt_sproxy/_proxy/ssh.py
@@ -105,8 +105,18 @@ def _prep_conn(opts, fun, *args, **kwargs):
fsclient = salt.fileclient.FSClient(opts)
# TODO: Have here more options to simplify the usage, through features like
# auto-expand the path to the priv key, auto-discovery, etc.
+ argv = [fun]
+ argv.extend([salt.utils.json.dumps(arg) for arg in args])
+ argv.extend(
+ [
+ "{0}={1}".format(
+ salt.utils.stringutils.to_str(key), salt.utils.json.dumps(val)
+ )
+ for key, val in six.iteritems(kwargs)
+ ]
+ )
conn = salt.client.ssh.Single(
- opts, [fun], opts['id'], fsclient=fsclient, **opts['proxy']
+ opts, argv, opts['id'], fsclient=fsclient, **opts['proxy']
)
conn.args = args
conn.kwargs = kwargs Now, I arrived to this change noticing how Without the patch, calling eg.
|
Sorry, I thought you said "everything seems to work now" in #179 (comment) ? Or you were referring to something else? |
Once I applied the patch, I got most calls to work, except |
Hrm, interesting... in the above, with the config I shared, I tried with the current |
Anyhow, yes, please open a PR, cheers. @dmacvicar |
PR #185 |
I have tried to replace my salt-ssh usage with salt-sproxy. This means a plain git repo, with a
Saltfile
like described here. I had mixed success.Changing my Saltfile from:
to
Added some paramers to
etc/salt/master
For some reason ssh keys and user did not work, so I added root/password to
etc/salt/roster
After applying a pillar
ssh.sls
to all machines with the content:I got it "working". But I could only call
test.ping
. Anything with arguments did not return anything. After readingsalt-ssh
code I noticed the client was constructed differently and the args/kwargs where passed in the client. Changing it to:allowed me to call more functions. I did not succeed with
state.apply
but at leastcmd.run
is working with and without the patch.grain.items
works but I swear it broke in some of the combinations I tested.Without the patch I get:
and the module documentation as output.
Note: I haven't tested running this from a proper master.
The text was updated successfully, but these errors were encountered: