Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Traceback failure occurs and lock ups of minions, yet will usuall run perfectly the next time. #47

Open
gzcwnk opened this issue Sep 4, 2014 · 0 comments
Open

Traceback failure occurs and lock ups of minions, yet will usuall run perfectly the next time. #47

gzcwnk opened this issue Sep 4, 2014 · 0 comments

Comments

@gzcwnk
Copy link

gzcwnk commented Sep 4, 2014

Running a high state

Failed run

      ID: vm.swappiness
Function: sysctl.present
  Result: True
 Comment: Updated sysctl value vm.swappiness = 20
 Changes:   
          ----------
          vm.swappiness:
              20

      ID: net.ipv4.conf.all.log_martians
Function: sysctl.present
  Result: True
 Comment: Updated sysctl value net.ipv4.conf.all.log_martians = 1
 Changes:   
          ----------
          net.ipv4.conf.all.log_martians:
              1

      ID: net.ipv4.conf.default.log_martians
Function: sysctl.present
  Result: True
 Comment: Updated sysctl value net.ipv4.conf.default.log_martians = 1
 Changes:   
          ----------
          net.ipv4.conf.default.log_martians:
              1

      ID: net.ipv4.ip_forward
Function: sysctl.present
  Result: True
 Comment: Sysctl value net.ipv4.ip_forward = 0 is already set
 Changes:   

      ID: net.ipv4.route.flush
Function: sysctl.present
  Result: True
 Comment: Updated sysctl value net.ipv4.route.flush = 1
 Changes:   
          ----------
          net.ipv4.route.flush:
              1

      ID: net.ipv4.conf.all.send_redirects
Function: sysctl.present
  Result: True
 Comment: Updated sysctl value net.ipv4.conf.all.send_redirects = 0
 Changes:   
          ----------
          net.ipv4.conf.all.send_redirects:
              0

      ID: net.ipv4.conf.default.send_redirects
Function: sysctl.present
  Result: True
 Comment: Updated sysctl value net.ipv4.conf.default.send_redirects = 0
 Changes:   
          ----------
          net.ipv4.conf.default.send_redirects:
              0

      ID: net.ipv4.conf.all.accept_source_route
Function: sysctl.present
  Result: True
 Comment: Updated sysctl value net.ipv4.conf.all.accept_source_route = 0
 Changes:   
          ----------
          net.ipv4.conf.all.accept_source_route:
              0

      ID: net.ipv4.conf.default.accept_source_route
Function: sysctl.present
  Result: True
 Comment: Sysctl value net.ipv4.conf.default.accept_source_route = 0 is already set
 Changes:   

      ID: net.ipv4.conf.all.secure_redirects
Function: sysctl.present
  Result: True
 Comment: Updated sysctl value net.ipv4.conf.all.secure_redirects = 0
 Changes:   
          ----------
          net.ipv4.conf.all.secure_redirects:
              0

      ID: net.ipv4.conf.default.secure_redirects
Function: sysctl.present
  Result: True
 Comment: Updated sysctl value net.ipv4.conf.default.secure_redirects = 0
 Changes:   
          ----------
          net.ipv4.conf.default.secure_redirects:
              0

      ID: net.ipv4.icmp_echo_ignore_broadcasts
Function: sysctl.present
  Result: True
 Comment: Updated sysctl value net.ipv4.icmp_echo_ignore_broadcasts = 1
 Changes:   
          ----------
          net.ipv4.icmp_echo_ignore_broadcasts:
              1

      ID: net.ipv4.icmp_ignore_bogus_error_responses
Function: sysctl.present
  Result: True
 Comment: Updated sysctl value net.ipv4.icmp_ignore_bogus_error_responses = 1
 Changes:   
          ----------
          net.ipv4.icmp_ignore_bogus_error_responses:
              1

      ID: net.ipv4.conf.all.rp_filter
Function: sysctl.present
  Result: True
 Comment: Updated sysctl value net.ipv4.conf.all.rp_filter = 1
 Changes:   
          ----------
          net.ipv4.conf.all.rp_filter:
              1

      ID: net.ipv4.conf.default.rp_filter
Function: sysctl.present
  Result: True
 Comment: Sysctl value net.ipv4.conf.default.rp_filter = 1 is already set
 Changes:   

      ID: net.ipv4.tcp_syncookies
Function: sysctl.present
  Result: True
 Comment: Sysctl value net.ipv4.tcp_syncookies = 1 is already set
 Changes:   

      ID: net.ipv6.conf.all.accept_ra
Function: sysctl.present
  Result: False
 Comment: An exception occurred in this state: Traceback (most recent call last):
            File "/usr/lib/python2.6/site-packages/salt/state.py", line 1379, in call
              **cdata['kwargs'])
            File "/usr/lib/python2.6/site-packages/salt/states/sysctl.py", line 72, in present
              update = __salt__['sysctl.persist'](name, value, config)
            File "/usr/lib/python2.6/site-packages/salt/modules/linux_sysctl.py", line 226, in persist
              assign(name, value)
            File "/usr/lib/python2.6/site-packages/salt/modules/linux_sysctl.py", line 118, in assign
              raise CommandExecutionError('sysctl {0} does not exist'.format(name))
          CommandExecutionError: sysctl net.ipv6.conf.all.accept_ra does not exist
 Changes:   

      ID: net.ipv6.conf.default.accept_ra
Function: sysctl.present
  Result: False
 Comment: An exception occurred in this state: Traceback (most recent call last):
            File "/usr/lib/python2.6/site-packages/salt/state.py", line 1379, in call
              **cdata['kwargs'])
            File "/usr/lib/python2.6/site-packages/salt/states/sysctl.py", line 72, in present
              update = __salt__['sysctl.persist'](name, value, config)
            File "/usr/lib/python2.6/site-packages/salt/modules/linux_sysctl.py", line 226, in persist
              assign(name, value)
            File "/usr/lib/python2.6/site-packages/salt/modules/linux_sysctl.py", line 118, in assign
              raise CommandExecutionError('sysctl {0} does not exist'.format(name))
          CommandExecutionError: sysctl net.ipv6.conf.default.accept_ra does not exist
 Changes:   

      ID: net.ipv6.conf.default.accept_redirects
Function: sysctl.present
  Result: False
 Comment: An exception occurred in this state: Traceback (most recent call last):
            File "/usr/lib/python2.6/site-packages/salt/state.py", line 1379, in call
              **cdata['kwargs'])
            File "/usr/lib/python2.6/site-packages/salt/states/sysctl.py", line 72, in present
              update = __salt__['sysctl.persist'](name, value, config)
            File "/usr/lib/python2.6/site-packages/salt/modules/linux_sysctl.py", line 226, in persist
              assign(name, value)
            File "/usr/lib/python2.6/site-packages/salt/modules/linux_sysctl.py", line 118, in assign
              raise CommandExecutionError('sysctl {0} does not exist'.format(name))
          CommandExecutionError: sysctl net.ipv6.conf.default.accept_redirects does not exist
 Changes:   

      ID: net.ipv6.conf.all.accept_redirects
Function: sysctl.present
  Result: False
 Comment: An exception occurred in this state: Traceback (most recent call last):
            File "/usr/lib/python2.6/site-packages/salt/state.py", line 1379, in call
              **cdata['kwargs'])
            File "/usr/lib/python2.6/site-packages/salt/states/sysctl.py", line 72, in present
              update = __salt__['sysctl.persist'](name, value, config)
            File "/usr/lib/python2.6/site-packages/salt/modules/linux_sysctl.py", line 226, in persist
              assign(name, value)
            File "/usr/lib/python2.6/site-packages/salt/modules/linux_sysctl.py", line 118, in assign
              raise CommandExecutionError('sysctl {0} does not exist'.format(name))
          CommandExecutionError: sysctl net.ipv6.conf.all.accept_redirects does not exist
 Changes:   

      ID: fs.suid_dumpable
Function: sysctl.present
  Result: True
 Comment: Updated sysctl value fs.suid_dumpable = 0
 Changes:   
          ----------
          fs.suid_dumpable:
              0

      ID: kernel.exec-shield
Function: sysctl.present
  Result: True
 Comment: Updated sysctl value kernel.exec-shield = 1
 Changes:   
          ----------
          kernel.exec-shield:
              1

      ID: kernel.randomize_va_space
Function: sysctl.present
  Result: True
 Comment: Updated sysctl value kernel.randomize_va_space = 2
 Changes:   
          ----------
          kernel.randomize_va_space:
              2

      ID: ipv6_setup
Function: cmd.script
  Result: True
 Comment: Command 'ipv6_setup' run
 Changes:   
          ----------
          pid:
              26704
          retcode:
              0
          stderr:

          stdout:

      ID: semanage
Function: pkg.installed
  Result: True
 Comment: All specified packages are already installed.
 Changes:   

      ID: ssh_setup
Function: cmd.script
  Result: True
 Comment: Command 'ssh_setup' run
 Changes:   
          ----------
          pid:
              26728
          retcode:
              0
          stderr:

          stdout:
              Stopping sshd:                           [  OK  ]
              Starting sshd:                           [  OK  ]

      ID: ssh-semanage
Function: cmd.run
    Name: semanage port -a -t ssh_port_t -p tcp 10
  Result: False
 Comment: Command "semanage port -a -t ssh_port_t -p tcp 10" run
 Changes:   
          ----------
          pid:
              26761
          retcode:
              1
          stderr:
              /usr/sbin/semanage: Port tcp/10 already defined
          stdout:

      ID: /etc/rsyslog.conf
Function: file.managed
  Result: True
 Comment: File /etc/rsyslog.conf updated
 Changes:   
          ----------
          diff:
              ---  
              +++  
              @@ -76,7 +76,6 @@
               # remote host is: name/ip:port, e.g. 192.168.0.1:514, port optional
               #*.* @@remote-host:514
               # ### end of the forwarding rule ###
              -*.*  @130.195.85.202
               #2012-04-27-AS
               local3.*        /var/log/rhn/jabberd.log

      ID: rsyslog-restart
Function: cmd.run
    Name: service rsyslog restart
  Result: True
 Comment: Command "service rsyslog restart" run
 Changes:   
          ----------
          pid:
              26772
          retcode:
              0
          stderr:

          stdout:
              Shutting down system logger:             [  OK  ]
              Starting system logger:                  [  OK  ]

      ID: sudo_ipa_setup
Function: cmd.script
  Result: True
 Comment: Command 'sudo_ipa_setup' run
 Changes:   
          ----------
          pid:
              26810
          retcode:
              0
          stderr:

          stdout:

      ID: /etc/sudo-ldap.conf
Function: file.managed
  Result: True
 Comment: File /etc/sudo-ldap.conf updated
 Changes:   
          ----------
          diff:
              ---  
              +++  
              @@ -1,86 +1,12 @@
              -## BINDDN DN
              -##  The BINDDN parameter specifies the identity, in the form of a Dis‐
              -##  tinguished Name (DN), to use when performing LDAP operations.  If
              -##  not specified, LDAP operations are performed with an anonymous
              -##  identity.  By default, most LDAP servers will allow anonymous
              -##  access.
              -##
              -#binddn uid=sudo,cn=sysaccounts,cn=etc,dc=example,dc=com
              +uri ldap://vuwunicoipam001.ods.vuw.ac.nz ldap://vuwunicoipam002.ods.vuw.ac.nz ldap://vuwunicoipam003.ods.vuw.ac.nz
              +ldap_version 3
              +sudoers_base ou=SUDOers,dc=ods,dc=vuw,dc=ac,dc=nz
              +binddn   uid=sudo,cn=sysaccounts,cn=etc,dc=ods,dc=vuw,dc=ac,dc=nz
              +bindpw   www.apac.c0m
              +bind_timelimit 5000
              +timelimt 15
              +ssl  start_tls
              +tls_checkpeer    (yes)
              +tls_cacertfile   /etc/ipa/ca.crt
              +sudoers_debug    2

              -## BINDPW secret
              -##  The BINDPW parameter specifies the password to use when performing
              -##  LDAP operations.  This is typically used in conjunction with the
              -##  BINDDN parameter.
              -##
              -#bindpw secret
              -
              -## SSL start_tls
              -##  If the SSL parameter is set to start_tls, the LDAP server connec‐
              -##  tion is initiated normally and TLS encryption is begun before the
              -##  bind credentials are sent.  This has the advantage of not requiring
              -##  a dedicated port for encrypted communications.  This parameter is
              -##  only supported by LDAP servers that honor the start_tls extension,
              -##  such as the OpenLDAP and Tivoli Directory servers.
              -##
              -#ssl start_tls
              -
              -## TLS_CACERTFILE file name
              -##  The path to a certificate authority bundle which contains the cer‐
              -##  tificates for all the Certificate Authorities the client knows to
              -##  be valid, e.g. /etc/ssl/ca-bundle.pem.  This option is only sup‐
              -##  ported by the OpenLDAP libraries.  Netscape-derived LDAP libraries
              -##  use the same certificate database for CA and client certificates
              -##  (see TLS_CERT).
              -##
              -#tls_cacertfile /path/to/CA.crt
              -
              -## TLS_CHECKPEER on/true/yes/off/false/no
              -##  If enabled, TLS_CHECKPEER will cause the LDAP server's TLS certifi‐
              -##  cated to be verified.  If the server's TLS certificate cannot be
              -##  verified (usually because it is signed by an unknown certificate
              -##  authority), sudo will be unable to connect to it.  If TLS_CHECKPEER
              -##  is disabled, no check is made.  Note that disabling the check cre‐
              -##  ates an opportunity for man-in-the-middle attacks since the
              -##  server's identity will not be authenticated.  If possible, the CA's
              -##  certificate should be installed locally so it can be verified.
              -##  This option is not supported by the Tivoli Directory Server LDAP
              -##  libraries.
              -#tls_checkpeer yes
              -
              -##
              -## URI ldap[s]://[hostname[:port]] ...
              -##  Specifies a whitespace-delimited list of one or more
              -##  URIs describing the LDAP server(s) to connect to. 
              -##
              -#uri ldap://ldapserver
              -
              -##
              -## SUDOERS_BASE base
              -##  The base DN to use when performing sudo LDAP queries.
              -##  Multiple SUDOERS_BASE lines may be specified, in which
              -##  case they are queried in the order specified.
              -##
              -#sudoers_base ou=SUDOers,dc=example,dc=com
              -
              -##
              -## BIND_TIMELIMIT seconds
              -##  The BIND_TIMELIMIT parameter specifies the amount of
              -##  time to wait while trying to connect to an LDAP server.
              -##
              -#bind_timelimit 30
              -
              -##
              -## TIMELIMIT seconds
              -##  The TIMELIMIT parameter specifies the amount of time
              -##  to wait for a response to an LDAP query.
              -##
              -#timelimit 30
              -
              -##
              -## SUDOERS_DEBUG debug_level
              -##  This sets the debug level for sudo LDAP queries. Debugging
              -##  information is printed to the standard error. A value of 1
              -##  results in a moderate amount of debugging information.
              -##  A value of 2 shows the results of the matches themselves.
              -##
              -#sudoers_debug 1

          mode:
              0440

      ID: nis_ipa_setup
Function: cmd.script
  Result: True
 Comment: Command 'nis_ipa_setup' run
 Changes:   
          ----------
          pid:
              26841
          retcode:
              0
          stderr:

          stdout:

      ID: /etc/rc.d/rc.local
Function: file.managed
  Result: True
 Comment: File /etc/rc.d/rc.local is in the correct state
 Changes:   

      ID: iptables
Function: service.dead
  Result: True
 Comment: Service iptables has been disabled, and is dead
 Changes:   
          ----------
          iptables:
              True

      ID: snmp
Function: pkg.installed
  Result: True
 Comment: The following packages were installed/updated: net-snmp.
 Changes:   
          ----------
          net-snmp:
              ----------
              new:
                  5.5-49.el6_5.1
              old:

          webmin:
              ----------
              new:
                  1.690-1
              old:
                  1.580-1

      ID: /etc/snmp/snmpd.conf
Function: file.managed
  Result: True
 Comment: File /etc/snmp/snmpd.conf updated
 Changes:   
          ----------
          diff:
              ---  
              +++  
              @@ -38,7 +38,10 @@
               # First, map the community name "public" into a "security name"

               #       sec.name  source          community
              -com2sec notConfigUser  default       public
              +#com2sec notConfigUser  default       public
              +com2sec notConfigUser 10.120.100.10/32 m0n1t0r
              +access  notConfigGroup ""      any       noauth    exact  all all     none
              +view all    included  .1

               ####
               # Second, map the security name into a group name:
              @@ -321,6 +324,9 @@
               # Check the / partition and make sure it contains at least 10 megs.

               #disk / 10000
              +disk /var 10%
              +disk /var/log 10%
              +disk /oracle 10%

               # % snmpwalk -v 1 localhost -c public .1.3.6.1.4.1.2021.9
               # enterprises.ucdavis.diskTable.dskEntry.diskIndex.1 = 0
              @@ -350,6 +356,7 @@

               # Check for loads:
               #load 12 14 14
              +load

               # % snmpwalk -v 1 localhost -c public .1.3.6.1.4.1.2021.10
               # enterprises.ucdavis.loadTable.laEntry.loadaveIndex.1 = 1

          mode:
              0400

      ID: snmpd
Function: service.running
  Result: True
 Comment: Service snmpd has been enabled, and is running
 Changes:   
          ----------
          snmpd:
              True

Summary

Succeeded: 68

Failed: 5

Total: 73

-bash-4.1# ls -l

Perfect run

-bash-4.1# salt -l debug -t 3600 vuwunicoojst002.ods.vuw.ac.nz state.sls sysctl
[DEBUG ] Reading configuration from /etc/salt/master
[DEBUG ] Missing configuration file: /root/.saltrc
[DEBUG ] Configuration file path: /etc/salt/master
[DEBUG ] Reading configuration from /etc/salt/master
[DEBUG ] Missing configuration file: /root/.saltrc
[DEBUG ] LocalClientEvent PUB socket URI: ipc:///var/run/salt/master/master_event_pub.ipc
[DEBUG ] LocalClientEvent PULL socket URI: ipc:///var/run/salt/master/master_event_pull.ipc
[DEBUG ] Loaded no_out as virtual quiet
[DEBUG ] Loaded json_out as virtual json
[DEBUG ] Loaded yaml_out as virtual yaml
[DEBUG ] Loaded pprint_out as virtual pprint

vuwunicoojst002.ods.vuw.ac.nz:

      ID: vm.swappiness
Function: sysctl.present
  Result: True
 Comment: Sysctl value vm.swappiness = 20 is already set
 Changes:   

      ID: net.ipv4.conf.all.log_martians
Function: sysctl.present
  Result: True
 Comment: Sysctl value net.ipv4.conf.all.log_martians = 1 is already set
 Changes:   

      ID: net.ipv4.conf.default.log_martians
Function: sysctl.present
  Result: True
 Comment: Sysctl value net.ipv4.conf.default.log_martians = 1 is already set
 Changes:   

      ID: net.ipv4.ip_forward
Function: sysctl.present
  Result: True
 Comment: Sysctl value net.ipv4.ip_forward = 0 is already set
 Changes:   

      ID: net.ipv4.route.flush
Function: sysctl.present
  Result: True
 Comment: Sysctl value net.ipv4.route.flush = 1 is already set
 Changes:   

      ID: net.ipv4.conf.all.send_redirects
Function: sysctl.present
  Result: True
 Comment: Sysctl value net.ipv4.conf.all.send_redirects = 0 is already set
 Changes:   

      ID: net.ipv4.conf.default.send_redirects
Function: sysctl.present
  Result: True
 Comment: Sysctl value net.ipv4.conf.default.send_redirects = 0 is already set
 Changes:   

      ID: net.ipv4.conf.all.accept_source_route
Function: sysctl.present
  Result: True
 Comment: Sysctl value net.ipv4.conf.all.accept_source_route = 0 is already set
 Changes:   

      ID: net.ipv4.conf.default.accept_source_route
Function: sysctl.present
  Result: True
 Comment: Sysctl value net.ipv4.conf.default.accept_source_route = 0 is already set
 Changes:   

      ID: net.ipv4.conf.all.secure_redirects
Function: sysctl.present
  Result: True
 Comment: Sysctl value net.ipv4.conf.all.secure_redirects = 0 is already set
 Changes:   

      ID: net.ipv4.conf.default.secure_redirects
Function: sysctl.present
  Result: True
 Comment: Sysctl value net.ipv4.conf.default.secure_redirects = 0 is already set
 Changes:   

      ID: net.ipv4.icmp_echo_ignore_broadcasts
Function: sysctl.present
  Result: True
 Comment: Sysctl value net.ipv4.icmp_echo_ignore_broadcasts = 1 is already set
 Changes:   

      ID: net.ipv4.icmp_ignore_bogus_error_responses
Function: sysctl.present
  Result: True
 Comment: Sysctl value net.ipv4.icmp_ignore_bogus_error_responses = 1 is already set
 Changes:   

      ID: net.ipv4.conf.all.rp_filter
Function: sysctl.present
  Result: True
 Comment: Sysctl value net.ipv4.conf.all.rp_filter = 1 is already set
 Changes:   

      ID: net.ipv4.conf.default.rp_filter
Function: sysctl.present
  Result: True
 Comment: Sysctl value net.ipv4.conf.default.rp_filter = 1 is already set
 Changes:   

      ID: net.ipv4.tcp_syncookies
Function: sysctl.present
  Result: True
 Comment: Sysctl value net.ipv4.tcp_syncookies = 1 is already set
 Changes:   

      ID: net.ipv6.conf.all.accept_ra
Function: sysctl.present
  Result: True
 Comment: Sysctl value net.ipv6.conf.all.accept_ra = 0 is already set
 Changes:   

      ID: net.ipv6.conf.default.accept_ra
Function: sysctl.present
  Result: True
 Comment: Sysctl value net.ipv6.conf.default.accept_ra = 0 is already set
 Changes:   

      ID: net.ipv6.conf.default.accept_redirects
Function: sysctl.present
  Result: True
 Comment: Sysctl value net.ipv6.conf.default.accept_redirects = 0 is already set
 Changes:   

      ID: net.ipv6.conf.all.accept_redirects
Function: sysctl.present
  Result: True
 Comment: Sysctl value net.ipv6.conf.all.accept_redirects = 0 is already set
 Changes:   

      ID: fs.suid_dumpable
Function: sysctl.present
  Result: True
 Comment: Sysctl value fs.suid_dumpable = 0 is already set
 Changes:   

      ID: kernel.exec-shield
Function: sysctl.present
  Result: True
 Comment: Sysctl value kernel.exec-shield = 1 is already set
 Changes:   

      ID: kernel.randomize_va_space
Function: sysctl.present
  Result: True
 Comment: Sysctl value kernel.randomize_va_space = 2 is already set
 Changes:

Summary

Succeeded: 23

Failed: 0

Total: 23
-bash-4.1#

Salt master and minion are EPEL rpms from RHEL6 64 bit,

eg

salt-minion-2014.1.10-4.el6.noarch

I never saw these failures on earlier rpm versions eg 2014.1.7.x or 2014.1.5.x
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@gzcwnk