Home / server / Questions / 616239
In Process
Juraj
Asked: 2014-07-30 02:05:38 +0800 CST

How do I list IP addresses where minions connect from?

  • 772

Some minions are behind NAT and I'd like to get their public IP address as seen from master (for firewall purposes).

There is external_ip grain but AFAIK it depends on third party service and doesn't even work reliably for me.

saltstack

2 Answers

  1. First make sure that each of your minion has curl package installed.

    Then you could use:

    salt '*' cmd.run "curl ifconfig.me"

    If ifconfig.me doesn't respond, you can use another provider:

    salt '*' cmd.run "curl -s icanhazip.com"

    Each minion will respond with the external ip address:

    zeus.example.com:
    1.2.3.1
hera.example.com:
    1.2.3.2
apollo.example.com:
    1.2.3.3
athena.example.com:
    1.2.3.4

    If curl is not installed the response will be:

    castor.example.com:
    /bin/bash: curl: command not found
    • 3

  2. A computer behind a NAT has no knowledge of the public IP address that it's meant to have... I don't think you'd be able to get this information from the minion itself.

    This information has to come from your NAT device, whether it be a firewall, switch, or some other device. Maybe you could create a Runner in salt to retrieve that information for you.

    Alternatively, you could simply drop in a file on your minion's filesystem that contains information such as the public IP address, which could be retrieved a bit easier...

    • 0