Verify the GlusterFS share salt_pki

Verify the GlusterFS share salt_pki

Before you proceed with the NGINX certificates renewal or replacement, verify the GlusterFS share salt_pki.

To verify the GlusterFS share salt_pki:

  1. Log in to any infrastructure node that hosts the salt_pki GlusterFS volume.

  2. Obtain the list of the GlusterFS minions IDs:

    salt -C 'I@glusterfs:server' test.ping --output yaml | cut -d':' -f1
    

    Example of system response:

    kvm01.multinode-ha.int
    kvm03.multinode-ha.int
    kvm02.multinode-ha.int
    
  3. Verify that the volume is replicated and is online for any of the minion IDs from the list obtained in the previous step.

    salt <minion_id> cmd.run 'gluster volume status salt_pki'
    

    Example of system response:

    Status of volume: salt_pki
    Gluster process                             TCP Port  RDMA Port  Online  Pid
    ------------------------------------------------------------------------------
    Brick 192.168.2.241:/srv/glusterfs/salt_pki 49154     0          Y       9211
    Brick 192.168.2.242:/srv/glusterfs/salt_pki 49154     0          Y       8499
    Brick 192.168.2.243:/srv/glusterfs/salt_pki 49154     0          Y       8332
    Self-heal Daemon on localhost               N/A       N/A        Y       6313
    Self-heal Daemon on 192.168.2.242           N/A       N/A        Y       10203
    Self-heal Daemon on 192.168.2.243           N/A       N/A        Y       2068
    
    Task Status of Volume salt_pki
    ------------------------------------------------------------------------------
    There are no active volume tasks
    
  4. Log in to the Salt Master node.

  5. Verify that the salt_pki volume is mounted on each proxy node and the Salt Master node:

    salt -C 'I@nginx:server:site:*:host:protocol:https or I@salt:master' \
    cmd.run 'mount | grep salt_pki'
    

    Example of system response:

    prx01.multinode-ha.int:
        192.168.2.240:/salt_pki on /srv/salt/pki type fuse.glusterfs \
        (rw,relatime,user_id=0,group_id=0,default_permissions,allow_other,max_read=131072)
    prx02.multinode-ha.int:
        192.168.2.240:/salt_pki on /srv/salt/pki type fuse.glusterfs \
        (rw,relatime,user_id=0,group_id=0,default_permissions,allow_other,max_read=131072)
    cfg01.multinode-ha.int:
        192.168.2.240:/salt_pki on /srv/salt/pki type fuse.glusterfs \
        (rw,relatime,user_id=0,group_id=0,default_permissions,allow_other,max_read=131072)
    
  6. Proceed with the renewal or replacement of the NGINX certificates as required.