Browse Source

Allow enforcing of whole /etc/hosts

Parameter purge_hosts will enforce whole /etc/hosts file, removing entries
that are not defined in model except defaults for both IPv4 and IPv6 localhost
and hostname + fqdn.

It's good to use this option if you want to ensure /etc/hosts is always in a
clean state however it's not enabled by default for safety.

Change-Id: Ieb219b2dd494d5a66ecc52a2ec00dd5157ee2b7a
tags/mcp0.5
Filip Pytloun 8 years ago
parent
commit
86506fe743
4 changed files with 60 additions and 1 deletions
  1. +14
    -0
      README.rst
  2. +33
    -0
      linux/files/hosts
  3. +12
    -0
      linux/network/host.sls
  4. +1
    -1
      linux/network/init.sls

+ 14
- 0
README.rst View File



Linux with hosts Linux with hosts


Parameter purge_hosts will enforce whole /etc/hosts file, removing entries
that are not defined in model except defaults for both IPv4 and IPv6 localhost
and hostname + fqdn.
It's good to use this option if you want to ensure /etc/hosts is always in a
clean state however it's not enabled by default for safety.

.. code-block:: yaml .. code-block:: yaml


linux: linux:
network: network:
... ...
purge_hosts: true
host: host:
# No need to define this one if purge_hosts is true
hostname:
address: 127.0.1.1
names:
- ${linux:network:fqdn}
- ${linux:network:hostname}
node1: node1:
address: 192.168.10.200 address: 192.168.10.200
names: names:
- node2.domain.com - node2.domain.com
- service2.domain.com - service2.domain.com



Setup resolv.conf, nameservers, domain and search domains Setup resolv.conf, nameservers, domain and search domains


.. code-block:: yaml .. code-block:: yaml

+ 33
- 0
linux/files/hosts View File

{#-
vim: syntax=jinja
-#}
{%- from "linux/map.jinja" import network with context -%}
# hosts(1) file managed by salt-minion(1)
# DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN

{%- set hosts = {
'127.0.0.1': [
'localhost'
],
'127.0.1.1': [
network.fqdn|default(grains.fqdn),
network.hostname|default(grains.nodename)
],
'::1': [
'localhost',
'ip6-localhost',
'ip6-loopback'
],
'ff02::1': [
'ip6-allnodes'
],
'ff02::2': [
'ip6-allrouters'
],
} -%}
{%- for name, host in network.host.iteritems() -%}
{%- do hosts.update({host.address: host.names}) -%}
{%- endfor %}
{% for address, entries in hosts|dictsort %}
{{ address }} {{ entries|join(' ') }}
{%- endfor %}

+ 12
- 0
linux/network/host.sls View File

{%- from "linux/map.jinja" import network with context %} {%- from "linux/map.jinja" import network with context %}
{%- if network.enabled %} {%- if network.enabled %}


{%- if network.get('purge_hosts', false) %}

linux_hosts:
file.managed:
- name: /etc/hosts
- source: salt://linux/files/hosts
- template: jinja

{%- else %}

{%- for name, host in network.host.iteritems() %} {%- for name, host in network.host.iteritems() %}


{%- if host.names is defined %} {%- if host.names is defined %}
{%- endfor %} {%- endfor %}


{%- endif %} {%- endif %}

{%- endif %}

+ 1
- 1
linux/network/init.sls View File

{%- from "linux/map.jinja" import network with context %} {%- from "linux/map.jinja" import network with context %}
include: include:
- linux.network.hostname - linux.network.hostname
{%- if network.host|length > 0 %}
{%- if network.host|length > 0 or network.get('purge_hosts', True) %}
- linux.network.host - linux.network.host
{%- endif %} {%- endif %}
{%- if network.resolv is defined %} {%- if network.resolv is defined %}

Loading…
Cancel
Save