Parcourir la source

Merge remote-tracking branch 'upstream/master' into stacklight

tags/2016.12
Simon Pasquier il y a 8 ans
Parent
révision
eec2b7c990
8 fichiers modifiés avec 164 ajouts et 51 suppressions
  1. +26
    -0
      README.rst
  2. +6
    -0
      linux/files/ovs_port
  3. +7
    -2
      linux/map.jinja
  4. +8
    -0
      linux/meta/salt.yml
  5. +5
    -2
      linux/meta/sensu.yml
  6. +76
    -47
      linux/network/interface.sls
  7. +33
    -0
      linux/system/config.sls
  8. +3
    -0
      linux/system/init.sls

+ 26
- 0
README.rst Voir le fichier

@@ -687,6 +687,32 @@ Disabled multipath (the default setup)
multipath:
enabled: false

External config generation
--------------------------

You are able to use config support metadata between formulas and only generate
config files for external use, eg. docker, etc.

.. code-block:: yaml

parameters:
linux:
system:
config:
pillar:
jenkins:
master:
home: /srv/volumes/jenkins
approved_scripts:
- method java.net.URL openConnection
credentials:
- type: username_password
scope: global
id: test
desc: Testing credentials
username: test
password: test


Usage
=====

+ 6
- 0
linux/files/ovs_port Voir le fichier

@@ -0,0 +1,6 @@
auto {{ port_name }}
allow-{{ port.bridge }} {{ port_name }}
iface {{ port_name }} inet manual
ovs_type OVSIntPort
mtu {{ port.get('mtu', '1500') }}
ovs_bridge {{ port.bridge }}

+ 7
- 2
linux/map.jinja Voir le fichier

@@ -67,6 +67,11 @@
'maxwait',
'stp',
'gro',
'lacp_rate',
'ad_select',
'downdelay',
'updelay',
'hashing-algorithm',
] %}

{% set network = salt['grains.filter_by']({
@@ -87,7 +92,7 @@
'Debian': {
'hostname_file': '/etc/hostname',
'bridge_pkgs': ['bridge-utils'],
'ovs_pkgs': ['openvswitch-switch'],
'ovs_pkgs': ['openvswitch-switch', 'bridge-utils'],
'network_manager': False,
'interface': {},
'interface_params': interface_params,
@@ -99,7 +104,7 @@
},
'RedHat': {
'bridge_pkgs': ['bridge-utils'],
'ovs_pkgs': ['openvswitch-switch'],
'ovs_pkgs': ['openvswitch-switch', 'bridge-utils'],
'hostname_file': '/etc/sysconfig/network',
'network_manager': False,
'interface': {},

+ 8
- 0
linux/meta/salt.yml Voir le fichier

@@ -0,0 +1,8 @@
orchestrate:
system:
priority: 30
network:
priority: 40
storage:
priority: 50


+ 5
- 2
linux/meta/sensu.yml Voir le fichier

@@ -1,3 +1,4 @@
{%- from "linux/map.jinja" import system,network,storage with context -%}
check:
local_linux_system_zombie_procs:
command: "PATH=$PATH:/usr/lib64/nagios/plugins:/usr/lib/nagios/plugins check_procs -w 3 -c 7 -s Z"
@@ -17,12 +18,14 @@ check:
occurrences: 1
subscribers:
- local-linux-system
local_linux_storage_swap_usage:
{%- if storage.swap is defined %}
local_linux_storage_swap_usage_{{ system.name|replace('.', '-') }}-{{ system.domain|replace('.', '-') }}:
command: "PATH=$PATH:/usr/lib64/nagios/plugins:/usr/lib/nagios/plugins check_swap -a -w 50% -c 20%"
interval: 60
occurrences: 1
subscribers:
- local-linux-storage
- {{ system.name|replace('.', '-') }}-{{ system.domain|replace('.', '-') }}
{%- endif %}
local_linux_storage_disk_usage:
command: "PATH=$PATH:/usr/lib64/nagios/plugins:/usr/lib/nagios/plugins check_disk -w 15% -c 5% -p / -p /var -p /usr -p /tmp -p /var/log"
interval: 60

+ 76
- 47
linux/network/interface.sls Voir le fichier

@@ -26,65 +26,64 @@ linux_network_bridge_pkgs:

{%- if grains.os_family in ['RedHat', 'Debian'] %}

{%- if interface.type == 'bridge' and network.bridge == 'openvswitch' %}
{%- if interface.type == 'ovs_bridge' %}

linux_interface_{{ interface_name }}:
network.managed:
- enabled: {{ interface.enabled }}
ovs_bridge_{{ interface_name }}:
openvswitch_bridge.present:
- name: {{ interface_name }}
- type: eth
{%- if interface.address is defined %}
- proto: {{ interface.get('proto', 'static') }}
- ipaddr: {{ interface.address }}
- netmask: {{ interface.netmask }}
{%- else %}
- proto: {{ interface.get('proto', 'dhcp') }}
{%- endif %}
{%- if interface.name_servers is defined %}
- dns: {{ interface.name_servers }}
{%- endif %}
{%- for param in network.interface_params %}
{{ set_param(param, interface) }}
{%- endfor %}
{%- if interface.wireless is defined and grains.os_family == 'Debian' %}
{%- if interface.wireless.security == "wpa" %}
- wpa-ssid: {{ interface.wireless.essid }}
- wpa-psk: {{ interface.wireless.key }}
{%- else %}
- wireless-ssid: {{ interface.wireless.essid }}
- wireless-psk: {{ interface.wireless.key }}
{%- endif %}
{%- endif %}
- require:
- pkg: linux_network_bridge_pkgs
{%- for network in interface.use_interfaces %}
- network: linux_interface_{{ network }}
{%- endfor %}

linux_ovs_bridge_{{ interface_name }}:
cmd.run:
- name: ovs-vsctl add-br {{ interface_name }}
- unless: ovs-vsctl show | grep 'Bridge {{ interface_name }}'
{%- elif interface.type == 'ovs_port' %}

{#
ovs_port_{{ interface_name }}:
openvswitch_port.present:
- name: {{ interface_name }}
- bridge: {{ interface.bridge }}
- require:
- network: linux_interface_{{ interface_name }}
- openvswitch_bridge: ovs_bridge_{{ interface.bridge }}
#}

linux_interfaces_include:
file.prepend:
- name: /etc/network/interfaces
- text: 'source /etc/network/interfaces.d/*'

ovs_port_{{ interface_name }}:
file.managed:
- name: /etc/network/interfaces.d/ifcfg-{{ interface_name }}
- source: salt://linux/files/ovs_port
- defaults:
port: {{ interface|yaml }}
port_name: {{ interface_name }}
- template: jinja

{%- for port in interface.use_interfaces %}
ovs_port_{{ interface_name }}_line1:
file.replace:
- name: /etc/network/interfaces
- pattern: auto {{ interface_name }}
- repl: ""

linux_ovs_bridge_{{ interface_name }}_port_{{ port }}:
ovs_port_{{ interface_name }}_line2:
file.replace:
- name: /etc/network/interfaces
- pattern: iface {{ interface_name }} inet manual
- repl: ""

ovs_port_up_{{ interface_name }}:
cmd.run:
- name: ovs-vsctl add-port {{ interface_name }} {{ port }}
- unless: ovs-vsctl show | grep 'Interface "{{ interface_name }}"'
- name: ifup {{ interface_name }}
- require:
- cmd: linux_ovs_bridge_{{ interface_name }}

{%- endfor %}
- file: ovs_port_{{ interface_name }}
- file: ovs_port_{{ interface_name }}_line1
- file: ovs_port_{{ interface_name }}_line2
- openvswitch_bridge: ovs_bridge_{{ interface.bridge }}

{%- else %}

linux_interface_{{ interface_name }}:
network.managed:
- enabled: {{ interface.enabled }}
- name: {{ interface_name }}
- name: {{ interface.get('name', interface_name) }}
- type: {{ interface.type }}
{%- if interface.address is defined %}
{%- if grains.os_family == 'Debian' %}
@@ -126,17 +125,36 @@ linux_interface_{{ interface_name }}:
{%- for network in interface.use_interfaces %}
- network: linux_interface_{{ network }}
{%- endfor %}
- ports: {% for network in interface.use_interfaces %}{{ network }} {% endfor %}
- ports: {% for network in interface.get('use_interfaces', []) %}{{ network }} {% endfor %}{% for network in interface.get('use_ovs_ports', []) %}{{ network }} {% endfor %}
- require:
{%- for network in interface.use_interfaces %}
{%- for network in interface.get('use_interfaces', []) %}
- network: linux_interface_{{ network }}
{%- endfor %}
{%- for network in interface.get('use_ovs_ports', []) %}
- cmd: ovs_port_up_{{ network }}
{%- endfor %}
{%- endif %}
{%- if interface.type == 'bond' %}
- slaves: {{ interface.slaves }}
- mode: {{ interface.mode }}
{%- endif %}

{%- for network in interface.get('use_ovs_ports', []) %}

remove_interface_{{ network }}_line1:
file.replace:
- name: /etc/network/interfaces
- pattern: auto {{ network }}
- repl: ""

remove_interface_{{ network }}_line2:
file.replace:
- name: /etc/network/interfaces
- pattern: iface {{ network }} inet manual
- repl: ""

{%- endfor %}

{%- if interface.gateway is defined %}

linux_system_network:
@@ -214,10 +232,21 @@ linux_network_{{ interface_name }}_routes:

{%- endfor %}

{%- if network.bridge != 'none' %}

linux_interfaces_final_include:
file.prepend:
- name: /etc/network/interfaces
- text: 'source /etc/network/interfaces.d/*'

{%- endif %}

{%- endif %}

{%- if network.network_manager.disable is defined and network.network_manager.disable == True %}

NetworkManager:
service.dead:
- enable: false

{%- endif %}

+ 33
- 0
linux/system/config.sls Voir le fichier

@@ -0,0 +1,33 @@
{%- from "linux/map.jinja" import system with context %}
{%- macro load_support_file(file, pillar, grains) %}{% include file %}{% endmacro %}

{%- if system.enabled %}

{%- for config_name, config in system.get('config', {}).iteritems() %}
{%- if config.enabled|default(True) %}
{%- for service_name in config.pillar.keys() %}
{%- if pillar.get(service_name, {}).get('_support', {}).get('config', {}).get('enabled', False) %}
{%- set support_fragment_file = service_name+'/meta/config.yml' %}
{%- set service_config_files = load_support_file(support_fragment_file, config.pillar, config.get('grains', {}))|load_yaml %}
{%- for service_config_name, service_config in service_config_files.config.iteritems() %}

{{ service_config.path }}:
file.managed:
- source: {{ service_config.source }}
{%- if service_config.template is defined %}
- template: {{ service_config.template }}
{%- endif %}
- makedirs: true
- defaults:
pillar: {{ config.pillar|yaml }}
grains: {{ config.get('grains', {}) }}

{%- endfor %}
{%- endif %}
{%- endfor %}
{%- else %}
{# TODO: configmap not using support between formulas #}
{%- endif %}
{%- endfor %}

{%- endif %}

+ 3
- 0
linux/system/init.sls Voir le fichier

@@ -60,3 +60,6 @@ include:
{%- if system.haveged is defined %}
- linux.system.haveged
{%- endif %}
{%- if system.config is defined %}
- linux.system.config
{%- endif %}

Chargement…
Annuler
Enregistrer