Spawning AArch64 VMs using salt.control.virt requires a few extra
domain configuration items to be configurable:
- libvirt xml: pass loader param to vm
Based on upstream commit [1].
- libvirt xml: pass virt machine type
- libvirt xml: pass cpu mode to vm
- virt module: Allow NVRAM unlinking on DOM undefine
UEFI-enabled VMs usually have pflash (NVRAM) devices attached,
which require one additional libvirt flag to be passed at 'undefine'.
This is usually the case for AArch64 (arm64) VMs, where AAVMF (AA64
UEFI) is the only supported guest bootloader.
[1] https://github.com/saltstack/salt/commit/9cace9adb
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
[Fix] Doc
Issue: - It is not possible to pass [R]andom [N]umber [G]enerator
device to libvirt guest xml in order to control entropy.
- Doc has no information on how to provision vms using salt
Solution: - Pass rng parameters via kwargs from node: pillar
Attach rng xml object to generated xml.
- Provide with an example
Prod-Related: PROD-19214
Customer-Found
Change-Id: Iea111f2d927edf46f06bb7ccfad06d37b752fba9
salt-minion started via upstart is not using /etc/environment to
source variables therefore is not using system wide http_proxy parameters if
they are set there. With this patch if salt.minion.env_vars is set to engine:
file salt will set envvars in /etc/default/salt-minion and will use them for
all commands executed remotely via salt. Since /etc/default is not used on
systems with systemd override for salt-minion to use /etc/environmnet will be
set.
Change-Id: Icfe122de2486a83820a0bd2e2aeea4be3796c6aa
Closes-bug: PROD-16676
Exposing CA keys in a mine creates a security flaw, thus such
should be avoided.
This change removes code responsible for putting and retrieving
CA key from a mine and changes the ca.sls state to allow configuring
where CA cert and its key would be generated as well as their owners.
Fixes PROD-13439
Change-Id: I6d78b13dcb3754c51606edd7e2d8158e128244a4
This is useful when using proxies. The default Tornado backend does not
utilize proxy environment variables and isn't able to set no_proxy variable.
Change-Id: I4a51c6fc9abe65d46ed4f3adeb30f7a25337857e
Alexandru Avadanii
Dzmitry Stremkouski
Ivan Suzdal
Mykyta Karpin
Petr Michalec
Oleksii Chupryn
Marcin Iwinski
Mateusz Los
Jiri Broulik
Ales Komarek
Dennis Dmitriev
Elena Ezhova
Sam Stoelinga
Ales Komarek
Martin819
Filip Pytloun
Ales Komarek