Ver código fonte

Merge pull request #79 from rhertzog/misc-bugfixes

Fix regression for old salt versions and bugfix for event_return_whitelist/event_return_blacklist options
master
Forrest 10 anos atrás
pai
commit
c0af23f439
5 arquivos alterados com 107 adições e 110 exclusões
  1. +2
    -3
      salt/files/cloud.providers.d/ec2.conf
  2. +2
    -3
      salt/files/cloud.providers.d/gce.conf
  3. +1
    -2
      salt/files/cloud.providers.d/rsos.conf
  4. +73
    -73
      salt/files/master.d/_defaults.conf
  5. +29
    -29
      salt/files/minion.d/_defaults.conf

+ 2
- 3
salt/files/cloud.providers.d/ec2.conf Ver arquivo

@@ -1,6 +1,5 @@
# This file managed by Salt, do not edit by hand!!
{% set salt = pillar.get('salt', {}) -%}
{% set cloud = salt.get('cloud', {}) -%}
{% set cloud = salt['pillar.get']('salt:cloud', {}) -%}
ec2_ubuntu_public:
minion:
master: {{ cloud['master'] }}
@@ -14,4 +13,4 @@ ec2_ubuntu_public:
location: eu-west-1
availability_zone: eu-west-1a
ssh_username: ubuntu
provider: ec2
provider: ec2

+ 2
- 3
salt/files/cloud.providers.d/gce.conf Ver arquivo

@@ -1,6 +1,5 @@
# This file managed by Salt, do not edit by hand!!
{% set salt = pillar.get('salt', {}) -%}
{% set cloud = salt.get('cloud', {}) -%}
{% set cloud = salt['pillar.get']('salt:cloud', {}) -%}
gce:
project: "{{ cloud['gce_project'] }}"
service_account_email_address: "{{ cloud['gce_service_account_email_address'] }}"
@@ -9,4 +8,4 @@ gce:
master: {{ cloud['master'] }}
grains:
test: True
provider: gce
provider: gce

+ 1
- 2
salt/files/cloud.providers.d/rsos.conf Ver arquivo

@@ -1,8 +1,7 @@
# This file managed by Salt, do not edit by hand!!
# Providers for openstack-based Rackspace cloud servers.

{% set salt = pillar.get('salt', {}) -%}
{% set cloud = salt.get('cloud', {}) -%}
{% set cloud = salt['pillar.get']('salt:cloud', {}) -%}
{% for region in cloud.get('rsos_regions', []) %}

rsos_{{ region|lower }}:

+ 73
- 73
salt/files/master.d/_defaults.conf Ver arquivo

@@ -1,18 +1,18 @@
# This file managed by Salt, do not edit by hand!!
# Based on salt version 0.17.4 default config
{% set reserved_keys = ['master', 'minion', 'cloud', 'salt_cloud_certs'] -%}
{% set salt = pillar.get('salt', {}) -%}
{% set master = salt.get('master', {}) -%}
{% set cfg_salt = pillar.get('salt', {}) -%}
{% set cfg_master = cfg_salt.get('master', {}) -%}
{%- macro get_config(configname, default_value) -%}
{%- if configname in master -%}
{{ configname }}: {{ master[configname] }}
{%- elif configname in salt and configname not in reserved_keys -%}
{{ configname }}: {{ salt[configname] }}
{%- if configname in cfg_master -%}
{{ configname }}: {{ cfg_master[configname] }}
{%- elif configname in cfg_salt and configname not in reserved_keys -%}
{{ configname }}: {{ cfg_salt[configname] }}
{%- else -%}
#{{ configname }}: {{ default_value }}
{%- endif -%}
{%- endmacro -%}
{%- from 'salt/formulas.jinja' import file_roots, formulas -%}
{%- from 'salt/formulas.jinja' import file_roots, formulas with context -%}
##### Primary configuration settings #####
##########################################
# This configuration file is used to manage the behavior of the Salt Master
@@ -148,14 +148,14 @@
{{ get_config('event_return_queue', '0') }}

# Only events returns matching tags in a whitelist
{% if 'event_return_whitelist' in master -%}
{% if 'event_return_whitelist' in cfg_master -%}
event_return_whitelist:
{%- for event_return in event_return_whitelist %}
{%- for event_return in cfg_master['event_return_whitelist'] %}
- {{ event_return }}
{%- endfor -%}
{% elif 'event_return_whitelist' in salt -%}
{% elif 'event_return_whitelist' in cfg_salt -%}
event_return_whitelist:
{%- for event_return in event_return_whitelist %}
{%- for event_return in cfg_salt['event_return_whitelist'] %}
- {{ event_return }}
{%- endfor -%}
{% else -%}
@@ -165,14 +165,14 @@ event_return_whitelist:
{% endif %}

# Store all event returns _except_ the tags in a blacklist
{% if 'event_return_blacklist' in master -%}
{% if 'event_return_blacklist' in cfg_master -%}
event_return_blacklist:
{%- for event_return in event_return_blacklist %}
{%- for event_return in cfg_master['event_return_blacklist'] %}
- {{ event_return }}
{%- endfor -%}
{% elif 'event_return_blacklist' in salt -%}
{% elif 'event_return_blacklist' in cfg_salt -%}
event_return_blacklist:
{%- for event_return in event_return_blacklist %}
{%- for event_return in cfg_salt['event_return_blacklist'] %}
- {{ event_return }}
{%- endfor -%}
{% else -%}
@@ -277,17 +277,17 @@ event_return_blacklist:
# larry:
# - test.ping
# - network.*
{% if 'client_acl' in master -%}
{% if 'client_acl' in cfg_master -%}
client_acl:
{%- for name, user in master['client_acl']|dictsort %}
{%- for name, user in cfg_master['client_acl']|dictsort %}
{{ name}}:
{%- for command in user %}
- {% raw %}'{% endraw %}{{ command }}{% raw %}'{% endraw %}
{%- endfor -%}
{%- endfor -%}
{% elif 'client_acl' in salt -%}
{% elif 'client_acl' in cfg_salt -%}
client_acl:
{%- for name, user in salt['client_acl']|dictsort %}
{%- for name, user in cfg_salt['client_acl']|dictsort %}
{{ name }}:
{%- for command in user %}
- {% raw %}'{% endraw %}{{ command }}{% raw %}'{% endraw %}
@@ -306,24 +306,24 @@ client_acl:
# running any commands. It would also blacklist any use of the "cmd"
# module. This is completely disabled by default.
#
{% if 'client_acl_blacklist' in master %}
{% if 'client_acl_blacklist' in cfg_master %}
client_acl_blacklist:
users:
{% for user in master['client_acl_blacklist'].get('users', []) %}
{% for user in cfg_master['client_acl_blacklist'].get('users', []) %}
- {{ user }}
{% endfor %}
modules:
{% for mod in master['client_acl_blacklist'].get('modules', []) %}
{% for mod in cfg_master['client_acl_blacklist'].get('modules', []) %}
- {{ mod }}
{% endfor %}
{% elif 'client_acl_blacklist' in salt %}
{% elif 'client_acl_blacklist' in cfg_salt %}
client_acl_blacklist:
users:
{% for user in salt['client_acl_blacklist'].get('users', []) %}
{% for user in cfg_salt['client_acl_blacklist'].get('users', []) %}
- {{ user }}
{% endfor %}
modules:
{% for mod in salt['client_acl_blacklist'].get('modules', []) %}
{% for mod in cfg_salt['client_acl_blacklist'].get('modules', []) %}
- {{ mod }}
{% endfor %}
{% else %}
@@ -473,10 +473,10 @@ client_acl_blacklist:
# - /srv/salt/prod/services
# - /srv/salt/prod/states

{% if 'file_roots' in master -%}
{{ file_roots(master['file_roots']) }}
{%- elif 'file_roots' in salt -%}
{{ file_roots(salt['file_roots']) }}
{% if 'file_roots' in cfg_master -%}
{{ file_roots(cfg_master['file_roots']) }}
{%- elif 'file_roots' in cfg_salt -%}
{{ file_roots(cfg_salt['file_roots']) }}
{%- elif formulas|length -%}
{{ file_roots({'base': ['/srv/salt']}) }}
{%- else -%}
@@ -502,14 +502,14 @@ client_acl_blacklist:
# For example, if you manage your custom modules and states in subversion
# and don't want all the '.svn' folders and content synced to your minions,
# you could set this to '/\.svn($|/)'. By default nothing is ignored.
{% if 'file_ignore_regex' in master %}
{% if 'file_ignore_regex' in cfg_master %}
file_ignore_regex:
{% for regex in master['file_ignore_regex'] %}
{% for regex in cfg_master['file_ignore_regex'] %}
- {{ regex }}
{% endfor %}
{% elif 'file_ignore_regex' in salt %}
{% elif 'file_ignore_regex' in cfg_salt %}
file_ignore_regex:
{% for regex in salt['file_ignore_regex'] %}
{% for regex in cfg_salt['file_ignore_regex'] %}
- {{ regex }}
{% endfor %}
{% else %}
@@ -522,14 +522,14 @@ file_ignore_regex:
# path before syncing the modules and states to the minions. This is similar
# to file_ignore_regex above, but works on globs instead of regex. By default
# nothing is ignored.
{% if 'file_ignore_glob' in master %}
{% if 'file_ignore_glob' in cfg_master %}
file_ignore_glob:
{% for glob in master['file_ignore_glob'] %}
{% for glob in cfg_master['file_ignore_glob'] %}
- {{ glob }}
{% endfor %}
{% elif 'file_ignore_glob' in salt %}
{% elif 'file_ignore_glob' in cfg_salt %}
file_ignore_glob:
{% for glob in salt['file_ignore_glob'] %}
{% for glob in cfg_salt['file_ignore_glob'] %}
- {{ glob }}
{% endfor %}
{% else %}
@@ -554,9 +554,9 @@ file_ignore_glob:
#fileserver_backend:
# - git
# - roots
{% if 'fileserver_backend' in master -%}
{% if 'fileserver_backend' in cfg_master -%}
fileserver_backend:
{%- for backend in master['fileserver_backend'] %}
{%- for backend in cfg_master['fileserver_backend'] %}
- {{ backend }}
{%- endfor -%}
{%- endif %}
@@ -600,9 +600,9 @@ fileserver_backend:
# environments.
# Note: file:// repos will be treated as a remote, so refs you want used must
# exist in that repo as *local* refs.
{% if 'gitfs_remotes' in master -%}
{% if 'gitfs_remotes' in cfg_master -%}
gitfs_remotes:
{%- for remote in master['gitfs_remotes'] %}
{%- for remote in cfg_master['gitfs_remotes'] %}
{%- if remote is iterable and remote is not string %}
{%- for repo, children in remote.items() %}
- {{ repo }}:
@@ -642,17 +642,17 @@ gitfs_remotes:
# Pillar is laid out in the same fashion as the file server, with environments,
# a top file and sls files. However, pillar data does not need to be in the
# highstate format, and is generally just key/value pairs.
{% if 'pillar_roots' in master %}
{% if 'pillar_roots' in cfg_master %}
pillar_roots:
{% for name, roots in master['pillar_roots']|dictsort %}
{% for name, roots in cfg_master['pillar_roots']|dictsort %}
{{ name }}:
{% for dir in roots %}
- {{ dir }}
{% endfor %}
{% endfor %}
{% elif 'pillar_roots' in salt %}
{% elif 'pillar_roots' in cfg_salt %}
pillar_roots:
{% for name, roots in salt['pillar_roots']|dictsort %}
{% for name, roots in cfg_salt['pillar_roots']|dictsort %}
{{ name }}:
{% for dir in roots %}
- {{ dir }}
@@ -664,14 +664,14 @@ pillar_roots:
# - /srv/pillar
{% endif %}
#
{% if 'ext_pillar' in master %}
{% if 'ext_pillar' in cfg_master %}
ext_pillar:
{% for pillar in master['ext_pillar'] %}
{% for pillar in cfg_master['ext_pillar'] %}
- {{ pillar.items()[0][0] }}: {{ pillar.items()[0][1] }}
{% endfor %}
{% elif 'ext_pillar' in salt %}
{% elif 'ext_pillar' in cfg_salt %}
ext_pillar:
{% for pillar in salt['ext_pillar'] %}
{% for pillar in cfg_salt['ext_pillar'] %}
- {{ pillar.items()[0][0] }}: {{ pillar.items()[0][1] }}
{% endfor %}
{% else %}
@@ -747,17 +747,17 @@ ext_pillar:
#
# This is not recommended, since it would allow anyone who gets root on any
# single minion to instantly have root on all of the minions!
{% if 'peer' in master %}
{% if 'peer' in cfg_master %}
peer:
{% for name, roots in master['peer'].items() %}
{% for name, roots in cfg_master['peer'].items() %}
{{ name }}:
{% for mod in roots %}
- {{ mod }}
{% endfor %}
{% endfor %}
{% elif 'peer' in salt %}
{% elif 'peer' in cfg_salt %}
peer:
{% for name, roots in salt['peer'].items() %}
{% for name, roots in cfg_salt['peer'].items() %}
{{ name }}:
{% for mod in roots %}
- {{ mod }}
@@ -780,17 +780,17 @@ peer:
#peer_run:
# foo.example.com:
# - manage.up
{% if 'peer_run' in master %}
{% if 'peer_run' in cfg_master %}
peer_run:
{% for name, roots in master['peer_run'].items() %}
{% for name, roots in cfg_master['peer_run'].items() %}
{{ name }}:
{% for mod in roots %}
- {{ mod }}
{% endfor %}
{% endfor %}
{% elif 'peer_run' in salt %}
{% elif 'peer_run' in cfg_salt %}
peer_run:
{% for name, roots in salt['peer_run'].items() %}
{% for name, roots in cfg_salt['peer_run'].items() %}
{{ name }}:
{% for mod in roots %}
- {{ mod }}
@@ -858,14 +858,14 @@ peer_run:
# 'salt': 'warning'
# 'salt.modules': 'debug'
#
{% if 'log_granular_levels' in master %}
{% if 'log_granular_levels' in cfg_master %}
log_granular_levels:
{% for name, lvl in master['log_granular_levels'].items() %}
{% for name, lvl in cfg_master['log_granular_levels'].items() %}
{{ name }}: {{ lvl }}
{% endfor %}
{% elif 'log_granular_levels' in salt %}
{% elif 'log_granular_levels' in cfg_salt %}
log_granular_levels:
{% for name, lvl in salt['log_granular_levels'].items() %}
{% for name, lvl in cfg_salt['log_granular_levels'].items() %}
{{ name }}: {{ lvl }}
{% endfor %}
{% else %}
@@ -880,14 +880,14 @@ log_granular_levels:
#nodegroups:
# group1: 'L@foo.domain.com,bar.domain.com,baz.domain.com and bl*.domain.com'
# group2: 'G@os:Debian and foo.domain.com'
{% if 'nodegroups' in master %}
{% if 'nodegroups' in cfg_master %}
nodegroups:
{% for name, lvl in master['nodegroups'].items() %}
{% for name, lvl in cfg_master['nodegroups'].items() %}
{{ name }}: {{ lvl }}
{% endfor %}
{% elif 'nodegroups' in salt %}
{% elif 'nodegroups' in cfg_salt %}
nodegroups:
{% for name, lvl in salt['nodegroups'].items() %}
{% for name, lvl in cfg_salt['nodegroups'].items() %}
{{ name }}: {{ lvl }}
{% endfor %}
{% endif %}
@@ -909,14 +909,14 @@ nodegroups:
{{ get_config('win_repo_mastercachefile', '/srv/salt/win/repo/winrepo.p') }}

# List of git repositories to include with the local repo:
{% if 'win_gitrepos' in master %}
{% if 'win_gitrepos' in cfg_master %}
win_gitrepos:
{% for repo in master['win_gitrepos'] %}
{% for repo in cfg_master['win_gitrepos'] %}
- {{ repo }}
{% endfor %}
{% elif 'win_gitrepos' in salt %}
{% elif 'win_gitrepos' in cfg_salt %}
win_gitrepos:
{% for repo in salt['win_gitrepos'] %}
{% for repo in cfg_salt['win_gitrepos'] %}
- {{ repo }}
{% endfor %}
{% else %}
@@ -929,20 +929,20 @@ win_gitrepos:
# Which returner(s) will be used for minion's result:
#return: mysql

{% if 'halite' in master %}
{% if 'halite' in cfg_master %}
##### Halite #####
##########################################
halite:
{% for name, value in master['halite'].items() %}
{% for name, value in cfg_master['halite'].items() %}
{{ name }}: {{ value }}
{% endfor %}
{% endif %}

{% if 'rest_cherrypy' in master %}
{% if 'rest_cherrypy' in cfg_master %}
##### rest_cherrypy #####
##########################################
rest_cherrypy:
{% for name, value in master['rest_cherrypy'].items() %}
{% for name, value in cfg_master['rest_cherrypy'].items() %}
{{ name }}: {{ value }}
{% endfor %}
{% endif %}

+ 29
- 29
salt/files/minion.d/_defaults.conf Ver arquivo

@@ -1,18 +1,18 @@
# This file managed by Salt, do not edit by hand!!
# Based on salt version 0.17.4 default config
{% set reserved_keys = ['master', 'minion', 'cloud', 'salt_cloud_certs'] -%}
{% set salt = pillar.get('salt', {}) -%}
{% set minion = salt.get('minion', {}) -%}
{% set cfg_salt = pillar.get('salt', {}) -%}
{% set cfg_minion = cfg_salt.get('minion', {}) -%}
{%- macro get_config(configname, default_value) -%}
{%- if configname in minion -%}
{{ configname }}: {{ minion[configname] }}
{%- elif configname in salt and configname not in reserved_keys -%}
{{ configname }}: {{ salt[configname] }}
{%- if configname in cfg_minion -%}
{{ configname }}: {{ cfg_minion[configname] }}
{%- elif configname in cfg_salt and configname not in reserved_keys -%}
{{ configname }}: {{ cfg_salt[configname] }}
{%- else -%}
#{{ configname }}: {{ default_value }}
{%- endif -%}
{%- endmacro -%}
{%- from 'salt/formulas.jinja' import file_roots, formulas -%}
{%- from 'salt/formulas.jinja' import file_roots, formulas with context -%}
##### Primary configuration settings #####
##########################################

@@ -61,8 +61,8 @@
# Since salt uses detached ids it is possible to run multiple minions on the
# same machine but with different ids, this can be useful for salt compute
# clusters.
{% if 'id' in minion -%}
id: {{ minion['id'] }}
{% if 'id' in cfg_minion -%}
id: {{ cfg_minion['id'] }}
{% else -%}
#id:
{%- endif %}
@@ -266,23 +266,23 @@ id: {{ minion['id'] }}
#include:
# - /etc/salt/extra_config
# - /etc/roles/webserver
{% if 'include' in minion -%}
{% if isinstance(minion['include'], list) -%}
{% if 'include' in cfg_minion -%}
{% if isinstance(cfg_minion['include'], list) -%}
include:
{% for include in minion['include'] -%}
{% for include in cfg_minion['include'] -%}
- {{ include }}
{% endfor -%}
{% else -%}
include: minion['include']
include: cfg_minion['include']
{% endif -%}
{% elif 'include' in salt -%}
{% if isinstance(salt['include'], list) -%}
{% elif 'include' in cfg_salt -%}
{% if isinstance(cfg_salt['include'], list) -%}
include:
{% for include in salt['include'] -%}
{% for include in cfg_salt['include'] -%}
- {{ include }}
{% endfor -%}
{% else -%}
include: salt['include']
include: cfg_salt['include']
{% endif -%}
{% endif -%}

@@ -408,10 +408,10 @@ file_client: local
# - /srv/salt/prod/services
# - /srv/salt/prod/states
#
{% if 'file_roots' in minion -%}
{{ file_roots(minion['file_roots']) }}
{%- elif 'file_roots' in salt -%}
{{ file_roots(salt['file_roots']) }}
{% if 'file_roots' in cfg_minion -%}
{{ file_roots(cfg_minion['file_roots']) }}
{%- elif 'file_roots' in cfg_salt -%}
{{ file_roots(cfg_salt['file_roots']) }}
{%- elif formulas|length -%}
{{ file_roots({'base': ['/srv/salt']}) }}
{%- else -%}
@@ -445,9 +445,9 @@ file_client: local
# environments.
# Note: file:// repos will be treated as a remote, so refs you want used must
# exist in that repo as *local* refs.
{% if 'gitfs_remotes' in minion -%}
{% if 'gitfs_remotes' in cfg_minion -%}
gitfs_remotes:
{%- for remote in minion['gitfs_remotes'] %}
{%- for remote in cfg_minion['gitfs_remotes'] %}
{%- if remote is iterable and remote is not string %}
{%- for repo, children in remote.items() %}
- {{ repo }}:
@@ -488,17 +488,17 @@ gitfs_remotes:
# The Salt pillar is searched for locally if file_client is set to local. If
# this is the case, and pillar data is defined, then the pillar_roots need to
# also be configured on the minion:
{% if 'pillar_roots' in minion -%}
{% if 'pillar_roots' in cfg_minion -%}
pillar_roots:
{%- for name, roots in minion['pillar_roots']|dictsort %}
{%- for name, roots in cfg_minion['pillar_roots']|dictsort %}
{{ name }}:
{%- for dir in roots %}
- {{ dir }}
{%- endfor -%}
{%- endfor -%}
{% elif 'pillar_roots' in salt -%}
{% elif 'pillar_roots' in cfg_salt -%}
pillar_roots:
{%- for name, roots in salt['pillar_roots']|dictsort %}
{%- for name, roots in cfg_salt['pillar_roots']|dictsort %}
{{ name }}:
{%- for dir in roots %}
- {{ dir }}
@@ -608,8 +608,8 @@ pillar_roots:
#
# A dict for the test module:
#test.baz: {spam: sausage, cheese: bread}
{%- if 'module_config' in minion %}
{%- for modkey, modval in minion.module_config.items() %}
{%- if 'module_config' in cfg_minion %}
{%- for modkey, modval in cfg_minion.module_config.items() %}
{{ modkey }}: {{ modval }}
{%- endfor %}
{%- endif %}

Carregando…
Cancelar
Salvar