6 роки тому · 320e8dd7a0
--- a/_modules/virtng.py
+++ b/_modules/virtng.py
    if kwargs.get('seed') == 'cloud-init':
        # Recursive dict update.
        def rec_update(d, u):
            for k, v in u.iteritems():
            for k, v in u.items():
                if isinstance(v, collections.Mapping):
                    d[k] = rec_update(d.get(k, {}), v)
                else:
            elif isinstance(instance, collections.Mapping):
                if isinstance(instance, OrderedDict):
                    instance = dict(instance)
                for k, v in instance.iteritems():
                for k, v in instance.items():
                    instance[k] = OrderedDict_to_dict(v)
                return instance
            else:
--- a/salt/control/cloud.sls
+++ b/salt/control/cloud.sls
  file.directory:
  - makedirs: true
 {%- for cluster_name, cluster in control.cluster.iteritems() %}
 {%- for cluster_name, cluster in control.cluster.items() %}
 {%- if cluster.engine == "cloud" %}
  file.directory:
  - makedirs: true
 {%- for node_name, node in cluster.node.iteritems() %}
 {%- for node_name, node in cluster.node.items() %}
 /srv/salt/cloud/userdata/{{cluster_name }}/{{ node_name }}.conf:
  file.managed:
--- a/salt/control/maas.sls
+++ b/salt/control/maas.sls
  pkg.installed:
    - names: {{ control.maas_pkgs }}
 {%- for cluster_name, cluster in control.cluster.iteritems() %}
 {%- for cluster_name, cluster in control.cluster.items() %}
 {%- if cluster.engine == "maas" %}
 {%- for node_name, node in cluster.node.iteritems() %}
 {%- for node_name, node in cluster.node.items() %}
 {# TODO: mass.server_active implementation #}
--- a/salt/control/virt.sls
+++ b/salt/control/virt.sls
      - pkg: salt_control_virt_packages
 {%- endif %}
 {%- for cluster_name, cluster in control.cluster.iteritems() %}
 {%- for cluster_name, cluster in control.cluster.items() %}
 {%- if cluster.engine == "virt" %}
 {%- endif %}
 {%- for node_name, node in cluster.node.iteritems() %}
 {%- for node_name, node in cluster.node.items() %}
 {%- if node.name is defined %}
 {%- set node_name = node.name %}
--- a/salt/files/_acl.conf
+++ b/salt/files/_acl.conf
 external_auth:
  pam:
    {%- for user_name, user in master.user.iteritems() %}
    {%- for user_name, user in master.user.items() %}
    {{ user_name }}: {{ user.permissions|yaml }}
    {%- endfor %}
--- a/salt/files/_engine.conf
+++ b/salt/files/_engine.conf
 {% from "salt/map.jinja" import master with context %}
 engines_dirs:
 {%- for environment_name, environment in master.get('environment', {}).iteritems() %}
 {%- for environment_name, environment in master.get('environment', {}).items() %}
 - /srv/salt/env/{{ environment_name }}/_engines
 {%- endfor %}
--- a/salt/files/_orchestration.conf
+++ b/salt/files/_orchestration.conf
 {%- from "salt/map.jinja" import master with context %}
 {%- if master.enabled %}
  {%- for environment_name, environment in master.get('environment', {}).iteritems() %}
  {%- for environment_name, environment in master.get('environment', {}).items() %}
      {%- set formulas = environment.get('formula', {}) %}
      {%- set priorities = {'orchestration':{'deploy':{'applications':{}}, 'upgrade': {'applications': {}}}} %}
      {%- for formula_name, formula in formulas.iteritems() %}
      {%- for formula_name, formula in formulas.items() %}
        {%- if salt['file.file_exists'](master.dir.files+'/'+environment_name+'/'+formula_name+'/meta/salt.yml') %}
          {%- set orch_fragment_file = formula_name+'/meta/salt.yml' %}
          {%- macro load_orch_file() %}{% include orch_fragment_file %}{% endmacro %}
--- a/salt/files/_renderer.conf
+++ b/salt/files/_renderer.conf
 {%- if renderer.get('jinja_sls', {}) | length > 0 %}
 jinja_sls_env:
 {% for key, value in renderer.jinja_sls.iteritems() %}
 {% for key, value in renderer.jinja_sls.items() %}
  {{ key }}: "{{ value }}"
 {%- endfor %}
 {%- if renderer.get('jinja', {}) | length > 0 %}
 jinja_env:
 {% for key, value in renderer.jinja.iteritems() %}
 {% for key, value in renderer.jinja.items() %}
  {{ key }}: "{{ value }}"
 {%- endfor %}
--- a/salt/files/etc_default_salt-minion
+++ b/salt/files/etc_default_salt-minion
 {%- from "salt/map.jinja" import minion with context -%}
 {%- if minion.env_vars.variables is defined -%}
 {%- for envvar_name, envvar_value in minion.env_vars.get('variables', {}).iteritems() %}
 {%- for envvar_name, envvar_value in minion.env_vars.get('variables', {}).items() %}
 export {{ envvar_name }}={% if envvar_value is string -%}{{ envvar_value }}{%- else -%}{{ envvar_value|join(',') }}
 {%- endif %}
 {%- endfor %}
--- a/salt/files/map
+++ b/salt/files/map
 {%- set cluster = salt['pillar.get']('salt:control:cluster:'+cluster_name) %}
 {%- for node_name, node in cluster.node.iteritems() %}
 {%- for node_name, node in cluster.node.items() %}
 {{ node_name }}.{{ cluster.domain }}:
 - {{ node_name }}.{{ cluster.domain }}
 {%- endfor %}
--- a/salt/files/master.conf
+++ b/salt/files/master.conf
    {%- if fsparams.get('enabled', False) %}
      {%- if fsparams.params is defined %}
  - {{ fsparams.url }}:
        {%- for key, value in fsparams.params.iteritems() %}
        {%- for key, value in fsparams.params.items() %}
    - {{ key }}: {{ value }}
        {%- endfor %}
      {%- else %}
 file_roots:
  base:
  - {{ master.dir.files }}/{{ master.system.environment }}
  {%- for formula_name, formula in master.system.get('formula', {}).iteritems() %}
  {%- for formula_name, formula in master.system.get('formula', {}).items() %}
  - {{ master.dir.files }}/{{ master.system.environment }}/{{ formula_name }}
  {%- endfor %}
  {{ master.system.environment }}:
  - {{ master.dir.files }}/{{ master.system.environment }}
  {%- for formula_name, formula in master.system.get('formula', {}).iteritems() %}
  {%- for formula_name, formula in master.system.get('formula', {}).items() %}
  - {{ master.dir.files }}/{{ master.system.environment }}/{{ formula_name }}
  {%- endfor %}
 {%- else %}
 file_roots:
  {%- for environment_name, environment in master.get('environment', {}).iteritems() %}
  {%- for environment_name, environment in master.get('environment', {}).items() %}
  {%- if master.base_environment == environment_name %}
  base:
  - {{ master.dir.files }}/{{ environment_name }}
 {# NONE: Might be rewritten, once proved to work properly, with filters: #}
 {# NONE: select('mapping')|selectattr('_index')|sort(attribute='_index') #}
 {%- set ext_engines = {} %}
 {%- for name,engine in master.pillar.iteritems() %}
 {%- for name,engine in master.pillar.items() %}
 {%-   if not engine is mapping %}{% continue %}{% endif %}
 {%-   do engine.update({'name': engine.get('name', name) }) %}
 {%-   set index = engine.get('index', '1')~'-'~name %}
--- a/salt/files/minion.conf
+++ b/salt/files/minion.conf
  roles:
  {%- for key, value in pillar.items() %}
  {%- if key not in excluded_keys  %}
  {%- for subkey, subvalue in value.iteritems() %}
  {%- for subkey, subvalue in value.items() %}
  {%- if subvalue.enabled is defined and subvalue.enabled %}
  - {{key}}.{{ subkey }}
  {%- endif %}
 {%- if minion.mine is defined %}
 mine_functions:
 {%- for salt_module, salt_functions in minion.mine.module.iteritems() %}
 {%- for salt_module, salt_functions in minion.mine.module.items() %}
  {{ salt_module }}: {{ salt_functions  }}
 {%- endfor %}
 mine_interval: {{ minion.mine.get('interval', 30) }}
--- a/salt/files/orchestrate.sls
+++ b/salt/files/orchestrate.sls
 {%- from "salt/map.jinja" import master with context %}
 {%- if master.enabled %}
  {%- for environment_name, environment in master.get('environment', {}).iteritems() %}
  {%- for environment_name, environment in master.get('environment', {}).items() %}
    {%- if master.base_environment == environment_name %}
      {%- set sorted_priorities = priorities|dictsort(false, 'value') %}
      {#- Set debug = True to log simple state result - Fail/True - to /var/log/salt/ on both master and respective minions #}
--- a/salt/files/profiles.conf
+++ b/salt/files/profiles.conf
 {% from "salt/map.jinja" import control with context %}
 {%- for cluster_name, cluster in control.cluster.iteritems() %}
 {%- for cluster_name, cluster in control.cluster.items() %}
 {%- for node_name, node in cluster.node.iteritems() %}
 {%- for node_name, node in cluster.node.items() %}
 {{ node_name }}.{{ cluster.domain }}:
  provider: {{ node.provider }}
--- a/salt/files/providers.conf
+++ b/salt/files/providers.conf
 {% from "salt/map.jinja" import control with context %}
 {%- for provider_name, provider in control.provider.iteritems() %}
 {%- for provider_name, provider in control.provider.items() %}
 {{ provider_name }}:
  provider: {{ provider.engine }}
--- a/salt/files/roster
+++ b/salt/files/roster
 {%- from "salt/map.jinja" import master with context %}
 {%- for minion_name, minion in master.ssh.get('minion', {}).iteritems() %}
 {%- for minion_name, minion in master.ssh.get('minion', {}).items() %}
 {{ minion_name }}:
  host: {{ minion.host }}
  user: {{ minion.user }}
--- a/salt/files/salt-state-graph.py
+++ b/salt/files/salt-state-graph.py
    if isinstance(obj, dict):
        # a dict - check each key
        for key, prop in obj.iteritems():
        for key, prop in obj.items():
            if key == find_key:
                results.extend(prop)
            else:
    try:
        deps = find(states, relname)
        for dep in deps:
            for dep_type, dep_name in dep.iteritems():
            for dep_type, dep_name in dep.items():
                yield make_node_name(dep_type, dep_name)
    except AttributeError as e:
        sys.stderr.write("Bad state: {0}\n".format(str(states)))
        'watch_in': {'color': 'red', 'reverse': True},
    }
    for top_key, props in state_obj.iteritems():
    for top_key, props in state_obj.items():
        # Add a node for each state type embedded in this state
        # keys starting with underscores are not candidates
                    "Removing __extend__ states:\n{0}\n".format(str(props)))
            continue
        for top_key_type, states in props.iteritems():
        for top_key_type, states in props.items():
            if top_key_type[:2] == '__':
                continue
            node_name = make_node_name(top_key_type, top_key)
            graph.add_node(Node(node_name))
            for edge_type, ruleset in rules.iteritems():
            for edge_type, ruleset in rules.items():
                for relname in find_edges(states, edge_type):
                    if 'reverse' in ruleset and ruleset['reverse']:
                        graph.add_edge(Edge(
--- a/salt/master/env.sls
+++ b/salt/master/env.sls
    - /srv/salt/env/{{ master.system.environment }}
  - makedirs: True
 {%- for grain_name, grain in master.system.get('grain', {}).iteritems() %}
 {%- for grain_name, grain in master.system.get('grain', {}).items() %}
 {%- if grain.source == 'git' %}
 {%- endfor %}
 {%- for state_name, state in master.system.get('state', {}).iteritems() %}
 {%- for state_name, state in master.system.get('state', {}).items() %}
 {%- if state.source == 'git' %}
 {%- endfor %}
 {%- for formula_name, formula in master.system.get('formula', {}).iteritems() %}
 {%- for formula_name, formula in master.system.get('formula', {}).items() %}
 {%- if formula.source == 'git' %}
 {# Start new #}
 {%- for environment_name, environment in master.get('environment', {}).iteritems() %}
 {%- for environment_name, environment in master.get('environment', {}).items() %}
 {%- if master.base_environment == environment_name %}
 {%- set _formula_pkgs = [] %}
 {%- set _formula_pkgs_with_version = [] %}
 {%- for formula_name, formula in environment.get('formula', {}).iteritems() %}
 {%- for formula_name, formula in environment.get('formula', {}).items() %}
 {%- if formula.source == 'pkg' %}
 {%- if formula.version is defined %}
 {%- do _formula_pkgs_with_version.append(formula) %}
 {% endif %}
 {%- for formula_name, formula in environment.get('formula', {}).iteritems() %}
 {%- for formula_name, formula in environment.get('formula', {}).items() %}
 {%- if formula.source == 'git' %}
  - force: True
  - makedirs: True
 {%- for grain_name, grain in formula.get('grain', {}).iteritems() %}
 {%- for grain_name, grain in formula.get('grain', {}).items() %}
 salt_master_{{ environment_name }}_{{ grain_name }}_grain:
  file.symlink:
 {%- endfor %}
 {%- for module_name, module in formula.get('module', {}).iteritems() %}
 {%- for module_name, module in formula.get('module', {}).items() %}
 salt_master_{{ environment_name }}_{{ module_name }}_module:
  file.symlink:
 {%- endfor %}
 {%- for state_name, state in formula.get('state', {}).iteritems() %}
 {%- for state_name, state in formula.get('state', {}).items() %}
 salt_master_{{ environment_name }}_{{ state_name }}_state:
  file.symlink:
  - force: True
  - makedirs: True
 {%- for grain_name, grain in formula.get('grain', {}).iteritems() %}
 {%- for grain_name, grain in formula.get('grain', {}).items() %}
 salt_master_{{ environment_name }}_{{ grain_name }}_grain:
  file.symlink:
 {%- endfor %}
 {%- for module_name, module in formula.get('module', {}).iteritems() %}
 {%- for module_name, module in formula.get('module', {}).items() %}
 salt_master_{{ environment_name }}_{{ module_name }}_module:
  file.symlink:
 {%- endfor %}
 {%- for state_name, state in formula.get('state', {}).iteritems() %}
 {%- for state_name, state in formula.get('state', {}).items() %}
 salt_master_{{ environment_name }}_{{ state_name }}_state:
  file.symlink:
 {%- endfor %}
 {%- for engine_name, engine in formula.get('engine', {}).iteritems() %}
 {%- for engine_name, engine in formula.get('engine', {}).items() %}
 salt_master_{{ environment_name }}_{{ engine_name }}_engine:
  file.symlink:
 {%- endfor %}
 {%- for runner_name, runner in formula.get('runner', {}).iteritems() %}
 {%- for runner_name, runner in formula.get('runner', {}).items() %}
 salt_master_{{ environment_name }}_{{ runner_name }}_runner:
  file.symlink:
--- a/salt/master/minion.sls
+++ b/salt/master/minion.sls
  - require:
    - {{ master.install_state }}
 {%- for name, environment in master.environment.iteritems() %}
 {%- for name, environment in master.environment.items() %}
 /srv/salt/env/{{ name }}/minion_keys:
  file.symlink:
--- a/salt/master/orchestrate.sls
+++ b/salt/master/orchestrate.sls
 {%- from "salt/map.jinja" import master with context %}
 {%- if master.enabled %}
  {%- for environment_name, environment in master.get('environment', {}).iteritems() %}
  {%- for environment_name, environment in master.get('environment', {}).items() %}
    {%- if master.base_environment == environment_name %}
      {%- set priorities = {} %}
      {%- set args = {} %}
      {%- set formulas = environment.get('formula', {}) %}
      {%- for formula_name, formula in formulas.iteritems() %}
      {%- for formula_name, formula in formulas.items() %}
        {%- if salt['file.file_exists'](master.dir.files+'/'+environment_name+'/'+formula_name+'/meta/salt.yml') %}
          {%- set grains_fragment_file = formula_name+'/meta/salt.yml' %}
          {%- macro load_grains_file() %}{% include grains_fragment_file %}{% endmacro %}
          {%- set grains_yaml = load_grains_file()|load_yaml %}
          {%- for state, priority in grains_yaml['orchestrate'].iteritems() %}
          {%- for state, priority in grains_yaml['orchestrate'].items() %}
            {%- do priorities.update({ formula_name+'.'+state: grains_yaml['orchestrate'][state]['priority'] }) %}
            {%- set arguments = [] %}
            {%- for arg_name, arg_value in grains_yaml['orchestrate'][state].iteritems() %}
            {%- for arg_name, arg_value in grains_yaml['orchestrate'][state].items() %}
              {%- if 'priority' not in arg_name %}
                {%- do arguments.append({arg_name: arg_value}) %}
              {%- endif %}
--- a/salt/master/pillar.sls
+++ b/salt/master/pillar.sls
 {%- if master.system is defined %}
 {%- for formula_name, formula in master.system.get('formula', {}).iteritems() %}
 {%- for formula_name, formula in master.system.get('formula', {}).items() %}
 /srv/salt/reclass/classes/service/{{ formula_name }}:
  file.symlink:
 {%- else %}
 {%- for environment_name, environment in master.get('environment', {}).iteritems() %}
 {%- for environment_name, environment in master.get('environment', {}).items() %}
 {%- for formula_name, formula in environment.get('formula', {}).iteritems() %}
 {%- for formula_name, formula in environment.get('formula', {}).items() %}
 {%- if environment_name == master.base_environment %}
--- a/salt/meta/salt.yml
+++ b/salt/meta/salt.yml
    {%- set ca_key_file = ca.get('ca_key_file', '/etc/pki/ca/' ~ ca_name ~ '/ca.key') %}
    {%- set ca_certs_dir = salt['file.dirname'](ca_file) ~ '/certs/' %}
    {%- for signing_policy_name, signing_policy in ca.signing_policy.iteritems() %}
    {%- for signing_policy_name, signing_policy in ca.signing_policy.items() %}
      {{ ca_name }}_{{ signing_policy_name }}:
        - minions: '{{ signing_policy.minions }}'
        - signing_private_key: {{ ca_key_file }}
    virt:
      {%- if control.net_profile is defined %}
      nic:
        {%- for item_name, item in control.net_profile.iteritems() %}
        {%- for item_name, item in control.net_profile.items() %}
        {{ item_name }}:
          {%- for iface_name, iface in item.iteritems() %}
          {%- for iface_name, iface in item.items() %}
          {{ iface_name }}:
            {%- if iface.bridge is defined %}
            bridge: {{ iface.bridge }}
      {%- endif %}
      {%- if control.disk_profile is defined %}
      disk:
        {%- for item_name, item in control.disk_profile.iteritems() %}
        {%- for item_name, item in control.disk_profile.items() %}
        {{ item_name }}:
          {%- for disk_name, disk in item.iteritems() %}
          {%- for disk_name, disk in item.items() %}
          - {{ disk }}:
              {%- if disk.size is defined %}
              size: {{ disk.size }}
--- a/salt/minion/ca.sls
+++ b/salt/minion/ca.sls
 {%- set all_ca_certs_dir = '/etc/pki/all_cas' %}
 {%- for ca_name,ca in minion.ca.iteritems() %}
 {%- for ca_name,ca in minion.ca.items() %}
 {%- set ca_file = ca.get('ca_file', '/etc/pki/ca/' ~ ca_name ~ '/ca.crt') %}
 {%- set ca_key_file = ca.get('ca_key_file', '/etc/pki/ca/' ~ ca_name ~ '/ca.key') %}
--- a/salt/minion/cert.sls
+++ b/salt/minion/cert.sls
 {%- set created_ca_files = [] %}
 {%- for cert_name,cert in minion.get('cert', {}).iteritems() %}
 {%- for cert_name,cert in minion.get('cert', {}).items() %}
 {%- if cert.get('enabled', True) %}
 {%- set rowloop = loop %}
      - x509: {{ cert_file }}
 {%- if cert.host is defined and ca_file not in created_ca_files %}
 {%- for ca_path,ca_cert in salt['mine.get'](cert.host, 'x509.get_pem_entries').get(cert.host, {}).iteritems() %}
 {%- for ca_path,ca_cert in salt['mine.get'](cert.host, 'x509.get_pem_entries').get(cert.host, {}).items() %}
 {%- if '/etc/pki/all_cas/'+cert.authority in ca_path %}
 {%- if minion.get('trust_salt_ca', True) %}
 {%- for trusted_ca_minion in minion.get('trusted_ca_minions', []) %}
 {%- for ca_host, certs in salt['mine.get'](trusted_ca_minion+'*', 'x509.get_pem_entries').iteritems() %}
 {%- for ca_path, ca_cert in certs.iteritems() %}
 {%- for ca_host, certs in salt['mine.get'](trusted_ca_minion+'*', 'x509.get_pem_entries').items() %}
 {%- for ca_path, ca_cert in certs.items() %}
 {%- if ca_path.endswith('ca.crt') %}
 {# authority name can be obtained only from a cacert path in case of mine.get #}
--- a/salt/minion/grains.sls
+++ b/salt/minion/grains.sls
  {%- set support_yaml = load_support_file()|load_yaml %}
  {%- if support_yaml and support_yaml.get('grain', {}) %}
    {%- for name, grain in support_yaml.get('grain', {}).iteritems() %}
    {%- for name, grain in support_yaml.get('grain', {}).items() %}
 salt_minion_grain_{{ service_name }}_{{ name }}:
  file.managed:
    - name: /etc/salt/grains.d/{{ name }}
--- a/salt/minion/proxy.sls
+++ b/salt/minion/proxy.sls
 {%- set napalm = false %}
 {%- for proxy_name, proxy_device in proxy_minion.get('device', {}).iteritems() %}
 {%- for proxy_name, proxy_device in proxy_minion.get('device', {}).items() %}
 {%- if proxy_device.engine == 'napalm' %}
 {%- endif %}
 {%- for proxy_name, proxy_device in proxy_minion.get('device', {}).iteritems() %}
 {%- for proxy_name, proxy_device in proxy_minion.get('device', {}).items() %}
 salt_proxy_{{ proxy_name }}_service:
  service.running:
--- a/salt/minion/service.sls
+++ b/salt/minion/service.sls
    {%- set support_yaml = load_support_file()|load_yaml %}
    {%- if support_yaml and support_yaml.get('minion', {}) %}
      {%- for name, conf in support_yaml.get('minion', {}).iteritems() %}
      {%- for name, conf in support_yaml.get('minion', {}).items() %}
 salt_minion_config_{{ service_name }}_{{ name }}:
  file.managed:
    - name: /etc/salt/minion.d/_{{ name }}.conf