Missing package dependancies added.
A missing "config" parameter for qemu-nbd based seeding
method added.
A new seeding method utilising Cloud-init added.
The qemu-nbd based method is still a default method
for backward compatibility.
To enable cloud-init, set the "seed" parameter on
a cluster or node level to "cloud-init".
To disable seeding, set this parameter to "false".
Setting this parameter to "true" will default to
the "qemu-nbd" method.
Salt Minion config file will be created automatically
and may be overrided via cluster or node level
metadata:
salt:
control:
cluster:
mycluster:
seed: cloud-init
cloud_init:
user_data:
salt_minion:
conf:
master: 10.1.1.1
or for qemu-nbd case:
salt:
control:
cluster:
mycluster:
seed: true
config:
host: 10.1.1.1
That may be useful when Salt Master has two IPs in
different networks and one of the networks isn't accessible
from a VM at the moment it's created. Setting a reachable
Salt master IP from metadata helps avoid potential problems.
Also, a liitle optimization has been done to parse/dump
an libvirt XML only once while modifying it.
Change-Id: I091cf409cb43ba2d0a18eaf2a08c11e88d0334e2
Closes-Bug: PROD-22191
Spawning AArch64 VMs using salt.control.virt requires a few extra
domain configuration items to be configurable:
- libvirt xml: pass loader param to vm
Based on upstream commit [1].
- libvirt xml: pass virt machine type
- libvirt xml: pass cpu mode to vm
- virt module: Allow NVRAM unlinking on DOM undefine
UEFI-enabled VMs usually have pflash (NVRAM) devices attached,
which require one additional libvirt flag to be passed at 'undefine'.
This is usually the case for AArch64 (arm64) VMs, where AAVMF (AA64
UEFI) is the only supported guest bootloader.
[1] https://github.com/saltstack/salt/commit/9cace9adb
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
[Fix] Doc
Issue: - It is not possible to pass [R]andom [N]umber [G]enerator
device to libvirt guest xml in order to control entropy.
- Doc has no information on how to provision vms using salt
Solution: - Pass rng parameters via kwargs from node: pillar
Attach rng xml object to generated xml.
- Provide with an example
Prod-Related: PROD-19214
Customer-Found
Change-Id: Iea111f2d927edf46f06bb7ccfad06d37b752fba9
salt-minion started via upstart is not using /etc/environment to
source variables therefore is not using system wide http_proxy parameters if
they are set there. With this patch if salt.minion.env_vars is set to engine:
file salt will set envvars in /etc/default/salt-minion and will use them for
all commands executed remotely via salt. Since /etc/default is not used on
systems with systemd override for salt-minion to use /etc/environmnet will be
set.
Change-Id: Icfe122de2486a83820a0bd2e2aeea4be3796c6aa
Closes-bug: PROD-16676
Exposing CA keys in a mine creates a security flaw, thus such
should be avoided.
This change removes code responsible for putting and retrieving
CA key from a mine and changes the ca.sls state to allow configuring
where CA cert and its key would be generated as well as their owners.
Fixes PROD-13439
Change-Id: I6d78b13dcb3754c51606edd7e2d8158e128244a4
This is useful when using proxies. The default Tornado backend does not
utilize proxy environment variables and isn't able to set no_proxy variable.
Change-Id: I4a51c6fc9abe65d46ed4f3adeb30f7a25337857e
Andrei Danin
Pavel Cizinsky
Alexandru Avadanii
Dzmitry Stremkouski
Ivan Suzdal
Mykyta Karpin
Petr Michalec
Oleksii Chupryn
Jakub Josef
Marcin Iwinski
Mateusz Los
Jiri Broulik
Ales Komarek
Dennis Dmitriev
Elena Ezhova
Sam Stoelinga
Ales Komarek
Martin819
Filip Pytloun
Ales Komarek