valitydev/salt
14
0
Fork 0
mirror of https://github.com/valitydev/salt.git synced 2024-11-07 08:58:59 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge pull request #40284 from The-Loeki/cache-roster2

Browse Source 
cache roster: Add SDB support, improve documentation
This commit is contained in:
Erik Johnson 2017-04-03 15:21:01 -05:00 committed by GitHub
commit 0088a850bc
2 changed files with 85 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
doc/topics/releases/nitrogen.rst
View File

@ -376,10 +376,12 @@ New SSH Cache Roster
====================
The :mod:`SSH cache Roster <salt.roster.cache>` has been rewritten from scratch to increase its usefulness.
The new roster supports all minion matchers, so it is now possible to target minions identically through `salt` and `salt-ssh`.
The new configuration syntax allows for flexible combinations of arbitrary grains, pillar and mine data.
This applies not just for the `host` of a minion, but also for other configuration data.
The new release is also fully IPv4 and IPv6 enabled and even allows for the selection of certain CIDR ranges for connecting.
The new roster supports all minion matchers,
so it is now possible to target minions identically through `salt` and `salt-ssh`.
Using the new ``roster_order`` configuration syntax it's now possible to compose a roster out of any combination
of grains, pillar and mine data and even Salt SDB URLs.
The new release is also fully IPv4 and IPv6 enabled and even has support for CIDR ranges.
Deprecations
============

104
salt/roster/cache.py
View File

@ -1,14 +1,47 @@
# -*- coding: utf-8 -*-
'''
This roster module can query the Salt Master's cache to access minions over ``salt-ssh``.
The `cache` roster provides a flexible interface to the Salt Masters' minion cache
to access regular minions over ``salt-ssh``.
The roster uses the configuration option ``roster_order`` to get a list of hosts from the minion data.
.. versionadded:: Nitrogen
All matched minions will have the SSH options from ``roster_defaults`` in the master configuration, appended with
the config options found in ``roster_order``.
- grains, pillar, mine data matching
- SDB URLs
- IPv6 support
- roster_order per config key
- default order changed to industry-wide best practices
- CIDR range selection
Targeting
---------
This roster supports all matching and targeting of the Salt Master.
The matching will be done using only the Salt Master's cache.
The Roster Order
----------------
The roster's composition can be configured using ``roster_order``.
In the ``roster_order`` you can define *any* roster key and fill it with a parameter
overriding the one in ``roster_defaults``:
The default configuration is:
.. code-block:: yaml
roster_order:
host: id # use the minion id as hostname
You can define lists of parameters as well, the first result from the list will become the value.
Selecting a host
================
.. code-block:: yaml
# default
roster_order:
host:
- ipv6-private # IPv6 addresses in private ranges
@ -18,38 +51,53 @@ roster_order:
- ipv4-local # loopback addresses
Various other keys are also supported:
This is the default ``roster_order``.
It prefers IPv6 over IPv4 addresses and private addresses over public ones.
The relevant data will be fetched from the cache in-order, and the first match will fill the ``host`` key.
Other address selection parameters are also possible:
.. code-block:: yaml
# Examples
roster_order:
host:
- id # use the minion id
- global|public|private|local # Both IPv6 and IPv4 addresses in that range
- grain: fqdn_ip4 # lookup this grain
- pillar: # Works with pillardata too
- dns:fqdn # ':' syntax and lists supported
- 2000::/3 # CIDR networks, both IPv4 and IPv6 are supported
Using cached data
=================
Several cached libraries can be selected using the ``library: `` prefix, followed by the library key.
This can be referenced using the same ``:`` syntax as e.g. :py:func:`pillar.get <salt.modules.pillar.get>`.
Lists of references are also supported during the lookup, as are Salt SDB URLs.
This should be especially useful for the other roster keys:
.. code-block:: yaml
roster_order:
host:
- grain: fqdn_ip4 # Lookup this grain
- mine: network.ip_addrs # Mine data lookup works the same
- 2000::/3 # CIDR networks, both IPv4 and IPv6 supported
# The lookup can be used for arbitrary other keys as well,
user: pillar: ssh:auth:user
password: sdb://vault/ssh_pass # Salt SDB URLs are also supported
user:
- pillar: ssh:auth:user # Lookup this pillar key
- sdb://osenv/USER # Lookup this env var through sdb
priv:
- pillar: ssh:auth:private_key
.. versionadded:: Nitrogen
expanded functionality to include arbitrary pillar and grain keys, IPv6 addresses
allow roster_order per key in config
changed default order in line with os defaults
- pillar: # Lists are also supported
- salt:ssh:private_key
- ssh:auth:private_key
'''
from __future__ import absolute_import
# Python
import re
import logging
import re
# Salt libs
import salt.utils.minions
@ -62,8 +110,10 @@ log = logging.getLogger(__name__)
def targets(tgt, tgt_type='glob', **kwargs): # pylint: disable=W0613
'''
Return the targets from the minion cache
evaluate roster_order when determining config values
Return the targets from the Salt Masters' minion cache.
All targets and matchers are supported.
The resulting roster can be configured using ``roster_order`` and ``roster_default``.
'''
minions = salt.utils.minions.CkMinions(__opts__)
minions = minions.check_minions(tgt, tgt_type)
@ -162,6 +212,7 @@ def _data_lookup(ref, lookup):
def _minion_lookup(minion_id, key, minion):
grains, pillar, addrs, mine = minion
if key == 'id':
# Just paste in the minion ID
return minion_id
@ -179,6 +230,9 @@ def _minion_lookup(minion_id, key, minion):
return k
return None
elif key.startswith('sdb://'):
# It's a Salt SDB url
return salt['sdb.get'](key)
elif re.match(r'^[0-9a-fA-F:./]+$', key):
# It smells like a CIDR block
try: