Merge branch 'develop' into fix/rabbitmq_policy

2024-11-08 09:23:56 +00:00 · 2017-09-28 12:01:13 -04:00 · 2017-09-28 12:01:13 -04:00 · 28b9d9af26
commit 28b9d9af26
parent eb73bac25f 77ef439ee0
1771 changed files with 99714 additions and 31171 deletions
--- a/.github/CODEOWNERS
+++ b/.github/CODEOWNERS
@ -0,0 +1,60 @@
 # SALTSTACK CODE OWNERS
 # See https://help.github.com/articles/about-codeowners/
 # for more info about CODEOWNERS file
 # Lines starting with '#' are comments.
 # Each line is a file pattern followed by one or more owners.
 # See https://help.github.com/articles/about-codeowners/
 # for more info about the CODEOWNERS file
 # Team Boto
 salt/**/*boto*                      @saltstack/team-boto
 # Team Core
 salt/auth/                          @saltstack/team-core
 salt/cache/                         @saltstack/team-core
 salt/cli/                           @saltstack/team-core
 salt/client/*                       @saltstack/team-core
 salt/config/*                       @saltstack/team-core
 salt/daemons/                       @saltstack/team-core
 salt/pillar/                        @saltstack/team-core
 salt/loader.py                      @saltstack/team-core
 salt/payload.py                     @saltstack/team-core
 salt/**/master*                     @saltstack/team-core
 salt/**/minion*                     @saltstack/team-core
 # Team Cloud
 salt/cloud/                         @saltstack/team-cloud
 salt/utils/openstack/               @saltstack/team-cloud
 salt/utils/aws.py                   @saltstack/team-cloud
 salt/**/*cloud*                     @saltstack/team-cloud
 # Team NetAPI
 salt/cli/api.py                     @saltstack/team-netapi
 salt/client/netapi.py               @saltstack/team-netapi
 salt/netapi/                        @saltstack/team-netapi
 # Team Network
 salt/proxy/                         @saltstack/team-proxy
 # Team SPM
 salt/cli/spm.py                     @saltstack/team-spm
 salt/spm/                           @saltstack/team-spm
 # Team SSH
 salt/cli/ssh.py                     @saltstack/team-ssh
 salt/client/ssh/                    @saltstack/team-ssh
 salt/runners/ssh.py                 @saltstack/team-ssh
 salt/**/thin.py                     @saltstack/team-ssh
 # Team State
 salt/state.py                       @saltstack/team-state
 # Team Transport
 salt/transport/                     @saltstack/team-transport
 salt/utils/zeromq.py                @saltstack/team-transport
 # Team Windows
 salt/**/*win*                       @saltstack/team-windows
--- a/.github/stale.yml
+++ b/.github/stale.yml
@ -0,0 +1,33 @@
 # Probot Stale configuration file
 # Number of days of inactivity before an issue becomes stale
 # 1000 is approximately 2 years and 9 months
 daysUntilStale: 1000
 # Number of days of inactivity before a stale issue is closed
 daysUntilClose: 7
 # Issues with these labels will never be considered stale
 #exemptLabels:
 #  - pinned
 #  - security
 # Label to use when marking an issue as stale
 staleLabel: stale
 # Comment to post when marking an issue as stale. Set to `false` to disable
 markComment: |
  This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.
  If this issue is closed prematurely, please leave a comment and we will gladly reopen the issue.
 # Comment to post when removing the stale label. Set to `false` to disable
 unmarkComment: |
  Thank you for updating this issue. It is no longer marked as stale.
 # Comment to post when closing a stale issue. Set to `false` to disable
 closeComment: false
 # Limit to only `issues` or `pulls`
 only: issues
--- a/.mention-bot
+++ b/.mention-bot
@ -1,5 +1,17 @@
 {
  "alwaysNotifyForPaths": [
    {
      "name": "ryan-lane",
      "files": ["salt/**/*boto*.py"],
      "skipTeamPrs": false
    },
    {
      "name": "tkwilliams",
      "files": ["salt/**/*boto*.py"],
      "skipTeamPrs": false
    }
  ],
 "skipTitle": "Merge forward",
- "userBlacklist": ["cvrebert", "markusgattol", "olliewalsh"]
+ "userBlacklist": ["cvrebert", "markusgattol", "olliewalsh", "basepi"]
 }
--- a/.pylintrc
+++ b/.pylintrc
@ -74,7 +74,7 @@ confidence=
 # can either give multiple identifiers separated by comma (,) or put this
 # option multiple times (only on the command line, not in the configuration
 # file where it should appear only once).You can also use "--disable=all" to
-# disable everything first and then reenable specific checks. For example, if
+# disable everything first and then re-enable specific checks. For example, if
 # you want to run only the similarities checker, you can use "--disable=all
 # --enable=similarities". If you want to run only the classes checker, but have
 # no Warning level messages displayed, use"--disable=all --enable=classes
--- a/.testing.pylintrc
+++ b/.testing.pylintrc
@ -71,7 +71,7 @@ confidence=
 # can either give multiple identifiers separated by comma (,) or put this
 # option multiple times (only on the command line, not in the configuration
 # file where it should appear only once).You can also use "--disable=all" to
-# disable everything first and then reenable specific checks. For example, if
+# disable everything first and then re-enable specific checks. For example, if
 # you want to run only the similarities checker, you can use "--disable=all
 # --enable=similarities". If you want to run only the classes checker, but have
 # no Warning level messages displayed, use"--disable=all --enable=classes
--- a/CODE_OF_CONDUCT.md
+++ b/CODE_OF_CONDUCT.md
--- a/README.rst
+++ b/README.rst
@ -67,10 +67,11 @@ Engage SaltStack
 `SaltConf`_, **User Groups and Meetups** - SaltStack has a vibrant and `global
 community`_ of customers, users, developers and enthusiasts. Connect with other
-Salted folks in your area of the world, or join `SaltConf16`_, the SaltStack
+Salted folks in your area of the world, or join `SaltConf`_, the SaltStack
-annual user conference, April 19-21 in Salt Lake City. Please let us know if
+annual user conference held in Salt Lake City. Please visit the `SaltConf`_ site
-you would like to start a user group or if we should add your existing
+for details of our next conference. Also, please let us know if you would like
-SaltStack user group to this list by emailing: info@saltstack.com
+to start a user group or if we should add your existing SaltStack user group to
 this list by emailing: info@saltstack.com
 **SaltStack Training** - Get access to proprietary `SaltStack education
 offerings`_ through instructor-led training offered on-site, virtually or at
@ -89,9 +90,8 @@ services`_ offerings.
 * LinkedIn Group - `<https://www.linkedin.com/groups/4877160>`_
 * Google+ - `<https://plus.google.com/b/112856352920437801867/+SaltStackInc/posts>`_
 .. _SaltConf: http://www.youtube.com/user/saltstack
 .. _global community: http://www.meetup.com/pro/saltstack/
-.. _SaltConf16: http://saltconf.com/
+.. _SaltConf: http://saltconf.com/
 .. _SaltStack education offerings: http://saltstack.com/training/
 .. _SaltStack Certified Engineer (SSCE): http://saltstack.com/certification/
 .. _SaltStack professional services: http://saltstack.com/services/
--- a/conf/cloud
+++ b/conf/cloud
@ -97,3 +97,14 @@
 #
 #delete_sshkeys: False
 # Whether or not to include grains information in the /etc/salt/minion file
 # which is generated when the minion is provisioned.  For example...
 #   grains:
 #     salt-cloud:
 #       driver: ec2
 #       provider: my_ec2:ec2
 #       profile: micro_ec2
 #
 # Default: 'True'
 #
 #enable_cloud_grains: 'True'
--- a/conf/cloud.providers
+++ b/conf/cloud.providers
@ -3,7 +3,7 @@
 # directory is identical.
 #my-digitalocean-config:
-#  driver: digital_ocean
+#  driver: digitalocean
 #  client_key: wFGEwgregeqw3435gDger
 #  api_key: GDE43t43REGTrkilg43934t34qT43t4dgegerGEgg
 #  location: New York 1
--- a/conf/cloud.providers.d/digitalocean.conf
+++ b/conf/cloud.providers.d/digitalocean.conf
@ -1,5 +1,5 @@
 #my-digitalocean-config:
-#  driver: digital_ocean
+#  driver: digitalocean
 #  client_key: wFGEwgregeqw3435gDger
 #  api_key: GDE43t43REGTrkilg43934t34qT43t4dgegerGEgg
 #  location: New York 1
--- a/conf/master
+++ b/conf/master
@ -59,15 +59,14 @@
 # Directory for custom modules. This directory can contain subdirectories for
 # each of Salt's module types such as "runners", "output", "wheel", "modules",
-# "states", "returners", etc.
+# "states", "returners", "engines", "utils", etc.
-#extension_modules: <no default>
+#extension_modules: /var/cache/salt/master/extmods
 # Directory for custom modules. This directory can contain subdirectories for
 # each of Salt's module types such as "runners", "output", "wheel", "modules",
-# "states", "returners", "engines", etc.
+# "states", "returners", "engines", "utils", etc.
 # Like 'extension_modules' but can take an array of paths
-#module_dirs: <no default>
+#module_dirs: []
 #   - /var/cache/salt/minion/extmods
 # Verify and set permissions on configuration directories at startup:
 #verify_env: True
@ -91,6 +90,10 @@
 # Set the default outputter used by the salt command. The default is "nested".
 #output: nested
 # To set a list of additional directories to search for salt outputters, set the
 # outputter_dirs option.
 #outputter_dirs: []
 # Set the default output file used by the salt command. Default is to output
 # to the CLI and not to a file. Functions the same way as the "--out-file"
 # CLI option, only sets this to a single file for all salt commands.
@ -99,6 +102,9 @@
 # Return minions that timeout when running commands like test.ping
 #show_timeout: True
 # Tell the client to display the jid when a job is published.
 #show_jid: False
 # By default, output is colored. To disable colored output, set the color value
 # to False.
 #color: True
@ -294,6 +300,22 @@
 #####        Security settings       #####
 ##########################################
 # Enable passphrase protection of Master private key.  Although a string value
 # is acceptable; passwords should be stored in an external vaulting mechanism
 # and retrieved via sdb. See https://docs.saltstack.com/en/latest/topics/sdb/.
 # Passphrase protection is off by default but an example of an sdb profile and
 # query is as follows.
 # masterkeyring:
 #  driver: keyring
 #  service: system
 #
 # key_pass: sdb://masterkeyring/key_pass
 # Enable passphrase protection of the Master signing_key. This only applies if
 # master_sign_pubkey is set to True.  This is disabled by default.
 # master_sign_pubkey: True
 # signing_key_pass: sdb://masterkeyring/signing_pass
 # Enable "open mode", this mode still maintains encryption, but turns off
 # authentication, this is only intended for highly secure environments or for
 # the situation where your keys end up in a bad state. If you run in open mode
@ -304,6 +326,9 @@
 # public keys from the minions. Note that this is insecure.
 #auto_accept: False
 # The size of key that should be generated when creating new keys.
 #keysize: 2048
 # Time in minutes that an incoming public key with a matching name found in
 # pki_dir/minion_autosign/keyid is automatically accepted. Expired autosign keys
 # are removed when the master checks the minion_autosign directory.
@ -414,6 +439,20 @@
 # will cause minion to throw an exception and drop the message.
 # sign_pub_messages: False
 # Signature verification on messages published from minions
 # This requires that minions cryptographically sign the messages they
 # publish to the master.  If minions are not signing, then log this information
 # at loglevel 'INFO' and drop the message without acting on it.
 # require_minion_sign_messages: False
 # The below will drop messages when their signatures do not validate.
 # Note that when this option is False but `require_minion_sign_messages` is True
 # minions MUST sign their messages but the validity of their signatures
 # is ignored.
 # These two config options exist so a Salt infrastructure can be moved
 # to signing minion messages gradually.
 # drop_messages_signature_fail: False
 # Use TLS/SSL encrypted connection between master and minion.
 # Can be set to a dictionary containing keyword arguments corresponding to Python's
 # 'ssl.wrap_socket' method.
@ -440,6 +479,27 @@
 # - /etc/salt/roster.d
 # - /opt/salt/some/more/rosters
 # The ssh password to log in with.
 #ssh_passwd: ''
 #The target system's ssh port number.
 #ssh_port: 22
 # Comma-separated list of ports to scan.
 #ssh_scan_ports: 22
 # Scanning socket timeout for salt-ssh.
 #ssh_scan_timeout: 0.01
 # Boolean to run command via sudo.
 #ssh_sudo: False
 # Number of seconds to wait for a response when establishing an SSH connection.
 #ssh_timeout: 60
 # The user to log in as.
 #ssh_user: root
 # The log file of the salt-ssh command:
 #ssh_log_file: /var/log/salt/ssh
@ -453,6 +513,18 @@
 # authentication with minions
 #ssh_use_home_key: False
 # Set this to True to default salt-ssh to run with ``-o IdentitiesOnly=yes``.
 # This option is intended for situations where the ssh-agent offers many
 # different identities and allows ssh to ignore those identities and use the
 # only one specified in options.
 #ssh_identities_only: False
 # List-only nodegroups for salt-ssh. Each group must be formed as either a
 # comma-separated list, or a YAML list. This option is useful to group minions
 # into easy-to-target groups when using salt-ssh. These groups can then be
 # targeted with the normal -N argument to salt-ssh.
 #ssh_list_nodegroups: {}
 #####    Master Module Management    #####
 ##########################################
 # Manage how master side modules are loaded.
@ -460,6 +532,9 @@
 # Add any additional locations to look for master runners:
 #runner_dirs: []
 # Add any additional locations to look for master utils:
 #utils_dirs: []
 # Enable Cython for master side modules:
 #cython_enable: False
@ -521,6 +596,11 @@
 # If set to 'changes', the output will be full unless the state didn't change.
 #state_output: full
 # The state_output_diff setting changes whether or not the output from
 # successful states is returned. Useful when even the terse output of these
 # states is cluttering the logs. Set it to True to ignore them.
 #state_output_diff: False
 # Automatically aggregate all states that have support for mod_aggregate by
 # setting to 'True'. Or pass a list of state module names to automatically
 # aggregate just those types.
@ -561,6 +641,10 @@
 #    - /srv/salt
 #
 # The master_roots setting configures a master-only copy of the file_roots dictionary,
 # used by the state compiler.
 #master_roots: /srv/salt-master
 # When using multiple environments, each with their own top file, the
 # default behaviour is an unordered merge. To prevent top files from
 # being merged together and instead to only use the top file from the
@ -905,6 +989,21 @@
 #pillar_cache_backend: disk
 ######        Reactor Settings        #####
 ###########################################
 # Define a salt reactor. See https://docs.saltstack.com/en/latest/topics/reactor/
 #reactor: []
 #Set the TTL for the cache of the reactor configuration.
 #reactor_refresh_interval: 60
 #Configure the number of workers for the runner/wheel in the reactor.
 #reactor_worker_threads: 10
 #Define the queue size for workers in the reactor.
 #reactor_worker_hwm: 10000
 #####          Syndic settings       #####
 ##########################################
 # The Salt syndic is used to pass commands through a master from a higher
--- a/conf/minion
+++ b/conf/minion
@ -151,7 +151,11 @@
 # Set the default outputter used by the salt-call command. The default is
 # "nested".
 #output: nested
-#
+
 # To set a list of additional directories to search for salt outputters, set the
 # outputter_dirs option.
 #outputter_dirs: []
 # By default output is colored. To disable colored output, set the color value
 # to False.
 #color: True
@ -231,7 +235,7 @@
 # cause sub minion process to restart.
 #auth_safemode: False
-# Ping Master to ensure connection is alive (minutes).
+# Ping Master to ensure connection is alive (seconds).
 #ping_interval: 0
 # To auto recover minions if master changes IP address (DDNS)
@ -369,6 +373,9 @@
 #    interface: eth0
 #    cidr: '10.0.0.0/8'
 # The number of minutes between mine updates.
 #mine_interval: 60
 # Windows platforms lack posix IPC and must rely on slower TCP based inter-
 # process communications. Set ipc_mode to 'tcp' on such systems
 #ipc_mode: ipc
@ -613,6 +620,9 @@
 # you do so at your own risk!
 #open_mode: False
 # The size of key that should be generated when creating new keys.
 #keysize: 2048
 # Enable permissive access to the salt keys.  This allows you to run the
 # master or minion as root, but have a non-root group be given access to
 # your pki_dir.  To make the access explicit, root must belong to the group
@ -654,6 +664,21 @@
 #    ssl_version: PROTOCOL_TLSv1_2
 ######        Reactor Settings        #####
 ###########################################
 # Define a salt reactor. See https://docs.saltstack.com/en/latest/topics/reactor/
 #reactor: []
 #Set the TTL for the cache of the reactor configuration.
 #reactor_refresh_interval: 60
 #Configure the number of workers for the runner/wheel in the reactor.
 #reactor_worker_threads: 10
 #Define the queue size for workers in the reactor.
 #reactor_worker_hwm: 10000
 ######         Thread settings        #####
 ###########################################
 # Disable multiprocessing support, by default when a minion receives a
@ -664,6 +689,12 @@
 # for a full explanation.
 #multiprocessing: True
 # Limit the maximum amount of processes or threads created by salt-minion.
 # This is useful to avoid resource exhaustion in case the minion receives more
 # publications than it is able to handle, as it limits the number of spawned
 # processes or threads. -1 is the default and disables the limit.
 #process_count_max: -1
 #####         Logging settings       #####
 ##########################################
--- a/conf/proxy
+++ b/conf/proxy
@ -28,27 +28,27 @@
 # dictionary.  Otherwise it is assumed that the module calls the grains
 # function in a custom way and returns the data elsewhere
 #
-# Default to False for 2016.3 and 2016.11. Switch to True for Nitrogen.
+# Default to False for 2016.3 and 2016.11. Switch to True for 2017.7.0.
 # proxy_merge_grains_in_module: True
 # If a proxymodule has a function called 'alive' returning a boolean
 # flag reflecting the state of the connection with the remove device,
 # when this option is set as True, a scheduled job on the proxy will
 # try restarting the connection. The polling frequency depends on the
-# next option, 'proxy_keep_alive_interval'. Added in Nitrogen.
+# next option, 'proxy_keep_alive_interval'. Added in 2017.7.0.
 # proxy_keep_alive: True
 # The polling interval (in minutes) to check if the underlying connection
 # with the remote device is still alive. This option requires
 # 'proxy_keep_alive' to be configured as True and the proxymodule to
-# implement the 'alive' function. Added in Nitrogen.
+# implement the 'alive' function. Added in 2017.7.0.
 # proxy_keep_alive_interval: 1
 # By default, any proxy opens the connection with the remote device when
 # initialized. Some proxymodules allow through this option to open/close
 # the session per command. This requires the proxymodule to have this
 # capability. Please consult the documentation to see if the proxy type
-# used can be that flexible. Added in Nitrogen.
+# used can be that flexible. Added in 2017.7.0.
 # proxy_always_alive: True
 # If multiple masters are specified in the 'master' setting, the default behavior
--- a/conf/suse/master
+++ b/conf/suse/master
--- a/doc/Makefile
+++ b/doc/Makefile
@ -9,11 +9,6 @@ BUILDDIR      = _build
 SPHINXLANG    =
 XELATEX       = xelatex
 # User-friendly check for sphinx-build
 ifeq ($(shell which $(SPHINXBUILD) >/dev/null 2>&1; echo $$?), 1)
 $(error The '$(SPHINXBUILD)' command was not found. Make sure you have Sphinx installed, then set the SPHINXBUILD environment variable to point to the full path of the '$(SPHINXBUILD)' executable. Alternatively you can add the directory with the executable to your PATH. If you don't have Sphinx installed, grab it from http://sphinx-doc.org/)
 endif
 # ----- Translations Support ------------------------------------------------>
 #  If language is set, also set translation options
 ifeq ($(shell [ "x$(SPHINXLANG)" != "x" ] && echo 0 || echo 1), 0)
@ -36,7 +31,7 @@ ALLSPHINXOPTS   = -d $(BUILDDIR)/doctrees $(PAPEROPT_$(PAPER)) $(TRANSLATIONOPTS
 # the i18n builder cannot share the environment and doctrees with the others
 I18NSPHINXOPTS  = $(PAPEROPT_$(PAPER)) $(SPHINXOPTS) .
-.PHONY: help clean html dirhtml singlehtml pickle json htmlhelp qthelp devhelp epub latex latexpdf text man changes linkcheck doctest gettext translations download-translations
+.PHONY: help clean check_sphinx-build html dirhtml singlehtml pickle json htmlhelp qthelp devhelp epub latex latexpdf text man changes linkcheck doctest gettext translations download-translations
 help:
 	@echo "Please use \`make <target>' where <target> is one of"
@ -69,38 +64,42 @@ clean:
 	rm -rf $(BUILDDIR)/*
 	test -d 'locale' && find locale/ -name *.mo -exec rm {} \; || true
-html: translations
+# User-friendly check for sphinx-build
 check_sphinx-build:
 	@which $(SPHINXBUILD) >/dev/null 2>&1 || (echo "The '$(SPHINXBUILD)' command was not found. Make sure you have Sphinx installed, then set the SPHINXBUILD environment variable to point to the full path of the '$(SPHINXBUILD)' executable. Alternatively you can add the directory with the executable to your PATH. If you don't have Sphinx installed, grab it from http://sphinx-doc.org/)" >&2; false)
 html: check_sphinx-build translations
 	$(SPHINXBUILD) -b html $(ALLSPHINXOPTS) $(BUILDDIR)/html
 	@echo
 	@echo "Build finished. The HTML pages are in $(BUILDDIR)/html."
-dirhtml: translations
+dirhtml: check_sphinx-build translations
 	$(SPHINXBUILD) -b dirhtml $(ALLSPHINXOPTS) $(BUILDDIR)/dirhtml
 	@echo
 	@echo "Build finished. The HTML pages are in $(BUILDDIR)/dirhtml."
-singlehtml: translations
+singlehtml: check_sphinx-build translations
 	$(SPHINXBUILD) -b singlehtml $(ALLSPHINXOPTS) $(BUILDDIR)/singlehtml
 	@echo
 	@echo "Build finished. The HTML page is in $(BUILDDIR)/singlehtml."
-pickle: translations
+pickle: check_sphinx-build translations
 	$(SPHINXBUILD) -b pickle $(ALLSPHINXOPTS) $(BUILDDIR)/pickle
 	@echo
 	@echo "Build finished; now you can process the pickle files."
-json: translations
+json: check_sphinx-build translations
 	$(SPHINXBUILD) -b json $(ALLSPHINXOPTS) $(BUILDDIR)/json
 	@echo
 	@echo "Build finished; now you can process the JSON files."
-htmlhelp: translations
+htmlhelp: check_sphinx-build translations
 	$(SPHINXBUILD) -b htmlhelp $(ALLSPHINXOPTS) $(BUILDDIR)/htmlhelp
 	@echo
 	@echo "Build finished; now you can run HTML Help Workshop with the" \
 	      ".hhp project file in $(BUILDDIR)/htmlhelp."
-qthelp: translations
+qthelp: check_sphinx-build translations
 	$(SPHINXBUILD) -b qthelp $(ALLSPHINXOPTS) $(BUILDDIR)/qthelp
 	@echo
 	@echo "Build finished; now you can run "qcollectiongenerator" with the" \
@ -109,7 +108,7 @@ qthelp: translations
 	@echo "To view the help file:"
 	@echo "# assistant -collectionFile $(BUILDDIR)/qthelp/Salt.qhc"
-devhelp: translations
+devhelp: check_sphinx-build translations
 	$(SPHINXBUILD) -b devhelp $(ALLSPHINXOPTS) $(BUILDDIR)/devhelp
 	@echo
 	@echo "Build finished."
@ -118,31 +117,31 @@ devhelp: translations
 	@echo "# ln -s $(BUILDDIR)/devhelp $$HOME/.local/share/devhelp/Salt"
 	@echo "# devhelp"
-epub: translations
+epub: check_sphinx-build translations
 	$(SPHINXBUILD) -b epub $(ALLSPHINXOPTS) $(BUILDDIR)/epub
 	@echo
 	@echo "Build finished. The epub file is in $(BUILDDIR)/epub."
-latex: translations
+latex: check_sphinx-build translations
 	$(SPHINXBUILD) -b latex $(ALLSPHINXOPTS) $(BUILDDIR)/latex
 	@echo
 	@echo "Build finished; the LaTeX files are in $(BUILDDIR)/latex."
 	@echo "Run \`make' in that directory to run these through (pdf)latex" \
 	      "(use \`make latexpdf' here to do that automatically)."
-latexpdf: translations
+latexpdf: check_sphinx-build translations
 	$(SPHINXBUILD) -b latex $(ALLSPHINXOPTS) $(BUILDDIR)/latex
 	@echo "Running LaTeX files through pdflatex..."
 	$(MAKE) -C $(BUILDDIR)/latex all-pdf
 	@echo "pdflatex finished; the PDF files are in $(BUILDDIR)/latex."
-latexpdfja: translations
+latexpdfja: check_sphinx-build translations
 	$(SPHINXBUILD) -b latex $(ALLSPHINXOPTS) $(BUILDDIR)/latex
 	@echo "Running LaTeX files through platex and dvipdfmx..."
 	$(MAKE) -C $(BUILDDIR)/latex all-pdf-ja
 	@echo "pdflatex finished; the PDF files are in $(BUILDDIR)/latex."
-pdf: translations
+pdf: check_sphinx-build translations
 	@if [ "$(XELATEX)"  = "xelatex" ] || [ "x$(XELATEX)" = "x" ]; then \
 		echo "The '$(XELATEX)' command was not found."; \
 	fi
@ -157,62 +156,62 @@ cheatsheet: translations
 	cd cheatsheet &&  xelatex salt.tex && cp salt.pdf ../salt-cheatsheet.pdf
 	@echo "./salt-cheatsheet.pdf created."
-text: translations
+text: check_sphinx-build translations
 	$(SPHINXBUILD) -b text $(ALLSPHINXOPTS) $(BUILDDIR)/text
 	@echo
 	@echo "Build finished. The text files are in $(BUILDDIR)/text."
-man: translations
+man: check_sphinx-build translations
 	$(SPHINXBUILD) -b man $(ALLSPHINXOPTS) $(BUILDDIR)/man
 	@echo
 	@echo "Build finished. The manual pages are in $(BUILDDIR)/man."
-texinfo: translations
+texinfo: check_sphinx-build translations
 	$(SPHINXBUILD) -b texinfo $(ALLSPHINXOPTS) $(BUILDDIR)/texinfo
 	@echo
 	@echo "Build finished. The Texinfo files are in $(BUILDDIR)/texinfo."
 	@echo "Run \`make' in that directory to run these through makeinfo" \
 	      "(use \`make info' here to do that automatically)."
-info: translations
+info: check_sphinx-build translations
 	$(SPHINXBUILD) -b texinfo $(ALLSPHINXOPTS) $(BUILDDIR)/texinfo
 	@echo "Running Texinfo files through makeinfo..."
 	make -C $(BUILDDIR)/texinfo info
 	@echo "makeinfo finished; the Info files are in $(BUILDDIR)/texinfo."
-gettext:
+gettext: check_sphinx-build
 	$(SPHINXBUILD) -b gettext $(I18NSPHINXOPTS) $(BUILDDIR)/locale
 	@echo
 	@echo "Build finished. The message catalogs are in $(BUILDDIR)/locale"
-changes: translations
+changes: check_sphinx-build translations
 	$(SPHINXBUILD) -b changes $(ALLSPHINXOPTS) $(BUILDDIR)/changes
 	@echo
 	@echo "The overview file is in $(BUILDDIR)/changes."
-spelling:
+spelling: check_sphinx-build
 	$(SPHINXBUILD) -b spelling $(ALLSPHINXOPTS) $(BUILDDIR)/spelling
 	@echo
 	@echo "Spell check complete; look for any errors in the above output " \
 	      "or in $(BUILDDIR)/spelling/output.txt."
-linkcheck:
+linkcheck: check_sphinx-build
 	$(SPHINXBUILD) -b linkcheck $(ALLSPHINXOPTS) $(BUILDDIR)/linkcheck
 	@echo
 	@echo "Link check complete; look for any errors in the above output " \
 	      "or in $(BUILDDIR)/linkcheck/output.txt."
-doctest:
+doctest: check_sphinx-build
 	$(SPHINXBUILD) -b doctest $(ALLSPHINXOPTS) $(BUILDDIR)/doctest
 	@echo "Testing of doctests in the sources finished, look at the " \
 	      "results in $(BUILDDIR)/doctest/output.txt."
-xml: translations
+xml: check_sphinx-build translations
 	$(SPHINXBUILD) -b xml $(ALLSPHINXOPTS) $(BUILDDIR)/xml
 	@echo
 	@echo "Build finished. The XML files are in $(BUILDDIR)/xml."
-pseudoxml: translations
+pseudoxml: check_sphinx-build translations
 	$(SPHINXBUILD) -b pseudoxml $(ALLSPHINXOPTS) $(BUILDDIR)/pseudoxml
 	@echo
 	@echo "Build finished. The pseudo-XML files are in $(BUILDDIR)/pseudoxml."
--- a/doc/_ext/saltdomain.py
+++ b/doc/_ext/saltdomain.py
@ -309,3 +309,5 @@ def setup(app):
            indextemplate="pair: %s; conf/proxy")
    app.add_crossref_type(directivename="conf_log", rolename="conf_log",
            indextemplate="pair: %s; conf/logging")
    app.add_crossref_type(directivename="jinja_ref", rolename="jinja_ref",
            indextemplate="pair: %s; jinja filters")
--- a/doc/_themes/saltstack2/layout.html
+++ b/doc/_themes/saltstack2/layout.html
@ -255,8 +255,8 @@
                            <div class="col-sm-6">
                                 <a href="https://saltstack.com/support" target="_blank"><img class="nolightbox footer-banner center" src="{{ pathto('_static/images/footer-support.png', 1) }}"/></a>
                                 <a href="https://saltstack.com/saltstack-enterprise/" target="_blank"><img class="nolightbox footer-banner center" src="{{ pathto('_static/images/enterprise_ad.jpg', 1) }}"/></a>
                                 <a href="http://saltconf.com" target="_blank"><img class="nolightbox footer-banner center" src="{{ pathto('_static/images/DOCBANNER.jpg', 1) }}"/></a>
                            </div>
--- a/doc/_themes/saltstack2/static/images/DOCBANNER.jpg
+++ b/doc/_themes/saltstack2/static/images/DOCBANNER.jpg
--- a/doc/conf.py
+++ b/doc/conf.py
@ -26,7 +26,7 @@ class Mock(object):
    '''
    def __init__(self, mapping=None, *args, **kwargs):
        """
-        Mapping allows to bypass the Mock object, but actually assign
+        Mapping allows autodoc to bypass the Mock object, but actually assign
        a specific value, expected by a specific attribute returned.
        """
        self.__mapping = mapping or {}
@ -72,6 +72,7 @@ MOCK_MODULES = [
    'Crypto.Signature',
    'Crypto.Signature.PKCS1_v1_5',
    'M2Crypto',
    'msgpack',
    'yaml',
    'yaml.constructor',
    'yaml.nodes',
@ -244,9 +245,9 @@ on_saltstack = 'SALT_ON_SALTSTACK' in os.environ
 project = 'Salt'
 version = salt.version.__version__
-latest_release = '2016.11.4'  # latest release
+latest_release = '2017.7.1'  # latest release
-previous_release = '2016.3.6'  # latest release from previous branch
+previous_release = '2016.11.7'  # latest release from previous branch
-previous_release_dir = '2016.3'  # path on web server for previous branch
+previous_release_dir = '2016.11'  # path on web server for previous branch
 next_release = ''  # next release
 next_release_dir = ''  # path on web server for next release branch
@ -319,11 +320,21 @@ rst_prolog = """\
 .. _`salt-packagers`: https://groups.google.com/forum/#!forum/salt-packagers
 .. |windownload| raw:: html
-     <p>x86: <a href="https://repo.saltstack.com/windows/Salt-Minion-{release}-x86-Setup.exe"><strong>Salt-Minion-{release}-x86-Setup.exe</strong></a>
+     <p>Python2 x86: <a
-      | <a href="https://repo.saltstack.com/windows/Salt-Minion-{release}-x86-Setup.exe.md5"><strong>md5</strong></a></p>
+     href="https://repo.saltstack.com/windows/Salt-Minion-{release}-Py2-x86-Setup.exe"><strong>Salt-Minion-{release}-x86-Setup.exe</strong></a>
      | <a href="https://repo.saltstack.com/windows/Salt-Minion-{release}-Py2-x86-Setup.exe.md5"><strong>md5</strong></a></p>
     <p>Python2 AMD64: <a
     href="https://repo.saltstack.com/windows/Salt-Minion-{release}-Py2-AMD64-Setup.exe"><strong>Salt-Minion-{release}-AMD64-Setup.exe</strong></a>
      | <a href="https://repo.saltstack.com/windows/Salt-Minion-{release}-Py2-AMD64-Setup.exe.md5"><strong>md5</strong></a></p>
     <p>Python3 x86: <a
     href="https://repo.saltstack.com/windows/Salt-Minion-{release}-Py3-x86-Setup.exe"><strong>Salt-Minion-{release}-x86-Setup.exe</strong></a>
      | <a href="https://repo.saltstack.com/windows/Salt-Minion-{release}-Py3-x86-Setup.exe.md5"><strong>md5</strong></a></p>
     <p>Python3 AMD64: <a
     href="https://repo.saltstack.com/windows/Salt-Minion-{release}-Py3-AMD64-Setup.exe"><strong>Salt-Minion-{release}-AMD64-Setup.exe</strong></a>
      | <a href="https://repo.saltstack.com/windows/Salt-Minion-{release}-Py3-AMD64-Setup.exe.md5"><strong>md5</strong></a></p>
     <p>AMD64: <a href="https://repo.saltstack.com/windows/Salt-Minion-{release}-AMD64-Setup.exe"><strong>Salt-Minion-{release}-AMD64-Setup.exe</strong></a>
      | <a href="https://repo.saltstack.com/windows/Salt-Minion-{release}-AMD64-Setup.exe.md5"><strong>md5</strong></a></p>
 .. |osxdownload| raw:: html
@ -504,6 +515,7 @@ epub_copyright = copyright
 epub_scheme = 'URL'
 epub_identifier = 'http://saltstack.com/'
 epub_tocdup = False
 #epub_tocdepth = 3
--- a/doc/contents.rst
+++ b/doc/contents.rst
@ -28,3 +28,4 @@ Salt Table of Contents
    topics/windows/index
    topics/development/index
    topics/releases/index
    topics/venafi/index
--- a/doc/faq.rst
+++ b/doc/faq.rst
@ -190,6 +190,8 @@ PATH using a :mod:`file.symlink <salt.states.file.symlink>` state.
      file.symlink:
        - target: /usr/local/bin/foo
 .. _which-version:
 Can I run different versions of Salt on my Master and Minion?
 -------------------------------------------------------------
@ -260,9 +262,9 @@ service. But restarting the service while in the middle of a state run
 interrupts the process of the Minion running states and sending results back to
 the Master. A common way to workaround that is to schedule restarting of the
 Minion service using :ref:`masterless mode <masterless-quickstart>` after all
-other states have been applied. This allows to keep Minion to Master connection
+other states have been applied. This allows the minion to keep Minion to Master
-alive for the Minion to report the final results to the Master, while the
+connection alive for the Minion to report the final results to the Master, while
-service is restarting in the background.
+the service is restarting in the background.
 Upgrade without automatic restart
 *********************************
@ -319,7 +321,27 @@ Restart using states
 ********************
 Now we can apply the workaround to restart the Minion in reliable way.
-The following example works on both UNIX-like and Windows operating systems:
+The following example works on UNIX-like operating systems:
 .. code-block:: jinja
    {%- if grains['os'] != 'Windows' %
    Restart Salt Minion:
      cmd.run:
        - name: 'salt-call --local service.restart salt-minion'
        - bg: True
        - onchanges:
          - pkg: Upgrade Salt Minion
    {%- endif %}
 Note that restarting the ``salt-minion`` service on Windows operating systems is
 not always necessary when performing an upgrade. The installer stops the
 ``salt-minion`` service, removes it, deletes the contents of the ``\salt\bin``
 directory, installs the new code, re-creates the ``salt-minion`` service, and
 starts it (by default). The restart step **would** be necessary during the
 upgrade process, however, if the minion config was edited after the upgrade or
 installation. If a minion restart is necessary, the state above can be edited
 as follows:
 .. code-block:: jinja
@ -335,8 +357,8 @@ The following example works on both UNIX-like and Windows operating systems:
          - pkg: Upgrade Salt Minion
 However, it requires more advanced tricks to upgrade from legacy version of
-Salt (before ``2016.3.0``), where executing commands in the background is not
+Salt (before ``2016.3.0``) on UNIX-like operating systems, where executing
-supported:
+commands in the background is not supported:
 .. code-block:: jinja
--- a/doc/man/salt.7
+++ b/doc/man/salt.7
@ -10795,6 +10795,7 @@ cmd_whitelist_glob:
 .UNINDENT
 .UNINDENT
 .SS Thread Settings
 .SS \fBmultiprocessing\fP
 .sp
 Default: \fBTrue\fP
 .sp
--- a/doc/ref/auth/all/index.rst
+++ b/doc/ref/auth/all/index.rst
@ -19,5 +19,4 @@ auth modules
    pki
    rest
    sharedsecret
    stormpath
    yubico
--- a/doc/ref/auth/all/salt.auth.stormpath.rst
+++ b/doc/ref/auth/all/salt.auth.stormpath.rst
@ -1,6 +0,0 @@
 ===================
 salt.auth.stormpath
 ===================
 .. automodule:: salt.auth.stormpath
    :members:
--- a/doc/ref/beacons/all/index.rst
+++ b/doc/ref/beacons/all/index.rst
@ -22,6 +22,7 @@ beacon modules
    load
    log
    memusage
    napalm_beacon
    network_info
    network_settings
    pkg
--- a/doc/ref/beacons/all/salt.beacons.napalm_beacon.rst
+++ b/doc/ref/beacons/all/salt.beacons.napalm_beacon.rst
@ -0,0 +1,6 @@
 ==========================
 salt.beacons.napalm_beacon
 ==========================
 .. automodule:: salt.beacons.napalm_beacon
    :members:
--- a/doc/ref/cache/all/salt.cache.etcd_cache.rst
+++ b/doc/ref/cache/all/salt.cache.etcd_cache.rst
@ -0,0 +1,5 @@
 salt.cache.etcd_cache module
 =============================
 .. automodule:: salt.cache.etcd_cache
    :members:
--- a/doc/ref/cache/all/salt.cache.mysql_cache.rst
+++ b/doc/ref/cache/all/salt.cache.mysql_cache.rst
@ -0,0 +1,5 @@
 salt.cache.mysql_cache module
 =============================
 .. automodule:: salt.cache.mysql_cache
    :members:
--- a/doc/ref/cli/_includes/output-options.rst
+++ b/doc/ref/cli/_includes/output-options.rst
@ -33,6 +33,10 @@ Output Options
    Write the output to the specified file.
 .. option:: --out-file-append, --output-file-append
    Append the output to the specified file.
 .. option:: --no-color
    Disable all colored output
@ -46,3 +50,14 @@ Output Options
        ``green`` denotes success, ``red`` denotes failure, ``blue`` denotes
        changes and success and ``yellow`` denotes a expected future change in configuration.
 .. option:: --state-output=STATE_OUTPUT, --state_output=STATE_OUTPUT
    Override the configured state_output value for minion
    output. One of 'full', 'terse', 'mixed', 'changes' or
    'filter'. Default: 'none'.
 .. option:: --state-verbose=STATE_VERBOSE, --state_verbose=STATE_VERBOSE
    Override the configured state_verbose value for minion
    output. Set to True or False. Default: none.
--- a/doc/ref/cli/salt-cloud.rst
+++ b/doc/ref/cli/salt-cloud.rst
@ -136,7 +136,7 @@ Query Options
    .. versionadded:: 2014.7.0
    Display a list of configured profiles. Pass in a cloud provider to view
-    the provider's associated profiles, such as ``digital_ocean``, or pass in
+    the provider's associated profiles, such as ``digitalocean``, or pass in
    ``all`` to list all the configured profiles.
--- a/doc/ref/cli/salt-cp.rst
+++ b/doc/ref/cli/salt-cp.rst
@ -2,32 +2,49 @@
 ``salt-cp``
 ===========
-Copy a file to a set of systems
+Copy a file or files to one or more minions
 Synopsis
 ========
 .. code-block:: bash
-    salt-cp '*' [ options ] SOURCE DEST
+    salt-cp '*' [ options ] SOURCE [SOURCE2 SOURCE3 ...] DEST
-    salt-cp -E '.*' [ options ] SOURCE DEST
+    salt-cp -E '.*' [ options ] SOURCE [SOURCE2 SOURCE3 ...] DEST
-    salt-cp -G 'os:Arch.*' [ options ] SOURCE DEST
+    salt-cp -G 'os:Arch.*' [ options ] SOURCE [SOURCE2 SOURCE3 ...] DEST
 Description
 ===========
-Salt copy copies a local file out to all of the Salt minions matched by the
+salt-cp copies files from the master to all of the Salt minions matched by the
-given target.
+specified target expression.
-Salt copy is only intended for use with small files (< 100KB). If you need
+.. note::
-to copy large files out to minions please use the cp.get_file function.
+    salt-cp uses Salt's publishing mechanism. This means the privacy of the
    contents of the file on the wire is completely dependent upon the transport
    in use. In addition, if the master or minion is running with debug logging,
    the contents of the file will be logged to disk.
-Note: salt-cp uses salt's publishing mechanism. This means the privacy of the
+    In addition, this tool is less efficient than the Salt fileserver when
-contents of the file on the wire is completely dependent upon the transport
+    copying larger files. It is recommended to instead use
-in use. In addition, if the salt-master is running with debug logging it is
+    :py:func:`cp.get_file <salt.modules.cp.get_file>` to copy larger files to
-possible that the contents of the file will be logged to disk.
+    minions. However, this requires the file to be located within one of the
    fileserver directories.
 .. versionchanged:: 2016.3.7,2016.11.6,2017.7.0
    Compression support added, disable with ``-n``. Also, if the destination
    path ends in a path separator (i.e. ``/``,  or ``\`` on Windows, the
    desitination will be assumed to be a directory. Finally, recursion is now
    supported, allowing for entire directories to be copied.
 .. versionchanged:: 2016.11.7,2017.7.2
    Reverted back to the old copy mode to preserve backward compatibility. The
    new functionality added in 2016.6.6 and 2017.7.0 is now available using the
    ``-C`` or ``--chunked`` CLI arguments. Note that compression, recursive
    copying, and support for copying large files is only available in chunked
    mode.
 Options
 =======
@ -46,6 +63,19 @@ Options
 .. include:: _includes/target-selection.rst
 .. option:: -C, --chunked
    Use new chunked mode to copy files. This mode supports large files, recursive
    directories copying and compression.
    .. versionadded:: 2016.11.7,2017.7.2
 .. option:: -n, --no-compression
    Disable gzip compression in chunked mode.
    .. versionadded:: 2016.3.7,2016.11.6,2017.7.0
 See also
 ========
--- a/doc/ref/cli/salt.rst
+++ b/doc/ref/cli/salt.rst
@ -81,7 +81,7 @@ Options
    Pass in an external authentication medium to validate against. The
    credentials will be prompted for. The options are `auto`,
-    `keystone`, `ldap`, `pam`, and `stormpath`. Can be used with the -T
+    `keystone`, `ldap`, and `pam`. Can be used with the -T
    option.
 .. option:: -T, --make-token
--- a/doc/ref/clouds/all/index.rst
+++ b/doc/ref/clouds/all/index.rst
@ -13,7 +13,7 @@ Full list of Salt Cloud modules
    aliyun
    azurearm
    cloudstack
-    digital_ocean
+    digitalocean
    dimensiondata
    ec2
    gce
--- a/doc/ref/clouds/all/salt.cloud.clouds.digital_ocean.rst
+++ b/doc/ref/clouds/all/salt.cloud.clouds.digital_ocean.rst
@ -1,6 +1,6 @@
 ===============================
-salt.cloud.clouds.digital_ocean
+salt.cloud.clouds.digitalocean
 ===============================
-.. automodule:: salt.cloud.clouds.digital_ocean
+.. automodule:: salt.cloud.clouds.digitalocean
    :members:
--- a/doc/ref/clouds/all/salt.cloud.clouds.oneandone.rst
+++ b/doc/ref/clouds/all/salt.cloud.clouds.oneandone.rst
@ -0,0 +1,6 @@
 ===========================
 salt.cloud.clouds.oneandone
 ===========================
 .. automodule:: salt.cloud.clouds.oneandone
    :members:
--- a/doc/ref/configuration/master.rst
+++ b/doc/ref/configuration/master.rst
--- a/doc/ref/configuration/minion.rst
+++ b/doc/ref/configuration/minion.rst
@ -133,6 +133,24 @@ name) is set in the :conf_minion:`master` configuration setting.
    master_uri_format: ip_only
 .. conf_minion:: master_tops_first
 ``master_tops_first``
 ---------------------
 .. versionadded:: Oxygen
 Default: ``False``
 SLS targets defined using the :ref:`Master Tops <master-tops-system>` system
 are normally executed *after* any matches defined in the :ref:`Top File
 <states-top>`. Set this option to ``True`` to have the minion execute the
 :ref:`Master Tops <master-tops-system>` states first.
 .. code-block:: yaml
    master_tops_first: True
 .. conf_minion:: master_type
 ``master_type``
@ -319,7 +337,7 @@ The user to run the Salt processes
 .. conf_minion:: sudo_user
 ``sudo_user``
--------------
+-------------
 Default: ``''``
@ -448,6 +466,20 @@ FQDN (for instance, Solaris).
    append_domain: foo.org
 .. conf_minion:: minion_id_lowercase
 ``minion_id_lowercase``
 -----------------------
 Default: ``False``
 Convert minion id to lowercase when it is being generated. Helpful when some hosts
 get the minion id in uppercase. Cached ids will remain the same and not converted.
 .. code-block:: yaml
    minion_id_lowercase: True
 .. conf_minion:: cachedir
 ``cachedir``
@ -596,6 +628,26 @@ With ``grains_deep_merge``, the result will be:
      k1: v1
      k2: v2
 .. conf_minion:: grains_refresh_every
 ``grains_refresh_every``
 ------------------------
 Default: ``0``
 The ``grains_refresh_every`` setting allows for a minion to periodically
 check its grains to see if they have changed and, if so, to inform the master
 of the new grains. This operation is moderately expensive, therefore care
 should be taken not to set this value too low.
 Note: This value is expressed in minutes.
 A value of 10 minutes is a reasonable default.
 .. code-block:: yaml
    grains_refresh_every: 0
 .. conf_minion:: mine_enabled
 ``mine_enabled``
@ -629,7 +681,7 @@ return for the job cache.
    mine_return_job: False
 ``mine_functions``
-------------------
+------------------
 Default: Empty
@ -647,6 +699,18 @@ Note these can be defined in the pillar for a minion as well.
        interface: eth0
        cidr: '10.0.0.0/8'
 .. conf_minion:: mine_interval
 ``mine_interval``
 -----------------
 Default: ``60``
 The number of minutes between mine updates.
 .. code-block:: yaml
    mine_interval: 60
 .. conf_minion:: sock_dir
@ -661,6 +725,19 @@ The directory where Unix sockets will be kept.
    sock_dir: /var/run/salt/minion
 .. conf_minion:: outputter_dirs
 ``outputter_dirs``
 ------------------
 Default: ``[]``
 A list of additional directories to search for salt outputters in.
 .. code-block:: yaml
    outputter_dirs: []
 .. conf_minion:: backup_mode
 ``backup_mode``
@ -705,6 +782,20 @@ seconds each iteration.
    acceptance_wait_time_max: 0
 .. conf_minion:: rejected_retry
 ``rejected_retry``
 ------------------
 Default: ``False``
 If the master rejects the minion's public key, retry instead of exiting.
 Rejected keys will be handled the same as waiting on acceptance.
 .. code-block:: yaml
    rejected_retry: False
 .. conf_minion:: random_reauth_delay
 ``random_reauth_delay``
@ -803,6 +894,20 @@ restart.
    auth_safemode: False
 .. conf_minion:: ping_interval
 ``ping_interval``
 -----------------
 Default: ``0``
 Instructs the minion to ping its master(s) every n number of seconds. Used
 primarily as a mitigation technique against minion disconnects.
 .. code-block:: yaml
    ping_interval: 0
 .. conf_minion:: recon_default
 ``random_startup_delay``
@ -1121,7 +1226,7 @@ If certain returners should be disabled, this is the place
 .. conf_minion:: enable_whitelist_modules
 ``whitelist_modules``
----------------------------
+---------------------
 Default: ``[]`` (Module whitelisting is disabled.  Adding anything to the config option
 will cause only the listed modules to be enabled.  Modules not in the list will
@ -1213,6 +1318,20 @@ A list of extra directories to search for Salt renderers
    render_dirs:
      - /var/lib/salt/renderers
 .. conf_minion:: utils_dirs
 ``utils_dirs``
 --------------
 Default: ``[]``
 A list of extra directories to search for Salt utilities
 .. code-block:: yaml
    utils_dirs:
      - /var/lib/salt/utils
 .. conf_minion:: cython_enable
 ``cython_enable``
@ -1261,10 +1380,27 @@ below.
    providers:
      service: systemd
-``extmod_whitelist/extmod_blacklist``
+.. conf_minion:: modules_max_memory
 --------------------
-.. versionadded:: Nitrogen
+``modules_max_memory``
 ----------------------
 Default: ``-1``
 Specify a max size (in bytes) for modules on import. This feature is currently
 only supported on *nix operating systems and requires psutil.
 .. code-block:: yaml
    modules_max_memory: -1
 .. conf_minion:: extmod_whitelist
 .. conf_minion:: extmod_blacklist
 ``extmod_whitelist/extmod_blacklist``
 -------------------------------------
 .. versionadded:: 2017.7.0
 By using this dictionary, the modules that are synced to the minion's extmod cache using `saltutil.sync_*` can be
 limited.  If nothing is set to a specific type, then all modules are accepted.  To block all modules of a specific type,
@ -1283,8 +1419,8 @@ whitelist an empty list.
      modules:
        - specific_module
 Valid options:
  - beacons
  - clouds
  - sdb
@ -1430,6 +1566,52 @@ environment lacks one.
    default_top: dev
 .. conf_minion:: startup_states
 ``startup_states``
 ------------------
 Default: ``''``
 States to run when the minion daemon starts. To enable, set ``startup_states`` to:
 - ``highstate``: Execute state.highstate
 - ``sls``: Read in the sls_list option and execute the named sls files
 - ``top``: Read top_file option and execute based on that file on the Master
 .. code-block:: yaml
    startup_states: ''
 .. conf_minion:: sls_list
 ``sls_list``
 ------------
 Default: ``[]``
 List of states to run when the minion starts up if ``startup_states`` is set to ``sls``.
 .. code-block:: yaml
    sls_list:
      - edit.vim
      - hyper
 .. conf_minion:: top_file
 ``top_file``
 ------------
 Default: ``''``
 Top file to execute if ``startup_states`` is set to ``top``.
 .. code-block:: yaml
    top_file: ''
 State Management Settings
 =========================
@ -1446,7 +1628,7 @@ The default renderer used for local state executions
    renderer: yaml_jinja
-.. conf_master:: test
+.. conf_minion:: test
 ``test``
 --------
@ -1490,6 +1672,22 @@ the output will be shortened to a single line.
    state_output: full
 .. conf_minion:: state_output_diff
 ``state_output_diff``
 ---------------------
 Default: ``False``
 The state_output_diff setting changes whether or not the output from
 successful states is returned. Useful when even the terse output of these
 states is cluttering the logs. Set it to True to ignore them.
 .. code-block:: yaml
    state_output_diff: False
 .. conf_minion:: autoload_dynamic_modules
 ``autoload_dynamic_modules``
@ -1733,7 +1931,7 @@ the pillar environments.
 ``on_demand_ext_pillar``
 ------------------------
-.. versionadded:: 2016.3.6,2016.11.3,Nitrogen
+.. versionadded:: 2016.3.6,2016.11.3,2017.7.0
 Default: ``['libvirt', 'virtkey']``
@ -1762,7 +1960,7 @@ external pillars are permitted to be used on-demand using :py:func:`pillar.ext
 ``decrypt_pillar``
 ------------------
-.. versionadded:: Nitrogen
+.. versionadded:: 2017.7.0
 Default: ``[]``
@ -1784,7 +1982,7 @@ specified by :conf_minion:`decrypt_pillar_default` will be used.
 ``decrypt_pillar_delimiter``
 ----------------------------
-.. versionadded:: Nitrogen
+.. versionadded:: 2017.7.0
 Default: ``:``
@ -1803,7 +2001,7 @@ The delimiter used to distinguish nested data structures in the
 ``decrypt_pillar_default``
 --------------------------
-.. versionadded:: Nitrogen
+.. versionadded:: 2017.7.0
 Default: ``gpg``
@ -1819,7 +2017,7 @@ pillar key in :conf_minion:`decrypt_pillar`.
 ``decrypt_pillar_renderers``
 ----------------------------
-.. versionadded:: Nitrogen
+.. versionadded:: 2017.7.0
 Default: ``['gpg']``
@ -1850,7 +2048,7 @@ the environment setting, but for pillar instead of states.
 ``pillarenv_from_saltenv``
 --------------------------
-.. versionadded:: Nitrogen
+.. versionadded:: 2017.7.0
 Default: ``False``
@ -1915,6 +2113,41 @@ It will be interpreted as megabytes.
    file_recv_max_size: 100
 .. conf_minion:: pass_to_ext_pillars
 ``pass_to_ext_pillars``
 -----------------------
 Specify a list of configuration keys whose values are to be passed to
 external pillar functions.
 Suboptions can be specified using the ':' notation (i.e. ``option:suboption``)
 The values are merged and included in the ``extra_minion_data`` optional
 parameter of the external pillar function.  The ``extra_minion_data`` parameter
 is passed only to the external pillar functions that have it explicitly
 specified in their definition.
 If the config contains
 .. code-block:: yaml
    opt1: value1
    opt2:
      subopt1: value2
      subopt2: value3
    pass_to_ext_pillars:
      - opt1
      - opt2: subopt1
 the ``extra_minion_data`` parameter will be
 .. code-block:: python
    {'opt1': 'value1',
     'opt2': {'subopt1': 'value2'}}
 Security Settings
 =================
@ -1948,6 +2181,35 @@ before the initial key exchange. The master fingerprint can be found by running
   master_finger: 'ba:30:65:2a:d6:9e:20:4f:d8:b2:f3:a7:d4:65:11:13'
 .. conf_minion:: keysize
 ``keysize``
 -----------
 Default: ``2048``
 The size of key that should be generated when creating new keys.
 .. code-block:: yaml
    keysize: 2048
 .. conf_minion:: permissive_pki_access
 ``permissive_pki_access``
 -------------------------
 Default: ``False``
 Enable permissive access to the salt keys. This allows you to run the
 master or minion as root, but have a non-root group be given access to
 your pki_dir. To make the access explicit, root must belong to the group
 you've given access to. This is potentially quite insecure.
 .. code-block:: yaml
    permissive_pki_access: False
 .. conf_minion:: verify_master_pubkey_sign
 ``verify_master_pubkey_sign``
@ -2055,7 +2317,7 @@ blocked. If `cmd_whitelist_glob` is NOT SET, then all shell commands are permitt
      - 'cat /etc/fstab'
-.. conf_master:: ssl
+.. conf_minion:: ssl
 ``ssl``
 -------
@ -2081,16 +2343,75 @@ constant names without ssl module prefix: ``CERT_REQUIRED`` or ``PROTOCOL_SSLv23
        ssl_version: PROTOCOL_TLSv1_2
 Reactor Settings
 ================
 .. conf_minion:: reactor
 ``reactor``
 -----------
 Default: ``[]``
 Defines a salt reactor. See the :ref:`Reactor <reactor>` documentation for more
 information.
 .. code-block:: yaml
    reactor: []
 .. conf_minion:: reactor_refresh_interval
 ``reactor_refresh_interval``
 ----------------------------
 Default: ``60``
 The TTL for the cache of the reactor configuration.
 .. code-block:: yaml
    reactor_refresh_interval: 60
 .. conf_minion:: reactor_worker_threads
 ``reactor_worker_threads``
 --------------------------
 Default: ``10``
 The number of workers for the runner/wheel in the reactor.
 .. code-block:: yaml
    reactor_worker_threads: 10
 .. conf_minion:: reactor_worker_hwm
 ``reactor_worker_hwm``
 ----------------------
 Default: ``10000``
 The queue size for workers in the reactor.
 .. code-block:: yaml
    reactor_worker_hwm: 10000
 Thread Settings
 ===============
 .. conf_minion:: multiprocessing
 ``multiprocessing``
 -------
 Default: ``True``
-If `multiprocessing` is enabled when a minion receives a
+If ``multiprocessing`` is enabled when a minion receives a
 publication a new process is spawned and the command is executed therein.
-Conversely, if `multiprocessing` is disabled the new publication will be run
+Conversely, if ``multiprocessing`` is disabled the new publication will be run
 executed in a thread.
@ -2098,6 +2419,23 @@ executed in a thread.
    multiprocessing: True
 .. conf_minion:: process_count_max
 ``process_count_max``
 -------
 .. versionadded:: Oxygen
 Default: ``-1``
 Limit the maximum amount of processes or threads created by ``salt-minion``.
 This is useful to avoid resource exhaustion in case the minion receives more
 publications than it is able to handle, as it limits the number of spawned
 processes or threads. ``-1`` is the default and disables the limit.
 .. code-block:: yaml
    process_count_max: -1
 .. _minion-logging-settings:
@ -2351,6 +2689,62 @@ option then the minion will log a warning message.
      - /etc/roles/webserver
 Keepalive Settings
 ==================
 .. conf_minion:: tcp_keepalive
 ``tcp_keepalive``
 -----------------
 Default: ``True``
 The tcp keepalive interval to set on TCP ports. This setting can be used to tune Salt
 connectivity issues in messy network environments with misbehaving firewalls.
 .. code-block:: yaml
    tcp_keepalive: True
 .. conf_minion:: tcp_keepalive_cnt
 ``tcp_keepalive_cnt``
 ---------------------
 Default: ``-1``
 Sets the ZeroMQ TCP keepalive count. May be used to tune issues with minion disconnects.
 .. code-block:: yaml
    tcp_keepalive_cnt: -1
 .. conf_minion:: tcp_keepalive_idle
 ``tcp_keepalive_idle``
 ----------------------
 Default: ``300``
 Sets ZeroMQ TCP keepalive idle. May be used to tune issues with minion disconnects.
 .. code-block:: yaml
    tcp_keepalive_idle: 300
 .. conf_minion:: tcp_keepalive_intvl
 ``tcp_keepalive_intvl``
 -----------------------
 Default: ``-1``
 Sets ZeroMQ TCP keepalive interval. May be used to tune issues with minion disconnects.
 .. code-block:: yaml
    tcp_keepalive_intvl': -1
 Frozen Build Update Settings
 ============================
@ -2452,6 +2846,36 @@ out.
    winrepo_dir: 'D:\winrepo'
 .. conf_minion:: winrepo_dir_ng
 ``winrepo_dir_ng``
 ------------------
 .. versionadded:: 2015.8.0
    A new :ref:`ng <windows-package-manager>` repo was added.
 Default: ``/srv/salt/win/repo-ng``
 Location on the minion where the :conf_minion:`winrepo_remotes_ng` are checked
 out for 2015.8.0 and later minions.
 .. code-block:: yaml
    winrepo_dir_ng: /srv/salt/win/repo-ng
 .. conf_minion:: winrepo_source_dir
 ``winrepo_source_dir``
 ----------------------
 Default: ``salt://win/repo-ng/``
 The source location for the winrepo sls files.
 .. code-block:: yaml
    winrepo_source_dir: salt://win/repo-ng/
 .. conf_minion:: winrepo_cachefile
 .. conf_minion:: win_repo_cachefile
@ -2504,3 +2928,33 @@ URL of the repository:
 Replace ``<commit_id>`` with the SHA1 hash of a commit ID. Specifying a commit
 ID is useful in that it allows one to revert back to a previous version in the
 event that an error is introduced in the latest revision of the repo.
 .. conf_minion:: winrepo_remotes_ng
 ``winrepo_remotes_ng``
 ----------------------
 .. versionadded:: 2015.8.0
    A new :ref:`ng <windows-package-manager>` repo was added.
 Default: ``['https://github.com/saltstack/salt-winrepo-ng.git']``
 List of git repositories to checkout and include in the winrepo for
 2015.8.0 and later minions.
 .. code-block:: yaml
    winrepo_remotes_ng:
      - https://github.com/saltstack/salt-winrepo-ng.git
 To specify a specific revision of the repository, prepend a commit ID to the
 URL of the repository:
 .. code-block:: yaml
    winrepo_remotes_ng:
      - '<commit_id> https://github.com/saltstack/salt-winrepo-ng.git'
 Replace ``<commit_id>`` with the SHA1 hash of a commit ID. Specifying a commit
 ID is useful in that it allows one to revert back to a previous version in the
 event that an error is introduced in the latest revision of the repo.
--- a/doc/ref/configuration/proxy.rst
+++ b/doc/ref/configuration/proxy.rst
@ -27,7 +27,7 @@ Proxy-specific Configuration Options
 .. conf_proxy:: add_proxymodule_to_opts
 ``add_proxymodule_to_opts``
--------------------------
+---------------------------
 .. versionadded:: 2015.8.2
@ -49,7 +49,7 @@ Add the proxymodule LazyLoader object to opts.
 .. versionadded:: 2016.3.0
-.. versionchanged:: Nitrogen
+.. versionchanged:: 2017.7.0
 Default: ``True``
@ -68,7 +68,7 @@ function in a custom way and returns the data elsewhere.
 ``proxy_keep_alive``
 --------------------
-.. versionadded:: Nitrogen
+.. versionadded:: 2017.7.0
 Default: ``True``
@ -86,7 +86,7 @@ otherwise the connection is considered alive.
 ``proxy_keep_alive_interval``
 -----------------------------
-.. versionadded:: Nitrogen
+.. versionadded:: 2017.7.0
 Default: ``1``
@ -104,7 +104,7 @@ The frequency of keepalive checks, in minutes. It requires the
 ``proxy_always_alive``
 ----------------------
-.. versionadded:: Nitrogen
+.. versionadded:: 2017.7.0
 Default: ``True``
@ -118,3 +118,53 @@ has to be closed after every command.
 .. code-block:: yaml
    proxy_always_alive: False
 ``proxy_merge_pillar_in_opts``
 ------------------------------
 .. versionadded:: 2017.7.3
 Default: ``False``.
 Wheter the pillar data to be merged into the proxy configuration options.
 As multiple proxies can run on the same server, we may need different
 configuration options for each, while there's one single configuration file.
 The solution is merging the pillar data of each proxy minion into the opts.
 .. code-block:: yaml
    proxy_merge_pillar_in_opts: True
 ``proxy_deep_merge_pillar_in_opts``
 -----------------------------------
 .. versionadded:: 2017.7.3
 Default: ``False``.
 Deep merge of pillar data into configuration opts.
 This option is evaluated only when :conf_proxy:`proxy_merge_pillar_in_opts` is
 enabled.
 ``proxy_merge_pillar_in_opts_strategy``
 ---------------------------------------
 .. versionadded:: 2017.7.3
 Default: ``smart``.
 The strategy used when merging pillar configuration into opts.
 This option is evaluated only when :conf_proxy:`proxy_merge_pillar_in_opts` is
 enabled.
 ``proxy_mines_pillar``
 ----------------------
 .. versionadded:: 2017.7.3
 Default: ``True``.
 Allow enabling mine details using pillar data. This evaluates the mine
 configuration under the pillar, for the following regular minion options that
 are also equally available on the proxy minion: :conf_minion:`mine_interval`,
 and :conf_minion:`mine_functions`.
--- a/doc/ref/executors/all/index.rst
+++ b/doc/ref/executors/all/index.rst
@ -1,4 +1,4 @@
-.. _all-salt_executors:
+.. _all-salt.executors:
 =================
 executors modules
--- a/doc/ref/executors/index.rst
+++ b/doc/ref/executors/index.rst
@ -0,0 +1,85 @@
 .. _executors:
 =========
 Executors
 =========
 Executors are used by minion to execute module functions. Executors can be used
 to modify the functions behavior, do any pre-execution steps or execute in a
 specific way like sudo executor.
 Executors could be passed as a list and they will be used one-by-one in the
 order. If an executor returns ``None`` the next one will be called. If an
 executor returns non-``None`` the execution sequence is terminated and the
 returned value is used as a result. It's a way executor could control modules
 execution working as a filter. Note that executor could actually not execute
 the function but just do something else and return ``None`` like ``splay``
 executor does. In this case some other executor have to be used as a final
 executor that will actually execute the function. See examples below.
 Executors list could be passed by minion config file in the following way:
 .. code-block:: yaml
    module_executors:
      - splay
      - direct_call
    splaytime: 30
 The same could be done by command line:
 .. code-block:: bash
    salt -t 40 --module-executors='[splay, direct_call]' --executor-opts='{splaytime: 30}' '*' test.ping
 And the same command called via netapi will look like this:
 .. code-block:: bash
    curl -sSk https://localhost:8000 \
        -H 'Accept: application/x-yaml' \
        -H 'X-Auth-Token: 697adbdc8fe971d09ae4c2a3add7248859c87079' \
        -H 'Content-type: application/json' \
        -d '[{
            "client": "local",
            "tgt": "*",
            "fun": "test.ping",
            "module_executors": ["splay", "direct_call"],
            "executor_opts": {"splaytime": 10}
            }]'
 .. seealso:: :ref:`The full list of executors <all-salt.executors>`
 Writing Salt Executors
 ----------------------
 A Salt executor is written in a similar manner to a Salt execution module.
 Executor is a python module placed into the ``executors`` folder and containing
 the ``execute`` function with the following signature:
 .. code-block:: python
    def execute(opts, data, func, args, kwargs)
 Where the args are:
 ``opts``:
  Dictionary containing the minion configuration options
 ``data``:
  Dictionary containing the load data including ``executor_opts`` passed via
  cmdline/API.
 ``func``, ``args``, ``kwargs``:
  Execution module function to be executed and it's arguments. For instance the
  simplest ``direct_call`` executor just runs it as ``func(*args, **kwargs)``.
 ``Returns``:
  ``None`` if the execution sequence must be continued with the next executor.
  Error string or execution result if the job is done and execution must be
  stopped.
 Specific options could be passed to the executor via minion config or via
 ``executor_opts`` argument. For instance to access ``splaytime`` option set by
 minion config executor should access ``opts.get('splaytime')``. To access the
 option set by commandline or API ``data.get('executor_opts',
 {}).get('splaytime')`` should be used. So if an option is safe and must be
 accessible by user executor should check it in both places, but if an option is
 unsafe it should be read from the only config ignoring the passed request data.
--- a/doc/ref/index.rst
+++ b/doc/ref/index.rst
@ -12,6 +12,7 @@ This section contains a list of the Python modules that are used to extend the v
    ../ref/beacons/all/index
    ../ref/cache/all/index
    ../ref/engines/all/index
    ../ref/executors/all/index
    ../ref/file_server/all/index
    ../ref/grains/all/index
    ../ref/modules/all/index
--- a/doc/ref/modules/all/index.rst
+++ b/doc/ref/modules/all/index.rst
@ -9,6 +9,7 @@ execution modules
    .. toctree::
        salt.modules.group
        salt.modules.kernelpkg
        salt.modules.pkg
        salt.modules.user
@ -43,6 +44,7 @@ execution modules
    boto_apigateway
    boto_asg
    boto_cfn
    boto_cloudfront
    boto_cloudtrail
    boto_cloudwatch
    boto_cloudwatch_event
@ -96,6 +98,7 @@ execution modules
    cytest
    daemontools
    data
    datadog_api
    ddns
    deb_apache
    deb_postgres
@ -116,6 +119,8 @@ execution modules
    drac
    dracr
    drbd
    dummyproxy_package
    dummyproxy_service
    ebuild
    eix
    elasticsearch
@ -188,10 +193,13 @@ execution modules
    k8s
    kapacitor
    kerberos
    kernelpkg_linux_apt
    kernelpkg_linux_yum
    key
    keyboard
    keystone
    kmod
    kubernetes
    launchctl
    layman
    ldap3
@ -293,6 +301,7 @@ execution modules
    opkg
    oracle
    osquery
    out
    pacman
    pagerduty
    pagerduty_util
@ -318,6 +327,7 @@ execution modules
    ps
    publish
    puppet
    purefa
    pushbullet
    pushover_notify
    pw_group
@ -392,7 +402,6 @@ execution modules
    state
    status
    statuspage
    stormpath
    supervisord
    suse_apache
    svn
@ -410,6 +419,7 @@ execution modules
    test
    testinframod
    test_virtual
    textfsm_mod
    timezone
    tls
    tomcat
--- a/doc/ref/modules/all/salt.modules.boto_cloudfront.rst
+++ b/doc/ref/modules/all/salt.modules.boto_cloudfront.rst
@ -0,0 +1,6 @@
 ============================
 salt.modules.boto_cloudfront
 ============================
 .. automodule:: salt.modules.boto_cloudfront
    :members:
--- a/doc/ref/modules/all/salt.modules.datadog_api.rst
+++ b/doc/ref/modules/all/salt.modules.datadog_api.rst
@ -0,0 +1,6 @@
 ========================
 salt.modules.datadog_api
 ========================
 .. automodule:: salt.modules.datadog_api
    :members:
--- a/doc/ref/modules/all/salt.modules.dummyproxy_package.rst
+++ b/doc/ref/modules/all/salt.modules.dummyproxy_package.rst
@ -0,0 +1,6 @@
 salt.modules.dummyproxy_package module
 ======================================
 .. automodule:: salt.modules.dummyproxy_package
    :members:
    :undoc-members:
--- a/doc/ref/modules/all/salt.modules.dummyproxy_service.rst
+++ b/doc/ref/modules/all/salt.modules.dummyproxy_service.rst
@ -0,0 +1,6 @@
 salt.modules.dummyproxy_service module
 ======================================
 .. automodule:: salt.modules.dummyproxy_service
    :members:
    :undoc-members:
--- a/doc/ref/modules/all/salt.modules.kernelpkg.rst
+++ b/doc/ref/modules/all/salt.modules.kernelpkg.rst
@ -0,0 +1,19 @@
 .. _virtual-kernelpkg:
 ======================
 salt.modules.kernelpkg
 ======================
 .. py:module:: salt.modules.kernelpkg
    :synopsis: A virtual module for managing kernel packages
 ``kernelpkg`` is a virtual module that is fulfilled by one of the following modules:
 ============================================ ========================================
 Execution Module                             Used for
 ============================================ ========================================
 :py:mod:`~salt.modules.kernelpkg_linux_apt`  Debian/Ubuntu-based distros which use
                                             ``apt-get`` for package management
 :py:mod:`~salt.modules.kernelpkg_linux_yum`  RedHat-based distros and derivatives
                                             using ``yum`` or ``dnf``
 ============================================ ========================================
--- a/doc/ref/modules/all/salt.modules.kernelpkg_linux_apt.rst
+++ b/doc/ref/modules/all/salt.modules.kernelpkg_linux_apt.rst
@ -0,0 +1,6 @@
 ================================
 salt.modules.kernelpkg_linux_apt
 ================================
 .. automodule:: salt.modules.kernelpkg_linux_apt
    :members:
--- a/doc/ref/modules/all/salt.modules.kernelpkg_linux_yum.rst
+++ b/doc/ref/modules/all/salt.modules.kernelpkg_linux_yum.rst
@ -0,0 +1,6 @@
 ================================
 salt.modules.kernelpkg_linux_yum
 ================================
 .. automodule:: salt.modules.kernelpkg_linux_yum
    :members:
--- a/doc/ref/modules/all/salt.modules.kubernetes.rst
+++ b/doc/ref/modules/all/salt.modules.kubernetes.rst
@ -0,0 +1,6 @@
 =======================
 salt.modules.kubernetes
 =======================
 .. automodule:: salt.modules.kubernetes
    :members:
--- a/doc/ref/modules/all/salt.modules.out.rst
+++ b/doc/ref/modules/all/salt.modules.out.rst
@ -0,0 +1,5 @@
 salt.modules.out module
 =======================
 .. automodule:: salt.modules.out
    :members:
--- a/doc/ref/modules/all/salt.modules.purefa.rst
+++ b/doc/ref/modules/all/salt.modules.purefa.rst
@ -0,0 +1,6 @@
 ===================
 salt.modules.purefa
 ===================
 .. automodule:: salt.modules.purefa
    :members:
--- a/doc/ref/modules/all/salt.modules.stormpath.rst
+++ b/doc/ref/modules/all/salt.modules.stormpath.rst
@ -1,6 +0,0 @@
 ======================
 salt.modules.stormpath
 ======================
 .. automodule:: salt.modules.stormpath
    :members:
--- a/doc/ref/modules/all/salt.modules.test.rst
+++ b/doc/ref/modules/all/salt.modules.test.rst
@ -3,4 +3,5 @@ salt.modules.test
 =================
 .. automodule:: salt.modules.test
-    :members:
+    :members:
    :exclude-members: rand_str
--- a/doc/ref/modules/all/salt.modules.textfsm_mod.rst
+++ b/doc/ref/modules/all/salt.modules.textfsm_mod.rst
@ -0,0 +1,5 @@
 salt.modules.textfsm_mod module
 ===============================
 .. automodule:: salt.modules.textfsm_mod
    :members:
--- a/doc/ref/modules/index.rst
+++ b/doc/ref/modules/index.rst
@ -13,7 +13,7 @@ Writing Salt execution modules is straightforward.
 A Salt execution module is a Python or `Cython`_ module placed in a directory
 called ``_modules/`` at the root of the Salt fileserver. When using the default
-fileserver backend (i.e. :py:mod:`roots <salt.fileserver.roots`), unless
+fileserver backend (i.e. :py:mod:`roots <salt.fileserver.roots>`), unless
 environments are otherwise defined in the :conf_master:`file_roots` config
 option, the ``_modules/`` directory would be located in ``/srv/salt/_modules``
 on most systems.
@ -209,6 +209,29 @@ default configuration file for the minion contains the information and format
 used to pass data to the modules. :mod:`salt.modules.test`,
 :file:`conf/minion`.
 .. _module_init:
 ``__init__`` Function
 ---------------------
 If you want your module to have different execution modes based on minion
 configuration, you can use the ``__init__(opts)`` function to perform initial
 module setup. The parameter ``opts`` is the complete minion configuration,
 as also available in the ``__opts__`` dict.
 .. code-block:: python
    '''
    Cheese module initialization example
    '''
    def __init__(opts):
        '''
        Allow foreign imports if configured to do so
        '''
        if opts.get('cheese.allow_foreign', False):
            _enable_foreign_products()
 Strings and Unicode
 ===================
@ -273,8 +296,9 @@ module is not loaded. ``False`` lets the module perform system checks and
 prevent loading if dependencies are not met.
 Since ``__virtual__`` is called before the module is loaded, ``__salt__`` will
-be unavailable as it will not have been packed into the module at this point in
+be unreliable as not all modules will be available at this point in time. The
-time.
+``__pillar`` and ``__grains__`` :ref:`"dunder" dictionaries <dunder-dictionaries>`
 are available however.
 .. note::
    Modules which return a string from ``__virtual__`` that is already used by
@ -313,10 +337,14 @@ the case when the dependency is unavailable.
        else:
            return False, 'The cheese execution module cannot be loaded: enzymes unavailable.'
    def slice():
        pass
 .. code-block:: python
    '''
-    Cheese state module
+    Cheese state module. Note that this works in state modules because it is
    guaranteed that execution modules are loaded first
    '''
    def __virtual__():
@ -401,10 +429,33 @@ similar to the following:
       Confine this module to Mac OS with Homebrew.
       '''
-       if salt.utils.which('brew') and __grains__['os'] == 'MacOS':
+       if salt.utils.path.which('brew') and __grains__['os'] == 'MacOS':
           return __virtualname__
       return False
 The ``__virtual__()`` function can return a ``True`` or ``False`` boolean, a tuple,
 or a string. If it returns a ``True`` value, this ``__virtualname__`` module-level
 attribute can be set as seen in the above example. This is the string that the module
 should be referred to as.
 When ``__virtual__()`` returns a tuple, the first item should be a boolean and the
 second should be a string. This is typically done when the module should not load. The
 first value of the tuple is ``False`` and the second is the error message to display
 for why the module did not load.
 For example:
 .. code-block:: python
    def __virtual__():
        '''
        Only load if git exists on the system
        '''
        if salt.utils.path.which('git') is None:
            return (False,
                    'The git execution module cannot be loaded: git unavailable.')
        else:
            return True
 Documentation
 =============
--- a/doc/ref/netapi/all/salt.netapi.rest_cherrypy.rst
+++ b/doc/ref/netapi/all/salt.netapi.rest_cherrypy.rst
@ -2,6 +2,9 @@
 rest_cherrypy
 =============
 .. contents::
    :local:
 .. automodule:: salt.netapi.rest_cherrypy.app
 .. automodule:: salt.netapi.rest_cherrypy.wsgi
@ -11,9 +14,6 @@ REST URI Reference
 .. py:currentmodule:: salt.netapi.rest_cherrypy.app
 .. contents::
    :local:
 ``/``
 -----
@ -78,4 +78,4 @@ REST URI Reference
 ----------
 .. autoclass:: Stats
-    :members: GET
+    :members: GET
--- a/doc/ref/peer.rst
+++ b/doc/ref/peer.rst
@ -126,4 +126,4 @@ To match minions using other matchers, use ``tgt_type``:
    # salt-call publish.publish 'webserv* and not G@os:Ubuntu' test.ping tgt_type='compound'
 .. note::
-    In pre-Nitrogen releases, use ``expr_form`` instead of ``tgt_type``.
+    In pre-2017.7.0 releases, use ``expr_form`` instead of ``tgt_type``.
--- a/doc/ref/pillar/all/index.rst
+++ b/doc/ref/pillar/all/index.rst
@ -17,6 +17,7 @@ pillar modules
    confidant
    consul_pillar
    csvpillar
    digicert
    django_orm
    ec2_pillar
    etcd_pillar
--- a/doc/ref/pillar/all/salt.pillar.digicert.rst
+++ b/doc/ref/pillar/all/salt.pillar.digicert.rst
@ -0,0 +1,6 @@
 salt.pillar.digicert module
 ===========================
 .. automodule:: salt.pillar.digicert
    :members:
    :undoc-members:
--- a/doc/ref/proxy/all/index.rst
+++ b/doc/ref/proxy/all/index.rst
@ -12,6 +12,7 @@ proxy modules
    chronos
    cisconso
    dummy
    esxi
    fx2
    junos
--- a/doc/ref/proxy/all/salt.proxy.dummy.rst
+++ b/doc/ref/proxy/all/salt.proxy.dummy.rst
@ -0,0 +1,6 @@
 salt.proxy.dummy module
 =======================
 .. automodule:: salt.proxy.dummy
    :members:
    :undoc-members:
--- a/doc/ref/publisheracl.rst
+++ b/doc/ref/publisheracl.rst
@ -25,6 +25,9 @@ configuration:
        - web*:
          - test.*
          - pkg.*
      # Allow managers to use saltutil module functions
      manager_.*:
        - saltutil.*
 Permission Issues
 -----------------
--- a/doc/ref/renderers/index.rst
+++ b/doc/ref/renderers/index.rst
@ -146,8 +146,10 @@ Here is a simple YAML renderer example:
    import yaml
    from salt.utils.yamlloader import SaltYamlSafeLoader
    from salt.ext import six
    def render(yaml_data, saltenv='', sls='', **kws):
-        if not isinstance(yaml_data, basestring):
+        if not isinstance(yaml_data, six.string_types):
            yaml_data = yaml_data.read()
        data = yaml.load(
            yaml_data,
--- a/doc/ref/returners/index.rst
+++ b/doc/ref/returners/index.rst
@ -1,3 +1,5 @@
 .. _returners:
 =========
 Returners
 =========
--- a/doc/ref/runners/all/index.rst
+++ b/doc/ref/runners/all/index.rst
@ -16,6 +16,7 @@ runner modules
    cache
    cloud
    ddns
    digicertapi
    doc
    drac
    error
@ -42,7 +43,6 @@ runner modules
    saltutil
    sdb
    smartos_vmadm
    search
    spacewalk
    ssh
    state
--- a/doc/ref/runners/all/salt.runners.auth.rst
+++ b/doc/ref/runners/all/salt.runners.auth.rst
@ -1,5 +1,5 @@
-salt.runners.auth module
+salt.runners.auth
-========================
+=================
 .. automodule:: salt.runners.auth
    :members:
--- a/doc/ref/runners/all/salt.runners.digicertapi.rst
+++ b/doc/ref/runners/all/salt.runners.digicertapi.rst
@ -0,0 +1,6 @@
 salt.runners.digicertapi
 ========================
 .. automodule:: salt.runners.digicertapi
    :members:
    :undoc-members:
--- a/doc/ref/runners/all/salt.runners.event.rst
+++ b/doc/ref/runners/all/salt.runners.event.rst
@ -1,5 +1,5 @@
-salt.runners.event module
+salt.runners.event
-=========================
+==================
 .. automodule:: salt.runners.event
    :members:
--- a/doc/ref/runners/all/salt.runners.mattermost.rst
+++ b/doc/ref/runners/all/salt.runners.mattermost.rst
@ -1,5 +1,11 @@
-salt.runners.mattermost module
+salt.runners.mattermost
-==============================
+=======================
 **Note for 2017.7 releases!**
 Due to the `salt.runners.config <https://github.com/saltstack/salt/blob/develop/salt/runners/config.py>`_ module not being available in this release series, importing the `salt.runners.config <https://github.com/saltstack/salt/blob/develop/salt/runners/config.py>`_ module from the develop branch is required to make this module work.
 Ref: `Mattermost runner failing to retrieve config values due to unavailable config runner #43479 <https://github.com/saltstack/salt/issues/43479>`_
 .. automodule:: salt.runners.mattermost
    :members:
--- a/doc/ref/runners/all/salt.runners.search.rst
+++ b/doc/ref/runners/all/salt.runners.search.rst
@ -1,6 +0,0 @@
 ===================
 salt.runners.search
 ===================
 .. automodule:: salt.runners.search
    :members:
--- a/doc/ref/runners/all/salt.runners.smartos_vmadm.rst
+++ b/doc/ref/runners/all/salt.runners.smartos_vmadm.rst
@ -1,5 +1,5 @@
-salt.runners.smartos_vmadm module
+salt.runners.smartos_vmadm
-=================================
+==========================
 .. automodule:: salt.runners.smartos_vmadm
    :members:
--- a/doc/ref/runners/all/salt.runners.vault.rst
+++ b/doc/ref/runners/all/salt.runners.vault.rst
@ -1,5 +1,5 @@
-salt.runners.vault module
+salt.runners.vault
-=========================
+==================
 .. automodule:: salt.runners.vault
    :members:
--- a/doc/ref/runners/all/salt.runners.venafiapi.rst
+++ b/doc/ref/runners/all/salt.runners.venafiapi.rst
@ -1,5 +1,5 @@
-salt.runners.venafiapi module
+salt.runners.venafiapi
-=============================
+======================
 .. automodule:: salt.runners.venafiapi
    :members:
--- a/doc/ref/runners/all/salt.runners.vistara.rst
+++ b/doc/ref/runners/all/salt.runners.vistara.rst
@ -1,5 +1,5 @@
-salt.runners.vistara module
+salt.runners.vistara
-===========================
+====================
 .. automodule:: salt.runners.vistara
    :members:
--- a/doc/ref/states/aggregate.rst
+++ b/doc/ref/states/aggregate.rst
@ -122,7 +122,7 @@ This example, simplified from the pkg state, shows how to create mod_aggregate f
        for chunk in chunks:
            # The state runtime uses "tags" to track completed jobs, it may
            # look familiar with the _|-
-            tag = salt.utils.gen_state_tag(chunk)
+            tag = __utils__['state.gen_tag'](chunk)
            if tag in running:
                # Already ran the pkg state, skip aggregation
                continue
--- a/doc/ref/states/all/index.rst
+++ b/doc/ref/states/all/index.rst
@ -31,6 +31,7 @@ state modules
    boto_apigateway
    boto_asg
    boto_cfn
    boto_cloudfront
    boto_cloudtrail
    boto_cloudwatch_alarm
    boto_cloudwatch_event
@ -74,6 +75,10 @@ state modules
    dellchassis
    disk
    docker
    docker_container
    docker_image
    docker_network
    docker_volume
    drac
    elasticsearch
    elasticsearch_index
@ -128,9 +133,11 @@ state modules
    junos
    k8s
    kapacitor
    kernelpkg
    keyboard
    keystone
    kmod
    kubernetes
    layman
    ldap
    libcloud_dns
@ -173,6 +180,7 @@ state modules
    netusers
    network
    netyang
    nfs_export
    nftables
    npm
    ntp
@ -244,7 +252,6 @@ state modules
    stateconf
    status
    statuspage
    stormpath_account
    supervisord
    svn
    sysctl
--- a/doc/ref/states/all/salt.states.boto_cloudfront.rst
+++ b/doc/ref/states/all/salt.states.boto_cloudfront.rst
@ -0,0 +1,6 @@
 ===========================
 salt.states.boto_cloudfront
 ===========================
 .. automodule:: salt.states.boto_cloudfront
    :members:
--- a/doc/ref/states/all/salt.states.kernelpkg.rst
+++ b/doc/ref/states/all/salt.states.kernelpkg.rst
@ -0,0 +1,6 @@
 =====================
 salt.states.kernelpkg
 =====================
 .. automodule:: salt.states.kernelpkg
    :members:
--- a/doc/ref/states/all/salt.states.kubernetes.rst
+++ b/doc/ref/states/all/salt.states.kubernetes.rst
@ -0,0 +1,6 @@
 ======================
 salt.states.kubernetes
 ======================
 .. automodule:: salt.states.kubernetes
    :members:
--- a/doc/ref/states/all/salt.states.nfs_export.rst
+++ b/doc/ref/states/all/salt.states.nfs_export.rst
@ -0,0 +1,6 @@
 ======================
 salt.states.nfs_export
 ======================
 .. automodule:: salt.states.nfs_export
    :members:
--- a/doc/ref/states/all/salt.states.stormpath_account.rst
+++ b/doc/ref/states/all/salt.states.stormpath_account.rst
@ -1,6 +0,0 @@
 =============================
 salt.states.stormpath_account
 =============================
 .. automodule:: salt.states.stormpath_account
    :members:
--- a/doc/ref/states/parallel.rst
+++ b/doc/ref/states/parallel.rst
@ -2,8 +2,8 @@
 Running States in Parallel
 ==========================
-Introduced in Salt version Nitrogen it is now possible to run select states
+Introduced in Salt version ``2017.7.0`` it is now possible to run select states
-in parallel. This is accomplished very easily by adding the `parallel: True`
+in parallel. This is accomplished very easily by adding the ``parallel: True``
 option to your state declaration:
 .. code_block:: yaml
@ -12,7 +12,7 @@ option to your state declaration:
      service.running:
        - parallel: True
-Now `nginx` will be started in a seperate process from the normal state run
+Now ``nginx`` will be started in a seperate process from the normal state run
 and will therefore not block additional states.
 Parallel States and Requisites
@ -40,16 +40,16 @@ Given this example:
      cmd.run:
        - parallel: True
-The `sleep 10` will be started first, then the state system will block on
+The ``sleep 10`` will be started first, then the state system will block on
-starting nginx until the `sleep 10` completes. Once nginx has been ensured to
+starting nginx until the ``sleep 10`` completes. Once nginx has been ensured to
-be running then the `sleep 5` will start.
+be running then the ``sleep 5`` will start.
 This means that the order of evaluation of Salt States and requisites are
-still honored, and given that in the above case, `parallel: True` does not
+still honored, and given that in the above case, ``parallel: True`` does not
 actually speed things up.
-To run the above state much faster make sure that the `sleep 5` is evaluated
+To run the above state much faster make sure that the ``sleep 5`` is evaluated
-before the `nginx` state
+before the ``nginx`` state
 .. code_block:: yaml
@ -67,8 +67,8 @@ before the `nginx` state
        - require:
          - cmd: sleep 10
-Now both of the sleep calls will be started in parallel and `nginx` will still
+Now both of the sleep calls will be started in parallel and ``nginx`` will still
-wait for the state it requires, but while it waits the `sleep 5` state will
+wait for the state it requires, but while it waits the ``sleep 5`` state will
 also complete.
 Things to be Careful of
--- a/doc/ref/states/requisites.rst
+++ b/doc/ref/states/requisites.rst
@ -517,9 +517,10 @@ inherit inherited options.
 runas
 ~~~~~
-.. versionadded:: Nitrogen
+.. versionadded:: 2017.7.0
-The ``runas`` global option is used to set the user which will be used to run the command in the ``cmd.run`` module.
+The ``runas`` global option is used to set the user which will be used to run
 the command in the ``cmd.run`` module.
 .. code-block:: yaml
@ -532,6 +533,26 @@ The ``runas`` global option is used to set the user which will be used to run th
 In the above state, the pip command run by ``cmd.run`` will be run by the daniel user.
 runas_password
 ~~~~~~~~~~~~~~
 .. versionadded:: 2017.7.2
 The ``runas_password`` global option is used to set the password used by the
 runas global option. This is required by ``cmd.run`` on Windows when ``runas``
 is specified. It will be set when ``runas_password`` is defined in the state.
 .. code-block:: yaml
    run_script:
      cmd.run:
        - name: Powershell -NonInteractive -ExecutionPolicy Bypass -File C:\\Temp\\script.ps1
        - runas: frank
        - runas_password: supersecret
 In the above state, the Powershell script run by ``cmd.run`` will be run by the
 frank user with the password ``supersecret``.
 .. _requisites-require-in:
 .. _requisites-watch-in:
 .. _requisites-onchanges-in:
@ -849,7 +870,7 @@ this one, include a ``mod_run_check_cmd`` in the states file for the state.
 Retrying States
 ===============
-.. versionadded:: Nitrogen
+.. versionadded:: 2017.7.0
 The retry option in a state allows it to be executed multiple times until a desired
 result is obtained or the maximum number of attempts have been made.
--- a/doc/ref/states/writing.rst
+++ b/doc/ref/states/writing.rst
@ -135,21 +135,30 @@ A State Module must return a dict containing the following keys/values:
  ``test=True``, and changes would have been made if the state was not run in
  test mode.
-  +--------------------+-----------+-----------+
+  +--------------------+-----------+------------------------+
-  |                    | live mode | test mode |
+  |                    | live mode | test mode              |
-  +====================+===========+===========+
+  +====================+===========+========================+
-  | no changes         | ``True``  | ``True``  |
+  | no changes         | ``True``  | ``True``               |
-  +--------------------+-----------+-----------+
+  +--------------------+-----------+------------------------+
-  | successful changes | ``True``  | ``None``  |
+  | successful changes | ``True``  | ``None``               |
-  +--------------------+-----------+-----------+
+  +--------------------+-----------+------------------------+
-  | failed changes     | ``False`` | ``None``  |
+  | failed changes     | ``False`` | ``False`` or ``None``  |
-  +--------------------+-----------+-----------+
+  +--------------------+-----------+------------------------+
  .. note::
-      Test mode does not predict if the changes will be successful or not.
+      Test mode does not predict if the changes will be successful or not,
      and hence the result for pending changes is usually ``None``.
- **comment:** A string containing a summary of the result.
+      However, if a state is going to fail and this can be determined
      in test mode without applying the change, ``False`` can be returned.
 - **comment:** A list of strings or a single string summarizing the result.
  Note that support for lists of strings is available as of Salt Oxygen.
  Lists of strings will be joined with newlines to form the final comment;
  this is useful to allow multiple comments from subparts of a state.
  Prefer to keep line lengths short (use multiple lines as needed),
  and end with punctuation (e.g. a period) to delimit multiple comments.
 The return data can also, include the **pchanges** key, this stands for
 `predictive changes`. The **pchanges** key informs the State system what
--- a/doc/spelling_wordlist.txt
+++ b/doc/spelling_wordlist.txt
@ -777,8 +777,6 @@ Stateconf
 stderr
 stdin
 stdout
 stormpath
 Stormpath
 str
 strftime
 subfolder
--- a/doc/topics/beacons/index.rst
+++ b/doc/topics/beacons/index.rst
@ -34,7 +34,7 @@ monitored, everything is configured using Salt.
 Beacons are typically enabled by placing a ``beacons:`` top level block in
 ``/etc/salt/minion`` or any file in ``/etc/salt/minion.d/`` such as
-``/etc/salt/minion.d/beacons.conf``:
+``/etc/salt/minion.d/beacons.conf`` or add it to pillars for that minion:
 .. code-block:: yaml
@ -253,9 +253,8 @@ in ``/etc/salt/master.d/reactor.conf``:
 .. note::
    You can have only one top level ``reactor`` section, so if one already
-    exists, add this code to the existing section. See :ref:`Understanding the
+    exists, add this code to the existing section. See :ref:`here
-    Structure of Reactor Formulas <reactor-structure>` to learn more about
+    <reactor-sls>` to learn more about reactor SLS syntax.
    reactor SLS syntax.
 Start the Salt Master in Debug Mode
--- a/doc/topics/cloud/action.rst
+++ b/doc/topics/cloud/action.rst
@ -21,7 +21,7 @@ Or you may specify a map which includes all VMs to perform the action on:
    $ salt-cloud -a reboot -m /path/to/mapfile
-The following is a list of actions currently supported by salt-cloud:
+The following is an example list of actions currently supported by ``salt-cloud``:
 .. code-block:: yaml
@ -36,5 +36,5 @@ The following is a list of actions currently supported by salt-cloud:
        - start
        - stop
-Another useful reference for viewing more salt-cloud actions is the
+Another useful reference for viewing more ``salt-cloud`` actions is the
-:ref:Salt Cloud Feature Matrix <salt-cloud-feature-matrix>
+:ref:`Salt Cloud Feature Matrix <salt-cloud-feature-matrix>`.
--- a/doc/topics/cloud/aws.rst
+++ b/doc/topics/cloud/aws.rst
@ -78,6 +78,7 @@ parameters are discussed in more detail below.
      # RHEL         -> ec2-user
      # CentOS       -> ec2-user
      # Ubuntu       -> ubuntu
      # Debian       -> admin
      #
      ssh_username: ec2-user
@ -470,7 +471,7 @@ EC2 API or AWS Console.
 By default, the spot instance type is set to 'one-time', meaning it will
 be launched and, if it's ever terminated for whatever reason, it will not
 be recreated. If you would like your spot instances to be relaunched after
-a termination (by your or AWS), set the ``type`` to 'persistent'.
+a termination (by you or AWS), set the ``type`` to 'persistent'.
 NOTE: Spot instances are a great way to save a bit of money, but you do
 run the risk of losing your spot instances if the current price for the
--- a/doc/topics/cloud/azurearm.rst
+++ b/doc/topics/cloud/azurearm.rst
@ -6,7 +6,7 @@ Getting Started With Azure ARM
 Azure is a cloud service by Microsoft providing virtual machines, SQL services,
 media services, and more. Azure ARM (aka, the Azure Resource Manager) is a next
-generatiom version of the Azure portal and API. This document describes how to
+generation version of the Azure portal and API. This document describes how to
 use Salt Cloud to create a virtual machine on Azure ARM, with Salt installed.
 More information about Azure is located at `http://www.windowsazure.com/
@ -15,9 +15,7 @@ More information about Azure is located at `http://www.windowsazure.com/
 Dependencies
 ============
-* `Microsoft Azure SDK for Python <https://pypi.python.org/pypi/azure>`_ >= 2.0rc6
+* Azure Cli ```pip install 'azure-cli>=2.0.12'```
 * `Microsoft Azure Storage SDK for Python <https://pypi.python.org/pypi/azure-storage>`_ >= 0.32
 * The python-requests library, for Python < 2.7.9.
 * A Microsoft Azure account
 * `Salt <https://github.com/saltstack/salt>`_
@ -223,11 +221,39 @@ subnet
 Optional. The subnet inside the virtual network that the VM will be spun up in.
 Default is ``default``.
 load_balancer
 -------------
 Optional. The load-balancer for the VM's network interface to join. If
 specified the backend_pool option need to be set.
 backend_pool
 ------------
 Optional. Required if the load_balancer option is set. The load-balancer's
 Backend Pool the VM's network interface will join.
 iface_name
 ----------
 Optional. The name to apply to the VM's network interface. If not supplied, the
 value will be set to ``<VM name>-iface0``.
 dns_servers
 -----------
 Optional. A **list** of the DNS servers to configure for the network interface
 (will be set on the VM by the DHCP of the VNET).
 .. code-block:: yaml
    my-azurearm-profile:
      provider: azurearm-provider
      network: mynetwork
      dns_servers:
        - 10.1.1.4
        - 10.1.1.5
 availability_set
 ----------------
 Optional. If set, the VM will be added to the specified availability set.
 cleanup_disks
 -------------
 Optional. Default is ``False``. If set to ``True``, disks will be cleaned up
--- a/doc/topics/cloud/cloud.rst
+++ b/doc/topics/cloud/cloud.rst
@ -146,24 +146,24 @@ library. The following two lines set up the imports:
 .. code-block:: python
    from salt.cloud.libcloudfuncs import *   # pylint: disable=W0614,W0401
-    from salt.utils import namespaced_function
+    import salt.utils
 And then a series of declarations will make the necessary functions available
 within the cloud module.
 .. code-block:: python
-    get_size = namespaced_function(get_size, globals())
+    get_size = salt.utils.namespaced_function(get_size, globals())
-    get_image = namespaced_function(get_image, globals())
+    get_image = salt.utils.namespaced_function(get_image, globals())
-    avail_locations = namespaced_function(avail_locations, globals())
+    avail_locations = salt.utils.namespaced_function(avail_locations, globals())
-    avail_images = namespaced_function(avail_images, globals())
+    avail_images = salt.utils.namespaced_function(avail_images, globals())
-    avail_sizes = namespaced_function(avail_sizes, globals())
+    avail_sizes = salt.utils.namespaced_function(avail_sizes, globals())
-    script = namespaced_function(script, globals())
+    script = salt.utils.namespaced_function(script, globals())
-    destroy = namespaced_function(destroy, globals())
+    destroy = salt.utils.namespaced_function(destroy, globals())
-    list_nodes = namespaced_function(list_nodes, globals())
+    list_nodes = salt.utils.namespaced_function(list_nodes, globals())
-    list_nodes_full = namespaced_function(list_nodes_full, globals())
+    list_nodes_full = salt.utils.namespaced_function(list_nodes_full, globals())
-    list_nodes_select = namespaced_function(list_nodes_select, globals())
+    list_nodes_select = salt.utils.namespaced_function(list_nodes_select, globals())
-    show_instance = namespaced_function(show_instance, globals())
+    show_instance = salt.utils.namespaced_function(show_instance, globals())
 If necessary, these functions may be replaced by removing the appropriate
 declaration line, and then adding the function as normal.
@ -183,7 +183,7 @@ imports should be absent from the Salt Cloud module.
 A good example of a non-libcloud driver is the DigitalOcean driver:
-https://github.com/saltstack/salt/tree/develop/salt/cloud/clouds/digital_ocean.py
+https://github.com/saltstack/salt/tree/develop/salt/cloud/clouds/digitalocean.py
 The ``create()`` Function
 -------------------------
--- a/doc/topics/cloud/config.rst
+++ b/doc/topics/cloud/config.rst
@ -56,6 +56,24 @@ settings can be placed in the provider or profile:
        sls_list:
          - web
 When salt cloud creates a new minon, it can automatically add grain information
 to the minion configuration file identifying the sources originally used
 to define it.
 The generated grain information will appear similar to:
 .. code-block:: yaml
    grains:
      salt-cloud:
        driver: ec2
        provider: my_ec2:ec2
        profile: ec2-web
 The generation of the salt-cloud grain can be surpressed by the
 option ``enable_cloud_grains: 'False'`` in the cloud configuration file.
 Cloud Configuration Syntax
 ==========================
@ -97,7 +115,7 @@ Using the example configuration above:
 .. note::
-    Salt Cloud provider configurations within ``/etc/cloud.provider.d/ should not
+    Salt Cloud provider configurations within ``/etc/cloud.provider.d/`` should not
    specify the ``providers`` starting key.
 It is also possible to have multiple cloud configuration blocks within the same alias block.
@ -371,7 +389,6 @@ both.
      compute_name: cloudServersOpenStack
      protocol: ipv4
      compute_region: DFW
      protocol: ipv4
      user: myuser
      tenant: 5555555
      password: mypass
@ -427,7 +444,7 @@ under the API Access tab.
 .. code-block:: yaml
    my-digitalocean-config:
-      driver: digital_ocean
+      driver: digitalocean
      personal_access_token: xxx
      location: New York 1
--- a/doc/topics/cloud/deploy.rst
+++ b/doc/topics/cloud/deploy.rst
@ -89,7 +89,7 @@ functions include:
 A good, well commented example of this process is the Fedora deployment
 script:
-https://github.com/saltstack/salt-cloud/blob/master/saltcloud/deploy/Fedora.sh
+https://github.com/saltstack/salt/blob/develop/salt/cloud/deploy/Fedora.sh
 A number of legacy deploy scripts are included with the release tarball. None
 of them are as functional or complete as Salt Bootstrap, and are still included
--- a/doc/topics/cloud/digitalocean.rst
+++ b/doc/topics/cloud/digitalocean.rst
@ -19,7 +19,7 @@ under the "SSH Keys" section.
    # /etc/salt/cloud.providers.d/ directory.
    my-digitalocean-config:
-      driver: digital_ocean
+      driver: digitalocean
      personal_access_token: xxx
      ssh_key_file: /path/to/ssh/key/file
      ssh_key_names: my-key-name,my-key-name-2
@ -63,7 +63,7 @@ command:
    # salt-cloud --list-locations my-digitalocean-config
    my-digitalocean-config:
        ----------
-        digital_ocean:
+        digitalocean:
            ----------
            Amsterdam 1:
                ----------
@ -87,7 +87,7 @@ command:
    # salt-cloud --list-sizes my-digitalocean-config
    my-digitalocean-config:
        ----------
-        digital_ocean:
+        digitalocean:
            ----------
            512MB:
                ----------
@ -117,7 +117,7 @@ command:
    # salt-cloud --list-images my-digitalocean-config
    my-digitalocean-config:
        ----------
-        digital_ocean:
+        digitalocean:
            ----------
            10.1:
                ----------
@ -142,7 +142,7 @@ Profile Specifics:
 ssh_username
 ------------
-If using a FreeBSD image from Digital Ocean, you'll need to set the ``ssh_username``
+If using a FreeBSD image from DigitalOcean, you'll need to set the ``ssh_username``
 setting to ``freebsd`` in your profile configuration.
 .. code-block:: yaml
--- a/doc/topics/cloud/function.rst
+++ b/doc/topics/cloud/function.rst
@ -26,5 +26,5 @@ gathering information about instances on a provider basis:
    $ salt-cloud -f list_nodes_full linode
    $ salt-cloud -f list_nodes_select linode
-Another useful reference for viewing salt-cloud functions is the
+Another useful reference for viewing ``salt-cloud`` functions is the
 :ref:`Salt Cloud Feature Matrix <salt-cloud-feature-matrix>`.
--- a/doc/topics/cloud/gce.rst
+++ b/doc/topics/cloud/gce.rst
@ -15,9 +15,10 @@ at https://cloud.google.com.
 Dependencies
 ============
 * LibCloud >= 1.0.0
-.. versionchanged:: Nitrogen
+.. versionchanged:: 2017.7.0
 * A Google Cloud Platform account with Compute Engine enabled
 * A registered Service Account for authorization
@ -224,9 +225,9 @@ subnetwork
 Use this setting to define the subnetwork an instance will be created in.
 This requires that the network your instance is created under has a mode of 'custom' or 'auto'.
-Additionally, the subnetwork your instance is created under is associated with the location you provide. Required.
+Additionally, the subnetwork your instance is created under is associated with the location you provide.
-.. versionadded:: Nitrogen
+.. versionadded:: 2017.7.0
 tags
 ----
@ -526,7 +527,7 @@ not possible to add/remove existing instances to a network.
    salt-cloud -f create_network gce name=mynet cidr=10.10.10.0/24
    salt-cloud -f create_network gce name=mynet mode=auto description=some optional info.
-.. versionchanged:: Nitrogen
+.. versionchanged:: 2017.7.0
 Destroy network
 ---------------
@ -546,7 +547,8 @@ Specify the network name to view information about the network.
    salt-cloud -f show_network gce name=mynet
 Create subnetwork
--------------
+-----------------
 New subnetworks require a name, region, and CIDR range.
 Optionally, 'description' can be provided to add an extra note to your subnetwork.
 New instances can be created and added to this subnetwork by setting the subnetwork name during create. It is
@ -557,10 +559,11 @@ not possible to add/remove existing instances to a subnetwork.
    salt-cloud -f create_subnetwork gce name=mynet network=mynet region=us-central1 cidr=10.0.10.0/24
    salt-cloud -f create_subnetwork gce name=mynet network=mynet region=us-central1 cidr=10.10.10.0/24 description=some info about my subnet.
-.. versionadded:: Nitrogen
+.. versionadded:: 2017.7.0
 Destroy subnetwork
---------------
+------------------
 Destroy a subnetwork by specifying the name and region. If a resource is currently using
 the target subnetwork an exception will be raised.
@ -568,17 +571,18 @@ the target subnetwork an exception will be raised.
    salt-cloud -f delete_subnetwork gce name=mynet region=us-central1
-.. versionadded:: Nitrogen
+.. versionadded:: 2017.7.0
 Show subnetwork
------------
+---------------
 Specify the subnetwork name to view information about the subnetwork.
 .. code-block:: bash
    salt-cloud -f show_subnetwork gce name=mynet
-.. versionadded:: Nitrogen
+.. versionadded:: 2017.7.0
 Create address
 --------------
--- a/doc/topics/cloud/index.rst
+++ b/doc/topics/cloud/index.rst
@ -64,7 +64,9 @@ automatically installed salt-cloud for you. Use your distribution's package
 manager to install the ``salt-cloud`` package from the same repo that you
 used to install Salt.  These repos will automatically be setup by Salt Bootstrap.
-If there is no salt-cloud package, install with ``pip install salt-cloud``.
+Alternatively, the ``-L`` option can be passed to the `Salt Bootstrap`_ script when
 installing Salt. The ``-L`` option will install ``salt-cloud`` and the required
 ``libcloud`` package.
 .. _`Salt Bootstrap`: https://github.com/saltstack/salt-bootstrap
@ -117,6 +119,7 @@ Cloud Provider Specifics
        Getting Started With Libvirt <libvirt>
        Getting Started With Linode <linode>
        Getting Started With LXC <lxc>
        Getting Started With OneAndOne <oneandone>
        Getting Started With OpenNebula <opennebula>
        Getting Started With OpenStack <openstack>
        Getting Started With Parallels <parallels>
--- a/doc/topics/cloud/joyent.rst
+++ b/doc/topics/cloud/joyent.rst
@ -49,7 +49,7 @@ Set up an initial profile at ``/etc/salt/cloud.profiles`` or in the
 .. code-block:: yaml
-    joyent_512
+    joyent_512:
      provider: my-joyent-config
      size: g4-highcpu-512M
      image: ubuntu-16.04
--- a/doc/topics/cloud/libvirt.rst
+++ b/doc/topics/cloud/libvirt.rst
@ -8,10 +8,14 @@ libvirt with qemu-kvm.
 http://www.libvirt.org/
-Dependencies
+Host Dependencies
 ============
 * libvirt >= 1.2.18 (older might work)
 Salt-Cloud Dependencies
 ============
 * libvirt-python
 Provider Configuration
 ======================
@ -32,6 +36,8 @@ Set up the provider cloud configuration file at ``/etc/salt/cloud.providers`` or
    local-kvm:
      driver: libvirt
      url: qemu:///system
      # work around flag for XML validation errors while cloning
      validate_xml: no
 Cloud Profiles
 ==============
--- a/doc/topics/cloud/map.rst
+++ b/doc/topics/cloud/map.rst
@ -92,7 +92,7 @@ Any top level data element from your profile may be overridden in the map file:
      - web2:
        size: t2.nano
-As of Salt Nitrogen, nested elements are merged, and can can be specified
+As of Salt 2017.7.0, nested elements are merged, and can can be specified
 individually without having to repeat the complete definition for each top
 level data element. In this example a separate MAC is assigned to each VMware
 instance while inheriting device parameters for for disk and network
--- a/Show More
+++ b/Show More