Merge pull request #45412 from isbm/isbm-ssdp-spurious-errors-fix

Isbm ssdp spurious errors fix

doc/topics/releases/oxygen.rst

@@ -441,14 +441,77 @@ The new grains added are:
 * ``iscsi_iqn``: Show the iSCSI IQN name for a host
 * ``swap_total``: Show the configured swap_total for Linux, \*BSD, OS X and Solaris/SunOS
 
-Salt Minion Autodiscovery
+Salt Minion Auto-discovery
 ------------------------
 
-Salt Minion now no longer need to be configured against a specifig DNS name or IP address of a Master.
+Using auto-discovery, the Salt Minion now no longer needs to be configured
+against a specific DNS name or IP address of a Master.
 
 For this feature Salt Master now requires port 4520 for UDP broadcast packets to be opened
 and the Salt Minion be able to send UDP packets to the same port.
 
+Configuration
+=============
+
+By default, automatic discovery is disabled.
+
+..warning::
+   Due to the current limitations that will be changing in a future, before you turn on auto-discovery,
+   make sure your network is secured and trusted.
+
+Auto-discovery is configured on Master and Minion. Both of them are configured via the ``discovery`` option
+as follows:
+
+**Master configuration**
+
+To use the default configuration, which accepts any minion, simply set ``discovery`` to True:
+
+.. code-block:: yaml
+
+       discovery: true
+
+A sub-option called `mapping` allows auto-discovery to help find the proper
+Master. The mapping contains an arbitrary set of key/value pairs, which the
+Minion configuration can target. By default, no mappings are set.
+
+Example:
+
+.. code-block:: yaml
+
+       discovery:
+         mapping:
+           description: SES 5.0
+           node: 1
+
+It is also possible to change the port used from the default of ``4520``, by
+setting a ``port`` option under the Master's ``discovery`` configuration:
+
+.. code-block:: yaml
+
+    discovery:
+      port: 4567
+
+.. note::
+    When using a port number other than the default, the Minion's ``discovery``
+    configuraton must *also* have a port specified, otherwise the Minion will
+    still attempt to contact the Master on port ``4520``.
+
+**Minion configuration**
+
+In addition to the ``mapping`` and ``port`` options, the following additional options are available to Minions:
+
+- ``attempts`` - This option specifies how many broadcast requests should be
+  sent to the network, waiting for any Master response. Each attempt takes a
+  couple of seconds, so raising this value may result in a slower Minion
+  startup. Note that, on a properly-configured network, autodiscovery should
+  succeed on the first attempt. By default, this value is set to ``3``.
+- ``match`` - This option can be set to either ``all`` or ``any``, and it
+  determines how the values configured in ``mapping`` are matched. If set to
+  ``all``, then all of the key/value pairs in the Minion's ``mapping`` must
+  match a given Master. If set to ``any`` (the default), then any match to a
+  key/value mapping will constitute a match.
+- ``pause`` - The interval in seconds between attempts (default: 5).
+
 Connection to a type instead of DNS
 ===================================
 
@@ -458,7 +521,7 @@ Masters, each corresponds for a particular niche or environment or specific role
 is supposed to connect only to one of those Masters that is described approriately.
 
 To achieve such an effect, each `/etc/salt/master` configuration should have a `discovery` option,
-which should have a `mapping` element with arbitrary key/value pairs. The same configuration shoul
+which should have a `mapping` element with arbitrary key/value pairs. The same configuration should
 be on the Minion, so then when mapping matches, Minion recognises Master as its connection target.
 
 Example for Master configuration (`/etc/salt/master`):

salt/config/__init__.py

@@ -9,7 +9,6 @@ import os
 import re
 import sys
 import glob
-import getpass
 import time
 import codecs
 import logging
@@ -33,7 +32,6 @@ import salt.utils.user
 import salt.utils.validate.path
 import salt.utils.xdg
 import salt.utils.yaml
-import salt.utils.yamlloader as yamlloader
 import salt.utils.zeromq
 import salt.syspaths
 import salt.exceptions
@@ -1172,25 +1170,6 @@ VALID_OPTS = {
     # Setting it to False disables discovery
     'discovery': (dict, bool),
 
-    # SSDP discovery mapping
-    # Defines arbitrary data for description and grouping minions across various types of masters,
-    # especially when masters are not related to each other.
-    'mapping': dict,
-
-    # SSDP discovery mapping matcher policy
-    # Values: "any" where at least one key/value pair should be found or
-    # "all", where every key/value should be identical
-    'match': six.string_types,
-
-    # Port definition.
-    'port': int,
-
-    # SSDP discovery attempts to send query to the Universe
-    'attempts': int,
-
-    # SSDP discovery pause between the attempts
-    'pause': int,
-
     # Scheduler should be a dictionary
     'schedule': dict,
 
@@ -1496,13 +1475,7 @@ DEFAULT_MINION_OPTS = {
         'automatic': ['IPAddress', 'Gateway',
                       'GlobalIPv6Address', 'IPv6Gateway'],
     },
-    'discovery': {
-        'attempts': 3,
-        'pause': 5,
-        'port': 4520,
-        'match': 'any',
-        'mapping': {},
-    },
+    'discovery': False,
     'schedule': {},
 }
 
@@ -1833,10 +1806,7 @@ DEFAULT_MASTER_OPTS = {
     'salt_cp_chunk_size': 98304,
     'require_minion_sign_messages': False,
     'drop_messages_signature_fail': False,
-    'discovery': {
-        'port': 4520,
-        'mapping': {},
-    },
+    'discovery': False,
     'schedule': {},
     'auth_events': True,
     'minion_data_cache_events': True,
@@ -3811,10 +3781,31 @@ def apply_minion_config(overrides=None,
 
     # Check and update TLS/SSL configuration
     _update_ssl_config(opts)
+    _update_discovery_config(opts)
 
     return opts
 
 
+def _update_discovery_config(opts):
+    '''
+    Update discovery config for all instances.
+
+    :param opts:
+    :return:
+    '''
+    if opts.get('discovery') not in (None, False):
+        if opts['discovery'] is True:
+            opts['discovery'] = {}
+        discovery_config = {'attempts': 3, 'pause': 5, 'port': 4520, 'match': 'any', 'mapping': {}}
+        for key in opts['discovery']:
+            if key not in discovery_config:
+                raise salt.exceptions.SaltConfigurationError('Unknown discovery option: {0}'.format(key))
+        if opts.get('__role') != 'minion':
+            for key in ['attempts', 'pause', 'match']:
+                del discovery_config[key]
+        opts['discovery'] = salt.utils.dictupdate.update(discovery_config, opts['discovery'], True, True)
+
+
 def master_config(path, env_var='SALT_MASTER_CONFIG', defaults=None, exit_on_config_errors=False):
     '''
     Reads in the master configuration file and sets up default options
@@ -3867,7 +3858,6 @@ def apply_master_config(overrides=None, defaults=None):
     '''
     Returns master configurations dict.
     '''
-    import salt.crypt
     if defaults is None:
         defaults = DEFAULT_MASTER_OPTS
 
@@ -4009,6 +3999,7 @@ def apply_master_config(overrides=None, defaults=None):
 
     # Check and update TLS/SSL configuration
     _update_ssl_config(opts)
+    _update_discovery_config(opts)
 
     return opts
 

salt/master.py

@@ -86,7 +86,6 @@ import salt.utils.verify
 import salt.utils.zeromq
 from salt.config import DEFAULT_INTERVAL
 from salt.defaults import DEFAULT_TARGET_DELIM
-from salt.config import DEFAULT_MASTER_OPTS
 from salt.exceptions import FileserverConfigError
 from salt.transport import iter_transport_opts
 from salt.utils.debug import (
@@ -751,7 +750,7 @@ class Master(SMaster):
             if self.opts['discovery']:
                 if salt.utils.ssdp.SSDPDiscoveryServer.is_available():
                     self.process_manager.add_process(salt.utils.ssdp.SSDPDiscoveryServer(
-                        port=self.opts['discovery'].get('port', DEFAULT_MASTER_OPTS['discovery']['port']),
+                        port=self.opts['discovery']['port'],
                         listen_ip=self.opts['interface'],
                         answer={'mapping': self.opts['discovery'].get('mapping', {})}).run)
                 else:

salt/minion.py

@@ -734,7 +734,7 @@ class MinionBase(object):
                     break
 
             if masters:
-                policy = self.opts.get('discovery', {}).get('match', DEFAULT_MINION_OPTS['discovery']['match'])
+                policy = self.opts.get('discovery', {}).get('match', 'any')
                 if policy not in ['any', 'all']:
                     log.error('SSDP configuration matcher failure: unknown value "{0}". '
                               'Should be "any" or "all"'.format(policy))