valitydev/salt
14
0
Fork 0
mirror of https://github.com/valitydev/salt.git synced 2024-11-07 17:09:03 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge branch 'develop' into datadog-events_api

Browse Source
This commit is contained in:
garethgreenaway 2017-07-27 16:39:46 -07:00 committed by GitHub
commit b08627949a
520 changed files with 8213 additions and 3927 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
.github/stale.yml vendored
View File

@ -1,8 +1,8 @@
# Probot Stale configuration file
# Number of days of inactivity before an issue becomes stale
# 1200 is approximately 3 years and 3 months
daysUntilStale: 1200
# 1145 is approximately 3 years and 2 months
daysUntilStale: 1145
# Number of days of inactivity before a stale issue is closed
daysUntilClose: 7

18
conf/master
View File

@ -311,6 +311,9 @@
# public keys from the minions. Note that this is insecure.
#auto_accept: False
# The size of key that should be generated when creating new keys.
#keysize: 2048
# Time in minutes that an incoming public key with a matching name found in
# pki_dir/minion_autosign/keyid is automatically accepted. Expired autosign keys
# are removed when the master checks the minion_autosign directory.
@ -968,6 +971,21 @@
#pillar_cache_backend: disk
###### Reactor Settings #####
###########################################
# Define a salt reactor. See https://docs.saltstack.com/en/latest/topics/reactor/
#reactor: []
#Set the TTL for the cache of the reactor configuration.
#reactor_refresh_interval: 60
#Configure the number of workers for the runner/wheel in the reactor.
#reactor_worker_threads: 10
#Define the queue size for workers in the reactor.
#reactor_worker_hwm: 10000
##### Syndic settings #####
##########################################
# The Salt syndic is used to pass commands through a master from a higher

18
conf/minion
View File

@ -620,6 +620,9 @@
# you do so at your own risk!
#open_mode: False
# The size of key that should be generated when creating new keys.
#keysize: 2048
# Enable permissive access to the salt keys. This allows you to run the
# master or minion as root, but have a non-root group be given access to
# your pki_dir. To make the access explicit, root must belong to the group
@ -661,6 +664,21 @@
# ssl_version: PROTOCOL_TLSv1_2
###### Reactor Settings #####
###########################################
# Define a salt reactor. See https://docs.saltstack.com/en/latest/topics/reactor/
#reactor: []
#Set the TTL for the cache of the reactor configuration.
#reactor_refresh_interval: 60
#Configure the number of workers for the runner/wheel in the reactor.
#reactor_worker_threads: 10
#Define the queue size for workers in the reactor.
#reactor_worker_hwm: 10000
###### Thread settings #####
###########################################
# Disable multiprocessing support, by default when a minion receives a

33
doc/conf.py
View File

@ -72,12 +72,12 @@ MOCK_MODULES = [
'Crypto.Signature',
'Crypto.Signature.PKCS1_v1_5',
'M2Crypto',
'msgpack',
'yaml',
'yaml.constructor',
'yaml.nodes',
'yaml.parser',
'yaml.scanner',
'salt.utils.yamlloader',
'zmq',
'zmq.eventloop',
'zmq.eventloop.ioloop',
@ -126,7 +126,6 @@ MOCK_MODULES = [
'ClusterShell',
'ClusterShell.NodeSet',
'django',
'docker',
'libvirt',
'MySQLdb',
'MySQLdb.cursors',
@ -176,7 +175,7 @@ MOCK_MODULES = [
for mod_name in MOCK_MODULES:
if mod_name == 'psutil':
mock = Mock(mapping={'total': 0, 'version_info': (0, 6,0)}) # Otherwise it will crash Sphinx
mock = Mock(mapping={'total': 0}) # Otherwise it will crash Sphinx
else:
mock = Mock()
sys.modules[mod_name] = mock
@ -246,9 +245,9 @@ on_saltstack = 'SALT_ON_SALTSTACK' in os.environ
project = 'Salt'
version = salt.version.__version__
latest_release = '2016.11.6' # latest release
previous_release = '2016.3.6' # latest release from previous branch
previous_release_dir = '2016.3' # path on web server for previous branch
latest_release = '2017.7.0' # latest release
previous_release = '2016.11.6' # latest release from previous branch
previous_release_dir = '2016.11' # path on web server for previous branch
next_release = '' # next release
next_release_dir = '' # path on web server for next release branch
@ -259,8 +258,8 @@ if on_saltstack:
copyright = time.strftime("%Y")
# < --- START do not merge these settings to other branches START ---> #
build_type = 'develop' # latest, previous, develop, next
release = version # version, latest_release, previous_release
build_type = 'latest' # latest, previous, develop, next
release = latest_release # version, latest_release, previous_release
# < --- END do not merge these settings to other branches END ---> #
# Set google custom search engine
@ -321,11 +320,21 @@ rst_prolog = """\
.. _`salt-packagers`: https://groups.google.com/forum/#!forum/salt-packagers
.. |windownload| raw:: html
<p>x86: <a href="https://repo.saltstack.com/windows/Salt-Minion-{release}-x86-Setup.exe"><strong>Salt-Minion-{release}-x86-Setup.exe</strong></a>
| <a href="https://repo.saltstack.com/windows/Salt-Minion-{release}-x86-Setup.exe.md5"><strong>md5</strong></a></p>
<p>Python2 x86: <a
href="https://repo.saltstack.com/windows/Salt-Minion-{release}-Py2-x86-Setup.exe"><strong>Salt-Minion-{release}-x86-Setup.exe</strong></a>
| <a href="https://repo.saltstack.com/windows/Salt-Minion-{release}-Py2-x86-Setup.exe.md5"><strong>md5</strong></a></p>
<p>Python2 AMD64: <a
href="https://repo.saltstack.com/windows/Salt-Minion-{release}-Py2-AMD64-Setup.exe"><strong>Salt-Minion-{release}-AMD64-Setup.exe</strong></a>
| <a href="https://repo.saltstack.com/windows/Salt-Minion-{release}-Py2-AMD64-Setup.exe.md5"><strong>md5</strong></a></p>
<p>Python3 x86: <a
href="https://repo.saltstack.com/windows/Salt-Minion-{release}-Py3-x86-Setup.exe"><strong>Salt-Minion-{release}-x86-Setup.exe</strong></a>
| <a href="https://repo.saltstack.com/windows/Salt-Minion-{release}-Py3-x86-Setup.exe.md5"><strong>md5</strong></a></p>
<p>Python3 AMD64: <a
href="https://repo.saltstack.com/windows/Salt-Minion-{release}-Py3-AMD64-Setup.exe"><strong>Salt-Minion-{release}-AMD64-Setup.exe</strong></a>
| <a href="https://repo.saltstack.com/windows/Salt-Minion-{release}-Py3-AMD64-Setup.exe.md5"><strong>md5</strong></a></p>
<p>AMD64: <a href="https://repo.saltstack.com/windows/Salt-Minion-{release}-AMD64-Setup.exe"><strong>Salt-Minion-{release}-AMD64-Setup.exe</strong></a>
| <a href="https://repo.saltstack.com/windows/Salt-Minion-{release}-AMD64-Setup.exe.md5"><strong>md5</strong></a></p>
.. |osxdownload| raw:: html

28
doc/faq.rst
View File

@ -190,6 +190,8 @@ PATH using a :mod:`file.symlink <salt.states.file.symlink>` state.
file.symlink:
- target: /usr/local/bin/foo
.. _which-version:
Can I run different versions of Salt on my Master and Minion?
-------------------------------------------------------------
@ -319,7 +321,27 @@ Restart using states
********************
Now we can apply the workaround to restart the Minion in reliable way.
The following example works on both UNIX-like and Windows operating systems:
The following example works on UNIX-like operating systems:
.. code-block:: jinja
{%- if grains['os'] != 'Windows' %
Restart Salt Minion:
cmd.run:
- name: 'salt-call --local service.restart salt-minion'
- bg: True
- onchanges:
- pkg: Upgrade Salt Minion
{%- endif %}
Note that restarting the ``salt-minion`` service on Windows operating systems is
not always necessary when performing an upgrade. The installer stops the
``salt-minion`` service, removes it, deletes the contents of the ``\salt\bin``
directory, installs the new code, re-creates the ``salt-minion`` service, and
starts it (by default). The restart step **would** be necessary during the
upgrade process, however, if the minion config was edited after the upgrade or
installation. If a minion restart is necessary, the state above can be edited
as follows:
.. code-block:: jinja
@ -335,8 +357,8 @@ The following example works on both UNIX-like and Windows operating systems:
- pkg: Upgrade Salt Minion
However, it requires more advanced tricks to upgrade from legacy version of
Salt (before ``2016.3.0``), where executing commands in the background is not
supported:
Salt (before ``2016.3.0``) on UNIX-like operating systems, where executing
commands in the background is not supported:
.. code-block:: jinja

461
doc/ref/configuration/master.rst
View File

@ -94,64 +94,6 @@ The user to run the Salt processes
user: root
.. conf_master:: max_open_files
``max_open_files``
------------------
Default: ``100000``
Each minion connecting to the master uses AT LEAST one file descriptor, the
master subscription connection. If enough minions connect you might start
seeing on the console(and then salt-master crashes):
.. code-block:: bash
Too many open files (tcp_listener.cpp:335)
Aborted (core dumped)
.. code-block:: yaml
max_open_files: 100000
By default this value will be the one of `ulimit -Hn`, i.e., the hard limit for
max open files.
To set a different value than the default one, uncomment, and configure this
setting. Remember that this value CANNOT be higher than the hard limit. Raising
the hard limit depends on the OS and/or distribution, a good way to find the
limit is to search the internet for something like this:
.. code-block:: text
raise max open files hard limit debian
.. conf_master:: worker_threads
``worker_threads``
------------------
Default: ``5``
The number of threads to start for receiving commands and replies from minions.
If minions are stalling on replies because you have many minions, raise the
worker_threads value.
Worker threads should not be put below 3 when using the peer system, but can
drop down to 1 worker otherwise.
.. note::
When the master daemon starts, it is expected behaviour to see
multiple salt-master processes, even if 'worker_threads' is set to '1'. At
a minimum, a controlling process will start along with a Publisher, an
EventPublisher, and a number of MWorker processes will be started. The
number of MWorker processes is tuneable by the 'worker_threads'
configuration value while the others are not.
.. code-block:: yaml
worker_threads: 5
.. conf_master:: ret_port
``ret_port``
@ -248,6 +190,9 @@ each of Salt's module types such as ``runners``, ``output``, ``wheel``,
extension_modules: /root/salt_extmods
.. conf_master:: extmod_whitelist
.. conf_master:: extmod_blacklist
``extmod_whitelist/extmod_blacklist``
-------------------------------------
@ -943,6 +888,74 @@ to socket concurrently.
sock_pool_size: 15
.. conf_master:: ipc_mode
``ipc_mode``
------------
Default: ``ipc``
The ipc strategy. (i.e., sockets versus tcp, etc.) Windows platforms lack
POSIX IPC and must rely on TCP based inter-process communications. ``ipc_mode``
is set to ``tcp`` by default on Windows.
.. code-block:: yaml
ipc_mode: ipc
.. conf_master::
``tcp_master_pub_port``
-----------------------
Default: ``4512``
The TCP port on which events for the master should be published if ``ipc_mode`` is TCP.
.. code-block:: yaml
tcp_master_pub_port: 4512
.. conf_master:: tcp_master_pull_port
``tcp_master_pull_port``
------------------------
Default: ``4513``
The TCP port on which events for the master should be pulled if ``ipc_mode`` is TCP.
.. code-block:: yaml
tcp_master_pull_port: 4513
.. conf_master:: tcp_master_publish_pull
``tcp_master_publish_pull``
---------------------------
Default: ``4514``
The TCP port on which events for the master should be pulled fom and then republished onto
the event bus on the master.
.. code-block:: yaml
tcp_master_publish_pull: 4514
.. conf_master:: tcp_master_workers
``tcp_master_workers``
----------------------
Default: ``4515``
The TCP port for ``mworkers`` to connect to on the master.
.. code-block:: yaml
tcp_master_workers: 4515
.. _salt-ssh-configuration:
@ -1189,6 +1202,19 @@ public keys from minions.
auto_accept: False
.. conf_master:: keysize
``keysize``
-----------
Default: ``2048``
The size of key that should be generated when creating new keys.
.. code-block:: yaml
keysize: 2048
.. conf_master:: autosign_timeout
``autosign_timeout``
@ -1233,6 +1259,24 @@ minion IDs for which keys will automatically be rejected. Will override both
membership in the :conf_master:`autosign_file` and the
:conf_master:`auto_accept` setting.
.. conf_master:: permissive_pki_access
``permissive_pki_access``
-------------------------
Default: ``False``
Enable permissive access to the salt keys. This allows you to run the
master or minion as root, but have a non-root group be given access to
your pki_dir. To make the access explicit, root must belong to the group
you've given access to. This is potentially quite insecure. If an autosign_file
is specified, enabling permissive_pki_access will allow group access to that
specific file.
.. code-block:: yaml
permissive_pki_access: False
.. conf_master:: publisher_acl
``publisher_acl``
@ -1275,6 +1319,20 @@ This is completely disabled by default.
- cmd.*
- test.echo
.. conf_master:: sudo_acl
``sudo_acl``
------------
Default: ``False``
Enforce ``publisher_acl`` and ``publisher_acl_blacklist`` when users have sudo
access to the salt command.
.. code-block:: yaml
sudo_acl: False
.. conf_master:: external_auth
``external_auth``
@ -1459,6 +1517,19 @@ Do not disable this unless it is absolutely clear what this does.
rotate_aes_key: True
.. conf_master:: publish_session
``publish_session``
-------------------
Default: ``86400``
The number of seconds between AES key rotations on the master.
.. code-block:: yaml
publish_session: Default: 86400
.. conf_master:: ssl
``ssl``
@ -1489,6 +1560,24 @@ constant names without ssl module prefix: ``CERT_REQUIRED`` or ``PROTOCOL_SSLv23
``allow_minion_key_revoke``
---------------------------
Default: ``False``
By default, the master deletes its cache of minion data when the key for that
minion is removed. To preserve the cache after key deletion, set
``preserve_minion_cache`` to True.
WARNING: This may have security implications if compromised minions auth with
a previous deleted minion ID.
.. code-block:: yaml
preserve_minion_cache: False
.. conf_master:: allow_minion_key_revoke
``allow_minion_key_revoke``
---------------------------
Default: ``True``
Controls whether a minion can request its own key revocation. When True
@ -1501,6 +1590,127 @@ the master will drop the request and the minion's key will remain accepted.
rotate_aes_key: True
Master Large Scale Tuning Settings
==================================
.. conf_master:: max_open_files
``max_open_files``
------------------
Default: ``100000``
Each minion connecting to the master uses AT LEAST one file descriptor, the
master subscription connection. If enough minions connect you might start
seeing on the console(and then salt-master crashes):
.. code-block:: bash
Too many open files (tcp_listener.cpp:335)
Aborted (core dumped)
.. code-block:: yaml
max_open_files: 100000
By default this value will be the one of `ulimit -Hn`, i.e., the hard limit for
max open files.
To set a different value than the default one, uncomment, and configure this
setting. Remember that this value CANNOT be higher than the hard limit. Raising
the hard limit depends on the OS and/or distribution, a good way to find the
limit is to search the internet for something like this:
.. code-block:: text
raise max open files hard limit debian
.. conf_master:: worker_threads
``worker_threads``
------------------
Default: ``5``
The number of threads to start for receiving commands and replies from minions.
If minions are stalling on replies because you have many minions, raise the
worker_threads value.
Worker threads should not be put below 3 when using the peer system, but can
drop down to 1 worker otherwise.
.. note::
When the master daemon starts, it is expected behaviour to see
multiple salt-master processes, even if 'worker_threads' is set to '1'. At
a minimum, a controlling process will start along with a Publisher, an
EventPublisher, and a number of MWorker processes will be started. The
number of MWorker processes is tuneable by the 'worker_threads'
configuration value while the others are not.
.. code-block:: yaml
worker_threads: 5
.. conf_master:: pub_hwm
``pub_hwm``
-----------
Default: ``1000``
The zeromq high water mark on the publisher interface.
.. code-block:: yaml
pub_hwm: 1000
.. conf_master:: zmq_backlog
``zmq_backlog``
---------------
Default: ``1000``
The listen queue size of the ZeroMQ backlog.
.. code-block:: yaml
zmq_backlog: 1000
.. conf_master:: salt_event_pub_hwm
.. conf_master:: event_publisher_pub_hwm
``salt_event_pub_hwm`` and ``event_publisher_pub_hwm``
------------------------------------------------------
These two ZeroMQ High Water Mark settings, ``salt_event_pub_hwm`` and
``event_publisher_pub_hwm`` are significant for masters with thousands of
minions. When these are insufficiently high it will manifest in random
responses missing in the CLI and even missing from the job cache. Masters
that have fast CPUs and many cores with appropriate ``worker_threads``
will not need these set as high.
The ZeroMQ high-water-mark for the ``SaltEvent`` pub socket default is:
.. code-block:: yaml
salt_event_pub_hwm: 20000
The ZeroMQ high-water-mark for the ``EventPublisher`` pub socket default is:
.. code-block:: yaml
event_publisher_pub_hwm: 10000
As an example, on single master deployment with 8,000 minions, 2.4GHz CPUs,
24 cores, and 32GiB memory has these settings:
.. code-block:: yaml
salt_event_pub_hwm: 128000
event_publisher_pub_hwm: 64000
.. _master-module-management:
Master Module Management
@ -3242,6 +3452,26 @@ configuration.
pillar_opts: False
.. conf_master:: pillar_safe_render_error
``pillar_safe_render_error``
----------------------------
Default: ``True``
The pillar_safe_render_error option prevents the master from passing pillar
render errors to the minion. This is set on by default because the error could
contain templating data which would give that minion information it shouldn't
have, like a password! When set ``True`` the error message will only show:
.. code-block:: shell
Rendering SLS 'my.sls' failed. Please see master log for details.
.. code-block:: yaml
pillar_safe_render_error: True
.. _master-configuration-ext-pillar:
.. conf_master:: ext_pillar
@ -3912,6 +4142,62 @@ can be utilized:
pillar_cache_backend: disk
Master Reactor Settings
=======================
.. conf_master:: reactor
``reactor``
-----------
Default: ``[]``
Defines a salt reactor. See the :ref:`Reactor <reactor>` documentation for more
information.
.. code-block:: yaml
reactor: []
.. conf_master:: reactor_refresh_interval
``reactor_refresh_interval``
----------------------------
Default: ``60``
The TTL for the cache of the reactor configuration.
.. code-block:: yaml
reactor_refresh_interval: 60
.. conf_master:: reactor_worker_threads
``reactor_worker_threads``
--------------------------
Default: ``10``
The number of workers for the runner/wheel in the reactor.
.. code-block:: yaml
reactor_worker_threads: 10
.. conf_master:: reactor_worker_hwm
``reactor_worker_hwm``
----------------------
Default: ``10000``
The queue size for workers in the reactor.
.. code-block:: yaml
reactor_worker_hwm: 10000
.. _syndic-server-settings:
Syndic Server Settings
@ -4378,6 +4664,63 @@ option then the master will log a warning message.
- /etc/roles/webserver
Keepalive Settings
==================
.. conf_master:: tcp_keepalive
``tcp_keepalive``
-----------------
Default: ``True``
The tcp keepalive interval to set on TCP ports. This setting can be used to tune Salt
connectivity issues in messy network environments with misbehaving firewalls.
.. code-block:: yaml
tcp_keepalive: True
.. conf_master:: tcp_keepalive_cnt
``tcp_keepalive_cnt``
---------------------
Default: ``-1``
Sets the ZeroMQ TCP keepalive count. May be used to tune issues with minion disconnects.
.. code-block:: yaml
tcp_keepalive_cnt: -1
.. conf_master:: tcp_keepalive_idle
``tcp_keepalive_idle``
----------------------
Default: ``300``
Sets ZeroMQ TCP keepalive idle. May be used to tune issues with minion disconnects.
.. code-block:: yaml
tcp_keepalive_idle: 300
.. conf_master:: tcp_keepalive_intvl
``tcp_keepalive_intvl``
-----------------------
Default: ``-1``
Sets ZeroMQ TCP keepalive interval. May be used to tune issues with minion disconnects.
.. code-block:: yaml
tcp_keepalive_intvl': -1
.. _winrepo-master-config-opts:
Windows Software Repo Settings
@ -4516,7 +4859,7 @@ URL of the repository:
.. code-block:: yaml
winrepo_remotes:
winrepo_remotes_ng:
- '<commit_id> https://github.com/saltstack/salt-winrepo-ng.git'
Replace ``<commit_id>`` with the SHA1 hash of a commit ID. Specifying a commit

300
doc/ref/configuration/minion.rst
View File

@ -782,6 +782,20 @@ seconds each iteration.
acceptance_wait_time_max: 0
.. conf_minion:: rejected_retry
``rejected_retry``
------------------
Default: ``False``
If the master rejects the minion's public key, retry instead of exiting.
Rejected keys will be handled the same as waiting on acceptance.
.. code-block:: yaml
rejected_retry: False
.. conf_minion:: random_reauth_delay
``random_reauth_delay``
@ -1212,7 +1226,7 @@ If certain returners should be disabled, this is the place
.. conf_minion:: enable_whitelist_modules
``whitelist_modules``
----------------------------
---------------------
Default: ``[]`` (Module whitelisting is disabled. Adding anything to the config option
will cause only the listed modules to be enabled. Modules not in the list will
@ -1304,6 +1318,20 @@ A list of extra directories to search for Salt renderers
render_dirs:
- /var/lib/salt/renderers
.. conf_minion:: utils_dirs
``utils_dirs``
--------------
Default: ``[]``
A list of extra directories to search for Salt utilities
.. code-block:: yaml
utils_dirs:
- /var/lib/salt/utils
.. conf_minion:: cython_enable
``cython_enable``
@ -1352,6 +1380,23 @@ below.
providers:
service: systemd
.. conf_minion:: modules_max_memory
``modules_max_memory``
----------------------
Default: ``-1``
Specify a max size (in bytes) for modules on import. This feature is currently
only supported on *nix operating systems and requires psutil.
.. code-block:: yaml
modules_max_memory: -1
.. conf_minion:: extmod_whitelist
.. conf_minion:: extmod_blacklist
``extmod_whitelist/extmod_blacklist``
-------------------------------------
@ -1374,8 +1419,8 @@ whitelist an empty list.
modules:
- specific_module
Valid options:
- beacons
- clouds
- sdb
@ -1521,6 +1566,52 @@ environment lacks one.
default_top: dev
.. conf_minion:: startup_states
``startup_states``
------------------
Default: ``''``
States to run when the minion daemon starts. To enable, set ``startup_states`` to:
- ``highstate``: Execute state.highstate
- ``sls``: Read in the sls_list option and execute the named sls files
- ``top``: Read top_file option and execute based on that file on the Master
.. code-block:: yaml
startup_states: ''
.. conf_minion:: sls_list
``sls_list``
------------
Default: ``[]``
List of states to run when the minion starts up if ``startup_states`` is set to ``sls``.
.. code-block:: yaml
sls_list:
- edit.vim
- hyper
.. conf_minion:: top_file
``top_file``
------------
Default: ``''``
Top file to execute if ``startup_states`` is set to ``top``.
.. code-block:: yaml
top_file: ''
State Management Settings
=========================
@ -1537,7 +1628,7 @@ The default renderer used for local state executions
renderer: yaml_jinja
.. conf_master:: test
.. conf_minion:: test
``test``
--------
@ -2055,6 +2146,35 @@ before the initial key exchange. The master fingerprint can be found by running
master_finger: 'ba:30:65:2a:d6:9e:20:4f:d8:b2:f3:a7:d4:65:11:13'
.. conf_minion:: keysize
``keysize``
-----------
Default: ``2048``
The size of key that should be generated when creating new keys.
.. code-block:: yaml
keysize: 2048
.. conf_minion:: permissive_pki_access
``permissive_pki_access``
-------------------------
Default: ``False``
Enable permissive access to the salt keys. This allows you to run the
master or minion as root, but have a non-root group be given access to
your pki_dir. To make the access explicit, root must belong to the group
you've given access to. This is potentially quite insecure.
.. code-block:: yaml
permissive_pki_access: False
.. conf_minion:: verify_master_pubkey_sign
``verify_master_pubkey_sign``
@ -2162,7 +2282,7 @@ blocked. If `cmd_whitelist_glob` is NOT SET, then all shell commands are permitt
- 'cat /etc/fstab'
.. conf_master:: ssl
.. conf_minion:: ssl
``ssl``
-------
@ -2188,6 +2308,62 @@ constant names without ssl module prefix: ``CERT_REQUIRED`` or ``PROTOCOL_SSLv23
ssl_version: PROTOCOL_TLSv1_2
Reactor Settings
================
.. conf_minion:: reactor
``reactor``
-----------
Default: ``[]``
Defines a salt reactor. See the :ref:`Reactor <reactor>` documentation for more
information.
.. code-block:: yaml
reactor: []
.. conf_minion:: reactor_refresh_interval
``reactor_refresh_interval``
----------------------------
Default: ``60``
The TTL for the cache of the reactor configuration.
.. code-block:: yaml
reactor_refresh_interval: 60
.. conf_minion:: reactor_worker_threads
``reactor_worker_threads``
--------------------------
Default: ``10``
The number of workers for the runner/wheel in the reactor.
.. code-block:: yaml
reactor_worker_threads: 10
.. conf_minion:: reactor_worker_hwm
``reactor_worker_hwm``
----------------------
Default: ``10000``
The queue size for workers in the reactor.
.. code-block:: yaml
reactor_worker_hwm: 10000
Thread Settings
===============
@ -2458,6 +2634,62 @@ option then the minion will log a warning message.
- /etc/roles/webserver
Keepalive Settings
==================
.. conf_minion:: tcp_keepalive
``tcp_keepalive``
-----------------
Default: ``True``
The tcp keepalive interval to set on TCP ports. This setting can be used to tune Salt
connectivity issues in messy network environments with misbehaving firewalls.
.. code-block:: yaml
tcp_keepalive: True
.. conf_minion:: tcp_keepalive_cnt
``tcp_keepalive_cnt``
---------------------
Default: ``-1``
Sets the ZeroMQ TCP keepalive count. May be used to tune issues with minion disconnects.
.. code-block:: yaml
tcp_keepalive_cnt: -1
.. conf_minion:: tcp_keepalive_idle
``tcp_keepalive_idle``
----------------------
Default: ``300``
Sets ZeroMQ TCP keepalive idle. May be used to tune issues with minion disconnects.
.. code-block:: yaml
tcp_keepalive_idle: 300
.. conf_minion:: tcp_keepalive_intvl
``tcp_keepalive_intvl``
-----------------------
Default: ``-1``
Sets ZeroMQ TCP keepalive interval. May be used to tune issues with minion disconnects.
.. code-block:: yaml
tcp_keepalive_intvl': -1
Frozen Build Update Settings
============================
@ -2559,6 +2791,36 @@ out.
winrepo_dir: 'D:\winrepo'
.. conf_minion:: winrepo_dir_ng
``winrepo_dir_ng``
------------------
.. versionadded:: 2015.8.0
A new :ref:`ng <windows-package-manager>` repo was added.
Default: ``/srv/salt/win/repo-ng``
Location on the minion where the :conf_minion:`winrepo_remotes_ng` are checked
out for 2015.8.0 and later minions.
.. code-block:: yaml
winrepo_dir_ng: /srv/salt/win/repo-ng
.. conf_minion:: winrepo_source_dir
``winrepo_source_dir``
----------------------
Default: ``salt://win/repo-ng/``
The source location for the winrepo sls files.
.. code-block:: yaml
winrepo_source_dir: salt://win/repo-ng/
.. conf_minion:: winrepo_cachefile
.. conf_minion:: win_repo_cachefile
@ -2611,3 +2873,33 @@ URL of the repository:
Replace ``<commit_id>`` with the SHA1 hash of a commit ID. Specifying a commit
ID is useful in that it allows one to revert back to a previous version in the
event that an error is introduced in the latest revision of the repo.
.. conf_minion:: winrepo_remotes_ng
``winrepo_remotes_ng``
----------------------
.. versionadded:: 2015.8.0
A new :ref:`ng <windows-package-manager>` repo was added.
Default: ``['https://github.com/saltstack/salt-winrepo-ng.git']``
List of git repositories to checkout and include in the winrepo for
2015.8.0 and later minions.
.. code-block:: yaml
winrepo_remotes_ng:
- https://github.com/saltstack/salt-winrepo-ng.git
To specify a specific revision of the repository, prepend a commit ID to the
URL of the repository:
.. code-block:: yaml
winrepo_remotes_ng:
- '<commit_id> https://github.com/saltstack/salt-winrepo-ng.git'
Replace ``<commit_id>`` with the SHA1 hash of a commit ID. Specifying a commit
ID is useful in that it allows one to revert back to a previous version in the
event that an error is introduced in the latest revision of the repo.

4
doc/ref/states/all/index.rst
View File

@ -74,6 +74,10 @@ state modules
dellchassis
disk
docker
docker_container
docker_image
docker_network
docker_volume
drac
elasticsearch
elasticsearch_index

3
doc/topics/cloud/aws.rst
View File

@ -78,6 +78,7 @@ parameters are discussed in more detail below.
# RHEL -> ec2-user
# CentOS -> ec2-user
# Ubuntu -> ubuntu
# Debian -> admin
#
ssh_username: ec2-user
@ -470,7 +471,7 @@ EC2 API or AWS Console.
By default, the spot instance type is set to 'one-time', meaning it will
be launched and, if it's ever terminated for whatever reason, it will not
be recreated. If you would like your spot instances to be relaunched after
a termination (by your or AWS), set the ``type`` to 'persistent'.
a termination (by you or AWS), set the ``type`` to 'persistent'.
NOTE: Spot instances are a great way to save a bit of money, but you do
run the risk of losing your spot instances if the current price for the

16
doc/topics/cloud/azurearm.rst
View File

@ -6,7 +6,7 @@ Getting Started With Azure ARM
Azure is a cloud service by Microsoft providing virtual machines, SQL services,
media services, and more. Azure ARM (aka, the Azure Resource Manager) is a next
generatiom version of the Azure portal and API. This document describes how to
generation version of the Azure portal and API. This document describes how to
use Salt Cloud to create a virtual machine on Azure ARM, with Salt installed.
More information about Azure is located at `http://www.windowsazure.com/
@ -238,6 +238,20 @@ iface_name
Optional. The name to apply to the VM's network interface. If not supplied, the
value will be set to ``<VM name>-iface0``.
dns_servers
-----------
Optional. A **list** of the DNS servers to configure for the network interface
(will be set on the VM by the DHCP of the VNET).
.. code-block:: yaml
my-azurearm-profile:
provider: azurearm-provider
network: mynetwork
dns_servers:
- 10.1.1.4
- 10.1.1.5
availability_set
----------------
Optional. If set, the VM will be added to the specified availability set.

1
doc/topics/cloud/config.rst
View File

@ -371,7 +371,6 @@ both.
compute_name: cloudServersOpenStack
protocol: ipv4
compute_region: DFW
protocol: ipv4
user: myuser
tenant: 5555555
password: mypass

2
doc/topics/cloud/deploy.rst
View File

@ -89,7 +89,7 @@ functions include:
A good, well commented example of this process is the Fedora deployment
script:
https://github.com/saltstack/salt-cloud/blob/master/saltcloud/deploy/Fedora.sh
https://github.com/saltstack/salt/blob/develop/salt/cloud/deploy/Fedora.sh
A number of legacy deploy scripts are included with the release tarball. None
of them are as functional or complete as Salt Bootstrap, and are still included

4
doc/topics/cloud/index.rst
View File

@ -64,7 +64,9 @@ automatically installed salt-cloud for you. Use your distribution's package
manager to install the ``salt-cloud`` package from the same repo that you
used to install Salt. These repos will automatically be setup by Salt Bootstrap.
If there is no salt-cloud package, install with ``pip install salt-cloud``.
Alternatively, the ``-L`` option can be passed to the `Salt Bootstrap`_ script when
installing Salt. The ``-L`` option will install ``salt-cloud`` and the required
``libcloud`` package.
.. _`Salt Bootstrap`: https://github.com/saltstack/salt-bootstrap

4
doc/topics/cloud/profitbricks.rst
View File

@ -34,8 +34,8 @@ Configuration
#
username: user@domain.com
password: 123456
# datacenter is the UUID of a pre-existing virtual data center.
datacenter: 9e6709a0-6bf9-4bd6-8692-60349c70ce0e
# datacenter_id is the UUID of a pre-existing virtual data center.
datacenter_id: 9e6709a0-6bf9-4bd6-8692-60349c70ce0e
# Connect to public LAN ID 1.
public_lan: 1
ssh_public_key: /path/to/id_rsa.pub

4
doc/topics/cloud/qs.rst
View File

@ -12,7 +12,9 @@ automatically installed salt-cloud for you. Use your distribution's package
manager to install the ``salt-cloud`` package from the same repo that you
used to install Salt. These repos will automatically be setup by Salt Bootstrap.
If there is no salt-cloud package, install with ``pip install salt-cloud``.
Alternatively, the ``-L`` option can be passed to the `Salt Bootstrap`_ script when
installing Salt. The ``-L`` option will install ``salt-cloud`` and the required
``libcloud`` package.
.. _`Salt Bootstrap`: https://github.com/saltstack/salt-bootstrap

12
doc/topics/cloud/windows.rst
View File

@ -48,6 +48,15 @@ from saltstack.com:
.. __: https://repo.saltstack.com/windows/
.. _new-pywinrm:
Self Signed Certificates with WinRM
===================================
Salt-Cloud can use versions of ``pywinrm<=0.1.1`` or ``pywinrm>=0.2.1``.
For versions greater than `0.2.1`, ``winrm_verify_ssl`` needs to be set to
`False` if the certificate is self signed and not verifiable.
Firewall Settings
=================
@ -179,7 +188,8 @@ The default Windows user is `Administrator`, and the default Windows password
is blank.
If WinRM is to be used ``use_winrm`` needs to be set to `True`. ``winrm_port``
can be used to specify a custom port (must be HTTPS listener).
can be used to specify a custom port (must be HTTPS listener). And
``winrm_verify_ssl`` can be set to `False` to use a self signed certificate.
Auto-Generated Passwords on EC2

5
doc/topics/development/tests/integration.rst
View File

@ -371,6 +371,7 @@ on a minion event bus.
.. code-block:: python
import tests.integration as integration
import salt.utils.event
class TestEvent(integration.SaltEventAssertsMixin):
'''
@ -443,7 +444,7 @@ to test states:
from tests.support.mixins import SaltReturnAssertsMixin
# Import salt libs
import salt.utils
import salt.utils.files
HFILE = os.path.join(TMP, 'hosts')
@ -470,7 +471,7 @@ to test states:
ip = '10.10.10.10'
ret = self.run_state('host.present', name=name, ip=ip)
self.assertSaltTrueReturn(ret)
with salt.utils.fopen(HFILE) as fp_:
with salt.utils.files.fopen(HFILE) as fp_:
output = fp_.read()
self.assertIn('{0}\t\t{1}'.format(ip, name), output)

106
doc/topics/jinja/index.rst
View File

@ -150,6 +150,22 @@ starts at the root of the state tree or pillar.
.. _`macro`: http://jinja.pocoo.org/docs/templates/#macros
.. _`whitespace control`: http://jinja.pocoo.org/docs/templates/#whitespace-control
Errors
======
Saltstack allows to raise custom errors using the ``raise`` jinja function.
.. code-block:: jinja
{{ raise('Custom Error') }}
When rendering the template containing the above statement, a ``TemplateError``
exception is raised, causing the rendering to fail with the following message:
.. code-block:: text
TemplateError: Custom Error
Filters
=======
@ -335,7 +351,7 @@ Returns:
.. versionadded:: 2017.7.0
Wraps a text around quoutes.
This text will be wrapped in quotes.
.. jinja_ref:: regex_search
@ -750,19 +766,43 @@ Returns:
Check a whitelist and/or blacklist to see if the value matches it.
Example:
This filter can be used with either a whitelist or a blacklist individually,
or a whitelist and a blacklist can be passed simultaneously.
If whitelist is used alone, value membership is checked against the
whitelist only. If the value is found, the function returns ``True``.
Otherwise, it returns ``False``.
If blacklist is used alone, value membership is checked against the
blacklist only. If the value is found, the function returns ``False``.
Otherwise, it returns ``True``.
If both a whitelist and a blacklist are provided, value membership in the
blacklist will be examined first. If the value is not found in the blacklist,
then the whitelist is checked. If the value isn't found in the whitelist,
the function returns ``False``.
Whitelist Example:
.. code-block:: jinja
{{ 5 | check_whitelist_blacklist(whitelist=[5, 6, 7]) }}
{{ 5 | check_whitelist_blacklist(blacklist=[5, 6, 7]) }}
{{ 5 | check_whitelist_blacklist(whitelist=[5, 6, 7]) }}
Returns:
.. code-block:: python
True
True
Blacklist Example:
.. code-block:: jinja
{{ 5 | check_whitelist_blacklist(blacklist=[5, 6, 7]) }}
.. code-block:: python
False
.. jinja_ref:: date_format
@ -825,6 +865,13 @@ Example:
{{ 'wall of text' | to_bytes }}
.. note::
This option may have adverse effects when using the default renderer, ``yaml_jinja``.
This is due to the fact that YAML requires proper handling in regard to special
characters. Please see the section on :ref:`YAML ASCII support <yaml_plain_ascii>`
in the :ref:`YAML Idiosyncracies <yaml-idiosyncrasies>` documentation for more
information.
.. jinja_ref:: json_decode_list
@ -876,16 +923,22 @@ Returns:
------------
.. versionadded:: 2017.7.0
.. versionadded:: Oxygen
Renamed from ``rand_str`` to ``random_hash`` to more accurately describe
what the filter does.
Generate a random string and applies a hash. Default hashing: md5.
Generates a random number between 1 and the number passed to the filter, and
then hashes it. The default hash type is the one specified by the minion's
:conf_minion:`hash_type` config option, but an alternate hash type can be
passed to the filter as an argument.
Example:
.. code-block:: jinja
{% set passwd_length = 17 %}
{{ passwd_length | rand_str }}
{{ passwd_length | rand_str('sha512') }}
{% set num_range = 99999999 %}
{{ num_range | rand_str }}
{{ num_range | rand_str('sha512') }}
Returns:
@ -1186,7 +1239,7 @@ Example:
.. code-block:: jinja
{{ ['192.168.0.1', 'foo', 'bar', 'fe80::'] | ipv4 }}
{{ ['192.168.0.1', 'foo', 'bar', 'fe80::'] | ipv6 }}
Returns:
@ -1202,7 +1255,12 @@ Returns:
.. versionadded:: 2017.7.0
Return the list of hosts within a networks.
Return the list of hosts within a networks. This utility works for both IPv4 and IPv6.
.. note::
When running this command with a large IPv6 network, the command will
take a long time to gather all of the hosts.
Example:
@ -1224,7 +1282,7 @@ Returns:
.. versionadded:: 2017.7.0
Return the size of the network.
Return the size of the network. This utility works for both IPv4 and IPv6.
Example:
@ -1284,6 +1342,13 @@ Example:
{{ '00:11:22:33:44:55' | mac_str_to_bytes }}
.. note::
This option may have adverse effects when using the default renderer, ``yaml_jinja``.
This is due to the fact that YAML requires proper handling in regard to special
characters. Please see the section on :ref:`YAML ASCII support <yaml_plain_ascii>`
in the :ref:`YAML Idiosyncracies <yaml-idiosyncrasies>` documentation for more
information.
.. jinja_ref:: dns_check
@ -1684,6 +1749,23 @@ Will insert the following message in the minion logs:
.. jinja_ref:: custom-execution-modules
Python Methods
====================
A powerful feature of jinja that is only hinted at in the official jinja
documentation is that you can use the native python methods of the
variable type. Here is the python documentation for `string methods`_.
.. code-block:: jinja
{% set hostname,domain = grains.id.partition('.')[::2] %}{{ hostname }}
.. code-block:: jinja
{% set strings = grains.id.split('-') %}{{ strings[0] }}
.. _`string methods`: https://docs.python.org/2/library/stdtypes.html#string-methods
Custom Execution Modules
========================

4
doc/topics/network_automation/index.rst
View File

@ -40,7 +40,7 @@ and the interaction with the network device does not rely on a particular vendor
.. image:: /_static/napalm_logo.png
Beginning with Nitrogen, the NAPALM modules have been transformed so they can
Beginning with 2017.7.0, the NAPALM modules have been transformed so they can
run in both proxy and regular minions. That means, if the operating system
allows, the salt-minion package can be installed directly on the network gear.
The interface between the network operating system and Salt in that case would
@ -50,7 +50,7 @@ For example, if the user installs the
salt-minion on a Arista switch, the only requirement is
`napalm-eos <https://github.com/napalm-automation/napalm-eos>`_.
The following modules are available in Nitrogen:
The following modules are available in 2017.7.0:
- :mod:`NAPALM grains <salt.grains.napalm>`
- :mod:`NET execution module <salt.modules.napalm_network>` - Networking basic

5
doc/topics/releases/2016.11.7.rst Normal file
View File

@ -0,0 +1,5 @@
============================
Salt 2016.11.7 Release Notes
============================
Version 2016.11.7 is a bugfix release for :ref:`2016.11.0 <release-2016-11-0>`.

55
doc/topics/releases/2017.7.0.rst
View File

@ -28,12 +28,21 @@ The following salt-cloud drivers have known issues running with Python 3. These
- Joyent
- Any driver that relies on the `apache-libcloud` library such as cloudstack, dimenstiondata, gce, nova, and openstack
- When running under Python 3, users who require Unicode support should ensure that a locale is set on their machines.
Users using the `C` locale are advised to switch to a UTF-aware locale to ensure proper functionality with Salt with Python 3.
Remember to update the Salt Master first
========================================
Salt's policy has always been that when upgrading, the minion should never be
on a newer version than the master. Specifically with this update, because of
changes in the fileclient, the 2017.7 minion requires a 2017.7 master.
Backwards compatiblity is still maintained, so older minions can still be used.
More information can be found in the :ref:`Salt FAQ<which-version>`
States Added for Management of systemd Unit Masking
===================================================
@ -573,6 +582,38 @@ Using the new ``roster_order`` configuration syntax it's now possible to compose
of grains, pillar and mine data and even Salt SDB URLs.
The new release is also fully IPv4 and IPv6 enabled and even has support for CIDR ranges.
Salt-SSH Default Options
========================
Defaults for rosters can now be set, so that they don't have to be set on every
entry in a roster or specified from the commandline.
The new option is :ref:`roster_defaults<roster-defaults>` and is specified in
the master config file.
.. code-block:: yaml
roster_defaults:
user: daniel
sudo: True
priv: /root/.ssh/id_rsa
tty: True
Blacklist or Whitelist Extmod Sync
==================================
The modules that are synced to minions can now be limited.
The following configuration options have been added for the master:
- :conf_master:`extmod_whitelist`
- :conf_master:`extmod_blacklist`
and for the minion:
- :conf_minion:`extmod_whitelist`
- :conf_minion:`extmod_blacklist`
Additional Features
===================
@ -902,3 +943,13 @@ The ``glusterfs`` state had the following function removed:
The ``openvswitch_port`` state had the following change:
- The ``type`` option was removed from the ``present`` function. Please use ``tunnel_type`` instead.
Build Notes
===========
Windows Installer Packages
--------------------------
Windows Installer packages have been patched with the following PR: 42347_
.. _42347: https://github.com/saltstack/salt/pull/42347

183
doc/topics/releases/2017.7.1.rst Normal file
View File

@ -0,0 +1,183 @@
============================
Salt 2017.7.1 Release Notes
============================
Version 2017.7.1 is a bugfix release for :ref:`2017.7.0 <release-2017-7-0>`.
Changes for v2017.7.0..v2017.7.1
--------------------------------
Extended changelog courtesy of Todd Stansell (https://github.com/tjstansell/salt-changelogs):
*Generated at: 2017-07-26T01:09:40Z*
Statistics:
- Total Merges: **11**
- Total Issue references: **9**
- Total PR references: **22**
Changes:
- **PR** `#42548`_: (*gtmanfred*) pass in empty kwarg for reactor
@ *2017-07-26T00:41:20Z*
- **ISSUE** `#460`_: (*whiteinge*) Add a topic and a ref for modules/states/returners/renderers/runners
| refs: `#42548`_
* 711b742c54 Merge pull request `#42548`_ from gtmanfred/2017.7.1
* 0257c1dc32 pass in empty kwarg for reactor
* b948e980d2 update chunk, not kwarg in chunk
- **PR** `#42522`_: (*gtmanfred*) pacman wildcard is only for repository installs
@ *2017-07-24T20:51:05Z*
- **ISSUE** `#42519`_: (*xuhcc*) Error when installing package from file under Arch Linux
| refs: `#42522`_
* 50c1635dcc Merge pull request `#42522`_ from gtmanfred/2017.7.1
* 7787fb9e1b pacman wildcard is only for repository installs
- **PR** `#42508`_: (*rallytime*) Back-port `#42474`_ to 2017.7.1
@ *2017-07-24T20:49:51Z*
- **PR** `#42474`_: (*whiteinge*) Cmd arg kwarg parsing test
| refs: `#42508`_
- **PR** `#39646`_: (*terminalmage*) Handle deprecation of passing string args to load_args_and_kwargs
| refs: `#42474`_
* 05c07ac049 Merge pull request `#42508`_ from rallytime/`bp-42474`_
* 76fb074433 Add a test.arg variant that cleans the pub kwargs by default
* 624f63648e Lint fixes
* d246a5fc61 Add back support for string kwargs
* 854e098aa0 Add LocalClient.cmd test for arg/kwarg parsing
- **PR** `#42472`_: (*rallytime*) Back-port `#42435`_ to 2017.7.1
@ *2017-07-24T15:11:13Z*
- **ISSUE** `#42427`_: (*grichmond-salt*) Issue Passing Variables created from load_json as Inline Pillar Between States
| refs: `#42435`_
- **PR** `#42435`_: (*terminalmage*) Modify our custom YAML loader to treat unicode literals as unicode strings
| refs: `#42472`_
* 95fe2558e4 Merge pull request `#42472`_ from rallytime/`bp-42435`_
* 5c47af5b98 Modify our custom YAML loader to treat unicode literals as unicode strings
- **PR** `#42473`_: (*rallytime*) Back-port `#42436`_ to 2017.7.1
@ *2017-07-24T15:10:29Z*
- **ISSUE** `#42374`_: (*tyhunt99*) [2017.7.0] salt-run mange.versions throws exception if minion is offline or unresponsive
| refs: `#42436`_
- **PR** `#42436`_: (*garethgreenaway*) Fixes to versions function in manage runner
| refs: `#42473`_
* 5b99d45f54 Merge pull request `#42473`_ from rallytime/`bp-42436`_
* 82ed919803 Updating the versions function inside the manage runner to account for when a minion is offline and we are unable to determine it's version.
- **PR** `#42471`_: (*rallytime*) Back-port `#42399`_ to 2017.7.1
@ *2017-07-24T15:09:50Z*
- **ISSUE** `#42381`_: (*zebooka*) Git.detached broken in 2017.7.0
| refs: `#42399`_
- **ISSUE** `#38878`_: (*tomlaredo*) [Naming consistency] git.latest "rev" option VS git.detached "ref" option
| refs: `#38898`_
- **PR** `#42399`_: (*rallytime*) Update old "ref" references to "rev" in git.detached state
| refs: `#42471`_
- **PR** `#38898`_: (*terminalmage*) git.detached: rename ref to rev for consistency
| refs: `#42399`_
* 3d1a2d3f9f Merge pull request `#42471`_ from rallytime/`bp-42399`_
* b9a4669e5a Update old "ref" references to "rev" in git.detached state
- **PR** `#42470`_: (*rallytime*) Back-port `#42031`_ to 2017.7.1
@ *2017-07-24T15:09:30Z*
- **ISSUE** `#42400`_: (*Enquier*) Conflict in execution of passing pillar data to orch/reactor event executions 2017.7.0
| refs: `#42031`_
- **PR** `#42031`_: (*skizunov*) Fix: Reactor emits critical error
| refs: `#42470`_
* 09766bccbc Merge pull request `#42470`_ from rallytime/`bp-42031`_
* 0a0c6287a4 Fix: Reactor emits critical error
- **PR** `#42469`_: (*rallytime*) Back-port `#42027`_ to 2017.7.1
@ *2017-07-21T22:41:02Z*
- **ISSUE** `#41949`_: (*jrporcaro*) Event returner doesn't work with Windows Master
| refs: `#42027`_
- **PR** `#42027`_: (*gtmanfred*) import salt.minion for EventReturn for Windows
| refs: `#42469`_
* d7b172a15b Merge pull request `#42469`_ from rallytime/`bp-42027`_
* ed612b4ee7 import salt.minion for EventReturn for Windows
- **PR** `#42466`_: (*rallytime*) Back-port `#42452`_ to 2017.7.1
@ *2017-07-21T19:41:24Z*
- **PR** `#42452`_: (*Ch3LL*) update windows urls to new py2/py3 naming scheme
| refs: `#42466`_
* 8777b1a825 Merge pull request `#42466`_ from rallytime/`bp-42452`_
* c10196f68c update windows urls to new py2/py3 naming scheme
- **PR** `#42439`_: (*rallytime*) Back-port `#42409`_ to 2017.7.1
@ *2017-07-21T17:38:10Z*
- **PR** `#42409`_: (*twangboy*) Add Scripts to build Py3 on Mac
| refs: `#42439`_
* fceaaf41d0 Merge pull request `#42439`_ from rallytime/`bp-42409`_
* 8176964b41 Remove build and dist, sign pkgs
* 2c14d92a07 Fix hard coded pip path
* 82fdd7c2e1 Add support for Py3
* 2478447246 Update Python and other reqs
- **PR** `#42441`_: (*rallytime*) Back-port `#42433`_ to 2017.7.1
@ *2017-07-21T17:37:01Z*
- **ISSUE** `#42403`_: (*astronouth7303*) [2017.7] Pillar empty when state is applied from orchestrate
| refs: `#42433`_
- **PR** `#42433`_: (*terminalmage*) Only force saltenv/pillarenv to be a string when not None
| refs: `#42441`_
* 660400560b Merge pull request `#42441`_ from rallytime/`bp-42433`_
* 17f347123a Only force saltenv/pillarenv to be a string when not None
.. _`#38878`: https://github.com/saltstack/salt/issues/38878
.. _`#38898`: https://github.com/saltstack/salt/pull/38898
.. _`#39646`: https://github.com/saltstack/salt/pull/39646
.. _`#41949`: https://github.com/saltstack/salt/issues/41949
.. _`#42027`: https://github.com/saltstack/salt/pull/42027
.. _`#42031`: https://github.com/saltstack/salt/pull/42031
.. _`#42374`: https://github.com/saltstack/salt/issues/42374
.. _`#42381`: https://github.com/saltstack/salt/issues/42381
.. _`#42399`: https://github.com/saltstack/salt/pull/42399
.. _`#42400`: https://github.com/saltstack/salt/issues/42400
.. _`#42403`: https://github.com/saltstack/salt/issues/42403
.. _`#42409`: https://github.com/saltstack/salt/pull/42409
.. _`#42427`: https://github.com/saltstack/salt/issues/42427
.. _`#42433`: https://github.com/saltstack/salt/pull/42433
.. _`#42435`: https://github.com/saltstack/salt/pull/42435
.. _`#42436`: https://github.com/saltstack/salt/pull/42436
.. _`#42439`: https://github.com/saltstack/salt/pull/42439
.. _`#42441`: https://github.com/saltstack/salt/pull/42441
.. _`#42452`: https://github.com/saltstack/salt/pull/42452
.. _`#42466`: https://github.com/saltstack/salt/pull/42466
.. _`#42469`: https://github.com/saltstack/salt/pull/42469
.. _`#42470`: https://github.com/saltstack/salt/pull/42470
.. _`#42471`: https://github.com/saltstack/salt/pull/42471
.. _`#42472`: https://github.com/saltstack/salt/pull/42472
.. _`#42473`: https://github.com/saltstack/salt/pull/42473
.. _`#42474`: https://github.com/saltstack/salt/pull/42474
.. _`#42508`: https://github.com/saltstack/salt/pull/42508
.. _`#42519`: https://github.com/saltstack/salt/issues/42519
.. _`#42522`: https://github.com/saltstack/salt/pull/42522
.. _`#42548`: https://github.com/saltstack/salt/pull/42548
.. _`#460`: https://github.com/saltstack/salt/issues/460
.. _`bp-42027`: https://github.com/saltstack/salt/pull/42027
.. _`bp-42031`: https://github.com/saltstack/salt/pull/42031
.. _`bp-42399`: https://github.com/saltstack/salt/pull/42399
.. _`bp-42409`: https://github.com/saltstack/salt/pull/42409
.. _`bp-42433`: https://github.com/saltstack/salt/pull/42433
.. _`bp-42435`: https://github.com/saltstack/salt/pull/42435
.. _`bp-42436`: https://github.com/saltstack/salt/pull/42436
.. _`bp-42452`: https://github.com/saltstack/salt/pull/42452
.. _`bp-42474`: https://github.com/saltstack/salt/pull/42474

53
doc/topics/releases/oxygen.rst
View File

@ -49,18 +49,48 @@ environments (i.e. ``saltenvs``) have been added:
ignore all tags and use branches only, and also to keep SHAs from being made
available as saltenvs.
Salt Cloud and Newer PyWinRM Versions
-------------------------------------
Versions of ``pywinrm>=0.2.1`` are finally able to disable validation of self
signed certificates. :ref:`Here<new-pywinrm>` for more information.
Solaris Logical Domains In Virtual Grain
----------------------------------------
Support has been added to the ``virtual`` grain for detecting Solaris LDOMs
running on T-Series SPARC hardware. The ``virtual_subtype`` grain is
populated as a list of domain roles.
Deprecations
============
Configuration Option Deprecations
---------------------------------
- The ``requests_lib`` configuration option has been removed. Please use
``backend`` instead.
Profitbricks Cloud Updated Dependency
-------------------------------------
The minimum version of the `profitbrick` python package for the `profitbricks`
cloud driver has changed from 3.0.0 to 3.1.0.
Module Deprecations
-------------------
The ``blockdev`` execution module has been removed. Its functions were merged
with the ``disk`` module. Please use the ``disk`` execution module instead.
The ``lxc`` execution module had the following changes:
- The ``dnsservers`` option to the ``cloud_init_interface`` function no longer
defaults to ``4.4.4.4`` and ``8.8.8.8``.
- The ``dns_via_dhcp`` option to the ``cloud_init_interface`` function defaults
to ``True`` now instead of ``False``.
The ``win_psget`` module had the following changes:
- The ``psversion`` function was removed. Please use ``cmd.shell_info`` instead.
@ -88,6 +118,14 @@ The ``win_service`` module had the following changes:
- The ``type`` option was removed from the ``create`` function. Please use
``service_type`` instead.
Runner Deprecations
-------------------
The ``manage`` runner had the following changes:
- The ``root_user`` kwarg was removed from the ``bootstrap`` function. Please
use ``salt-ssh`` roster entries for the host instead.
State Deprecations
------------------
@ -118,3 +156,18 @@ For ``smartos`` some grains have been deprecated. These grains will be removed i
- The ``hypervisor_uuid`` has been replaced with ``mdata:sdc:server_uuid`` grain.
- The ``datacenter`` has been replaced with ``mdata:sdc:datacenter_name`` grain.
Utils Deprecations
------------------
The ``salt.utils.cloud.py`` file had the following change:
- The ``fire_event`` function now requires a ``sock_dir`` argument. It was previously
optional.
Other Miscellaneous Deprecations
--------------------------------
The ``version.py`` file had the following changes:
- The ``rc_info`` function was removed. Please use ``pre_info`` instead.

36
doc/topics/releases/releasecandidate.rst
View File

@ -8,7 +8,7 @@ Installing/Testing a Salt Release Candidate
It's time for a new feature release of Salt! Follow the instructions below to
install the latest release candidate of Salt, and try :ref:`all the shiny new
features <release-2016-11-0>`! Be sure to report any bugs you find on `Github
features <release-2017-7-0>`! Be sure to report any bugs you find on `Github
<https://github.com/saltstack/salt/issues/new/>`_.
Installing Using Packages
@ -32,32 +32,12 @@ Builds for a few platforms are available as part of the RC at https://repo.salts
Available builds:
- Amazon Linux
- Debian 8
- macOS
- RHEL 7
- SmartOS (see below)
- Ubuntu 16.04
- Ubuntu16
- Redhat7
- Windows
.. FreeBSD
SmartOS
-------
Release candidate builds for SmartOS are available at http://pkg.blackdot.be/extras/salt-2016.11rc/.
On a base64 2015Q4-x86_64 based native zone the package can be installed by the following:
.. code-block:: bash
pfexec pkg_add -U https://pkg.blackdot.be/extras/salt-2016.11rc/salt-2016.11.0rc2_2015Q4_x86_64.tgz
When using the 2016Q2-tools release on the global zone by the following:
.. code-block:: bash
pfexec pkg_add -U https://pkg.blackdot.be/extras/salt-2016.11rc/salt-2016.11.0rc2_2016Q2_TOOLS.tgz
Installing Using Bootstrap
==========================
@ -67,14 +47,14 @@ You can install a release candidate of Salt using `Salt Bootstrap
.. code-block:: bash
curl -o install_salt.sh -L https://bootstrap.saltstack.com
sudo sh install_salt.sh -P git v2016.11.0rc2
sudo sh install_salt.sh -P git v2017.7.0rc1
If you want to also install a master using Salt Bootstrap, use the ``-M`` flag:
.. code-block:: bash
curl -o install_salt.sh -L https://bootstrap.saltstack.com
sudo sh install_salt.sh -P -M git v2016.11.0rc2
sudo sh install_salt.sh -P -M git v2017.7.0rc1
If you want to install only a master and not a minion using Salt Bootstrap, use
the ``-M`` and ``-N`` flags:
@ -82,13 +62,13 @@ the ``-M`` and ``-N`` flags:
.. code-block:: bash
curl -o install_salt.sh -L https://bootstrap.saltstack.com
sudo sh install_salt.sh -P -M -N git v2016.11.0rc2
sudo sh install_salt.sh -P -M -N git v2017.7.0rc1
Installing Using PyPI
=====================
Installing from the `source archive
<https://pypi.python.org/packages/7a/87/3b29ac215208bed9559d6c4df24175ddd1d52e62c5c00ae3afb3b7d9144d/salt-2016.11.0rc2.tar.gz>`_ on
<https://pypi.python.org/packages/5c/cf/13c14f8bcd7b5076b9a8c3580f9582c1c4ea8b0458793ac6744ea66c0baf/salt-2017.7.0rc1.tar.gz>`_ on
`PyPI <https://pypi.python.org/pypi>`_ is fairly straightforward.
.. note::
@ -126,4 +106,4 @@ Then install salt using the following command:
.. code-block:: bash
sudo pip install salt==2016.11.0rc2
sudo pip install salt==2017.7.0rc1

2
doc/topics/spm/dev.rst
View File

@ -256,7 +256,7 @@ This function will not generally be more complex than:
.. code-block:: python
def hash_file(path, hashobj, conn=None):
with salt.utils.fopen(path, 'r') as f:
with salt.utils.files.fopen(path, 'r') as f:
hashobj.update(f.read())
return hashobj.hexdigest()

3
doc/topics/ssh/index.rst
View File

@ -64,7 +64,8 @@ Deploy ssh key for salt-ssh
===========================
By default, salt-ssh will generate key pairs for ssh, the default path will be
/etc/salt/pki/master/ssh/salt-ssh.rsa
``/etc/salt/pki/master/ssh/salt-ssh.rsa``. The key generation happens when you run
``salt-ssh`` for the first time.
You can use ssh-copy-id, (the OpenSSH key deployment tool) to deploy keys to your servers.

10
doc/topics/ssh/roster.rst
View File

@ -61,6 +61,8 @@ The information which can be stored in a roster ``target`` is the following:
cmd_umask: # umask to enforce for the salt-call command. Should be in
# octal (so for 0o077 in YAML you would do 0077, or 63)
.. _roster_defaults:
Target Defaults
---------------
@ -71,10 +73,10 @@ not need to be passed with commandline arguments.
.. code-block:: yaml
roster_defaults:
user: daniel
sudo: True
priv: /root/.ssh/id_rsa
tty: True
user: daniel
sudo: True
priv: /root/.ssh/id_rsa
tty: True
thin_dir
--------

27
doc/topics/troubleshooting/yaml_idiosyncrasies.rst
View File

@ -28,6 +28,7 @@ hit `Enter`. Also, you can convert tabs to 2 spaces by these commands in Vim:
Indentation
===========
The suggested syntax for YAML files is to use 2 spaces for indentation,
but YAML will follow whatever indentation system that the individual file
uses. Indentation of two spaces works very well for SLS files given the
@ -112,8 +113,24 @@ PyYAML will load these values as boolean ``True`` or ``False``. Un-capitalized
versions will also be loaded as booleans (``true``, ``false``, ``yes``, ``no``,
``on``, and ``off``). This can be especially problematic when constructing
Pillar data. Make sure that your Pillars which need to use the string versions
of these values are enclosed in quotes. Pillars will be parsed twice by salt,
so you'll need to wrap your values in multiple quotes, for example '"false"'.
of these values are enclosed in quotes. Pillars will be parsed twice by salt,
so you'll need to wrap your values in multiple quotes, including double quotation
marks (``" "``) and single quotation marks (``' '``). Note that spaces are included
in the quotation type examples for clarity.
Multiple quoting examples looks like this:
.. code-block:: yaml
- '"false"'
- "'True'"
- "'YES'"
- '"No"'
.. note::
When using multiple quotes in this manner, they must be different. Using ``"" ""``
or ``'' ''`` won't work in this case (spaces are included in examples for clarity).
The '%' Sign
============
@ -248,8 +265,10 @@ Alternatively, they can be defined the "old way", or with multiple
- require:
- user: fred
YAML support only plain ASCII
=============================
.. _yaml_plain_ascii:
YAML supports only plain ASCII
==============================
According to YAML specification, only ASCII characters can be used.

51
doc/topics/utils/index.rst
View File

@ -54,7 +54,7 @@ types like so:
salt '*' mymodule.observe_the_awesomeness
'''
print __utils__['foo.bar']()
return __utils__['foo.bar']()
Utility modules, like any other kind of Salt extension, support using a
:ref:`__virtual__ function <modules-virtual-name>` to conditionally load them,
@ -81,11 +81,56 @@ the ``foo`` utility module with a ``__virtual__`` function.
def bar():
return 'baz'
Also you could even write your utility modules in object oriented fashion:
.. code-block:: python
# -*- coding: utf-8 -*-
'''
My utils module
---------------
This module contains common functions for use in my other custom types.
'''
class Foo(object):
def __init__(self):
pass
def bar(self):
return 'baz'
And import them into other custom modules:
.. code-block:: python
# -*- coding: utf-8 -*-
'''
My awesome execution module
---------------------------
'''
import mymodule
def observe_the_awesomeness():
'''
Prints information from my utility module
CLI Example:
.. code-block:: bash
salt '*' mymodule.observe_the_awesomeness
'''
foo = mymodule.Foo()
return foo.bar()
These are, of course, contrived examples, but they should serve to show some of
the possibilities opened up by writing utility modules. Keep in mind though
that States still have access to all of the execution modules, so it is not
that states still have access to all of the execution modules, so it is not
necessary to write a utility module to make a function available to both a
state and an execution module. One good use case for utililty modules is one
state and an execution module. One good use case for utility modules is one
where it is necessary to invoke the same function from a custom :ref:`outputter
<all-salt.output>`/returner, as well as an execution module.

2
doc/topics/windows/windows-package-manager.rst
View File

@ -141,7 +141,7 @@ packages:
- 2015.8.0 and later minions: https://github.com/saltstack/salt-winrepo-ng
- Earlier releases: https://github.com/saltstack/salt-winrepo
By default, these repositories are mirrored to ``/srv/salt/win/repo_ng``
By default, these repositories are mirrored to ``/srv/salt/win/repo-ng``
and ``/srv/salt/win/repo``.
This location can be changed in the master config file by setting the

37
pkg/osx/build.sh
View File

@ -19,14 +19,16 @@
# $1 : <version> : the version of salt to build
# (a git tag, not a branch)
# (defaults to git-repo state)
# $2 : <package dir> : the staging area for the package
# $2 : <pythin ver> : The version of Python to use in the
# build. Default is 2
# $3 : <package dir> : the staging area for the package
# defaults to /tmp/salt_pkg
#
# Example:
# The following will build Salt v2015.8.3 and stage all files
# in /tmp/custom_pkg:
# The following will build Salt v2015.8.3 with Python 2 and
# stage all files in /tmp/custom_pkg:
#
# ./build.sh v2015.8.3 /tmp/custom_pkg
# ./build.sh v2015.8.3 2 /tmp/custom_pkg
#
############################################################################
echo -n -e "\033]0;Build: Variables\007"
@ -41,9 +43,15 @@ else
fi
if [ "$2" == "" ]; then
PYVER=2
else
PYVER=$2
fi
if [ "$3" == "" ]; then
PKGDIR=/tmp/salt_pkg
else
PKGDIR=$2
PKGDIR=$3
fi
############################################################################
@ -51,6 +59,12 @@ fi
############################################################################
SRCDIR=`git rev-parse --show-toplevel`
PKGRESOURCES=$SRCDIR/pkg/osx
if [ "$PYVER" == "2" ]; then
PYTHON=/opt/salt/bin/python
else
PYTHON=/opt/salt/bin/python3
fi
CPUARCH=`uname -m`
############################################################################
# Make sure this is the Salt Repository
@ -66,16 +80,23 @@ fi
# Create the Build Environment
############################################################################
echo -n -e "\033]0;Build: Build Environment\007"
sudo $PKGRESOURCES/build_env.sh
sudo $PKGRESOURCES/build_env.sh $PYVER
############################################################################
# Install Salt
############################################################################
echo -n -e "\033]0;Build: Install Salt\007"
sudo /opt/salt/bin/python $SRCDIR/setup.py install
sudo rm -rm $SRCDIR/build
sudo rm -rm $SRCDIR/dist
sudo $PYTHON $SRCDIR/setup.py install
############################################################################
# Build Package
############################################################################
echo -n -e "\033]0;Build: Package Salt\007"
sudo $PKGRESOURCES/build_pkg.sh $VERSION $PKGDIR
sudo $PKGRESOURCES/build_pkg.sh $VERSION $PYVER $PKGDIR
############################################################################
# Sign Package
############################################################################
sudo $PKGRESOURCES/build_sig.sh salt-$VERSION-py$PYVER-$CPUARCH.pkg salt-$VERSION-py$PYVER-$CPUARCH-signed.pkg

78
pkg/osx/build_env.sh
View File

@ -6,18 +6,21 @@
# Authors: CR Oldham, Shane Lee
# Date: December 2015
#
# Description: This script sets up a build environment for salt on macOS.
# Description: This script sets up a build environment for Salt on macOS.
#
# Requirements:
# - XCode Command Line Tools (xcode-select --install)
#
# Usage:
# This script is not passed any parameters
# This script can be passed 1 parameter
# $1 : <python version> : the version of Python to use for the
# build environment. Default is 2
#
# Example:
# The following will set up a build environment for salt on macOS
# The following will set up a Python 3 build environment for Salt
# on macOS
#
# ./dev_env.sh
# ./dev_env.sh 3
#
############################################################################
@ -31,6 +34,15 @@ quit_on_error() {
exit -1
}
############################################################################
# Check passed parameters, set defaults
############################################################################
if [ "$1" == "" ]; then
PYVER=2
else
PYVER=$1
fi
############################################################################
# Parameters Required for the script to function properly
############################################################################
@ -45,6 +57,15 @@ SHADIR=$SCRIPTDIR/shasums
PKG_CONFIG_PATH=/opt/salt/lib/pkgconfig
CFLAGS="-I/opt/salt/include"
LDFLAGS="-L/opt/salt/lib"
if [ "$PYVER" == "2" ]; then
PYDIR=/opt/salt/lib/python2.7
PYTHON=/opt/salt/bin/python
PIP=/opt/salt/bin/pip
else
PYDIR=/opt/salt/lib/python3.5
PYTHON=/opt/salt/bin/python3
PIP=/opt/salt/bin/pip3
fi
############################################################################
# Determine Which XCode is being used (XCode or XCode Command Line Tools)
@ -121,8 +142,8 @@ BUILDDIR=$SCRIPTDIR/build
############################################################################
echo -n -e "\033]0;Build_Env: pkg-config\007"
PKGURL="http://pkgconfig.freedesktop.org/releases/pkg-config-0.29.tar.gz"
PKGDIR="pkg-config-0.29"
PKGURL="http://pkgconfig.freedesktop.org/releases/pkg-config-0.29.2.tar.gz"
PKGDIR="pkg-config-0.29.2"
download $PKGURL
@ -140,8 +161,8 @@ sudo -H $MAKE install
############################################################################
echo -n -e "\033]0;Build_Env: libsodium\007"
PKGURL="https://download.libsodium.org/libsodium/releases/libsodium-1.0.12.tar.gz"
PKGDIR="libsodium-1.0.12"
PKGURL="https://download.libsodium.org/libsodium/releases/libsodium-1.0.13.tar.gz"
PKGDIR="libsodium-1.0.13"
download $PKGURL
@ -159,8 +180,8 @@ sudo -H $MAKE install
############################################################################
echo -n -e "\033]0;Build_Env: zeromq\007"
PKGURL="http://download.zeromq.org/zeromq-4.1.3.tar.gz"
PKGDIR="zeromq-4.1.3"
PKGURL="http://download.zeromq.org/zeromq-4.1.4.tar.gz"
PKGDIR="zeromq-4.1.4"
download $PKGURL
@ -178,13 +199,13 @@ sudo -H $MAKE install
############################################################################
echo -n -e "\033]0;Build_Env: OpenSSL\007"
PKGURL="http://openssl.org/source/openssl-1.0.2f.tar.gz"
PKGDIR="openssl-1.0.2f"
PKGURL="http://openssl.org/source/openssl-1.0.2l.tar.gz"
PKGDIR="openssl-1.0.2l"
download $PKGURL
echo "################################################################################"
echo "Building OpenSSL 1.0.2f"
echo "Building OpenSSL"
echo "################################################################################"
cd $PKGDIR
./Configure darwin64-x86_64-cc --prefix=/opt/salt --openssldir=/opt/salt/openssl
@ -197,13 +218,18 @@ sudo -H $MAKE install
############################################################################
echo -n -e "\033]0;Build_Env: Python\007"
PKGURL="https://www.python.org/ftp/python/2.7.12/Python-2.7.12.tar.xz"
PKGDIR="Python-2.7.12"
if [ "$PYVER" == "2" ]; then
PKGURL="https://www.python.org/ftp/python/2.7.13/Python-2.7.13.tar.xz"
PKGDIR="Python-2.7.13"
else
PKGURL="https://www.python.org/ftp/python/3.5.3/Python-3.5.3.tar.xz"
PKGDIR="Python-3.5.3"
fi
download $PKGURL
echo "################################################################################"
echo "Building Python 2.7.12"
echo "Building Python"
echo "################################################################################"
echo "Note there are some test failures"
cd $PKGDIR
@ -215,7 +241,7 @@ sudo -H $MAKE install
############################################################################
# upgrade pip
############################################################################
sudo -H /opt/salt/bin/pip install --upgrade pip
sudo -H $PIP install --upgrade pip
############################################################################
# Download and install salt python dependencies
@ -227,23 +253,23 @@ cd $BUILDDIR
echo "################################################################################"
echo "Installing Salt Dependencies with pip (normal)"
echo "################################################################################"
sudo -H /opt/salt/bin/pip install \
-r $SRCDIR/pkg/osx/req.txt \
--no-cache-dir
sudo -H $PIP install \
-r $SRCDIR/pkg/osx/req.txt \
--no-cache-dir
echo "################################################################################"
echo "Installing Salt Dependencies with pip (build_ext)"
echo "################################################################################"
sudo -H /opt/salt/bin/pip install \
-r $SRCDIR/pkg/osx/req_ext.txt \
--global-option=build_ext \
--global-option="-I/opt/salt/include" \
--no-cache-dir
sudo -H $PIP install \
-r $SRCDIR/pkg/osx/req_ext.txt \
--global-option=build_ext \
--global-option="-I/opt/salt/include" \
--no-cache-dir
echo "--------------------------------------------------------------------------------"
echo "Create Symlink to certifi for openssl"
echo "--------------------------------------------------------------------------------"
sudo ln -s /opt/salt/lib/python2.7/site-packages/certifi/cacert.pem /opt/salt/openssl/cert.pem
sudo ln -s $PYDIR/site-packages/certifi/cacert.pem /opt/salt/openssl/cert.pem
echo -n -e "\033]0;Build_Env: Finished\007"

59
pkg/osx/build_pkg.sh
View File

@ -15,13 +15,16 @@
# This script can be passed 2 parameters
# $1 : <version> : the version name to give the package (overrides
# version of the git repo) (Defaults to the git repo version)
# $2 : <package dir> : the staging area for the package defaults to
# $2 : <python ver> : the version of python that was built (defaults
# to 2)
# $3 : <package dir> : the staging area for the package defaults to
# /tmp/salt_pkg
#
# Example:
# The following will build Salt and stage all files in /tmp/salt_pkg:
# The following will build Salt version 2017.7.0 with Python 3 and
# stage all files in /tmp/salt_pkg:
#
# ./build.sh
# ./build.sh 2017.7.0 3
#
############################################################################
@ -45,11 +48,18 @@ else
VERSION=$1
fi
# Get/Set temp directory
# Get/Set Python Version
if [ "$2" == "" ]; then
PYVER=2
else
PYVER=$2
fi
# Get/Set temp directory
if [ "$3" == "" ]; then
PKGDIR=/tmp/salt_pkg
else
PKGDIR=$2
PKGDIR=$3
fi
CPUARCH=`uname -m`
@ -114,7 +124,11 @@ sudo rm -rdf $PKGDIR/opt/salt/lib/engines
sudo rm -rdf $PKGDIR/opt/salt/share/aclocal
sudo rm -rdf $PKGDIR/opt/salt/share/doc
sudo rm -rdf $PKGDIR/opt/salt/share/man/man1/pkg-config.1
sudo rm -rdf $PKGDIR/opt/salt/lib/python2.7/test
if [ "$PYVER" == "2" ]; then
sudo rm -rdf $PKGDIR/opt/salt/lib/python2.7/test
else
sudo rm -rdf $PKGDIR/opt/salt/lib/python3.5/test
fi
echo -n -e "\033]0;Build_Pkg: Remove compiled python files\007"
sudo find $PKGDIR/opt/salt -name '*.pyc' -type f -delete
@ -133,15 +147,30 @@ cp $SRCDIR/conf/master $PKGDIR/etc/salt/master.dist
############################################################################
echo -n -e "\033]0;Build_Pkg: Add Version to .xml\007"
if [ "$PYVER" == "2" ]; then
TITLE="Salt $VERSION"
DESC="Salt $VERSION with Python 2"
else
TITLE="Salt $VERSION (Python 3)"
DESC="Salt $VERSION with Python 3"
fi
cd $PKGRESOURCES
cp distribution.xml.dist distribution.xml
SEDSTR="s/@VERSION@/$VERSION/"
echo $SEDSTR
sed -i '' $SEDSTR distribution.xml
SEDSTR="s/@TITLE@/$TITLE/g"
sed -E -i '' "$SEDSTR" distribution.xml
SEDSTR="s/@CPUARCH@/$CPUARCH/"
echo $SEDSTR
sed -i '' $SEDSTR distribution.xml
SEDSTR="s/@DESC@/$DESC/g"
sed -E -i '' "$SEDSTR" distribution.xml
SEDSTR="s/@VERSION@/$VERSION/g"
sed -E -i '' "$SEDSTR" distribution.xml
SEDSTR="s/@PYVER@/$PYVER/g"
sed -E -i '' "$SEDSTR" distribution.xml
SEDSTR="s/@CPUARCH@/$CPUARCH/g"
sed -i '' "$SEDSTR" distribution.xml
############################################################################
# Build the Package
@ -152,10 +181,10 @@ pkgbuild --root=$PKGDIR \
--scripts=pkg-scripts \
--identifier=com.saltstack.salt \
--version=$VERSION \
--ownership=recommended salt-src-$VERSION-$CPUARCH.pkg
--ownership=recommended salt-src-$VERSION-py$PYVER-$CPUARCH.pkg
productbuild --resources=pkg-resources \
--distribution=distribution.xml \
--package-path=salt-src-$VERSION-$CPUARCH.pkg \
--version=$VERSION salt-$VERSION-$CPUARCH.pkg
--package-path=salt-src-$VERSION-py$PYVER-$CPUARCH.pkg \
--version=$VERSION salt-$VERSION-py$PYVER-$CPUARCH.pkg

8
pkg/osx/distribution.xml.dist
View File

@ -1,6 +1,6 @@
<?xml version="1.0" encoding="utf-8" standalone="no"?>
<installer-gui-script minSpecVersion="2">
<title>Salt @VERSION@</title>
<title>@TITLE@</title>
<organization>com.saltstack.salt</organization>
<!-- Define minimum system requirements -->
<volume-check>
@ -25,7 +25,7 @@
<!-- List all component packages -->
<pkg-ref id="com.saltstack.salt"
version="@VERSION@"
auth="root">salt-src-@VERSION@-@CPUARCH@.pkg</pkg-ref>
auth="root">salt-src-@VERSION@-py@PYVER@-@CPUARCH@.pkg</pkg-ref>
<!-- List them again here. They can now be organized
as a hierarchy if you want. -->
<choices-outline>
@ -34,8 +34,8 @@
<!-- Define each choice above -->
<choice id="com.saltstack.salt"
visible="false"
title="Salt @VERSION@"
description="Salt @VERSION@"
title="@TITLE@"
description="@DESC@"
start_selected="true">
<pkg-ref id="com.saltstack.salt" />
</choice>

47
pkg/osx/req.txt
View File

@ -1,34 +1,31 @@
apache-libcloud==0.20.1
apache-libcloud==2.1.0
backports.ssl_match_hostname==3.5.0.1
backports_abc==0.4
backports_abc==0.5
certifi
cffi==1.5.0
CherryPy==4.0.0
click==6.2
enum34==1.1.2
cffi==1.10.0
CherryPy==11.0.0
click==6.7
enum34==1.1.6
gitdb==0.6.4
GitPython==1.0.1
idna==2.0
ioflo==1.5.0
ipaddress==1.0.16
Jinja2==2.9.4
libnacl==1.4.4
GitPython==2.1.5
idna==2.5
ipaddress==1.0.18
Jinja2==2.9.6
linode-python==1.1.1
Mako==1.0.3
MarkupSafe==0.23
msgpack-python==0.4.7
pyasn1==0.1.9
pycparser==2.14
Mako==1.0.7
MarkupSafe==1.0
msgpack-python==0.4.8
pyasn1==0.2.3
pycparser==2.18
pycrypto==2.6.1
python-dateutil==2.4.2
python-gnupg==0.3.8
PyYAML==3.11
pyzmq==15.2.0
raet==0.6.5
requests==2.9.1
python-dateutil==2.6.1
python-gnupg==0.4.1
PyYAML==3.12
pyzmq==16.0.2
requests==2.18.1
singledispatch==3.4.0.3
six==1.10.0
smmap==0.9.0
timelib==0.2.4
tornado==4.3
vultr==0.1.2
tornado==4.5.1
vultr==1.0rc1

4
pkg/osx/req_ext.txt
View File

@ -1,2 +1,2 @@
cryptography==1.2.2
pyOpenSSL==0.15.1
cryptography==2.0
pyOpenSSL==17.1.0

1
pkg/osx/shasums/Python-2.7.12.tar.xz.sha512
View File

@ -1 +0,0 @@
6ddbbce47cc49597433d98ca05c2f62f07ed1070807b645602a8e9e9b996adc6fa66fa20a33cd7d23d4e7e925e25071d7301d288149fbe4e8c5f06d5438dda1f ./Python-2.7.12.tar.xz

1
pkg/osx/shasums/Python-2.7.13.tar.xz.sha512 Normal file
View File

@ -0,0 +1 @@
f37c9a28ce129d01e63c84d7db627a06402854578f62d17927334ea21ede318e04bbf66e890e3f47c85333e6b19f6e5581fb3f3e27efd24be27017d1b6529c4b ./Python-2.7.13.tar.xz

1
pkg/osx/shasums/Python-3.5.3.tar.xz.sha512 Normal file
View File

@ -0,0 +1 @@
bbcc20e315c63dbc8901d7e7bfa29d4dbdad9335720757d8d679730319fd1d9fcfdb55cf62d620c9b052134170f162c28d653a8af60923185b8932524d827864 ./Python-3.5.3.tar.xz

1
pkg/osx/shasums/libsodium-1.0.12.tar.gz.sha512
View File

@ -1 +0,0 @@
1e63960da42bcc90945463ae1f5b1355849881dce5bba6d293391f8d6f0932063a5bfd433a071cb184af90ebeab469acc34710587116922144d61f3d7661901b ./libsodium-1.0.12.tar.gz

1
pkg/osx/shasums/libsodium-1.0.13.tar.gz.sha512 Normal file
View File

@ -0,0 +1 @@
c619b12fdf0b2e59174b6e383a62d5499ebcd720fdbb2c1a41a98a46c285df075202423454b294fefee185432441e943805397d7656f7cd7837de425da623929 ./libsodium-1.0.13.tar.gz

1
pkg/osx/shasums/openssl-1.0.2f.tar.gz.sha512
View File

@ -1 +0,0 @@
50abf6dc94cafd06e7fd20770808bdc675c88daa369e4f752bd584ab17f72a57357c1ca1eca3c83e6745b5a3c9c73c99dce70adaa904d73f6df4c75bc7138351 ./openssl-1.0.2f.tar.gz

1
pkg/osx/shasums/openssl-1.0.2l.tar.gz.sha512 Normal file
View File

@ -0,0 +1 @@
047d964508ad6025c79caabd8965efd2416dc026a56183d0ef4de7a0a6769ce8e0b4608a3f8393d326f6d03b26a2b067e6e0c750f35b20be190e595e8290c0e3 ./openssl-1.0.2l.tar.gz

1
pkg/osx/shasums/pkg-config-0.29.2.tar.gz.sha512 Normal file
View File

@ -0,0 +1 @@
4861ec6428fead416f5cbbbb0bbad10b9152967e481d4b0ff2eb396a9f297f552984c9bb72f6864a37dcd8fca1d9ccceda3ef18d8f121938dbe4fdf2b870fe75 ./pkg-config-0.29.2.tar.gz

1
pkg/osx/shasums/pkg-config-0.29.tar.gz.sha512
View File

@ -1 +0,0 @@
c2857cd67801c0db5d204912453ff6bdc7da3ea61f8b1c6b38983d48dffb958725e7723f909abbc057c7b34a85c27290eec6943808312a75909306076064aa63 ./pkg-config-0.29.tar.gz

1
pkg/osx/shasums/zeromq-4.1.3.tar.gz.sha512
View File

@ -1 +0,0 @@
2c993d18ea44e1cba890e024176af65b85b842ca4f8a22d319be4ace8388ab8828dd706b065f02754025bf271b1d7aa878c3f6655878248f7826452cb2a6134c ./zeromq-4.1.3.tar.gz

1
pkg/osx/shasums/zeromq-4.1.4.tar.gz.sha512 Normal file
View File

@ -0,0 +1 @@
8a8cf4f52ad78dddfff104bfba0f80bbc12566920906a0fafb9fc340aa92f5577c2923cb2e5346c69835cd2ea1609647a8893c2883cd22c1f0340a720511460c ./zeromq-4.1.4.tar.gz

7
pkg/windows/build.bat
View File

@ -110,6 +110,13 @@ if not %errorLevel%==0 (
)
@echo.
:: Remove build and dist directories
@echo %0 :: Remove build and dist directories...
@echo ---------------------------------------------------------------------
rd /s /q "%SrcDir%\build"
rd /s /q "%SrcDir%\dist"
@echo.
:: Install Current Version of salt
@echo %0 :: Install Current Version of salt...
@echo ---------------------------------------------------------------------

68
pkg/windows/build_pkg.bat
View File

@ -67,10 +67,13 @@ If not Exist "%PyDir%\python.exe" (
exit /b 1
)
Set "CurrDir=%cd%"
Set "BinDir=%cd%\buildenv\bin"
Set "InsDir=%cd%\installer"
Set "PreDir=%cd%\prereqs"
Set "CurDir=%~dp0"
Set "BldDir=%CurDir%\buildenv"
Set "BinDir=%CurDir%\buildenv\bin"
Set "CnfDir=%CurDir%\buildenv\conf"
Set "InsDir=%CurDir%\installer"
Set "PreDir=%CurDir%\prereqs"
for /f "delims=" %%a in ('git rev-parse --show-toplevel') do @set "SrcDir=%%a"
:: Find the NSIS Installer
If Exist "C:\Program Files\NSIS\" (
@ -101,6 +104,15 @@ If Exist "%BinDir%\" (
xcopy /E /Q "%PyDir%" "%BinDir%\"
@echo.
:: Copy the default master and minion configs to buildenv\conf
@echo Copying configs to buildenv\conf...
@echo ----------------------------------------------------------------------
@echo xcopy /E /Q "%SrcDir%\conf\master" "%CnfDir%\"
xcopy /Q "%SrcDir%\conf\master" "%CnfDir%\"
@echo xcopy /E /Q "%SrcDir%\conf\minion" "%CnfDir%\"
xcopy /Q "%SrcDir%\conf\minion" "%CnfDir%\"
@echo.
@echo Copying VCRedist to Prerequisites
@echo ----------------------------------------------------------------------
:: Make sure the "prereq" directory exists
@ -127,12 +139,12 @@ If Defined ProgramFiles(x86) (
:: Remove the fixed path in .exe files
@echo Removing fixed path from .exe files
@echo ----------------------------------------------------------------------
"%PyDir%\python" "%CurrDir%\portable.py" -f "%BinDir%\Scripts\easy_install.exe"
"%PyDir%\python" "%CurrDir%\portable.py" -f "%BinDir%\Scripts\easy_install-%PyVerMajor%.%PyVerMinor%.exe"
"%PyDir%\python" "%CurrDir%\portable.py" -f "%BinDir%\Scripts\pip.exe"
"%PyDir%\python" "%CurrDir%\portable.py" -f "%BinDir%\Scripts\pip%PyVerMajor%.%PyVerMinor%.exe"
"%PyDir%\python" "%CurrDir%\portable.py" -f "%BinDir%\Scripts\pip%PyVerMajor%.exe"
"%PyDir%\python" "%CurrDir%\portable.py" -f "%BinDir%\Scripts\wheel.exe"
"%PyDir%\python" "%CurDir%\portable.py" -f "%BinDir%\Scripts\easy_install.exe"
"%PyDir%\python" "%CurDir%\portable.py" -f "%BinDir%\Scripts\easy_install-%PyVerMajor%.%PyVerMinor%.exe"
"%PyDir%\python" "%CurDir%\portable.py" -f "%BinDir%\Scripts\pip.exe"
"%PyDir%\python" "%CurDir%\portable.py" -f "%BinDir%\Scripts\pip%PyVerMajor%.%PyVerMinor%.exe"
"%PyDir%\python" "%CurDir%\portable.py" -f "%BinDir%\Scripts\pip%PyVerMajor%.exe"
"%PyDir%\python" "%CurDir%\portable.py" -f "%BinDir%\Scripts\wheel.exe"
@echo.
@echo Cleaning up unused files and directories...
@ -534,12 +546,6 @@ If Exist "%BinDir%\Lib\site-packages\salt\states\zpool.py"^
:: Remove Unneeded Components
If Exist "%BinDir%\Lib\site-packages\salt\cloud"^
rd /S /Q "%BinDir%\Lib\site-packages\salt\cloud" 1>nul
If Exist "%BinDir%\Scripts\salt-key*"^
del /Q "%BinDir%\Scripts\salt-key*" 1>nul
If Exist "%BinDir%\Scripts\salt-master*"^
del /Q "%BinDir%\Scripts\salt-master*" 1>nul
If Exist "%BinDir%\Scripts\salt-run*"^
del /Q "%BinDir%\Scripts\salt-run*" 1>nul
If Exist "%BinDir%\Scripts\salt-unity*"^
del /Q "%BinDir%\Scripts\salt-unity*" 1>nul
@ -547,6 +553,36 @@ If Exist "%BinDir%\Scripts\salt-unity*"^
@echo Building the installer...
@echo ----------------------------------------------------------------------
:: Make the Master installer if the nullsoft script exists
If Exist "%InsDir%\Salt-Setup.nsi"^
makensis.exe /DSaltVersion=%Version% /DPythonVersion=%Python% "%InsDir%\Salt-Setup.nsi"
:: Remove files not needed for Salt Minion
:: salt
:: salt has to be removed individually (can't wildcard it)
If Exist "%BinDir%\Scripts\salt"^
del /Q "%BinDir%\Scripts\salt" 1>nul
If Exist "%BinDir%\Scripts\salt.exe"^
del /Q "%BinDir%\Scripts\salt.exe" 1>nul
If Exist "%BldDir%\salt.bat"^
del /Q "%BldDir%\salt.bat" 1>nul
:: salt-key
If Exist "%BinDir%\Scripts\salt-key*"^
del /Q "%BinDir%\Scripts\salt-key*" 1>nul
If Exist "%BldDir%\salt-key.bat"^
del /Q "%BldDir%\salt-key.bat" 1>nul
:: salt-master
If Exist "%BinDir%\Scripts\salt-master*"^
del /Q "%BinDir%\Scripts\salt-master*" 1>nul
If Exist "%BldDir%\salt-master.bat"^
del /Q "%BldDir%\salt-master.bat" 1>nul
:: salt-run
If Exist "%BinDir%\Scripts\salt-run*"^
del /Q "%BinDir%\Scripts\salt-run*" 1>nul
If Exist "%BldDir%\salt-run.bat"^
del /Q "%BldDir%\salt-run.bat" 1>nul
:: Make the Salt Minion Installer
makensis.exe /DSaltVersion=%Version% /DPythonVersion=%Python% "%InsDir%\Salt-Minion-Setup.nsi"
@echo.

402
pkg/windows/buildenv/conf/minion
View File

@ -1,402 +0,0 @@
##### Primary configuration settings #####
##########################################
ipc_mode: tcp
# Per default the minion will automatically include all config files
# from minion.d/*.conf (minion.d is a directory in the same directory
# as the main minion config file).
#default_include: minion.d/*.conf
# Set the location of the salt master server, if the master server cannot be
# resolved, then the minion will fail to start.
# test
#master: salt
# Set the number of seconds to wait before attempting to resolve
# the master hostname if name resolution fails. Defaults to 30 seconds.
# Set to zero if the minion should shutdown and not retry.
# retry_dns: 30
# Set the port used by the master reply and authentication server
#master_port: 4506
# The user to run salt
#user: root
# Specify the location of the daemon process ID file
#pidfile: /var/run/salt-minion.pid
# The root directory prepended to these options: pki_dir, cachedir, log_file,
# sock_dir, pidfile.
root_dir: c:\salt
# The directory to store the pki information in
#pki_dir: /etc/salt/pki/minion
pki_dir: /conf/pki/minion
# Explicitly declare the id for this minion to use, if left commented the id
# will be the hostname as returned by the python call: socket.getfqdn()
# Since salt uses detached ids it is possible to run multiple minions on the
# same machine but with different ids, this can be useful for salt compute
# clusters.
#id:
# Append a domain to a hostname in the event that it does not exist. This is
# useful for systems where socket.getfqdn() does not actually result in a
# FQDN (for instance, Solaris).
#append_domain:
# Custom static grains for this minion can be specified here and used in SLS
# files just like all other grains. This example sets 4 custom grains, with
# the 'roles' grain having two values that can be matched against:
#grains:
# roles:
# - webserver
# - memcache
# deployment: datacenter4
# cabinet: 13
# cab_u: 14-15
# Where cache data goes
#cachedir: /var/cache/salt/minion
# Verify and set permissions on configuration directories at startup
#verify_env: True
# The minion can locally cache the return data from jobs sent to it, this
# can be a good way to keep track of jobs the minion has executed
# (on the minion side). By default this feature is disabled, to enable
# set cache_jobs to True
#cache_jobs: False
# set the directory used to hold unix sockets
#sock_dir: /var/run/salt/minion
# Backup files that are replaced by file.managed and file.recurse under
# 'cachedir'/file_backups relative to their original location and appended
# with a timestamp. The only valid setting is "minion". Disabled by default.
#
# Alternatively this can be specified for each file in state files:
#
# /etc/ssh/sshd_config:
# file.managed:
# - source: salt://ssh/sshd_config
# - backup: minion
#
#backup_mode: minion
# When waiting for a master to accept the minion's public key, salt will
# continuously attempt to reconnect until successful. This is the time, in
# seconds, between those reconnection attempts.
#acceptance_wait_time: 10
# If this is set, the time between reconnection attempts will increase by
# acceptance_wait_time seconds per iteration, up to this maximum. If this
# is not set, the time between reconnection attempts will stay constant.
#acceptance_wait_time_max: None
# Windows platforms lack posix IPC and must rely on slower TCP based inter-
# process communications. Set ipc_mode to 'tcp' on such systems
#ipc_mode: ipc
#
# Overwrite the default tcp ports used by the minion when in tcp mode
#tcp_pub_port: 4510
#tcp_pull_port: 4511
# The minion can include configuration from other files. To enable this,
# pass a list of paths to this option. The paths can be either relative or
# absolute; if relative, they are considered to be relative to the directory
# the main minion configuration file lives in (this file). Paths can make use
# of shell-style globbing. If no files are matched by a path passed to this
# option then the minion will log a warning message.
#
#
# Include a config file from some other path:
# include: /etc/salt/extra_config
#
# Include config from several files and directories:
# include:
# - /etc/salt/extra_config
# - /etc/roles/webserver
##### Minion module management #####
##########################################
# Disable specific modules. This allows the admin to limit the level of
# access the master has to the minion
#disable_modules: [cmd,test]
#disable_returners: []
#
# Modules can be loaded from arbitrary paths. This enables the easy deployment
# of third party modules. Modules for returners and minions can be loaded.
# Specify a list of extra directories to search for minion modules and
# returners. These paths must be fully qualified!
#module_dirs: []
#returner_dirs: []
#states_dirs: []
#render_dirs: []
#
# A module provider can be statically overwritten or extended for the minion
# via the providers option, in this case the default module will be
# overwritten by the specified module. In this example the pkg module will
# be provided by the yumpkg5 module instead of the system default.
#
# providers:
# pkg: yumpkg5
#
# Enable Cython modules searching and loading. (Default: False)
#cython_enable: False
#
##### State Management Settings #####
###########################################
# The state management system executes all of the state templates on the minion
# to enable more granular control of system state management. The type of
# template and serialization used for state management needs to be configured
# on the minion, the default renderer is yaml_jinja. This is a yaml file
# rendered from a jinja template, the available options are:
# yaml_jinja
# yaml_mako
# yaml_wempy
# json_jinja
# json_mako
# json_wempy
#
#renderer: yaml_jinja
#
# The failhard option tells the minions to stop immediately after the first
# failure detected in the state execution, defaults to False
#failhard: False
#
# autoload_dynamic_modules Turns on automatic loading of modules found in the
# environments on the master. This is turned on by default, to turn of
# autoloading modules when states run set this value to False
#autoload_dynamic_modules: True
#
# clean_dynamic_modules keeps the dynamic modules on the minion in sync with
# the dynamic modules on the master, this means that if a dynamic module is
# not on the master it will be deleted from the minion. By default this is
# enabled and can be disabled by changing this value to False
#clean_dynamic_modules: True
#
# Normally the minion is not isolated to any single environment on the master
# when running states, but the environment can be isolated on the minion side
# by statically setting it. Remember that the recommended way to manage
# environments is to isolate via the top file.
#environment: None
#
# If using the local file directory, then the state top file name needs to be
# defined, by default this is top.sls.
#state_top: top.sls
#
# Run states when the minion daemon starts. To enable, set startup_states to:
# 'highstate' -- Execute state.highstate
# 'sls' -- Read in the sls_list option and execute the named sls files
# 'top' -- Read top_file option and execute based on that file on the Master
#startup_states: ''
#
# list of states to run when the minion starts up if startup_states is 'sls'
#sls_list:
# - edit.vim
# - hyper
#
# top file to execute if startup_states is 'top'
#top_file: ''
##### File Directory Settings #####
##########################################
# The Salt Minion can redirect all file server operations to a local directory,
# this allows for the same state tree that is on the master to be used if
# copied completely onto the minion. This is a literal copy of the settings on
# the master but used to reference a local directory on the minion.
# Set the file client, the client defaults to looking on the master server for
# files, but can be directed to look at the local file directory setting
# defined below by setting it to local.
#file_client: remote
# The file directory works on environments passed to the minion, each environment
# can have multiple root directories, the subdirectories in the multiple file
# roots cannot match, otherwise the downloaded files will not be able to be
# reliably ensured. A base environment is required to house the top file.
# Example:
# file_roots:
# base:
# - /srv/salt/
# dev:
# - /srv/salt/dev/services
# - /srv/salt/dev/states
# prod:
# - /srv/salt/prod/services
# - /srv/salt/prod/states
#
# Default:
#file_roots:
# base:
# - /srv/salt
# The hash_type is the hash to use when discovering the hash of a file in
# the minion directory, the default is md5, but sha1, sha224, sha256, sha384
# and sha512 are also supported.
#hash_type: md5
# The Salt pillar is searched for locally if file_client is set to local. If
# this is the case, and pillar data is defined, then the pillar_roots need to
# also be configured on the minion:
#pillar_roots:
# base:
# - /srv/pillar
###### Security settings #####
###########################################
# Enable "open mode", this mode still maintains encryption, but turns off
# authentication, this is only intended for highly secure environments or for
# the situation where your keys end up in a bad state. If you run in open mode
# you do so at your own risk!
#open_mode: False
# Enable permissive access to the salt keys. This allows you to run the
# master or minion as root, but have a non-root group be given access to
# your pki_dir. To make the access explicit, root must belong to the group
# you've given access to. This is potentially quite insecure.
#permissive_pki_access: False
# The state_verbose and state_output settings can be used to change the way
# state system data is printed to the display. By default all data is printed.
# The state_verbose setting can be set to True or False, when set to False
# all data that has a result of True and no changes will be suppressed.
#state_verbose: True
#
# The state_output setting changes if the output is the full multi line
# output for each changed state if set to 'full', but if set to 'terse'
# the output will be shortened to a single line.
#state_output: full
#
# Fingerprint of the master public key to double verify the master is valid,
# the master fingerprint can be found by running "salt-key -F master" on the
# salt master.
#master_finger: ''
###### Thread settings #####
###########################################
# Disable multiprocessing support, by default when a minion receives a
# publication a new process is spawned and the command is executed therein.
# multiprocessing: True
###### Logging settings #####
###########################################
# The location of the minion log file.
# This can be a path for the log file, or, this can be, since 0.11.0, a system
# logger address, for example:
# tcp://localhost:514/LOG_USER
# tcp://localhost/LOG_DAEMON
# udp://localhost:5145/LOG_KERN
# udp://localhost
# file:///dev/log
# file:///dev/log/LOG_SYSLOG
# file:///dev/log/LOG_DAEMON
#
# The above examples are self explanatory, but:
# <file|udp|tcp>://<host|socketpath>:<port-if-required>/<log-facility>
#
# Make sure you have a properly configured syslog or you won't get any warnings
#
#log_file: /var/log/salt/minion
#
#
# The level of messages to send to the console.
# One of 'garbage', 'trace', 'debug', info', 'warning', 'error', 'critical'.
# Default: 'warning'
#log_level: warning
#
# The level of messages to send to the log file.
# One of 'garbage', 'trace', 'debug', info', 'warning', 'error', 'critical'.
# Default: 'warning'
#log_level_logfile:
#
# The date and time format used in log messages. Allowed date/time formatting
# can be seen on http://docs.python.org/library/time.html#time.strftime
#log_datefmt: '%H:%M:%S'
#log_datefmt_logfile: '%Y-%m-%d %H:%M:%S'
#
# The format of the console logging messages. Allowed formatting options can
# be seen on http://docs.python.org/library/logging.html#logrecord-attributes
#log_fmt_console: '[%(levelname)-8s] %(message)s'
#log_fmt_logfile: '%(asctime)s,%(msecs)03d [%(name)-17s][%(levelname)-8s] %(message)s'
#
# Logger levels can be used to tweak specific loggers logging levels.
# For example, if you want to have the salt library at the 'warning' level,
# but you still wish to have 'salt.modules' at the 'debug' level:
# log_granular_levels: {
# 'salt': 'warning',
# 'salt.modules': 'debug'
# }
#
#log_granular_levels: {}
###### Module configuration #####
###########################################
# Salt allows for modules to be passed arbitrary configuration data, any data
# passed here in valid yaml format will be passed on to the salt minion modules
# for use. It is STRONGLY recommended that a naming convention be used in which
# the module name is followed by a . and then the value. Also, all top level
# data must be applied via the yaml dict construct, some examples:
#
# You can specify that all modules should run in test mode:
#test: True
#
# A simple value for the test module:
#test.foo: foo
#
# A list for the test module:
#test.bar: [baz,quo]
#
# A dict for the test module:
#test.baz: {spam: sausage, cheese: bread}
###### Update settings ######
###########################################
# Using the features in Esky, a salt minion can both run as a frozen app and
# be updated on the fly. These options control how the update process
# (saltutil.update()) behaves.
#
# The url for finding and downloading updates. Disabled by default.
#update_url: False
#
# The list of services to restart after a successful update. Empty by default.
#update_restart_services: []
###### Keepalive settings ######
############################################
# ZeroMQ now includes support for configuring SO_KEEPALIVE if supported by
# the OS. If connections between the minion and the master pass through
# a state tracking device such as a firewall or VPN gateway, there is
# the risk that it could tear down the connection the master and minion
# without informing either party that their connection has been taken away.
# Enabling TCP Keepalives prevents this from happening.
#
# Overall state of TCP Keepalives, enable (1 or True), disable (0 or False)
# or leave to the OS defaults (-1), on Linux, typically disabled. Default True, enabled.
#tcp_keepalive: True
#
# How long before the first keepalive should be sent in seconds. Default 300
# to send the first keepalive after 5 minutes, OS default (-1) is typically 7200 seconds
# on Linux see /proc/sys/net/ipv4/tcp_keepalive_time.
#tcp_keepalive_idle: 300
#
# How many lost probes are needed to consider the connection lost. Default -1
# to use OS defaults, typically 9 on Linux, see /proc/sys/net/ipv4/tcp_keepalive_probes.
#tcp_keepalive_cnt: -1
#
# How often, in seconds, to send keepalives after the first one. Default -1 to
# use OS defaults, typically 75 seconds on Linux, see
# /proc/sys/net/ipv4/tcp_keepalive_intvl.
#tcp_keepalive_intvl: -1
###### Windows Software settings ######
############################################
# Location of the repository cache file on the master
# win_repo_cachefile: 'salt://win/repo/winrepo.p'

13
pkg/windows/buildenv/salt.bat Normal file
View File

@ -0,0 +1,13 @@
@ echo off
:: Script for starting the Salt CLI
:: Accepts all parameters that Salt CLI accepts
:: Define Variables
Set SaltDir=%~dp0
Set SaltDir=%SaltDir:~0,-1%
Set Python=%SaltDir%\bin\python.exe
Set Script=%SaltDir%\bin\Scripts\salt
:: Launch Script
"%Python%" "%Script%" %*

6
salt/auth/__init__.py
View File

@ -229,7 +229,7 @@ class LoadAuth(object):
try:
with salt.utils.files.set_umask(0o177):
with salt.utils.fopen(t_path, 'w+b') as fp_:
with salt.utils.files.fopen(t_path, 'w+b') as fp_:
fp_.write(self.serial.dumps(tdata))
except (IOError, OSError):
log.warning('Authentication failure: can not write token file "{0}".'.format(t_path))
@ -245,7 +245,7 @@ class LoadAuth(object):
if not os.path.isfile(t_path):
return {}
try:
with salt.utils.fopen(t_path, 'rb') as fp_:
with salt.utils.files.fopen(t_path, 'rb') as fp_:
tdata = self.serial.loads(fp_.read())
except (IOError, OSError):
log.warning('Authentication failure: can not read token file "{0}".'.format(t_path))
@ -670,7 +670,7 @@ class Resolver(object):
return tdata
try:
with salt.utils.files.set_umask(0o177):
with salt.utils.fopen(self.opts['token_file'], 'w+') as fp_:
with salt.utils.files.fopen(self.opts['token_file'], 'w+') as fp_:
fp_.write(tdata['token'])
except (IOError, OSError):
pass

3
salt/auth/file.py
View File

@ -102,6 +102,7 @@ import os
# Import salt utils
import salt.utils
import salt.utils.files
log = logging.getLogger(__name__)
@ -158,7 +159,7 @@ def _text(username, password, **kwargs):
username_field = kwargs['username_field']-1
password_field = kwargs['password_field']-1
with salt.utils.fopen(filename, 'r') as pwfile:
with salt.utils.files.fopen(filename, 'r') as pwfile:
for line in pwfile.readlines():
fields = line.strip().split(field_separator)

4
salt/auth/pki.py
View File

@ -33,7 +33,7 @@ except ImportError:
# pylint: enable=import-error
# Import salt libs
import salt.utils
import salt.utils.files
log = logging.getLogger(__name__)
@ -74,7 +74,7 @@ def auth(username, password, **kwargs):
cert = OpenSSL.crypto.load_certificate(OpenSSL.crypto.FILETYPE_PEM, pem)
cacert_file = __salt__['config.get']('external_auth:pki:ca_file')
with salt.utils.fopen(cacert_file) as f:
with salt.utils.files.fopen(cacert_file) as f:
cacert = OpenSSL.crypto.load_certificate(OpenSSL.crypto.FILETYPE_PEM, f.read())
log.debug('Attempting to authenticate via pki.')

4
salt/beacons/btmp.py
View File

@ -14,7 +14,7 @@ import os
import struct
# Import Salt Libs
import salt.utils
import salt.utils.files
__virtualname__ = 'btmp'
BTMP = '/var/log/btmp'
@ -71,7 +71,7 @@ def beacon(config):
btmp: {}
'''
ret = []
with salt.utils.fopen(BTMP, 'rb') as fp_:
with salt.utils.files.fopen(BTMP, 'rb') as fp_:
loc = __context__.get(LOC_KEY, 0)
if loc == 0:
fp_.seek(0, 2)

3
salt/beacons/log.py
View File

@ -12,6 +12,7 @@ import logging
# Import salt libs
import salt.utils
import salt.utils.files
try:
@ -79,7 +80,7 @@ def beacon(config):
ret.append(event)
return ret
with salt.utils.fopen(config['file'], 'r') as fp_:
with salt.utils.files.fopen(config['file'], 'r') as fp_:
loc = __context__.get(LOC_KEY, 0)
if loc == 0:
fp_.seek(0, 2)

30
salt/beacons/service.py
View File

@ -8,6 +8,7 @@ from __future__ import absolute_import
import os
import logging
import time
log = logging.getLogger(__name__) # pylint: disable=invalid-name
@ -46,6 +47,10 @@ def beacon(config):
events only when the service status changes. Otherwise, it will fire an
event at each beacon interval. The default is False.
`delay`: when `delay` is greater than 0 the beacon will fire events only
after the service status changes, and the delay (in seconds) has passed.
Applicable only when `onchangeonly` is True. The default is 0.
`emitatstartup`: when `emitatstartup` is False the beacon will not fire
event when the minion is reload. Applicable only when `onchangeonly` is True.
The default is True.
@ -66,7 +71,7 @@ def beacon(config):
process). The 'uncleanshutdown' option might not be of much use there,
unless the unit file is modified.
Here is an example that will fire an event whenever the state of nginx
Here is an example that will fire an event 30 seconds after the state of nginx
changes and report an uncleanshutdown. This example is for Arch, which
places nginx's pid file in `/run`.
@ -76,6 +81,7 @@ def beacon(config):
service:
nginx:
onchangeonly: True
delay: 30
uncleanshutdown: /run/nginx.pid
'''
ret = []
@ -83,6 +89,8 @@ def beacon(config):
ret_dict = {}
ret_dict[service] = {'running': __salt__['service.status'](service)}
ret_dict['service_name'] = service
ret_dict['tag'] = service
currtime = time.time()
# If no options is given to the service, we fall back to the defaults
# assign a False value to oncleanshutdown and onchangeonly. Those
@ -93,6 +101,8 @@ def beacon(config):
config[service]['emitatstartup'] = True
if 'onchangeonly' not in config[service]:
config[service]['onchangeonly'] = False
if 'delay' not in config[service]:
config[service]['delay'] = 0
# We only want to report the nature of the shutdown
# if the current running status is False
@ -103,14 +113,24 @@ def beacon(config):
if 'onchangeonly' in config[service] and config[service]['onchangeonly'] is True:
if service not in LAST_STATUS:
LAST_STATUS[service] = ret_dict[service]
if not config[service]['emitatstartup']:
if config[service]['delay'] > 0:
LAST_STATUS[service]['time'] = currtime
elif not config[service]['emitatstartup']:
continue
else:
ret.append(ret_dict)
if LAST_STATUS[service] != ret_dict[service]:
if LAST_STATUS[service]['running'] != ret_dict[service]['running']:
LAST_STATUS[service] = ret_dict[service]
ret.append(ret_dict)
if config[service]['delay'] > 0:
LAST_STATUS[service]['time'] = currtime
else:
ret.append(ret_dict)
if 'time' in LAST_STATUS[service]:
elapsedtime = int(round(currtime - LAST_STATUS[service]['time']))
if elapsedtime > config[service]['delay']:
del LAST_STATUS[service]['time']
ret.append(ret_dict)
else:
ret.append(ret_dict)

4
salt/beacons/wtmp.py
View File

@ -14,7 +14,7 @@ import os
import struct
# Import salt libs
import salt.utils
import salt.utils.files
__virtualname__ = 'wtmp'
WTMP = '/var/log/wtmp'
@ -73,7 +73,7 @@ def beacon(config):
wtmp: {}
'''
ret = []
with salt.utils.fopen(WTMP, 'rb') as fp_:
with salt.utils.files.fopen(WTMP, 'rb') as fp_:
loc = __context__.get(LOC_KEY, 0)
if loc == 0:
fp_.seek(0, 2)

1
salt/cache/__init__.py vendored
View File

@ -77,6 +77,7 @@ class Cache(object):
self.serial = Serial(opts)
self._modules = None
self._kwargs = kwargs
self._kwargs['cachedir'] = self.cachedir
def __lazy_init(self):
self._modules = salt.loader.cache(self.opts, self.serial)

5
salt/cache/localfs.py vendored
View File

@ -20,6 +20,7 @@ import tempfile
from salt.exceptions import SaltCacheError
import salt.utils
import salt.utils.atomicfile
import salt.utils.files
log = logging.getLogger(__name__)
@ -58,7 +59,7 @@ def store(bank, key, data, cachedir):
tmpfh, tmpfname = tempfile.mkstemp(dir=base)
os.close(tmpfh)
try:
with salt.utils.fopen(tmpfname, 'w+b') as fh_:
with salt.utils.files.fopen(tmpfname, 'w+b') as fh_:
fh_.write(__context__['serial'].dumps(data))
# On Windows, os.rename will fail if the destination file exists.
salt.utils.atomicfile.atomic_rename(tmpfname, outfile)
@ -85,7 +86,7 @@ def fetch(bank, key, cachedir):
log.debug('Cache file "%s" does not exist', key_file)
return {}
try:
with salt.utils.fopen(key_file, 'rb') as fh_:
with salt.utils.files.fopen(key_file, 'rb') as fh_:
if inkey:
return __context__['serial'].load(fh_)[key]
else:

9
salt/cli/caller.py
View File

@ -21,6 +21,7 @@ import salt.output
import salt.payload
import salt.transport
import salt.utils.args
import salt.utils.files
import salt.utils.jid
import salt.utils.minion
import salt.defaults.exitcodes
@ -164,6 +165,12 @@ class BaseCaller(object):
ret['jid']
)
if fun not in self.minion.functions:
docs = self.minion.functions['sys.doc']('{0}*'.format(fun))
if docs:
docs[fun] = self.minion.functions.missing_fun_string(fun)
ret['out'] = 'nested'
ret['return'] = docs
return ret
sys.stderr.write(self.minion.functions.missing_fun_string(fun))
mod_name = fun.split('.')[0]
if mod_name in self.minion.function_errors:
@ -189,7 +196,7 @@ class BaseCaller(object):
no_parse=self.opts.get('no_parse', [])),
data=sdata)
try:
with salt.utils.fopen(proc_fn, 'w+b') as fp_:
with salt.utils.files.fopen(proc_fn, 'w+b') as fp_:
fp_.write(self.serial.dumps(sdata))
except NameError:
# Don't require msgpack with local

3
salt/cli/salt.py
View File

@ -75,8 +75,9 @@ class SaltCMD(parsers.SaltCMDOptionParser):
'show_jid': self.options.show_jid}
if 'token' in self.config:
import salt.utils.files
try:
with salt.utils.fopen(os.path.join(self.config['cachedir'], '.root_key'), 'r') as fp_:
with salt.utils.files.fopen(os.path.join(self.config['cachedir'], '.root_key'), 'r') as fp_:
kwargs['key'] = fp_.readline()
except IOError:
kwargs['token'] = self.config['token']

5
salt/client/__init__.py
View File

@ -35,6 +35,7 @@ import salt.loader
import salt.utils
import salt.utils.args
import salt.utils.event
import salt.utils.files
import salt.utils.minions
import salt.utils.verify
import salt.utils.jid
@ -193,7 +194,7 @@ class LocalClient(object):
self.skip_perm_errors)
try:
with salt.utils.fopen(keyfile, 'r') as key:
with salt.utils.files.fopen(keyfile, 'r') as key:
return key.read()
except (OSError, IOError):
# Fall back to eauth
@ -567,6 +568,8 @@ class LocalClient(object):
opts['timeout'] = kwargs['timeout']
if 'gather_job_timeout' in kwargs:
opts['gather_job_timeout'] = kwargs['gather_job_timeout']
if 'batch_wait' in kwargs:
opts['batch_wait'] = int(kwargs['batch_wait'])
eauth = {}
if 'eauth' in kwargs:

17
salt/client/mixins.py
View File

@ -5,6 +5,7 @@ A collection of mixins useful for the various *Client interfaces
# Import Python libs
from __future__ import absolute_import, print_function, with_statement
import fnmatch
import signal
import logging
import weakref
@ -436,10 +437,18 @@ class SyncClientMixin(object):
Return a dictionary of functions and the inline documentation for each
'''
if arg:
target_mod = arg + '.' if not arg.endswith('.') else arg
docs = [(fun, self.functions[fun].__doc__)
for fun in sorted(self.functions)
if fun == arg or fun.startswith(target_mod)]
if '*' in arg:
target_mod = arg
_use_fnmatch = True
else:
target_mod = arg + '.' if not arg.endswith('.') else arg
if _use_fnmatch:
docs = [(fun, self.functions[fun].__doc__)
for fun in fnmatch.filter(self.functions, target_mod)]
else:
docs = [(fun, self.functions[fun].__doc__)
for fun in sorted(self.functions)
if fun == arg or fun.startswith(target_mod)]
else:
docs = [(fun, self.functions[fun].__doc__)
for fun in sorted(self.functions)]

15
salt/client/ssh/__init__.py
View File

@ -39,12 +39,13 @@ import salt.serializers.yaml
import salt.state
import salt.utils
import salt.utils.args
import salt.utils.event
import salt.utils.atomicfile
import salt.utils.event
import salt.utils.files
import salt.utils.network
import salt.utils.thin
import salt.utils.url
import salt.utils.verify
import salt.utils.network
from salt.utils import is_windows
from salt.utils.process import MultiprocessingProcess
@ -195,7 +196,7 @@ if not is_windows():
if not os.path.exists(shim_file):
# On esky builds we only have the .pyc file
shim_file += "c"
with salt.utils.fopen(shim_file) as ssh_py_shim:
with salt.utils.files.fopen(shim_file) as ssh_py_shim:
SSH_PY_SHIM = ssh_py_shim.read()
log = logging.getLogger(__name__)
@ -337,7 +338,7 @@ class SSH(object):
)
)
pub = '{0}.pub'.format(priv)
with salt.utils.fopen(pub, 'r') as fp_:
with salt.utils.files.fopen(pub, 'r') as fp_:
return '{0} rsa root@master'.format(fp_.read().split()[1])
def key_deploy(self, host, ret):
@ -941,12 +942,12 @@ class Single(object):
'grains': opts_pkg['grains'],
'pillar': pillar_data}
if data_cache:
with salt.utils.fopen(datap, 'w+b') as fp_:
with salt.utils.files.fopen(datap, 'w+b') as fp_:
fp_.write(
self.serial.dumps(data)
)
if not data and data_cache:
with salt.utils.fopen(datap, 'rb') as fp_:
with salt.utils.files.fopen(datap, 'rb') as fp_:
data = self.serial.load(fp_)
opts = data.get('opts', {})
opts['grains'] = data.get('grains')
@ -1412,7 +1413,7 @@ def mod_data(fsclient):
return mods
tfp = tarfile.open(ext_tar_path, 'w:gz')
verfile = os.path.join(fsclient.opts['cachedir'], 'ext_mods.ver')
with salt.utils.fopen(verfile, 'w+') as fp_:
with salt.utils.files.fopen(verfile, 'w+') as fp_:
fp_.write(ver)
tfp.add(verfile, 'ext_version')
for ref in ret:

8
salt/client/ssh/state.py
View File

@ -15,10 +15,10 @@ from contextlib import closing
# Import salt libs
import salt.client.ssh.shell
import salt.client.ssh
import salt.utils
import salt.utils.files
import salt.utils.thin
import salt.utils.url
import salt.utils.verify
import salt.roster
import salt.state
import salt.loader
@ -177,13 +177,13 @@ def prep_trans_tar(opts, file_client, chunks, file_refs, pillar=None, id_=None,
[salt.utils.url.create('_output')],
[salt.utils.url.create('_utils')],
]
with salt.utils.fopen(lowfn, 'w+') as fp_:
with salt.utils.files.fopen(lowfn, 'w+') as fp_:
fp_.write(json.dumps(chunks))
if pillar:
with salt.utils.fopen(pillarfn, 'w+') as fp_:
with salt.utils.files.fopen(pillarfn, 'w+') as fp_:
fp_.write(json.dumps(pillar))
if roster_grains:
with salt.utils.fopen(roster_grainsfn, 'w+') as fp_:
with salt.utils.files.fopen(roster_grainsfn, 'w+') as fp_:
fp_.write(json.dumps(roster_grains))
if id_ is None:

10
salt/client/ssh/wrapper/cp.py
View File

@ -2,13 +2,15 @@
'''
Wrap the cp module allowing for managed ssh file transfers
'''
# Import Python libs
from __future__ import absolute_import
import logging
import os
# Import salt libs
import salt.client.ssh
import salt.utils.files
import logging
import os
import salt.utils.templates
from salt.exceptions import CommandExecutionError
log = logging.getLogger(__name__)
@ -138,14 +140,14 @@ def _render_filenames(path, dest, saltenv, template):
'''
# write out path to temp file
tmp_path_fn = salt.utils.files.mkstemp()
with salt.utils.fopen(tmp_path_fn, 'w+') as fp_:
with salt.utils.files.fopen(tmp_path_fn, 'w+') as fp_:
fp_.write(contents)
data = salt.utils.templates.TEMPLATE_REGISTRY[template](
tmp_path_fn,
to_str=True,
**kwargs
)
salt.utils.safe_rm(tmp_path_fn)
salt.utils.files.safe_rm(tmp_path_fn)
if not data['result']:
# Failed to render the template
raise CommandExecutionError(

4
salt/cloud/__init__.py
View File

@ -1396,7 +1396,7 @@ class Cloud(object):
vm_overrides = {}
try:
with salt.utils.fopen(self.opts['conf_file'], 'r') as mcc:
with salt.utils.files.fopen(self.opts['conf_file'], 'r') as mcc:
main_cloud_config = yaml.safe_load(mcc)
if not main_cloud_config:
main_cloud_config = {}
@ -2106,7 +2106,7 @@ class Map(Cloud):
# Generate the fingerprint of the master pubkey in order to
# mitigate man-in-the-middle attacks
master_temp_pub = salt.utils.files.mkstemp()
with salt.utils.fopen(master_temp_pub, 'w') as mtp:
with salt.utils.files.fopen(master_temp_pub, 'w') as mtp:
mtp.write(pub)
master_finger = salt.utils.pem_finger(master_temp_pub, sum_type=self.opts['hash_type'])
os.unlink(master_temp_pub)

77
salt/cloud/clouds/azurearm.py
View File

@ -59,10 +59,12 @@ import logging
import pprint
import base64
import yaml
import collections
import salt.cache
import salt.config as config
import salt.utils
import salt.utils.cloud
import salt.utils.files
import salt.ext.six as six
import salt.version
from salt.exceptions import (
@ -103,6 +105,7 @@ try:
from azure.mgmt.network.models import (
IPAllocationMethod,
NetworkInterface,
NetworkInterfaceDnsSettings,
NetworkInterfaceIPConfiguration,
NetworkSecurityGroup,
PublicIPAddress,
@ -249,7 +252,9 @@ def avail_locations(conn=None, call=None): # pylint: disable=unused-argument
ret = {}
regions = webconn.global_model.get_subscription_geo_regions()
for location in regions.value: # pylint: disable=no-member
if hasattr(regions, 'value'):
regions = regions.value
for location in regions: # pylint: disable=no-member
lowername = str(location.name).lower().replace(' ', '')
ret[lowername] = object_to_dict(location)
return ret
@ -419,13 +424,14 @@ def list_nodes_full(conn=None, call=None): # pylint: disable=unused-argument
for group in list_resource_groups():
nodes = compconn.virtual_machines.list(group)
for node in nodes:
private_ips, public_ips = __get_ips_from_node(group, node)
ret[node.name] = object_to_dict(node)
ret[node.name]['id'] = node.id
ret[node.name]['name'] = node.name
ret[node.name]['size'] = node.hardware_profile.vm_size
ret[node.name]['state'] = node.provisioning_state
ret[node.name]['private_ips'] = node.network_profile.network_interfaces
ret[node.name]['public_ips'] = node.network_profile.network_interfaces
ret[node.name]['private_ips'] = private_ips
ret[node.name]['public_ips'] = public_ips
ret[node.name]['storage_profile']['data_disks'] = []
ret[node.name]['resource_group'] = group
for disk in node.storage_profile.data_disks:
@ -445,6 +451,30 @@ def list_nodes_full(conn=None, call=None): # pylint: disable=unused-argument
return ret
def __get_ips_from_node(resource_group, node):
'''
List private and public IPs from a VM interface
'''
global netconn # pylint: disable=global-statement,invalid-name
if not netconn:
netconn = get_conn(NetworkManagementClient)
private_ips = []
public_ips = []
for node_iface in node.network_profile.network_interfaces:
node_iface_name = node_iface.id.split('/')[-1]
network_interface = netconn.network_interfaces.get(resource_group, node_iface_name)
for ip_configuration in network_interface.ip_configurations:
if ip_configuration.private_ip_address:
private_ips.append(ip_configuration.private_ip_address)
if ip_configuration.public_ip_address and ip_configuration.public_ip_address.id:
public_iface_name = ip_configuration.public_ip_address.id.split('/')[-1]
public_iface = netconn.public_ip_addresses.get(resource_group, public_iface_name)
public_ips.append(public_iface.ip_address)
return private_ips, public_ips
def list_resource_groups(conn=None, call=None): # pylint: disable=unused-argument
'''
List resource groups associated with the account
@ -911,6 +941,17 @@ def create_interface(call=None, kwargs=None): # pylint: disable=unused-argument
)
]
dns_settings = None
if kwargs.get('dns_servers') is not None:
if isinstance(kwargs['dns_servers'], list):
dns_settings = NetworkInterfaceDnsSettings(
dns_servers=kwargs['dns_servers'],
applied_dns_servers=kwargs['dns_servers'],
internal_dns_name_label=None,
internal_fqdn=None,
internal_domain_name_suffix=None,
)
network_security_group = None
if kwargs.get('security_group') is not None:
network_security_group = netconn.network_security_groups.get(
@ -922,6 +963,7 @@ def create_interface(call=None, kwargs=None): # pylint: disable=unused-argument
location=kwargs['location'],
network_security_group=network_security_group,
ip_configurations=ip_configurations,
dns_settings=dns_settings,
)
poller = netconn.network_interfaces.create_or_update(
@ -986,7 +1028,7 @@ def request_instance(call=None, kwargs=None): # pylint: disable=unused-argument
)
else:
if os.path.exists(userdata_file):
with salt.utils.fopen(userdata_file, 'r') as fh_:
with salt.utils.files.fopen(userdata_file, 'r') as fh_:
userdata = fh_.read()
userdata = salt.utils.cloud.userdata_template(__opts__, vm_, userdata)
@ -1289,6 +1331,15 @@ def destroy(name, conn=None, call=None, kwargs=None): # pylint: disable=unused-
'-a or --action.'
)
__utils__['cloud.fire_event'](
'event',
'destroying instance',
'salt/cloud/{0}/destroying'.format(name),
args={'name': name},
sock_dir=__opts__['sock_dir'],
transport=__opts__['transport']
)
global compconn # pylint: disable=global-statement,invalid-name
if not compconn:
compconn = get_conn()
@ -1382,6 +1433,15 @@ def destroy(name, conn=None, call=None, kwargs=None): # pylint: disable=unused-
)
)
__utils__['cloud.fire_event'](
'event',
'destroyed instance',
'salt/cloud/{0}/destroyed'.format(name),
args={'name': name},
sock_dir=__opts__['sock_dir'],
transport=__opts__['transport']
)
return ret
@ -1630,10 +1690,15 @@ def pages_to_list(items):
while True:
try:
page = items.next() # pylint: disable=incompatible-py3-code
for item in page:
objs.append(item)
if isinstance(page, collections.Iterable):
for item in page:
objs.append(item)
else:
objs.append(page)
except GeneratorExit:
break
except StopIteration:
break
return objs

50
salt/cloud/clouds/cloudstack.py
View File

@ -168,8 +168,15 @@ def get_security_groups(conn, vm_):
'''
Return a list of security groups to use, defaulting to ['default']
'''
return config.get_cloud_config_value('securitygroup', vm_, __opts__,
default=['default'])
securitygroup_enabled = config.get_cloud_config_value(
'securitygroup_enabled', vm_, __opts__, default=True
)
if securitygroup_enabled:
return config.get_cloud_config_value(
'securitygroup', vm_, __opts__, default=['default']
)
else:
return False
def get_password(vm_):
@ -270,6 +277,7 @@ def create(vm_):
'event',
'starting create',
'salt/cloud/{0}/creating'.format(vm_['name']),
sock_dir=__opts__['sock_dir'],
args=__utils__['cloud.filter_event']('creating', vm_, ['name', 'profile', 'provider', 'driver']),
transport=__opts__['transport']
)
@ -281,9 +289,12 @@ def create(vm_):
'image': get_image(conn, vm_),
'size': get_size(conn, vm_),
'location': get_location(conn, vm_),
'ex_security_groups': get_security_groups(conn, vm_)
}
sg = get_security_groups(conn, vm_)
if sg is not False:
kwargs['ex_security_groups'] = sg
if get_keypair(vm_) is not False:
kwargs['ex_keyname'] = get_keypair(vm_)
@ -306,6 +317,7 @@ def create(vm_):
'event',
'requesting instance',
'salt/cloud/{0}/requesting'.format(vm_['name']),
sock_dir=__opts__['sock_dir'],
args={
'kwargs': __utils__['cloud.filter_event'](
'requesting',
@ -329,12 +341,13 @@ def create(vm_):
if 'VirtualName' not in ex_blockdevicemapping:
ex_blockdevicemapping['VirtualName'] = '{0}-{1}'.format(vm_['name'], len(volumes))
__utils__['cloud.fire_event'](
'event',
'requesting volume',
'salt/cloud/{0}/requesting'.format(ex_blockdevicemapping['VirtualName']),
{'kwargs': {'name': ex_blockdevicemapping['VirtualName'],
'device': ex_blockdevicemapping['DeviceName'],
'size': ex_blockdevicemapping['VolumeSize']}},
'event',
'requesting volume',
'salt/cloud/{0}/requesting'.format(ex_blockdevicemapping['VirtualName']),
sock_dir=__opts__['sock_dir'],
args={'kwargs': {'name': ex_blockdevicemapping['VirtualName'],
'device': ex_blockdevicemapping['DeviceName'],
'size': ex_blockdevicemapping['VolumeSize']}},
)
try:
volumes[ex_blockdevicemapping['DeviceName']] = conn.create_volume(
@ -408,6 +421,7 @@ def create(vm_):
'event',
'created instance',
'salt/cloud/{0}/created'.format(vm_['name']),
sock_dir=__opts__['sock_dir'],
args=__utils__['cloud.filter_event']('created', vm_, ['name', 'profile', 'provider', 'driver']),
transport=__opts__['transport']
)
@ -429,7 +443,8 @@ def destroy(name, conn=None, call=None):
'event',
'destroying instance',
'salt/cloud/{0}/destroying'.format(name),
{'name': name},
sock_dir=__opts__['sock_dir'],
args={'name': name},
)
if not conn:
@ -453,7 +468,8 @@ def destroy(name, conn=None, call=None):
'event',
'detaching volume',
'salt/cloud/{0}/detaching'.format(volume.name),
{'name': volume.name},
sock_dir=__opts__['sock_dir'],
args={'name': volume.name},
)
if not conn.detach_volume(volume):
log.error('Failed to Detach volume: {0}'.format(volume.name))
@ -463,7 +479,8 @@ def destroy(name, conn=None, call=None):
'event',
'detached volume',
'salt/cloud/{0}/detached'.format(volume.name),
{'name': volume.name},
sock_dir=__opts__['sock_dir'],
args={'name': volume.name},
)
log.info('Destroying volume: {0}'.format(volume.name))
@ -471,7 +488,8 @@ def destroy(name, conn=None, call=None):
'event',
'destroying volume',
'salt/cloud/{0}/destroying'.format(volume.name),
{'name': volume.name},
sock_dir=__opts__['sock_dir'],
args={'name': volume.name},
)
if not conn.destroy_volume(volume):
log.error('Failed to Destroy volume: {0}'.format(volume.name))
@ -481,7 +499,8 @@ def destroy(name, conn=None, call=None):
'event',
'destroyed volume',
'salt/cloud/{0}/destroyed'.format(volume.name),
{'name': volume.name},
sock_dir=__opts__['sock_dir'],
args={'name': volume.name},
)
log.info('Destroying VM: {0}'.format(name))
ret = conn.destroy_node(node)
@ -495,7 +514,8 @@ def destroy(name, conn=None, call=None):
'event',
'destroyed instance',
'salt/cloud/{0}/destroyed'.format(name),
{'name': name},
sock_dir=__opts__['sock_dir'],
args={'name': name},
)
if __opts__['delete_sshkeys'] is True:
salt.utils.cloud.remove_sshkey(node.public_ips[0])

5
salt/cloud/clouds/digital_ocean.py
View File

@ -36,6 +36,7 @@ import decimal
# Import Salt Libs
import salt.utils.cloud
import salt.utils.files
import salt.config as config
from salt.exceptions import (
SaltCloudConfigError,
@ -383,7 +384,7 @@ def create(vm_):
)
if userdata_file is not None:
try:
with salt.utils.fopen(userdata_file, 'r') as fp_:
with salt.utils.files.fopen(userdata_file, 'r') as fp_:
kwargs['user_data'] = salt.utils.cloud.userdata_template(
__opts__, vm_, fp_.read()
)
@ -713,7 +714,7 @@ def import_keypair(kwargs=None, call=None):
file(mandatory): public key file-name
keyname(mandatory): public key name in the provider
'''
with salt.utils.fopen(kwargs['file'], 'r') as public_key_filename:
with salt.utils.files.fopen(kwargs['file'], 'r') as public_key_filename:
public_key_content = public_key_filename.read()
digital_ocean_kwargs = {

24
salt/cloud/clouds/ec2.py
View File

@ -89,14 +89,12 @@ import re
import decimal
# Import Salt Libs
import salt.utils
import salt.utils.cloud
import salt.utils.files
import salt.utils.hashutils
from salt._compat import ElementTree as ET
import salt.utils.http as http
import salt.utils.aws as aws
# Import salt.cloud libs
import salt.utils.cloud
import salt.config as config
from salt.exceptions import (
SaltCloudException,
@ -1787,7 +1785,7 @@ def request_instance(vm_=None, call=None):
else:
log.trace('userdata_file: {0}'.format(userdata_file))
if os.path.exists(userdata_file):
with salt.utils.fopen(userdata_file, 'r') as fh_:
with salt.utils.files.fopen(userdata_file, 'r') as fh_:
userdata = fh_.read()
userdata = salt.utils.cloud.userdata_template(__opts__, vm_, userdata)
@ -2328,6 +2326,9 @@ def wait_for_instance(
use_winrm = config.get_cloud_config_value(
'use_winrm', vm_, __opts__, default=False
)
winrm_verify_ssl = config.get_cloud_config_value(
'winrm_verify_ssl', vm_, __opts__, default=True
)
if win_passwd and win_passwd == 'auto':
log.debug('Waiting for auto-generated Windows EC2 password')
@ -2399,7 +2400,8 @@ def wait_for_instance(
winrm_port,
username,
win_passwd,
timeout=ssh_connect_timeout):
timeout=ssh_connect_timeout,
verify=winrm_verify_ssl):
raise SaltCloudSystemExit(
'Failed to authenticate against remote windows host'
)
@ -2440,7 +2442,7 @@ def wait_for_instance(
continue
keys += '\n{0} {1}'.format(ip_address, line)
with salt.utils.fopen(known_hosts_file, 'a') as fp_:
with salt.utils.files.fopen(known_hosts_file, 'a') as fp_:
fp_.write(keys)
fp_.close()
@ -4385,7 +4387,7 @@ def import_keypair(kwargs=None, call=None):
public_key_file = kwargs['file']
if os.path.exists(public_key_file):
with salt.utils.fopen(public_key_file, 'r') as fh_:
with salt.utils.files.fopen(public_key_file, 'r') as fh_:
public_key = fh_.read()
if public_key is not None:
@ -4774,7 +4776,7 @@ def get_password_data(
if 'key' not in kwargs:
if 'key_file' in kwargs:
with salt.utils.fopen(kwargs['key_file'], 'r') as kf_:
with salt.utils.files.fopen(kwargs['key_file'], 'r') as kf_:
kwargs['key'] = kf_.read()
if 'key' in kwargs:
@ -4874,7 +4876,7 @@ def _parse_pricing(url, name):
outfile = os.path.join(
__opts__['cachedir'], 'ec2-pricing-{0}.p'.format(name)
)
with salt.utils.fopen(outfile, 'w') as fho:
with salt.utils.files.fopen(outfile, 'w') as fho:
msgpack.dump(regions, fho)
return True
@ -4942,7 +4944,7 @@ def show_pricing(kwargs=None, call=None):
if not os.path.isfile(pricefile):
update_pricing({'type': name}, 'function')
with salt.utils.fopen(pricefile, 'r') as fhi:
with salt.utils.files.fopen(pricefile, 'r') as fhi:
ec2_price = msgpack.load(fhi)
region = get_location(profile)

5
salt/cloud/clouds/gce.py
View File

@ -85,6 +85,7 @@ except ImportError:
from salt.utils import namespaced_function
import salt.ext.six as six
import salt.utils.cloud
import salt.utils.files
import salt.config as config
from salt.utils import http
from salt.cloud.libcloudfuncs import * # pylint: disable=redefined-builtin,wildcard-import,unused-wildcard-import
@ -2619,7 +2620,7 @@ def update_pricing(kwargs=None, call=None):
outfile = os.path.join(
__opts__['cachedir'], 'gce-pricing.p'
)
with salt.utils.fopen(outfile, 'w') as fho:
with salt.utils.files.fopen(outfile, 'w') as fho:
msgpack.dump(price_json['dict'], fho)
return True
@ -2658,7 +2659,7 @@ def show_pricing(kwargs=None, call=None):
if not os.path.exists(pricefile):
update_pricing()
with salt.utils.fopen(pricefile, 'r') as fho:
with salt.utils.files.fopen(pricefile, 'r') as fho:
sizes = msgpack.load(fho)
per_hour = float(sizes['gcp_price_list'][size][region])

16
salt/cloud/clouds/joyent.py
View File

@ -67,10 +67,10 @@ from Crypto.Signature import PKCS1_v1_5
# Import salt libs
import salt.ext.six as six
from salt.ext.six.moves import http_client # pylint: disable=import-error,no-name-in-module
import salt.utils.http
import salt.utils.cloud
import salt.utils.files
import salt.utils.http
import salt.config as config
from salt.utils.cloud import is_public_ip
from salt.cloud.libcloudfuncs import node_state
from salt.exceptions import (
SaltCloudSystemExit,
@ -693,7 +693,7 @@ def reformat_node(item=None, full=False):
item['public_ips'] = []
if 'ips' in item:
for ip in item['ips']:
if is_public_ip(ip):
if salt.utils.cloud.is_public_ip(ip):
item['public_ips'].append(ip)
else:
item['private_ips'].append(ip)
@ -951,7 +951,7 @@ def import_key(kwargs=None, call=None):
))
return False
with salt.utils.fopen(kwargs['keyfile'], 'r') as fp_:
with salt.utils.files.fopen(kwargs['keyfile'], 'r') as fp_:
kwargs['key'] = fp_.read()
send_data = {'name': kwargs['keyname'], 'key': kwargs['key']}
@ -1070,11 +1070,11 @@ def query(action=None,
timenow = datetime.datetime.utcnow()
timestamp = timenow.strftime('%a, %d %b %Y %H:%M:%S %Z').strip()
with salt.utils.fopen(ssh_keyfile, 'r') as kh_:
rsa_key = RSA.importKey(kh_)
with salt.utils.files.fopen(ssh_keyfile, 'r') as kh_:
rsa_key = RSA.importKey(kh_.read())
rsa_ = PKCS1_v1_5.new(rsa_key)
hash_ = SHA256.new()
hash_.update(timestamp)
hash_.update(timestamp.encode(__salt_system_encoding__))
signed = base64.b64encode(rsa_.sign(hash_))
keyid = '/{0}/keys/{1}'.format(user.split('/')[0], ssh_keyname)
@ -1085,7 +1085,7 @@ def query(action=None,
'Date': timestamp,
'Authorization': 'Signature keyId="{0}",algorithm="rsa-sha256" {1}'.format(
keyid,
signed
signed.decode(__salt_system_encoding__)
),
}

1
salt/cloud/clouds/linode.py
View File

@ -524,6 +524,7 @@ def create(vm_):
'event',
'waiting for ssh',
'salt/cloud/{0}/waiting_for_ssh'.format(name),
sock_dir=__opts__['sock_dir'],
args={'ip_address': vm_['ssh_host']},
transport=__opts__['transport']
)

12
salt/cloud/clouds/nova.py
View File

@ -210,7 +210,9 @@ import yaml
# Import Salt Libs
import salt.ext.six as six
import salt.utils
import salt.utils.cloud
import salt.utils.files
import salt.utils.pycrypto
import salt.client
from salt.utils.openstack import nova
try:
@ -220,8 +222,6 @@ except ImportError as exc:
# Import Salt Cloud Libs
from salt.cloud.libcloudfuncs import * # pylint: disable=W0614,W0401
import salt.utils.cloud
import salt.utils.pycrypto as sup
import salt.config as config
from salt.utils import namespaced_function
from salt.exceptions import (
@ -651,7 +651,7 @@ def request_instance(vm_=None, call=None):
kwargs['files'] = {}
for src_path in files:
if os.path.exists(files[src_path]):
with salt.utils.fopen(files[src_path], 'r') as fp_:
with salt.utils.files.fopen(files[src_path], 'r') as fp_:
kwargs['files'][src_path] = fp_.read()
else:
kwargs['files'][src_path] = files[src_path]
@ -661,7 +661,7 @@ def request_instance(vm_=None, call=None):
)
if userdata_file is not None:
try:
with salt.utils.fopen(userdata_file, 'r') as fp_:
with salt.utils.files.fopen(userdata_file, 'r') as fp_:
kwargs['userdata'] = salt.utils.cloud.userdata_template(
__opts__, vm_, fp_.read()
)
@ -981,7 +981,7 @@ def create(vm_):
)
data = conn.server_show_libcloud(vm_['instance_id'])
if vm_['key_filename'] is None and 'change_password' in __opts__ and __opts__['change_password'] is True:
vm_['password'] = sup.secure_password()
vm_['password'] = salt.utils.pycrypto.secure_password()
conn.root_password(vm_['instance_id'], vm_['password'])
else:
# Put together all of the information required to request the instance,

33
salt/cloud/clouds/opennebula.py
View File

@ -77,6 +77,7 @@ from salt.exceptions import (
SaltCloudSystemExit
)
import salt.utils
import salt.utils.files
# Import Third Party Libs
try:
@ -1310,7 +1311,7 @@ def image_allocate(call=None, kwargs=None):
'\'data\' will take precedence.'
)
elif path:
with salt.utils.fopen(path, mode='r') as rfh:
with salt.utils.files.fopen(path, mode='r') as rfh:
data = rfh.read()
else:
raise SaltCloudSystemExit(
@ -1876,7 +1877,7 @@ def image_update(call=None, kwargs=None):
'\'data\' will take precedence.'
)
elif path:
with salt.utils.fopen(path, mode='r') as rfh:
with salt.utils.files.fopen(path, mode='r') as rfh:
data = rfh.read()
else:
raise SaltCloudSystemExit(
@ -1969,7 +1970,7 @@ def secgroup_allocate(call=None, kwargs=None):
'\'data\' will take precedence.'
)
elif path:
with salt.utils.fopen(path, mode='r') as rfh:
with salt.utils.files.fopen(path, mode='r') as rfh:
data = rfh.read()
else:
raise SaltCloudSystemExit(
@ -2269,7 +2270,7 @@ def secgroup_update(call=None, kwargs=None):
'\'data\' will take precedence.'
)
elif path:
with salt.utils.fopen(path, mode='r') as rfh:
with salt.utils.files.fopen(path, mode='r') as rfh:
data = rfh.read()
else:
raise SaltCloudSystemExit(
@ -2335,7 +2336,7 @@ def template_allocate(call=None, kwargs=None):
'\'data\' will take precedence.'
)
elif path:
with salt.utils.fopen(path, mode='r') as rfh:
with salt.utils.files.fopen(path, mode='r') as rfh:
data = rfh.read()
else:
raise SaltCloudSystemExit(
@ -2650,7 +2651,7 @@ def template_update(call=None, kwargs=None):
'\'data\' will take precedence.'
)
elif path:
with salt.utils.fopen(path, mode='r') as rfh:
with salt.utils.files.fopen(path, mode='r') as rfh:
data = rfh.read()
else:
raise SaltCloudSystemExit(
@ -2783,7 +2784,7 @@ def vm_allocate(call=None, kwargs=None):
'\'data\' will take precedence.'
)
elif path:
with salt.utils.fopen(path, mode='r') as rfh:
with salt.utils.files.fopen(path, mode='r') as rfh:
data = rfh.read()
else:
raise SaltCloudSystemExit(
@ -2849,7 +2850,7 @@ def vm_attach(name, kwargs=None, call=None):
'\'data\' will take precedence.'
)
elif path:
with salt.utils.fopen(path, mode='r') as rfh:
with salt.utils.files.fopen(path, mode='r') as rfh:
data = rfh.read()
else:
raise SaltCloudSystemExit(
@ -2916,7 +2917,7 @@ def vm_attach_nic(name, kwargs=None, call=None):
'\'data\' will take precedence.'
)
elif path:
with salt.utils.fopen(path, mode='r') as rfh:
with salt.utils.files.fopen(path, mode='r') as rfh:
data = rfh.read()
else:
raise SaltCloudSystemExit(
@ -3603,7 +3604,7 @@ def vm_resize(name, kwargs=None, call=None):
'\'data\' will take precedence.'
)
elif path:
with salt.utils.fopen(path, mode='r') as rfh:
with salt.utils.files.fopen(path, mode='r') as rfh:
data = rfh.read()
else:
raise SaltCloudSystemExit(
@ -3831,7 +3832,7 @@ def vm_update(name, kwargs=None, call=None):
'\'data\' will take precedence.'
)
elif path:
with salt.utils.fopen(path, mode='r') as rfh:
with salt.utils.files.fopen(path, mode='r') as rfh:
data = rfh.read()
else:
raise SaltCloudSystemExit(
@ -3919,7 +3920,7 @@ def vn_add_ar(call=None, kwargs=None):
'\'data\' will take precedence.'
)
elif path:
with salt.utils.fopen(path, mode='r') as rfh:
with salt.utils.files.fopen(path, mode='r') as rfh:
data = rfh.read()
else:
raise SaltCloudSystemExit(
@ -3992,7 +3993,7 @@ def vn_allocate(call=None, kwargs=None):
'\'data\' will take precedence.'
)
elif path:
with salt.utils.fopen(path, mode='r') as rfh:
with salt.utils.files.fopen(path, mode='r') as rfh:
data = rfh.read()
else:
raise SaltCloudSystemExit(
@ -4217,7 +4218,7 @@ def vn_hold(call=None, kwargs=None):
'\'data\' will take precedence.'
)
elif path:
with salt.utils.fopen(path, mode='r') as rfh:
with salt.utils.files.fopen(path, mode='r') as rfh:
data = rfh.read()
else:
raise SaltCloudSystemExit(
@ -4362,7 +4363,7 @@ def vn_release(call=None, kwargs=None):
'\'data\' will take precedence.'
)
elif path:
with salt.utils.fopen(path, mode='r') as rfh:
with salt.utils.files.fopen(path, mode='r') as rfh:
data = rfh.read()
else:
raise SaltCloudSystemExit(
@ -4449,7 +4450,7 @@ def vn_reserve(call=None, kwargs=None):
'\'data\' will take precedence.'
)
elif path:
with salt.utils.fopen(path, mode='r') as rfh:
with salt.utils.files.fopen(path, mode='r') as rfh:
data = rfh.read()
else:
raise SaltCloudSystemExit(

66
salt/cloud/clouds/openstack.py
View File

@ -135,6 +135,14 @@ Alternatively, one could use the private IP to connect by specifying:
ssh_interface: private_ips
.. note::
When using floating ips from networks, if the OpenStack driver is unable to
allocate a new ip address for the server, it will check that for
unassociated ip addresses in the floating ip pool. If SaltCloud is running
in parallel mode, it is possible that more than one server will attempt to
use the same ip address.
'''
# Import python libs
@ -175,10 +183,9 @@ from salt.cloud.libcloudfuncs import * # pylint: disable=W0614,W0401
# Import salt libs
import salt.utils
# Import salt.cloud libs
import salt.utils.cloud
import salt.utils.pycrypto as sup
import salt.utils.files
import salt.utils.pycrypto
import salt.config as config
from salt.utils import namespaced_function
from salt.exceptions import (
@ -529,7 +536,7 @@ def request_instance(vm_=None, call=None):
if files:
kwargs['ex_files'] = {}
for src_path in files:
with salt.utils.fopen(files[src_path], 'r') as fp_:
with salt.utils.files.fopen(files[src_path], 'r') as fp_:
kwargs['ex_files'][src_path] = fp_.read()
userdata_file = config.get_cloud_config_value(
@ -537,7 +544,7 @@ def request_instance(vm_=None, call=None):
)
if userdata_file is not None:
try:
with salt.utils.fopen(userdata_file, 'r') as fp_:
with salt.utils.files.fopen(userdata_file, 'r') as fp_:
kwargs['ex_userdata'] = salt.utils.cloud.userdata_template(
__opts__, vm_, fp_.read()
)
@ -761,7 +768,7 @@ def create(vm_):
)
data = conn.ex_get_node_details(vm_['instance_id'])
if vm_['key_filename'] is None and 'change_password' in __opts__ and __opts__['change_password'] is True:
vm_['password'] = sup.secure_password()
vm_['password'] = salt.utils.pycrypto.secure_password()
conn.ex_set_password(data, vm_['password'])
networks(vm_)
else:
@ -855,40 +862,43 @@ def _assign_floating_ips(vm_, conn, kwargs):
pool = OpenStack_1_1_FloatingIpPool(
net['floating'], conn.connection
)
for idx in pool.list_floating_ips():
if idx.node_id is None:
floating.append(idx)
try:
floating.append(pool.create_floating_ip())
except Exception as e:
log.debug('Cannot allocate IP from floating pool \'%s\'. Checking for unassociated ips.',
net['floating'])
for idx in pool.list_floating_ips():
if idx.node_id is None:
floating.append(idx)
break
if not floating:
try:
floating.append(pool.create_floating_ip())
except Exception as e:
raise SaltCloudSystemExit(
'Floating pool \'{0}\' does not have any more '
'please create some more or use a different '
'pool.'.format(net['floating'])
)
raise SaltCloudSystemExit(
'There are no more floating IP addresses '
'available, please create some more'
)
# otherwise, attempt to obtain list without specifying pool
# this is the same as 'nova floating-ip-list'
elif ssh_interface(vm_) != 'private_ips':
try:
# This try/except is here because it appears some
# *cough* Rackspace *cough*
# OpenStack providers return a 404 Not Found for the
# floating ip pool URL if there are no pools setup
pool = OpenStack_1_1_FloatingIpPool(
'', conn.connection
)
for idx in pool.list_floating_ips():
if idx.node_id is None:
floating.append(idx)
try:
floating.append(pool.create_floating_ip())
except Exception as e:
log.debug('Cannot allocate IP from the default floating pool. Checking for unassociated ips.')
for idx in pool.list_floating_ips():
if idx.node_id is None:
floating.append(idx)
break
if not floating:
try:
floating.append(pool.create_floating_ip())
except Exception as e:
raise SaltCloudSystemExit(
'There are no more floating IP addresses '
'available, please create some more'
)
log.warning(
'There are no more floating IP addresses '
'available, please create some more if necessary'
)
except Exception as e:
if str(e).startswith('404'):
pass

21
salt/cloud/clouds/profitbricks.py
View File

@ -6,7 +6,7 @@ ProfitBricks Cloud Module
The ProfitBricks SaltStack cloud module allows a ProfitBricks server to
be automatically deployed and bootstraped with Salt.
:depends: profitbrick >= 3.0.0
:depends: profitbrick >= 3.1.0
The module requires ProfitBricks credentials to be supplied along with
an existing virtual datacenter UUID where the server resources will
@ -98,7 +98,8 @@ import pprint
import time
# Import salt libs
import salt.utils
import salt.utils.cloud
import salt.utils.files
import salt.config as config
from salt.exceptions import (
SaltCloudConfigError,
@ -108,16 +109,14 @@ from salt.exceptions import (
SaltCloudSystemExit
)
# Import salt.cloud libs
import salt.utils.cloud
# Import 3rd-party libs
import salt.ext.six as six
try:
from profitbricks.client import (
ProfitBricksService, Server,
NIC, Volume, FirewallRule,
Datacenter, LoadBalancer, LAN
Datacenter, LoadBalancer, LAN,
PBNotFoundError
)
HAS_PROFITBRICKS = True
except ImportError:
@ -482,7 +481,13 @@ def list_nodes(conn=None, call=None):
ret = {}
datacenter_id = get_datacenter_id()
nodes = conn.list_servers(datacenter_id=datacenter_id)
try:
nodes = conn.list_servers(datacenter_id=datacenter_id)
except PBNotFoundError:
log.error('Failed to get nodes list from datacenter: {0}'.format(
datacenter_id))
raise
for item in nodes['items']:
node = {'id': item['id']}
@ -642,7 +647,7 @@ def get_public_keys(vm_):
)
)
ssh_keys = []
with salt.utils.fopen(key_filename) as rfh:
with salt.utils.files.fopen(key_filename) as rfh:
for key in rfh.readlines():
ssh_keys.append(key)

9
salt/cloud/clouds/xen.py
View File

@ -150,7 +150,14 @@ def _get_session():
__opts__,
search_global=False
)
session = XenAPI.Session(url)
ignore_ssl = config.get_cloud_config_value(
'ignore_ssl',
get_configured_provider(),
__opts__,
default=False,
search_global=False
)
session = XenAPI.Session(url, ignore_ssl=ignore_ssl)
log.debug('url: {} user: {} password: {}, originator: {}'.format(
url,
user,

8
salt/cloud/libcloudfuncs.py
View File

@ -26,7 +26,7 @@ try:
)
HAS_LIBCLOUD = True
LIBCLOUD_VERSION_INFO = tuple([
int(part) for part in re.compile(r"(\d+).(\d+).(\d+)").match(libcloud.__version__.replace('-', '.')).groups()
int(part) for part in libcloud.__version__.replace('-', '.').replace('rc', '.').split('.')[:3]
])
except ImportError:
@ -151,7 +151,7 @@ def avail_locations(conn=None, call=None):
ret[img_name] = {}
for attr in dir(img):
if attr.startswith('_'):
if attr.startswith('_') or attr == 'driver':
continue
attr_value = getattr(img, attr)
@ -188,7 +188,7 @@ def avail_images(conn=None, call=None):
ret[img_name] = {}
for attr in dir(img):
if attr.startswith('_'):
if attr.startswith('_') or attr in ('driver', 'get_uuid'):
continue
attr_value = getattr(img, attr)
if isinstance(attr_value, string_types) and not six.PY3:
@ -223,7 +223,7 @@ def avail_sizes(conn=None, call=None):
ret[size_name] = {}
for attr in dir(size):
if attr.startswith('_'):
if attr.startswith('_') or attr in ('driver', 'get_uuid'):
continue
try:

15
salt/config/__init__.py
View File

@ -33,6 +33,7 @@ from salt.ext.six.moves.urllib.parse import urlparse
# Import salt libs
import salt.utils
import salt.utils.dictupdate
import salt.utils.files
import salt.utils.network
import salt.syspaths
import salt.utils.validate.path
@ -352,7 +353,7 @@ VALID_OPTS = {
# The TCP port on which minion events should be pulled if ipc_mode is TCP
'tcp_pull_port': int,
# The TCP port on which events for the master should be pulled if ipc_mode is TCP
# The TCP port on which events for the master should be published if ipc_mode is TCP
'tcp_master_pub_port': int,
# The TCP port on which events for the master should be pulled if ipc_mode is TCP
@ -1932,7 +1933,7 @@ def _read_conf_file(path):
Read in a config file from a given path and process it into a dictionary
'''
log.debug('Reading configuration from {0}'.format(path))
with salt.utils.fopen(path, 'r') as conf_file:
with salt.utils.files.fopen(path, 'r') as conf_file:
try:
conf_opts = yaml.safe_load(conf_file.read()) or {}
except yaml.YAMLError as err:
@ -2024,8 +2025,8 @@ def load_config(path, env_var, default_path=None, exit_on_config_errors=True):
template = '{0}.template'.format(path)
if os.path.isfile(template):
log.debug('Writing {0} based on {1}'.format(path, template))
with salt.utils.fopen(path, 'w') as out:
with salt.utils.fopen(template, 'r') as ifile:
with salt.utils.files.fopen(path, 'w') as out:
with salt.utils.files.fopen(template, 'r') as ifile:
ifile.readline() # skip first line
out.write(ifile.read())
@ -3313,7 +3314,7 @@ def _cache_id(minion_id, cache_file):
Helper function, writes minion id to a cache file.
'''
try:
with salt.utils.fopen(cache_file, 'w') as idf:
with salt.utils.files.fopen(cache_file, 'w') as idf:
idf.write(minion_id)
except (IOError, OSError) as exc:
log.error('Could not cache minion ID: {0}'.format(exc))
@ -3346,7 +3347,7 @@ def get_id(opts, cache_minion_id=False):
if opts.get('minion_id_caching', True):
try:
with salt.utils.fopen(id_cache) as idf:
with salt.utils.files.fopen(id_cache) as idf:
name = idf.readline().strip()
bname = salt.utils.to_bytes(name)
if bname.startswith(codecs.BOM): # Remove BOM if exists
@ -3748,7 +3749,7 @@ def client_config(path, env_var='SALT_CLIENT_CONFIG', defaults=None):
# Make sure token is still valid
expire = opts.get('token_expire', 43200)
if os.stat(opts['token_file']).st_mtime + expire > time.mktime(time.localtime()):
with salt.utils.fopen(opts['token_file']) as fp_:
with salt.utils.files.fopen(opts['token_file']) as fp_:
opts['token'] = fp_.read().strip()
# On some platforms, like OpenBSD, 0.0.0.0 won't catch a master running on localhost
if opts['interface'] == '0.0.0.0':

43
salt/config/schemas/esxdatacenter.py Normal file
View File

@ -0,0 +1,43 @@
# -*- coding: utf-8 -*-
'''
:codeauthor: :email:`Alexandru Bleotu (alexandru.bleotu@morganstanley.com)`
salt.config.schemas.esxdatacenter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
ESX Datacenter configuration schemas
'''
# Import Python libs
from __future__ import absolute_import
# Import Salt libs
from salt.utils.schema import (Schema,
ArrayItem,
IntegerItem,
StringItem)
class EsxdatacenterProxySchema(Schema):
'''
Schema of the esxdatacenter proxy input
'''
title = 'Esxdatacenter Proxy Schema'
description = 'Esxdatacenter proxy schema'
additional_properties = False
proxytype = StringItem(required=True,
enum=['esxdatacenter'])
vcenter = StringItem(required=True, pattern=r'[^\s]+')
datacenter = StringItem(required=True)
mechanism = StringItem(required=True, enum=['userpass', 'sspi'])
username = StringItem()
passwords = ArrayItem(min_items=1,
items=StringItem(),
unique_items=True)
# TODO Should be changed when anyOf is supported for schemas
domain = StringItem()
principal = StringItem()
protocol = StringItem()
port = IntegerItem(minimum=1)

44
salt/crypt.py
View File

@ -21,7 +21,6 @@ import weakref
import getpass
# Import third party libs
import salt.ext.six as six
from salt.ext.six.moves import zip # pylint: disable=import-error,redefined-builtin
try:
from Cryptodome.Cipher import AES, PKCS1_OAEP
@ -45,9 +44,12 @@ if not CDOME:
pass
# Import salt libs
import salt.ext.six as six
import salt.defaults.exitcodes
import salt.utils
import salt.utils.decorators
import salt.utils.event
import salt.utils.files
import salt.payload
import salt.transport.client
import salt.transport.frame
@ -78,7 +80,7 @@ def dropfile(cachedir, user=None):
if os.path.isfile(dfn) and not os.access(dfn, os.W_OK):
os.chmod(dfn, stat.S_IRUSR | stat.S_IWUSR)
with salt.utils.fopen(dfn, 'wb+') as fp_:
with salt.utils.files.fopen(dfn, 'wb+') as fp_:
fp_.write(b'')
os.chmod(dfn, stat.S_IRUSR)
if user:
@ -120,10 +122,10 @@ def gen_keys(keydir, keyname, keysize, user=None):
raise IOError('Write access denied to "{0}" for user "{1}".'.format(os.path.abspath(keydir), getpass.getuser()))
cumask = os.umask(191)
with salt.utils.fopen(priv, 'wb+') as f:
with salt.utils.files.fopen(priv, 'wb+') as f:
f.write(gen.exportKey('PEM'))
os.umask(cumask)
with salt.utils.fopen(pub, 'wb+') as f:
with salt.utils.files.fopen(pub, 'wb+') as f:
f.write(gen.publickey().exportKey('PEM'))
os.chmod(priv, 256)
if user:
@ -149,7 +151,7 @@ def _get_key_with_evict(path, timestamp):
then the params are different and the key is loaded from disk.
'''
log.debug('salt.crypt._get_key_with_evict: Loading private key')
with salt.utils.fopen(path) as f:
with salt.utils.files.fopen(path) as f:
key = RSA.importKey(f.read())
return key
@ -185,7 +187,7 @@ def verify_signature(pubkey_path, message, signature):
Returns True for valid signature.
'''
log.debug('salt.crypt.verify_signature: Loading public key')
with salt.utils.fopen(pubkey_path) as f:
with salt.utils.files.fopen(pubkey_path) as f:
pubkey = RSA.importKey(f.read())
log.debug('salt.crypt.verify_signature: Verifying signature')
verifier = PKCS1_v1_5.new(pubkey)
@ -198,7 +200,7 @@ def gen_signature(priv_path, pub_path, sign_path):
the given private key and writes it to sign_path
'''
with salt.utils.fopen(pub_path) as fp_:
with salt.utils.files.fopen(pub_path) as fp_:
mpub_64 = fp_.read()
mpub_sig = sign_message(priv_path, mpub_64)
@ -213,7 +215,7 @@ def gen_signature(priv_path, pub_path, sign_path):
log.trace('Signature file {0} already exists, please '
'remove it first and try again'.format(sign_path))
else:
with salt.utils.fopen(sign_path, 'wb+') as sig_f:
with salt.utils.files.fopen(sign_path, 'wb+') as sig_f:
sig_f.write(salt.utils.to_bytes(mpub_sig_64))
log.trace('Wrote signature to {0}'.format(sign_path))
return True
@ -270,7 +272,7 @@ class MasterKeys(dict):
self.sig_path = os.path.join(self.opts['pki_dir'],
opts['master_pubkey_signature'])
if os.path.isfile(self.sig_path):
with salt.utils.fopen(self.sig_path) as fp_:
with salt.utils.files.fopen(self.sig_path) as fp_:
self.pub_signature = fp_.read()
log.info('Read {0}\'s signature from {1}'
''.format(os.path.basename(self.pub_path),
@ -310,7 +312,7 @@ class MasterKeys(dict):
path = os.path.join(self.opts['pki_dir'],
name + '.pem')
if os.path.exists(path):
with salt.utils.fopen(path) as f:
with salt.utils.files.fopen(path) as f:
key = RSA.importKey(f.read())
log.debug('Loaded {0} key: {1}'.format(name, path))
else:
@ -319,7 +321,7 @@ class MasterKeys(dict):
name,
self.opts['keysize'],
self.opts.get('user'))
with salt.utils.fopen(self.rsa_path) as f:
with salt.utils.files.fopen(self.rsa_path) as f:
key = RSA.importKey(f.read())
return key
@ -332,9 +334,9 @@ class MasterKeys(dict):
name + '.pub')
if not os.path.isfile(path):
key = self.__get_keys()
with salt.utils.fopen(path, 'wb+') as wfh:
with salt.utils.files.fopen(path, 'wb+') as wfh:
wfh.write(key.publickey().exportKey('PEM'))
with salt.utils.fopen(path) as rfh:
with salt.utils.files.fopen(path) as rfh:
return rfh.read()
def get_mkey_paths(self):
@ -674,7 +676,7 @@ class AsyncAuth(object):
salt.utils.verify.check_path_traversal(self.opts['pki_dir'], user)
if os.path.exists(self.rsa_path):
with salt.utils.fopen(self.rsa_path) as f:
with salt.utils.files.fopen(self.rsa_path) as f:
key = RSA.importKey(f.read())
log.debug('Loaded minion key: {0}'.format(self.rsa_path))
else:
@ -683,7 +685,7 @@ class AsyncAuth(object):
'minion',
self.opts['keysize'],
self.opts.get('user'))
with salt.utils.fopen(self.rsa_path) as f:
with salt.utils.files.fopen(self.rsa_path) as f:
key = RSA.importKey(f.read())
return key
@ -712,13 +714,13 @@ class AsyncAuth(object):
payload['id'] = self.opts['id']
try:
pubkey_path = os.path.join(self.opts['pki_dir'], self.mpub)
with salt.utils.fopen(pubkey_path) as f:
with salt.utils.files.fopen(pubkey_path) as f:
pub = RSA.importKey(f.read())
cipher = PKCS1_OAEP.new(pub)
payload['token'] = cipher.encrypt(self.token)
except Exception:
pass
with salt.utils.fopen(self.pub_path) as f:
with salt.utils.files.fopen(self.pub_path) as f:
payload['pub'] = f.read()
return payload
@ -760,7 +762,7 @@ class AsyncAuth(object):
m_path = os.path.join(self.opts['pki_dir'], self.mpub)
if os.path.exists(m_path):
try:
with salt.utils.fopen(m_path) as f:
with salt.utils.files.fopen(m_path) as f:
mkey = RSA.importKey(f.read())
except Exception:
return '', ''
@ -829,7 +831,7 @@ class AsyncAuth(object):
'from master {0}'.format(self.opts['master']))
m_pub_fn = os.path.join(self.opts['pki_dir'], self.mpub)
uid = salt.utils.get_uid(self.opts.get('user', None))
with salt.utils.fpopen(m_pub_fn, 'wb+', uid=uid) as wfh:
with salt.utils.files.fpopen(m_pub_fn, 'wb+', uid=uid) as wfh:
wfh.write(salt.utils.to_bytes(payload['pub_key']))
return True
else:
@ -926,7 +928,7 @@ class AsyncAuth(object):
m_pub_fn = os.path.join(self.opts['pki_dir'], self.mpub)
m_pub_exists = os.path.isfile(m_pub_fn)
if m_pub_exists and master_pub and not self.opts['open_mode']:
with salt.utils.fopen(m_pub_fn) as fp_:
with salt.utils.files.fopen(m_pub_fn) as fp_:
local_master_pub = fp_.read()
if payload['pub_key'].replace('\n', '').replace('\r', '') != \
@ -977,7 +979,7 @@ class AsyncAuth(object):
if not m_pub_exists:
# the minion has not received any masters pubkey yet, write
# the newly received pubkey to minion_master.pub
with salt.utils.fopen(m_pub_fn, 'wb+') as fp_:
with salt.utils.files.fopen(m_pub_fn, 'wb+') as fp_:
fp_.write(salt.utils.to_bytes(payload['pub_key']))
return self.extract_aes(payload, master_pub=False)

5
salt/daemons/flo/jobber.py
View File

@ -19,8 +19,9 @@ import json
# Import salt libs
import salt.ext.six as six
import salt.daemons.masterapi
import salt.utils.args
import salt.utils
import salt.utils.args
import salt.utils.files
import salt.transport
from raet import raeting, nacling
from raet.lane.stacking import LaneStack
@ -279,7 +280,7 @@ class SaltRaetNixJobber(ioflo.base.deeding.Deed):
sdata = {'pid': os.getpid()}
sdata.update(data)
with salt.utils.fopen(fn_, 'w+b') as fp_:
with salt.utils.files.fopen(fn_, 'w+b') as fp_:
fp_.write(self.serial.dumps(sdata))
ret = {'success': False}
function_name = data['fun']

17
salt/daemons/masterapi.py
View File

@ -31,10 +31,11 @@ import salt.fileserver
import salt.utils.args
import salt.utils.atomicfile
import salt.utils.event
import salt.utils.verify
import salt.utils.minions
import salt.utils.files
import salt.utils.gzip_util
import salt.utils.jid
import salt.utils.minions
import salt.utils.verify
from salt.defaults import DEFAULT_TARGET_DELIM
from salt.pillar import git_pillar
from salt.utils.event import tagify
@ -154,7 +155,7 @@ def clean_expired_tokens(opts):
for (dirpath, dirnames, filenames) in os.walk(opts['token_dir']):
for token in filenames:
token_path = os.path.join(dirpath, token)
with salt.utils.fopen(token_path, 'rb') as token_file:
with salt.utils.files.fopen(token_path, 'rb') as token_file:
try:
token_data = serializer.loads(token_file.read())
except msgpack.UnpackValueError:
@ -223,7 +224,7 @@ def mk_key(opts, user):
key = salt.crypt.Crypticle.generate_key_string()
cumask = os.umask(191)
with salt.utils.fopen(keyfile, 'w+') as fp_:
with salt.utils.files.fopen(keyfile, 'w+') as fp_:
fp_.write(key)
os.umask(cumask)
# 600 octal: Read and write access to the owner only.
@ -360,7 +361,7 @@ class AutoKey(object):
log.warning(message.format(signing_file))
return False
with salt.utils.fopen(signing_file, 'r') as fp_:
with salt.utils.files.fopen(signing_file, 'r') as fp_:
for line in fp_:
line = line.strip()
if line.startswith('#'):
@ -693,7 +694,7 @@ class RemoteFuncs(object):
mode = 'ab'
else:
mode = 'wb'
with salt.utils.fopen(cpath, mode) as fp_:
with salt.utils.files.fopen(cpath, mode) as fp_:
if load['loc']:
fp_.seek(load['loc'])
fp_.write(load['data'])
@ -858,7 +859,7 @@ class RemoteFuncs(object):
if not os.path.isdir(auth_cache):
os.makedirs(auth_cache)
jid_fn = os.path.join(auth_cache, load['jid'])
with salt.utils.fopen(jid_fn, 'r') as fp_:
with salt.utils.files.fopen(jid_fn, 'r') as fp_:
if not load['id'] == fp_.read():
return {}
@ -915,7 +916,7 @@ class RemoteFuncs(object):
if not os.path.isdir(auth_cache):
os.makedirs(auth_cache)
jid_fn = os.path.join(auth_cache, str(ret['jid']))
with salt.utils.fopen(jid_fn, 'w+') as fp_:
with salt.utils.files.fopen(jid_fn, 'w+') as fp_:
fp_.write(load['id'])
return ret

4
salt/engines/docker_events.py
View File

@ -50,8 +50,8 @@ def start(docker_url='unix://var/run/docker.sock',
.. code-block:: yaml
engines:
docker_events:
docker_url: unix://var/run/docker.sock
- docker_events:
docker_url: unix://var/run/docker.sock
The config above sets up engines to listen
for events from the Docker daemon and publish

46
salt/engines/hipchat.py
View File

@ -14,25 +14,25 @@ keys make the engine interactive.
.. code-block:: yaml
engines:
- hipchat:
api_url: http://api.hipchat.myteam.com
token: 'XXXXXX'
room: 'salt'
control: True
valid_users:
- SomeUser
valid_commands:
- test.ping
- cmd.run
- list_jobs
- list_commands
aliases:
list_jobs:
cmd: jobs.list_jobs
list_commands:
cmd: pillar.get salt:engines:hipchat:valid_commands target=saltmaster tgt_type=list
max_rooms: 0
wait_time: 1
- hipchat:
api_url: http://api.hipchat.myteam.com
token: 'XXXXXX'
room: 'salt'
control: True
valid_users:
- SomeUser
valid_commands:
- test.ping
- cmd.run
- list_jobs
- list_commands
aliases:
list_jobs:
cmd: jobs.list_jobs
list_commands:
cmd: pillar.get salt:engines:hipchat:valid_commands target=saltmaster
max_rooms: 0
wait_time: 1
'''
from __future__ import absolute_import
@ -49,7 +49,9 @@ except ImportError:
HAS_HYPCHAT = False
import salt.utils
import salt.utils.event
import salt.utils.files
import salt.utils.http
import salt.runner
import salt.client
import salt.loader
@ -93,7 +95,7 @@ def _publish_file(token, room, filepath, message='', outputter=None, api_url=Non
headers['Authorization'] = "Bearer " + token
msg = json.dumps({'message': message})
with salt.utils.fopen(filepath, 'rb') as rfh:
with salt.utils.files.fopen(filepath, 'rb') as rfh:
payload = """\
--boundary123456
Content-Type: application/json; charset=UTF-8
@ -411,8 +413,8 @@ def start(token,
_publish_code_message(token, room, ret, message=message_string, outputter=outputter, api_url=api_url)
else:
tmp_path_fn = salt.utils.files.mkstemp()
with salt.utils.fopen(tmp_path_fn, 'w+') as fp_:
with salt.utils.files.fopen(tmp_path_fn, 'w+') as fp_:
fp_.write(json.dumps(ret, sort_keys=True, indent=4))
_publish_file(token, room, tmp_path_fn, message=message_string, api_url=api_url)
salt.utils.safe_rm(tmp_path_fn)
salt.utils.files.safe_rm(tmp_path_fn)
time.sleep(wait_time or _DEFAULT_SLEEP)

14
salt/engines/http_logstash.py
View File

@ -12,13 +12,13 @@ them onto a logstash endpoint via HTTP requests.
engines:
- http_logstash:
url: http://blabla.com/salt-stuff
tags:
- salt/job/*/new
- salt/job/*/ret/*
funs:
- probes.results
- bgp.config
url: http://blabla.com/salt-stuff
tags:
- salt/job/*/new
- salt/job/*/ret/*
funs:
- probes.results
- bgp.config
'''
from __future__ import absolute_import

3
salt/engines/logentries.py
View File

@ -24,6 +24,9 @@ master config.
:configuration:
Example configuration
.. code-block:: yaml
engines:
- logentries:
endpoint: data.logentries.com

3
salt/engines/logstash.py
View File

@ -8,6 +8,9 @@ them onto a logstash endpoint.
:configuration:
Example configuration
.. code-block:: yaml
engines:
- logstash:
host: log.my_network.com

8
salt/engines/reactor.py
View File

@ -7,10 +7,10 @@ Example Config in Master or Minion config
.. code-block:: yaml
engines:
reactor:
refresh_interval: 60
worker_threads: 10
worker_hwm: 10000
- reactor:
refresh_interval: 60
worker_threads: 10
worker_hwm: 10000
reactor:
- 'salt/cloud/*/destroyed':

3
salt/engines/redis_sentinel.py
View File

@ -8,6 +8,9 @@ events based on the channels they are subscribed to.
:configuration:
Example configuration
.. code-block:: yaml
engines:
- redis_sentinel:
hosts:

125
salt/engines/slack.py
View File

@ -18,70 +18,73 @@ the saltmaster's minion pillar.
.. versionadded: 2016.3.0
:configuration: Example configuration using only a "default" group. The default group is not special. In addition, other groups are being loaded from pillars
:configuration: Example configuration using only a "default" group. The default group is not special.
In addition, other groups are being loaded from pillars.
.. code-block:: yaml
.. code-block:: yaml
engines:
slack:
token: 'xoxb-xxxxxxxxxx-xxxxxxxxxxxxxxxxxxxxxxxx'
control: True
fire_all: False
groups_pillar_name: "slack_engine:groups_pillar"
groups:
default:
users:
- *
commands:
- test.ping
- cmd.run
- list_jobs
- list_commands
aliases:
list_jobs:
cmd: jobs.list_jobs
list_commands:
cmd: pillar.get salt:engines:slack:valid_commands target=saltmaster tgt_type=list
default_target:
target: saltmaster
tgt_type: glob
targets:
test.ping:
target: '*'
tgt_type: glob
cmd.run:
target: saltmaster
tgt_type: list
engines:
- slack:
token: 'xoxb-xxxxxxxxxx-xxxxxxxxxxxxxxxxxxxxxxxx'
control: True
fire_all: False
groups_pillar_name: "slack_engine:groups_pillar"
groups:
default:
users:
- *
commands:
- test.ping
- cmd.run
- list_jobs
- list_commands
aliases:
list_jobs:
cmd: jobs.list_jobs
list_commands:
cmd: pillar.get salt:engines:slack:valid_commands target=saltmaster tgt_type=list
default_target:
target: saltmaster
tgt_type: glob
targets:
test.ping:
target: '*'
tgt_type: glob
cmd.run:
target: saltmaster
tgt_type: list
:configuration: Example configuration using the "default" group and a non-default group and a pillar that will be merged in
If the user is '*' (without the quotes) then the group's users or commands will match all users as appropriate
:configuration: Example configuration using the "default" group and a non-default group and a pillar that will be merged in
If the user is '*' (without the quotes) then the group's users or commands will match all users as appropriate
.. versionadded: 2017.7.0
.. versionadded: 2017.7.0
engines:
slack:
groups_pillar: slack_engine_pillar
token: 'xoxb-xxxxxxxxxx-xxxxxxxxxxxxxxxxxxxxxxxx'
control: True
fire_all: True
tag: salt/engines/slack
groups_pillar_name: "slack_engine:groups_pillar"
groups:
default:
valid_users:
- *
valid_commands:
- test.ping
aliases:
list_jobs:
cmd: jobs.list_jobs
list_commands:
cmd: pillar.get salt:engines:slack:valid_commands target=saltmaster tgt_type=list
gods:
users:
- garethgreenaway
commands:
- *
.. code-block:: yaml
engines:
- slack:
groups_pillar: slack_engine_pillar
token: 'xoxb-xxxxxxxxxx-xxxxxxxxxxxxxxxxxxxxxxxx'
control: True
fire_all: True
tag: salt/engines/slack
groups_pillar_name: "slack_engine:groups_pillar"
groups:
default:
valid_users:
- *
valid_commands:
- test.ping
aliases:
list_jobs:
cmd: jobs.list_jobs
list_commands:
cmd: pillar.get salt:engines:slack:valid_commands target=saltmaster tgt_type=list
gods:
users:
- garethgreenaway
commands:
- *
:depends: slackclient
@ -707,7 +710,7 @@ def run_command_async(msg):
log.debug("Command {} will run via runner_functions".format(cmd))
# pylint is tripping
# pylint: disable=missing-whitespace-after-comma
job_id_dict = runner.async(cmd, {"args":args, "kwargs":kwargs})
job_id_dict = runner.async(cmd, {"args": args, "kwargs": kwargs})
job_id = job_id_dict['jid']
# Default to trying to run as a client module.
@ -716,7 +719,7 @@ def run_command_async(msg):
log.debug("Command {} will run via local.cmd_async, targeting {}".format(cmd, target))
log.debug("Running {}, {}, {}, {}, {}".format(str(target), cmd, args, kwargs, str(tgt_type)))
# according to https://github.com/saltstack/salt-api/issues/164, tgt_type has changed to expr_form
job_id = local.cmd_async(str(target), cmd, arg=args, kwargs=kwargs, expr_form=str(tgt_type))
job_id = local.cmd_async(str(target), cmd, arg=args, kwargs=kwargs, tgt_type=str(tgt_type))
log.info("ret from local.cmd_async is {}".format(job_id))
return job_id

8
salt/engines/stalekey.py
View File

@ -24,11 +24,11 @@ import time
import logging
# Import salt libs
import salt.utils.minions
import salt.config
import salt.key
import salt.utils.files
import salt.utils.minions
import salt.wheel
import salt.utils
# Import 3rd-party libs
import salt.ext.six as six
@ -59,7 +59,7 @@ def start(interval=3600, expire=604800):
minions = {}
if os.path.exists(presence_file):
try:
with salt.utils.fopen(presence_file, 'r') as f:
with salt.utils.files.fopen(presence_file, 'r') as f:
minions = msgpack.load(f)
except IOError as e:
log.error('Could not open presence file {0}: {1}'.format(presence_file, e))
@ -94,7 +94,7 @@ def start(interval=3600, expire=604800):
del minions[k]
try:
with salt.utils.fopen(presence_file, 'w') as f:
with salt.utils.files.fopen(presence_file, 'w') as f:
msgpack.dump(minions, f)
except IOError as e:
log.error('Could not write to presence file {0}: {1}'.format(presence_file, e))

13
salt/exceptions.py
View File

@ -383,6 +383,19 @@ class NotImplemented(SaltException):
'''
class TemplateError(SaltException):
'''
Used when a custom error is triggered in a template
'''
# Validation related exceptions
class InvalidConfigError(CommandExecutionError):
'''
Used when the input is invalid
'''
# VMware related exceptions
class VMwareSaltError(CommandExecutionError):
'''

2
salt/executors/sudo.py
View File

@ -60,7 +60,7 @@ def execute(opts, data, func, args, kwargs):
'-c', salt.syspaths.CONFIG_DIR,
'--',
data.get('fun')]
if data['fun'] == 'state.sls':
if data['fun'] in ('state.sls', 'state.highstate', 'state.apply'):
kwargs['concurrent'] = True
for arg in args:
cmd.append(_cmd_quote(str(arg)))

5
salt/ext/ipaddress.py
View File

@ -28,9 +28,6 @@ bytes = bytearray
# Python 2 does not support exception chaining.
# s/ from None$//
# Python 2 ranges need to fit in a C long
# 'fix' hosts() for IPv6Network
# When checking for instances of int, also allow Python 2's long.
_builtin_isinstance = isinstance
@ -2259,7 +2256,7 @@ class IPv6Network(_BaseV6, _BaseNetwork):
"""
network = int(self.network_address)
broadcast = int(self.broadcast_address)
for x in range(1, broadcast - network + 1):
for x in long_range(1, broadcast - network + 1):
yield self._address_class(network + x)
@property

18
salt/fileclient.py
View File

@ -499,7 +499,7 @@ class Client(object):
'Path \'{0}\' is not absolute'.format(url_path)
)
if dest is None:
with salt.utils.fopen(url_path, 'r') as fp_:
with salt.utils.files.fopen(url_path, 'r') as fp_:
data = fp_.read()
return data
return url_path
@ -507,7 +507,7 @@ class Client(object):
if url_scheme == 'salt':
result = self.get_file(url, dest, makedirs, saltenv, cachedir=cachedir)
if result and dest is None:
with salt.utils.fopen(result, 'r') as fp_:
with salt.utils.files.fopen(result, 'r') as fp_:
data = fp_.read()
return data
return result
@ -558,7 +558,7 @@ class Client(object):
ftp = ftplib.FTP()
ftp.connect(url_data.hostname, url_data.port)
ftp.login(url_data.username, url_data.password)
with salt.utils.fopen(dest, 'wb') as fp_:
with salt.utils.files.fopen(dest, 'wb') as fp_:
ftp.retrbinary('RETR {0}'.format(url_data.path), fp_.write)
ftp.quit()
return dest
@ -680,7 +680,7 @@ class Client(object):
dest_tmp = "{0}.part".format(dest)
# We need an open filehandle to use in the on_chunk callback,
# that's why we're not using a with clause here.
destfp = salt.utils.fopen(dest_tmp, 'wb') # pylint: disable=resource-leakage
destfp = salt.utils.files.fopen(dest_tmp, 'wb') # pylint: disable=resource-leakage
def on_chunk(chunk):
if write_body[0]:
@ -772,7 +772,7 @@ class Client(object):
if makedirs:
os.makedirs(destdir)
else:
salt.utils.safe_rm(data['data'])
salt.utils.files.safe_rm(data['data'])
return ''
shutil.move(data['data'], dest)
return dest
@ -1138,7 +1138,7 @@ class RemoteClient(Client):
return False
# We need an open filehandle here, that's why we're not using a
# with clause:
fn_ = salt.utils.fopen(dest, 'wb+') # pylint: disable=resource-leakage
fn_ = salt.utils.files.fopen(dest, 'wb+') # pylint: disable=resource-leakage
else:
log.debug('No dest file found')
@ -1164,7 +1164,7 @@ class RemoteClient(Client):
saltenv,
cachedir=cachedir) as cache_dest:
dest = cache_dest
with salt.utils.fopen(cache_dest, 'wb+') as ofile:
with salt.utils.files.fopen(cache_dest, 'wb+') as ofile:
ofile.write(data['data'])
if 'hsum' in data and d_tries < 3:
# Master has prompted a file verification, if the
@ -1187,8 +1187,8 @@ class RemoteClient(Client):
# If a directory was formerly cached at this path, then
# remove it to avoid a traceback trying to write the file
if os.path.isdir(dest):
salt.utils.rm_rf(dest)
fn_ = salt.utils.fopen(dest, 'wb+')
salt.utils.files.rm_rf(dest)
fn_ = salt.utils.files.fopen(dest, 'wb+')
if data.get('gzip', None):
data = salt.utils.gzip_util.uncompress(data['data'])
else:

8
salt/fileserver/__init__.py
View File

@ -16,7 +16,9 @@ import time
# Import salt libs
import salt.loader
import salt.utils
import salt.utils.files
import salt.utils.locales
import salt.utils.url
from salt.utils.args import get_function_argspec as _argspec
# Import 3rd-party libs
@ -126,7 +128,7 @@ def check_file_list_cache(opts, form, list_cache, w_lock):
age = opts.get('fileserver_list_cache_time', 20) + 1
if age < opts.get('fileserver_list_cache_time', 20):
# Young enough! Load this sucker up!
with salt.utils.fopen(list_cache, 'rb') as fp_:
with salt.utils.files.fopen(list_cache, 'rb') as fp_:
log.trace('Returning file_lists cache data from '
'{0}'.format(list_cache))
return serial.load(fp_).get(form, []), False, False
@ -151,7 +153,7 @@ def write_file_list_cache(opts, data, list_cache, w_lock):
backend to determine if the cache needs to be refreshed/written).
'''
serial = salt.payload.Serial(opts)
with salt.utils.fopen(list_cache, 'w+b') as fp_:
with salt.utils.files.fopen(list_cache, 'w+b') as fp_:
fp_.write(serial.dumps(data))
_unlock_cache(w_lock)
log.trace('Lockfile {0} removed'.format(w_lock))
@ -164,7 +166,7 @@ def check_env_cache(opts, env_cache):
if not os.path.isfile(env_cache):
return None
try:
with salt.utils.fopen(env_cache, 'rb') as fp_:
with salt.utils.files.fopen(env_cache, 'rb') as fp_:
log.trace('Returning env cache data from {0}'.format(env_cache))
serial = salt.payload.Serial(opts)
return serial.load(fp_)

Some files were not shown because too many files have changed in this diff Show More