mirror of
https://github.com/valitydev/salt.git
synced 2024-11-07 00:55:19 +00:00
306 lines
13 KiB
ReStructuredText
306 lines
13 KiB
ReStructuredText
.. _release-2015-8-0:
|
|
|
|
================================================
|
|
Salt 2015.8.0 Release Notes - Codename Beryllium
|
|
================================================
|
|
|
|
.. toctree::
|
|
includes/2015.8.0.pull_list
|
|
|
|
The 2015.8.0 feature release of Salt contains several major new features. As
|
|
usual the release notes are not exhaustive and primarily include the most
|
|
notable additions and improvements. Hundreds of bugs have been fixed and many
|
|
modules have been substantially updated and added.
|
|
|
|
New SaltStack Installation Repositories
|
|
=======================================
|
|
|
|
SaltStack now provides installation repositories for several platforms, with more to come.
|
|
See the following links for instructions:
|
|
|
|
- :ref:`Red Hat / CentOS 5, 6, 7 <installation-rhel-repo>`
|
|
- :ref:`Debian 8 <installation-debian-repo>`
|
|
- :ref:`Windows <windows-installer>`
|
|
|
|
Send Event on State Completion
|
|
==============================
|
|
|
|
A ``fire_event`` global state keyword argument was added that allows any state to
|
|
send an event upon completion. Useful for custom progress bars and checking in
|
|
on long state runs. See :ref:`fire_event <requisites-fire-event>`.
|
|
|
|
ZeroMQ socket monitoring
|
|
========================
|
|
|
|
If :conf_master:`zmq_monitor` is enabled, log all ZMQ events for socket monitoring
|
|
purposes. Verbose, but useful.
|
|
|
|
SPM (Salt Package Manager)
|
|
==========================
|
|
|
|
Allows Salt formulas to be packaged for ease of deployment. See :ref:`spm <spm>`.
|
|
|
|
.. note::
|
|
The spm executable was not included in the Debian or Ubuntu packages for the
|
|
2015.8.0 or the 2015.8.1 releases. This executable will be included in an
|
|
upcoming release. As a workaround, copy the SPM script from the salt library
|
|
installation into ``/usr/local/bin`` or your local equivalent.
|
|
|
|
Specify a Single Environment for Top Files
|
|
==========================================
|
|
|
|
A new :conf_master:`default_top` option was added to load the state top file
|
|
from a single, specific environment, rather than merging top data across all
|
|
environments. Additionally, new :conf_master:`top_file_merge_strategy` and
|
|
:conf_master:`env_order` options were added for more control over top file
|
|
merging. See :ref:`The Top File <states-top>`.
|
|
|
|
Tornado TCP Transport
|
|
=====================
|
|
|
|
Implemented a pure-TCP transport, in addition to ZeroMQ and RAET. The new
|
|
transport uses Tornado, which allows Salt to use a standardized set of libraries
|
|
for asynchronous behavior, which should greatly improve reliability and
|
|
performance.
|
|
|
|
.. note::
|
|
Tornado is considered expiremental in this release. The following known
|
|
issues were being investigated at the time of release:
|
|
|
|
- TCP tests show performance degredation over time (:issue:`26051`)
|
|
- TCP transport stacktrace on windows minion: Future exception was never
|
|
retrieved (:issue:`25718`)
|
|
- [freebsd] TCP transport not working in 2015.8.0rc3 (:issue:`26364`)
|
|
|
|
Proxy Minion Enhancements
|
|
=========================
|
|
|
|
Proxy Minions have undergone a significant overhaul in 2015.8, see :ref:`Proxy Minion Enhancements <proxy-2015.8.0>`.
|
|
|
|
Engines
|
|
=======
|
|
|
|
Salt engines are long-running, external processes that leverage Salt. See :ref:`Salt Engines <engines>`.
|
|
|
|
|
|
Core Changes
|
|
============
|
|
|
|
- Add system version info to ``versions_report``, which appears in both ``salt
|
|
--versions-report`` and ``salt '*' test.versions_report``. Also added is an
|
|
alias ``test.versions`` to ``test.versions_report``. (:issue:`21906`)
|
|
|
|
- Add colorized console logging support. This is activated by using
|
|
``%(colorlevel)s``, ``%(colorname)s``, ``%(colorprocess)s``, ``%(colormsg)s``
|
|
in ``log_fmt_console`` in the config file for any of ``salt-master``,
|
|
``salt-minion``, and ``salt-cloud``.
|
|
|
|
Git Pillar
|
|
==========
|
|
|
|
The git external pillar has been rewritten to bring it up to feature parity
|
|
with :mod:`gitfs <salt.fileserver.gitfs>`. Support for pygit2_ has been added,
|
|
bringing with it the ability to access authenticated repositories.
|
|
|
|
Using the new features will require updates to the git ext_pillar
|
|
configuration, further details can be found in the :ref:`pillar.git_pillar
|
|
<git-pillar-configuration>` docs.
|
|
|
|
.. _pygit2: https://github.com/libgit2/pygit2
|
|
|
|
Salt Cloud Improvements
|
|
=======================
|
|
|
|
- Pricing data from several cloud providers (GCE, DigitalOcean, SoftLayer_HW, EC2)
|
|
- All cloud providers now use standardized bootstrapping code.
|
|
- Modified the Linode Salt Cloud driver to use Linode's native API instead of
|
|
depending on apache-libcloud or linode-python.
|
|
|
|
Salt Cloud Changes
|
|
------------------
|
|
|
|
- Changed the default behavior of ``rename_on_destroy`` to be set to ``True``
|
|
in the EC2 and AWS drivers.
|
|
- Changed the default behavior of the EC2 and AWS drivers to always check for
|
|
duplicate names of VMs before trying to create a new VM. Will now throw an
|
|
error similarly to other salt-cloud drivers when trying to create a VM of the
|
|
same name, even if the VM is in the ``terminated`` state.
|
|
- When querying for VMs in ``digital_ocean.py``, the number of VMs to include in
|
|
a page was changed from 20 (default) to 200 to reduce the number of API calls
|
|
to Digital Ocean.Ocean.
|
|
|
|
State and Execution Module Improvements
|
|
=======================================
|
|
|
|
- New and improved Docker state and execution modules (:mod:`state
|
|
<salt.states.dockerng>` and :mod:`execution module <salt.modules.dockerng>`).
|
|
|
|
.. toctree::
|
|
includes/git-2015.8.0
|
|
|
|
- OpenStack Glance API V2 execution module
|
|
- Amazon VPC state module
|
|
- RallyDev execution module
|
|
- BambooHR execution module
|
|
- Stormpath execution, state modules
|
|
- Remove unused argument ``timeout`` in jboss7.status.
|
|
- Deprecate ``enabled`` argument in ``pkgrepo.managed`` in favor of ``disabled``.
|
|
- Archive module changes: In the ``archive.tar`` and ``archive.cmd_unzip``
|
|
module functions, remove the arbitrary prefixing of the options string with
|
|
``-``. An options string beginning with a ``--long-option``, would have
|
|
uncharacteristically needed its first ``-`` removed under the former scheme.
|
|
Also, tar will parse its options differently if short options are used with or
|
|
without a preceding ``-``, so it is better to not confuse the user into
|
|
thinking they're using the non- ``-`` format, when really they are using the
|
|
with- ``-`` format.
|
|
- Added ``__states__`` to state modules, for cross-calling states. This enables
|
|
using existing states when writing custom states. See :ref:`cross calling states
|
|
<cross-calling-state-modules>`.
|
|
|
|
Windows Improvements
|
|
====================
|
|
|
|
- Enhanced the windows minion silent installation with command line parameters
|
|
to configure the salt master and minion name. See :ref:`Silent Installer
|
|
Options <windows-installer-options>`.
|
|
- Improved user management with additional capabilities in the user module for Windows.
|
|
- Improved patch management with a new module for managing windows updates (:mod:`win_wua <modules.win_wua>`).
|
|
- Turned on multi-processing by default for windows in minion configuration.
|
|
|
|
Windows Software Repo Changes
|
|
-----------------------------
|
|
|
|
A next-generation (ng) windows software repo is available for 2015.8.0 and
|
|
later minions. When using this new repository, the repo cache is compiled on
|
|
the Salt Minion, which enables pillar, grains and other things to be available
|
|
during compilation time.
|
|
|
|
See the :ref:`Windows Software Repository <2015-8-0-winrepo-changes>`
|
|
documentation for more information.
|
|
|
|
Changes to legacy Windows repository
|
|
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
|
|
|
If you have pre 2015.8 Windows minions connecting to your 2015.8 Salt master, you
|
|
can continue to use the legacy Windows repository for these Salt minions.
|
|
|
|
If you were previously using this repository and have customized settings, be
|
|
aware that several config options have been renamed to make their naming more
|
|
consistent.
|
|
|
|
See the :ref:`Windows Software Repository <2015-8-0-winrepo-changes>`
|
|
documentation for more information.
|
|
|
|
Win System Module
|
|
-----------------
|
|
|
|
The unit of the ``timeout`` parameter in the ``system.halt``,
|
|
``system.poweroff``, ``system.reboot``, and ``system.shutdown`` functions has
|
|
been changed from seconds to minutes in order to be consistent with the linux
|
|
timeout setting. (:issue:`24411`) Optionally, the unit can be reverted to
|
|
seconds by specifying ``in_seconds=True``.
|
|
|
|
Other Improvements
|
|
==================
|
|
|
|
- Sanitize sensitive fields in http.query
|
|
- Allow authorization to be read from Django and eauth
|
|
- Add templating to SMTP returner
|
|
- New REST module for SDB
|
|
- Added rest_timeout config option and timeout argument to jobs api call
|
|
- Provide config options for Raet lane and road buffer count. (Useful for BSD kernels)
|
|
- Implemented ZeroMQ socket monitor for master and minion
|
|
- Add end time to master job cache for jobs (optional, off by default)
|
|
- Tornado is now the default backend for http.request
|
|
- Support pillarenv selection as it's done for saltenv
|
|
- salt was updated to use python-crypto version 2.6.1, which removes the dependency on python-m2crypto.
|
|
|
|
Deprecations
|
|
============
|
|
|
|
- The ``digital_ocean.py`` Salt Cloud driver was removed in favor of the
|
|
``digital_ocean_v2.py`` driver as DigitalOcean has removed support for APIv1.
|
|
The ``digital_ocean_v2.py`` was renamed to ``digital_ocean.py`` and supports
|
|
DigitalOcean's APIv2.
|
|
|
|
- The ``vsphere.py`` Salt Cloud driver has been deprecated in favor of the
|
|
``vmware.py`` driver.
|
|
|
|
- The ``openstack.py`` Salt Cloud driver has been deprecated in favor of the
|
|
``nova.py`` driver.
|
|
|
|
- The use of ``provider`` in Salt Cloud provider files to define cloud drivers
|
|
has been deprecated in favor of using ``driver``. Both terms will work until
|
|
the 2017.7.0 release of Salt. Example provider file:
|
|
|
|
.. code-block:: yaml
|
|
|
|
my-ec2-cloud-config:
|
|
id: 'HJGRYCILJLKJYG'
|
|
key: 'kdjgfsgm;woormgl/aserigjksjdhasdfgn'
|
|
private_key: /etc/salt/my_test_key.pem
|
|
keyname: my_test_key
|
|
securitygroup: default
|
|
driver: ec2
|
|
|
|
- The use of ``lock`` has been deprecated and from ``salt.utils.fopen``.
|
|
``salt.utils.flopen`` should be used instead.
|
|
|
|
- The following args have been deprecated from the ``rabbitmq_vhost.present``
|
|
state: ``user``, ``owner``, ``conf``, ``write``, ``read``, and ``runas``.
|
|
|
|
- The use of ``runas`` has been deprecated from the ``rabbitmq_vhost.absent``
|
|
state.
|
|
|
|
- Support for ``output`` in ``mine.get`` was removed. ``--out`` should be used
|
|
instead.
|
|
|
|
- The use of ``delim`` was removed from the following functions in the ``match``
|
|
execution module: ``pillar_pcre``, ``pillar``, ``grain_pcre``,
|
|
|
|
Security Fixes
|
|
==============
|
|
|
|
CVE-2015-6918 - Git modules leaking HTTPS auth credentials to debug log
|
|
|
|
Updated the Git state and execution modules to no longer display HTTPS basic authentication credentials in loglevel debug output on the Salt master. These credentials are now replaced with ``REDACTED`` in the debug output. Thanks to Andreas Stieger <asteiger@suse.com> for bringing this to our attention.
|
|
|
|
Major Bug Fixes
|
|
===============
|
|
|
|
- Fixed minion failover to next master on DNS errors (:issue:`21082`)
|
|
- Fixed memory consumption in SaltEvents (:issue:`25557`)
|
|
- Don't lookup outside system path in which() util (:issue:`24085`)
|
|
- Fixed broken jobs rest api call (:issue:`23408`)
|
|
- Fixed stale grains data using in modules (:issue:`24073`)
|
|
- Added ssh_identities_only config flag for ssh-agent configured environments
|
|
(:issue:`24096`)
|
|
- Fixed "object has no attribute" errors for Raet transport (:issue:`21640`)
|
|
- Flush event returners before master exit (:issue:`22814`)
|
|
- Fix CommandExecutionError in grains generation with lspci missing (:issue:`23342`)
|
|
- Fix salt-ssh against CentOS 7 when python-zmq not installed (:issue:`23503`)
|
|
- Fix salt-ssh issues related to out-of-date six module (:issue:`20949`)
|
|
- Fix salt-ssh thin generation after previous run was interrupted (:issue:`24376`)
|
|
- Use proper line endings on Windows with "file.managed" w/contents (:issue:`25675`)
|
|
- Fixed broken comment/uncomment functions in file.py (:issue:`24620`)
|
|
- Fixed problem with unicode when changing computer description (:issue:`12255`)
|
|
- Fixed problem with chocolatey module not loading (:issue:`25717`)
|
|
- Fixed problem adding users to groups with spaces in the name (:issue:`25144`)
|
|
- Fixed problem adding full name to user account (:issue:`25206`)
|
|
- Fixed gem module stack trace (:issue:`21041`)
|
|
- Fixed problem with file.managed when test=True (:issue:`20441`)
|
|
- Fixed problem with powershell hanging while waiting for user input (:issue:`13943`)
|
|
- Fixed problem where the salt-minion service would not consistently start
|
|
(:issue:`25272`)
|
|
- Fixed problem where pkg.refresh_db would return True even when winrepo.p was not
|
|
found (:issue:`18919`)
|
|
- Could someone please provide end to end example for Proxy Minion with REST
|
|
(:issue:`25500`)
|
|
- Proxy minions stopped working between 2014.7 and 2015.5 (:issue:`25053`)
|
|
- Proxy minion documentation includes outdated code sample (:issue:`24018`)
|
|
- Proxy Minion documentation missing grains example (:issue:`18273`)
|
|
- Improve process management in proxy minion (:issue:`12024`)
|
|
- Proxy minion never comes up with message ' I am XXX and I am not supposed to
|
|
start any proxies.' (:issue:`25908`)
|
|
- Fixed an issue that caused an exception when using Salt mine from pillar. (:issue:`11509`)
|