The series looks good to me, I've queued it locally and will push it soon. Is there a README or HOWTO for any runtime testing ?
Bruce On Fri, May 8, 2015 at 11:28 AM, Alejandro del Castillo <[email protected]> wrote: > Signed-off-by: Alejandro del Castillo <[email protected]> > --- > meta-openstack/recipes-support/salt/files/cloud | 94 ++++ > meta-openstack/recipes-support/salt/files/master | 525 > +++++++++++++++++++++ > meta-openstack/recipes-support/salt/files/minion | 494 +++++++++++++++++++ > meta-openstack/recipes-support/salt/files/roster | 8 + > meta-openstack/recipes-support/salt/files/salt-api | 110 +++++ > .../salt/files/salt-common.bash_completion | 332 +++++++++++++ > .../salt/files/salt-common.logrotate | 10 + > .../recipes-support/salt/files/salt-master | 111 +++++ > .../recipes-support/salt/files/salt-minion | 111 +++++ > .../recipes-support/salt/files/salt-syndic | 111 +++++ > .../salt/salt/set_python_location_hashbang.patch | 107 +++++ > .../recipes-support/salt/salt_2014.7.4.bb | 145 ++++++ > 12 files changed, 2158 insertions(+) > create mode 100644 meta-openstack/recipes-support/salt/files/cloud > create mode 100644 meta-openstack/recipes-support/salt/files/master > create mode 100644 meta-openstack/recipes-support/salt/files/minion > create mode 100644 meta-openstack/recipes-support/salt/files/roster > create mode 100755 meta-openstack/recipes-support/salt/files/salt-api > create mode 100644 > meta-openstack/recipes-support/salt/files/salt-common.bash_completion > create mode 100644 > meta-openstack/recipes-support/salt/files/salt-common.logrotate > create mode 100755 meta-openstack/recipes-support/salt/files/salt-master > create mode 100755 meta-openstack/recipes-support/salt/files/salt-minion > create mode 100755 meta-openstack/recipes-support/salt/files/salt-syndic > create mode 100644 > meta-openstack/recipes-support/salt/salt/set_python_location_hashbang.patch > create mode 100644 meta-openstack/recipes-support/salt/salt_2014.7.4.bb > > diff --git a/meta-openstack/recipes-support/salt/files/cloud > b/meta-openstack/recipes-support/salt/files/cloud > new file mode 100644 > index 0000000..2ea54f1 > --- /dev/null > +++ b/meta-openstack/recipes-support/salt/files/cloud > @@ -0,0 +1,94 @@ > +# This file should normally be installed at: /etc/salt/cloud > + > + > +########################################## > +##### VM Defaults ##### > +########################################## > + > +# Set the size of minion keys to generate, defaults to 2048 > +# > +#keysize: 2048 > + > + > +# Set the default os being deployed. This sets which deployment script to > +# apply. This argument is optional. > +# > +#script: bootstrap-salt > + > + > +########################################## > +##### Logging Settings ##### > +########################################## > + > +# The location of the master log file > +# > +#log_file: /var/log/salt/cloud > + > + > +# The level of messages to send to the console. > +# One of 'garbage', 'trace', 'debug', info', 'warning', 'error', 'critical'. > +# > +# Default: 'info' > +# > +#log_level: info > + > + > +# The level of messages to send to the log file. > +# One of 'garbage', 'trace', 'debug', info', 'warning', 'error', 'critical'. > +# > +# Default: 'info' > +# > +#log_level_logfile: info > + > + > +# The date and time format used in log messages. Allowed date/time formating > +# can be seen here: > +# > +# http://docs.python.org/library/time.html#time.strftime > +# > +#log_datefmt: '%Y-%m-%d %H:%M:%S' > + > + > +# The format of the console logging messages. Allowed formatting options can > +# be seen here: > +# > +# http://docs.python.org/library/logging.html#logrecord-attributes > +# > +# Console log colors are specified by these additional formatters: > +# > +# %(colorlevel)s > +# %(colorname)s > +# %(colorprocess)s > +# %(colormsg)s > +# > +# Since it is desirable to include the surrounding brackets, '[' and ']', in > +# the coloring of the messages, these color formatters also include padding > as > +# well. Color LogRecord attributes are only available for console logging. > +# > +#log_fmt_console: '[%(levelname)-8s] %(message)s' > +#log_fmt_logfile: '%(asctime)s,%(msecs)03.0f [%(name)-17s][%(levelname)-8s] > %(message)s' > + > + > +# Logger levels can be used to tweak specific loggers logging levels. > +# For example, if you want to have the salt library at the 'warning' level, > +# but you still wish to have 'salt.modules' at the 'debug' level: > +# > +# log_granular_levels: > +# 'salt': 'warning', > +# 'salt.modules': 'debug' > +# 'saltcloud': 'info' > +# > +#log_granular_levels: {} > + > + > +########################################## > +##### Misc Defaults ##### > +########################################## > + > +# Whether or not to remove the accompanying SSH key from the known_hosts file > +# when an instance is destroyed. > +# > +# Default: 'False' > +# > +#delete_sshkeys: False > + > diff --git a/meta-openstack/recipes-support/salt/files/master > b/meta-openstack/recipes-support/salt/files/master > new file mode 100644 > index 0000000..8129a4f > --- /dev/null > +++ b/meta-openstack/recipes-support/salt/files/master > @@ -0,0 +1,525 @@ > +##### Primary configuration settings ##### > +########################################## > +# This configuration file is used to manage the behavior of the Salt Master > +# Values that are commented out but have no space after the comment are > +# defaults that need not be set in the config. If there is a space after the > +# comment that the value is presented as an example and is not the default. > + > +# Per default, the master will automatically include all config files > +# from master.d/*.conf (master.d is a directory in the same directory > +# as the main master config file) > +#default_include: master.d/*.conf > + > +# The address of the interface to bind to > +#interface: 0.0.0.0 > + > +# Whether the master should listen for IPv6 connections. If this is set to > True, > +# the interface option must be adjusted too (for example: "interface: '::'") > +#ipv6: False > + > +# The tcp port used by the publisher > +#publish_port: 4505 > + > +# The user to run the salt-master as. Salt will update all permissions to > +# allow the specified user to run the master. If the modified files cause > +# conflicts set verify_env to False. > +#user: root > + > +# Max open files > +# Each minion connecting to the master uses AT LEAST one file descriptor, the > +# master subscription connection. If enough minions connect you might start > +# seeing on the console(and then salt-master crashes): > +# Too many open files (tcp_listener.cpp:335) > +# Aborted (core dumped) > +# > +# By default this value will be the one of `ulimit -Hn`, ie, the hard limit > for > +# max open files. > +# > +# If you wish to set a different value than the default one, uncomment and > +# configure this setting. Remember that this value CANNOT be higher than the > +# hard limit. Raising the hard limit depends on your OS and/or distribution, > +# a good way to find the limit is to search the internet for(for example): > +# raise max open files hard limit debian > +# > +#max_open_files: 100000 > + > +# The number of worker threads to start, these threads are used to manage > +# return calls made from minions to the master, if the master seems to be > +# running slowly, increase the number of threads > +#worker_threads: 5 > + > +# The port used by the communication interface. The ret (return) port is the > +# interface used for the file server, authentication, job returnes, etc. > +#ret_port: 4506 > + > +# Specify the location of the daemon process ID file > +#pidfile: /var/run/salt-master.pid > + > +# The root directory prepended to these options: pki_dir, cachedir, > +# sock_dir, log_file, autosign_file, extension_modules, key_logfile, pidfile. > +#root_dir: / > + > +# Directory used to store public key data > +#pki_dir: /etc/salt/pki/master > + > +# Directory to store job and cache data > +#cachedir: /var/cache/salt/master > + > +# Verify and set permissions on configuration directories at startup > +#verify_env: True > + > +# Set the number of hours to keep old job information in the job cache > +#keep_jobs: 24 > + > +# Set the default timeout for the salt command and api, the default is 5 > +# seconds > +#timeout: 5 > + > +# The loop_interval option controls the seconds for the master's maintinance > +# process check cycle. This process updates file server backends, cleans the > +# job cache and executes the scheduler. > +#loop_interval: 60 > + > +# Set the default outputter used by the salt command. The default is "nested" > +#output: nested > + > +# By default output is colored, to disable colored output set the color value > +# to False > +#color: True > + > +# Set the directory used to hold unix sockets > +#sock_dir: /var/run/salt/master > + > +# The master can take a while to start up when lspci and/or dmidecode is used > +# to populate the grains for the master. Enable if you want to see GPU > hardware > +# data for your master. > +# > +# enable_gpu_grains: False > + > +# The master maintains a job cache, while this is a great addition it can be > +# a burden on the master for larger deployments (over 5000 minions). > +# Disabling the job cache will make previously executed jobs unavailable to > +# the jobs system and is not generally recommended. > +# > +#job_cache: True > + > +# Cache minion grains and pillar data in the cachedir. > +#minion_data_cache: True > + > +# The master can include configuration from other files. To enable this, > +# pass a list of paths to this option. The paths can be either relative or > +# absolute; if relative, they are considered to be relative to the directory > +# the main master configuration file lives in (this file). Paths can make use > +# of shell-style globbing. If no files are matched by a path passed to this > +# option then the master will log a warning message. > +# > +# > +# Include a config file from some other path: > +#include: /etc/salt/extra_config > +# > +# Include config from several files and directories: > +#include: > +# - /etc/salt/extra_config > + > + > +##### Security settings ##### > +########################################## > +# Enable "open mode", this mode still maintains encryption, but turns off > +# authentication, this is only intended for highly secure environments or for > +# the situation where your keys end up in a bad state. If you run in open > mode > +# you do so at your own risk! > +#open_mode: False > + > +# Enable auto_accept, this setting will automatically accept all incoming > +# public keys from the minions. Note that this is insecure. > +#auto_accept: False > + > +# If the autosign_file is specified only incoming keys specified in > +# the autosign_file will be automatically accepted. This is insecure. > +# Regular expressions as well as globing lines are supported. > +#autosign_file: /etc/salt/autosign.conf > + > +# Enable permissive access to the salt keys. This allows you to run the > +# master or minion as root, but have a non-root group be given access to > +# your pki_dir. To make the access explicit, root must belong to the group > +# you've given access to. This is potentially quite insecure. > +# If an autosign_file is specified, enabling permissive_pki_access will > allow group access > +# to that specific file. > +#permissive_pki_access: False > + > +# Allow users on the master access to execute specific commands on minions. > +# This setting should be treated with care since it opens up execution > +# capabilities to non root users. By default this capability is completely > +# disabled. > +# > +#client_acl: > +# larry: > +# - test.ping > +# - network.* > +# > + > +# Blacklist any of the following users or modules > +# > +# This example would blacklist all non sudo users, including root from > +# running any commands. It would also blacklist any use of the "cmd" > +# module. > +# This is completely disabled by default. > +# > +#client_acl_blacklist: > +# users: > +# - root > +# - '^(?!sudo_).*$' # all non sudo users > +# modules: > +# - cmd > + > +# The external auth system uses the Salt auth modules to authenticate and > +# validate users to access areas of the Salt system. > +# > +#external_auth: > +# pam: > +# fred: > +# - test.* > +# > + > +# Time (in seconds) for a newly generated token to live. Default: 12 hours > +#token_expire: 43200 > + > +# Allow minions to push files to the master. This is disabled by default, for > +# security purposes. > +#file_recv: False > + > +# Signature verification on messages published from the master. > +# This causes the master to cryptographically sign all messages published to > its event > +# bus, and minions then verify that signature before acting on the message. > +# > +# This is False by default. > +# > +# Note that to facilitate interoperability with masters and minions that are > different > +# versions, if sign_pub_messages is True but a message is received by a > minion with > +# no signature, it will still be accepted, and a warning message will be > logged. > +# Conversely, if sign_pub_messages is False, but a minion receives a signed > +# message it will be accepted, the signature will not be checked, and a > warning message > +# will be logged. This behavior will go away in Salt 0.17.6 (or Hydrogen > RC1, whichever > +# comes first) and these two situations will cause minion to throw an > exception and > +# drop the message. > +# > +# sign_pub_messages: False > + > +##### Master Module Management ##### > +########################################## > +# Manage how master side modules are loaded > + > +# Add any additional locations to look for master runners > +#runner_dirs: [] > + > +# Enable Cython for master side modules > +#cython_enable: False > + > + > +##### State System settings ##### > +########################################## > +# The state system uses a "top" file to tell the minions what environment to > +# use and what modules to use. The state_top file is defined relative to the > +# root of the base environment as defined in "File Server settings" below. > +#state_top: top.sls > + > +# The master_tops option replaces the external_nodes option by creating > +# a plugable system for the generation of external top data. The > external_nodes > +# option is deprecated by the master_tops option. > +# To gain the capabilities of the classic external_nodes system, use the > +# following configuration: > +# master_tops: > +# ext_nodes: <Shell command which returns yaml> > +# > +#master_tops: {} > + > +# The external_nodes option allows Salt to gather data that would normally be > +# placed in a top file. The external_nodes option is the executable that will > +# return the ENC data. Remember that Salt will look for external nodes AND > top > +# files and combine the results if both are enabled! > +#external_nodes: None > + > +# The renderer to use on the minions to render the state data > +#renderer: yaml_jinja > + > +# The failhard option tells the minions to stop immediately after the first > +# failure detected in the state execution, defaults to False > +#failhard: False > + > +# The state_verbose and state_output settings can be used to change the way > +# state system data is printed to the display. By default all data is > printed. > +# The state_verbose setting can be set to True or False, when set to False > +# all data that has a result of True and no changes will be suppressed. > +#state_verbose: True > + > +# The state_output setting changes if the output is the full multi line > +# output for each changed state if set to 'full', but if set to 'terse' > +# the output will be shortened to a single line. If set to 'mixed', the > output > +# will be terse unless a state failed, in which case that output will be > full. > +#state_output: full > + > + > +##### File Server settings ##### > +########################################## > +# Salt runs a lightweight file server written in zeromq to deliver files to > +# minions. This file server is built into the master daemon and does not > +# require a dedicated port. > + > +# The file server works on environments passed to the master, each > environment > +# can have multiple root directories, the subdirectories in the multiple file > +# roots cannot match, otherwise the downloaded files will not be able to be > +# reliably ensured. A base environment is required to house the top file. > +# Example: > +# file_roots: > +# base: > +# - /srv/salt/ > +# dev: > +# - /srv/salt/dev/services > +# - /srv/salt/dev/states > +# prod: > +# - /srv/salt/prod/services > +# - /srv/salt/prod/states > + > +#file_roots: > +# base: > +# - /srv/salt > + > +# The hash_type is the hash to use when discovering the hash of a file on > +# the master server. The default is md5, but sha1, sha224, sha256, sha384 > +# and sha512 are also supported. > +#hash_type: md5 > + > +# The buffer size in the file server can be adjusted here: > +#file_buffer_size: 1048576 > + > +# A regular expression (or a list of expressions) that will be matched > +# against the file path before syncing the modules and states to the minions. > +# This includes files affected by the file.recurse state. > +# For example, if you manage your custom modules and states in subversion > +# and don't want all the '.svn' folders and content synced to your minions, > +# you could set this to '/\.svn($|/)'. By default nothing is ignored. > +# > +#file_ignore_regex: > +# - '/\.svn($|/)' > +# - '/\.git($|/)' > + > +# A file glob (or list of file globs) that will be matched against the file > +# path before syncing the modules and states to the minions. This is similar > +# to file_ignore_regex above, but works on globs instead of regex. By default > +# nothing is ignored. > +# > +# file_ignore_glob: > +# - '*.pyc' > +# - '*/somefolder/*.bak' > +# - '*.swp' > + > +# File Server Backend > +# Salt supports a modular fileserver backend system, this system allows > +# the salt master to link directly to third party systems to gather and > +# manage the files available to minions. Multiple backends can be > +# configured and will be searched for the requested file in the order in > which > +# they are defined here. The default setting only enables the standard > backend > +# "roots" which uses the "file_roots" option. > +# > +#fileserver_backend: > +# - roots > +# > +# To use multiple backends list them in the order they are searched: > +# > +#fileserver_backend: > +# - git > +# - roots > +# > +# By default, the Salt fileserver recurses fully into all defined > environments > +# to attempt to find files. To limit this behavior so that the fileserver > only > +# traverses directories with SLS files and special Salt directories like > _modules, > +# enable the option below. This might be useful for installations where a > file root > +# has a very large number of files and performance is impacted. Default is > False. > +# > +# fileserver_limit_traversal: False > +# > +# Git fileserver backend configuration > +# When using the git fileserver backend at least one git remote needs to be > +# defined. The user running the salt master will need read access to the > repo. > +# > +#gitfs_remotes: > +# - git://github.com/saltstack/salt-states.git > +# - file:///var/git/saltmaster > +# > +# The repos will be searched in order to find the file requested by a client > +# and the first repo to have the file will return it. > +# When using the git backend branches and tags are translated into salt > +# environments. > +# Note: file:// repos will be treated as a remote, so refs you want used > must > +# exist in that repo as *local* refs. > +# > +# The gitfs_root option gives the ability to serve files from a subdirectory > +# within the repository. The path is defined relative to the root of the > +# repository and defaults to the repository root. > +#gitfs_root: somefolder/otherfolder > + > + > +##### Pillar settings ##### > +########################################## > +# Salt Pillars allow for the building of global data that can be made > selectively > +# available to different minions based on minion grain filtering. The Salt > +# Pillar is laid out in the same fashion as the file server, with > environments, > +# a top file and sls files. However, pillar data does not need to be in the > +# highstate format, and is generally just key/value pairs. > + > +#pillar_roots: > +# base: > +# - /srv/pillar > + > +#ext_pillar: > +# - hiera: /etc/hiera.yaml > +# - cmd_yaml: cat /etc/salt/yaml > + > +# The pillar_opts option adds the master configuration file data to a dict in > +# the pillar called "master". This is used to set simple configurations in > the > +# master config file that can then be used on minions. > +#pillar_opts: True > + > + > +##### Syndic settings ##### > +########################################## > +# The Salt syndic is used to pass commands through a master from a higher > +# master. Using the syndic is simple, if this is a master that will have > +# syndic servers(s) below it set the "order_masters" setting to True, if this > +# is a master that will be running a syndic daemon for passthrough the > +# "syndic_master" setting needs to be set to the location of the master > server > +# to receive commands from. > + > +# Set the order_masters setting to True if this master will command lower > +# masters' syndic interfaces. > +#order_masters: False > + > +# If this master will be running a salt syndic daemon, syndic_master tells > +# this master where to receive commands from. > +#syndic_master: masterofmaster > + > +# This is the 'ret_port' of the MasterOfMaster > +#syndic_master_port: 4506 > + > +# PID file of the syndic daemon > +#syndic_pidfile: /var/run/salt-syndic.pid > + > +# LOG file of the syndic daemon > +#syndic_log_file: syndic.log > + > +##### Peer Publish settings ##### > +########################################## > +# Salt minions can send commands to other minions, but only if the minion is > +# allowed to. By default "Peer Publication" is disabled, and when enabled it > +# is enabled for specific minions and specific commands. This allows secure > +# compartmentalization of commands based on individual minions. > + > +# The configuration uses regular expressions to match minions and then a list > +# of regular expressions to match functions. The following will allow the > +# minion authenticated as foo.example.com to execute functions from the test > +# and pkg modules. > +# > +#peer: > +# foo.example.com: > +# - test.* > +# - pkg.* > +# > +# This will allow all minions to execute all commands: > +# > +#peer: > +# .*: > +# - .* > +# > +# This is not recommended, since it would allow anyone who gets root on any > +# single minion to instantly have root on all of the minions! > + > +# Minions can also be allowed to execute runners from the salt master. > +# Since executing a runner from the minion could be considered a security > risk, > +# it needs to be enabled. This setting functions just like the peer setting > +# except that it opens up runners instead of module functions. > +# > +# All peer runner support is turned off by default and must be enabled before > +# using. This will enable all peer runners for all minions: > +# > +#peer_run: > +# .*: > +# - .* > +# > +# To enable just the manage.up runner for the minion foo.example.com: > +# > +#peer_run: > +# foo.example.com: > +# - manage.up > + > + > +##### Logging settings ##### > +########################################## > +# The location of the master log file > +# The master log can be sent to a regular file, local path name, or network > +# location. Remote logging works best when configured to use rsyslogd(8) > (e.g.: > +# ``file:///dev/log``), with rsyslogd(8) configured for network logging. The > URI > +# format is: > <file|udp|tcp>://<host|socketpath>:<port-if-required>/<log-facility> > +#log_file: /var/log/salt/master > +#log_file: file:///dev/log > +#log_file: udp://loghost:10514 > + > +#log_file: /var/log/salt/master > +#key_logfile: /var/log/salt/key > + > +# The level of messages to send to the console. > +# One of 'garbage', 'trace', 'debug', info', 'warning', 'error', 'critical'. > +#log_level: warning > + > +# The level of messages to send to the log file. > +# One of 'garbage', 'trace', 'debug', info', 'warning', 'error', 'critical'. > +#log_level_logfile: warning > + > +# The date and time format used in log messages. Allowed date/time formating > +# can be seen here: http://docs.python.org/library/time.html#time.strftime > +#log_datefmt: '%H:%M:%S' > +#log_datefmt_logfile: '%Y-%m-%d %H:%M:%S' > + > +# The format of the console logging messages. Allowed formatting options can > +# be seen here: > http://docs.python.org/library/logging.html#logrecord-attributes > +#log_fmt_console: '[%(levelname)-8s] %(message)s' > +#log_fmt_logfile: '%(asctime)s,%(msecs)03.0f [%(name)-17s][%(levelname)-8s] > %(message)s' > + > +# This can be used to control logging levels more specificically. This > +# example sets the main salt library at the 'warning' level, but sets > +# 'salt.modules' to log at the 'debug' level: > +# log_granular_levels: > +# 'salt': 'warning', > +# 'salt.modules': 'debug' > +# > +#log_granular_levels: {} > + > + > +##### Node Groups ##### > +########################################## > +# Node groups allow for logical groupings of minion nodes. > +# A group consists of a group name and a compound target. > +# > +#nodegroups: > +# group1: '[email protected],bar.domain.com,baz.domain.com and > bl*.domain.com' > +# group2: 'G@os:Debian and foo.domain.com' > + > + > +##### Range Cluster settings ##### > +########################################## > +# The range server (and optional port) that serves your cluster information > +# https://github.com/grierj/range/wiki/Introduction-to-Range-with-YAML-files > +# > +#range_server: range:80 > + > + > +##### Windows Software Repo settings ##### > +############################################## > +# Location of the repo on the master > +#win_repo: '/srv/salt/win/repo' > + > +# Location of the master's repo cache file > +#win_repo_mastercachefile: '/srv/salt/win/repo/winrepo.p' > + > +# List of git repositories to include with the local repo > +#win_gitrepos: > +# - 'https://github.com/saltstack/salt-winrepo.git' > diff --git a/meta-openstack/recipes-support/salt/files/minion > b/meta-openstack/recipes-support/salt/files/minion > new file mode 100644 > index 0000000..8fdde14 > --- /dev/null > +++ b/meta-openstack/recipes-support/salt/files/minion > @@ -0,0 +1,494 @@ > +##### Primary configuration settings ##### > +########################################## > + > +# Per default the minion will automatically include all config files > +# from minion.d/*.conf (minion.d is a directory in the same directory > +# as the main minion config file). > +#default_include: minion.d/*.conf > + > +# Set the location of the salt master server, if the master server cannot be > +# resolved, then the minion will fail to start. > +#master: salt > + > +# Set whether the minion should connect to the master via IPv6 > +#ipv6: False > + > +# Set the number of seconds to wait before attempting to resolve > +# the master hostname if name resolution fails. Defaults to 30 seconds. > +# Set to zero if the minion should shutdown and not retry. > +# retry_dns: 30 > + > +# Set the port used by the master reply and authentication server > +#master_port: 4506 > + > +# The user to run salt > +#user: root > + > +# Specify the location of the daemon process ID file > +#pidfile: /var/run/salt-minion.pid > + > +# The root directory prepended to these options: pki_dir, cachedir, log_file, > +# sock_dir, pidfile. > +#root_dir: / > + > +# The directory to store the pki information in > +#pki_dir: /etc/salt/pki/minion > + > +# Explicitly declare the id for this minion to use, if left commented the id > +# will be the hostname as returned by the python call: socket.getfqdn() > +# Since salt uses detached ids it is possible to run multiple minions on the > +# same machine but with different ids, this can be useful for salt compute > +# clusters. > +#id: > + > +# Append a domain to a hostname in the event that it does not exist. This is > +# useful for systems where socket.getfqdn() does not actually result in a > +# FQDN (for instance, Solaris). > +#append_domain: > + > +# Custom static grains for this minion can be specified here and used in SLS > +# files just like all other grains. This example sets 4 custom grains, with > +# the 'roles' grain having two values that can be matched against: > +#grains: > +# roles: > +# - webserver > +# - memcache > +# deployment: datacenter4 > +# cabinet: 13 > +# cab_u: 14-15 > + > +# Where cache data goes > +#cachedir: /var/cache/salt/minion > + > +# Verify and set permissions on configuration directories at startup > +#verify_env: True > + > +# The minion can locally cache the return data from jobs sent to it, this > +# can be a good way to keep track of jobs the minion has executed > +# (on the minion side). By default this feature is disabled, to enable > +# set cache_jobs to True > +#cache_jobs: False > + > +# set the directory used to hold unix sockets > +#sock_dir: /var/run/salt/minion > + > +# Set the default outputter used by the salt-call command. The default is > +# "nested" > +#output: nested > +# > +# By default output is colored, to disable colored output set the color value > +# to False > +#color: True > + > +# Backup files that are replaced by file.managed and file.recurse under > +# 'cachedir'/file_backups relative to their original location and appended > +# with a timestamp. The only valid setting is "minion". Disabled by default. > +# > +# Alternatively this can be specified for each file in state files: > +# > +# /etc/ssh/sshd_config: > +# file.managed: > +# - source: salt://ssh/sshd_config > +# - backup: minion > +# > +#backup_mode: minion > + > +# When waiting for a master to accept the minion's public key, salt will > +# continuously attempt to reconnect until successful. This is the time, in > +# seconds, between those reconnection attempts. > +#acceptance_wait_time: 10 > + > +# If this is nonzero, the time between reconnection attempts will increase by > +# acceptance_wait_time seconds per iteration, up to this maximum. If this is > +# set to zero, the time between reconnection attempts will stay constant. > +#acceptance_wait_time_max: 0 > + > +# When the master key changes, the minion will try to re-auth itself to > receive > +# the new master key. In larger environments this can cause a SYN flood on > the > +# master because all minions try to re-auth immediately. To prevent this and > +# have a minion wait for a random amount of time, use this optional > parameter. > +# The wait-time will be a random number of seconds between > +# 0 and the defined value. > +#random_reauth_delay: 60 > + > + > +# If you don't have any problems with syn-floods, dont bother with the > +# three recon_* settings described below, just leave the defaults! > +# > +# The ZeroMQ pull-socket that binds to the masters publishing interface tries > +# to reconnect immediately, if the socket is disconnected (for example if > +# the master processes are restarted). In large setups this will have all > +# minions reconnect immediately which might flood the master (the > ZeroMQ-default > +# is usually a 100ms delay). To prevent this, these three recon_* settings > +# can be used. > +# > +# recon_default: the interval in milliseconds that the socket should wait > before > +# trying to reconnect to the master (100ms = 1 second) > +# > +# recon_max: the maximum time a socket should wait. each interval the time > to wait > +# is calculated by doubling the previous time. if recon_max is > reached, > +# it starts again at recon_default. Short example: > +# > +# reconnect 1: the socket will wait 'recon_default' milliseconds > +# reconnect 2: 'recon_default' * 2 > +# reconnect 3: ('recon_default' * 2) * 2 > +# reconnect 4: value from previous interval * 2 > +# reconnect 5: value from previous interval * 2 > +# reconnect x: if value >= recon_max, it starts again with > recon_default > +# > +# recon_randomize: generate a random wait time on minion start. The wait > time will > +# be a random value between recon_default and recon_default > + > +# recon_max. Having all minions reconnect with the same > recon_default > +# and recon_max value kind of defeats the purpose of being > able to > +# change these settings. If all minions have the same > values and your > +# setup is quite large (several thousand minions), they > will still > +# flood the master. The desired behaviour is to have > timeframe within > +# all minions try to reconnect. > + > +# Example on how to use these settings: > +# The goal: have all minions reconnect within a 60 second timeframe on a > disconnect > +# > +# The settings: > +#recon_default: 1000 > +#recon_max: 59000 > +#recon_randomize: True > +# > +# Each minion will have a randomized reconnect value between 'recon_default' > +# and 'recon_default + recon_max', which in this example means between 1000ms > +# 60000ms (or between 1 and 60 seconds). The generated random-value will be > +# doubled after each attempt to reconnect. Lets say the generated random > +# value is 11 seconds (or 11000ms). > +# > +# reconnect 1: wait 11 seconds > +# reconnect 2: wait 22 seconds > +# reconnect 3: wait 33 seconds > +# reconnect 4: wait 44 seconds > +# reconnect 5: wait 55 seconds > +# reconnect 6: wait time is bigger than 60 seconds (recon_default + > recon_max) > +# reconnect 7: wait 11 seconds > +# reconnect 8: wait 22 seconds > +# reconnect 9: wait 33 seconds > +# reconnect x: etc. > +# > +# In a setup with ~6000 thousand hosts these settings would average the > reconnects > +# to about 100 per second and all hosts would be reconnected within 60 > seconds. > +#recon_default: 100 > +#recon_max: 5000 > +#recon_randomize: False > + > +# The loop_interval sets how long in seconds the minion will wait between > +# evaluating the scheduler and running cleanup tasks. This defaults to a > +# sane 60 seconds, but if the minion scheduler needs to be evaluated more > +# often lower this value > +#loop_interval: 60 > + > +# When healing, a dns_check is run. This is to make sure that the originally > +# resolved dns has not changed. If this is something that does not happen in > +# your environment, set this value to False. > +#dns_check: True > + > +# Windows platforms lack posix IPC and must rely on slower TCP based inter- > +# process communications. Set ipc_mode to 'tcp' on such systems > +#ipc_mode: ipc > +# > +# Overwrite the default tcp ports used by the minion when in tcp mode > +#tcp_pub_port: 4510 > +#tcp_pull_port: 4511 > + > +# The minion can include configuration from other files. To enable this, > +# pass a list of paths to this option. The paths can be either relative or > +# absolute; if relative, they are considered to be relative to the directory > +# the main minion configuration file lives in (this file). Paths can make use > +# of shell-style globbing. If no files are matched by a path passed to this > +# option then the minion will log a warning message. > +# > +# > +# Include a config file from some other path: > +# include: /etc/salt/extra_config > +# > +# Include config from several files and directories: > +#include: > +# - /etc/salt/extra_config > +# - /etc/roles/webserver > + > +##### Minion module management ##### > +########################################## > +# Disable specific modules. This allows the admin to limit the level of > +# access the master has to the minion > +#disable_modules: [cmd,test] > +#disable_returners: [] > +# > +# Modules can be loaded from arbitrary paths. This enables the easy > deployment > +# of third party modules. Modules for returners and minions can be loaded. > +# Specify a list of extra directories to search for minion modules and > +# returners. These paths must be fully qualified! > +#module_dirs: [] > +#returner_dirs: [] > +#states_dirs: [] > +#render_dirs: [] > +# > +# A module provider can be statically overwritten or extended for the minion > +# via the providers option, in this case the default module will be > +# overwritten by the specified module. In this example the pkg module will > +# be provided by the yumpkg5 module instead of the system default. > +# > +#providers: > +# pkg: yumpkg5 > +# > +# Enable Cython modules searching and loading. (Default: False) > +#cython_enable: False > +# > + > +##### State Management Settings ##### > +########################################### > +# The state management system executes all of the state templates on the > minion > +# to enable more granular control of system state management. The type of > +# template and serialization used for state management needs to be configured > +# on the minion, the default renderer is yaml_jinja. This is a yaml file > +# rendered from a jinja template, the available options are: > +# yaml_jinja > +# yaml_mako > +# yaml_wempy > +# json_jinja > +# json_mako > +# json_wempy > +# > +#renderer: yaml_jinja > +# > +# The failhard option tells the minions to stop immediately after the first > +# failure detected in the state execution, defaults to False > +#failhard: False > +# > +# autoload_dynamic_modules Turns on automatic loading of modules found in the > +# environments on the master. This is turned on by default, to turn of > +# autoloading modules when states run set this value to False > +#autoload_dynamic_modules: True > +# > +# clean_dynamic_modules keeps the dynamic modules on the minion in sync with > +# the dynamic modules on the master, this means that if a dynamic module is > +# not on the master it will be deleted from the minion. By default this is > +# enabled and can be disabled by changing this value to False > +#clean_dynamic_modules: True > +# > +# Normally the minion is not isolated to any single environment on the master > +# when running states, but the environment can be isolated on the minion side > +# by statically setting it. Remember that the recommended way to manage > +# environments is to isolate via the top file. > +#environment: None > +# > +# If using the local file directory, then the state top file name needs to be > +# defined, by default this is top.sls. > +#state_top: top.sls > +# > +# Run states when the minion daemon starts. To enable, set startup_states to: > +# 'highstate' -- Execute state.highstate > +# 'sls' -- Read in the sls_list option and execute the named sls files > +# 'top' -- Read top_file option and execute based on that file on the Master > +#startup_states: '' > +# > +# list of states to run when the minion starts up if startup_states is 'sls' > +#sls_list: > +# - edit.vim > +# - hyper > +# > +# top file to execute if startup_states is 'top' > +#top_file: '' > + > +##### File Directory Settings ##### > +########################################## > +# The Salt Minion can redirect all file server operations to a local > directory, > +# this allows for the same state tree that is on the master to be used if > +# copied completely onto the minion. This is a literal copy of the settings > on > +# the master but used to reference a local directory on the minion. > + > +# Set the file client. The client defaults to looking on the master server > for > +# files, but can be directed to look at the local file directory setting > +# defined below by setting it to local. > +#file_client: remote > + > +# The file directory works on environments passed to the minion, each > environment > +# can have multiple root directories, the subdirectories in the multiple file > +# roots cannot match, otherwise the downloaded files will not be able to be > +# reliably ensured. A base environment is required to house the top file. > +# Example: > +# file_roots: > +# base: > +# - /srv/salt/ > +# dev: > +# - /srv/salt/dev/services > +# - /srv/salt/dev/states > +# prod: > +# - /srv/salt/prod/services > +# - /srv/salt/prod/states > +# > +#file_roots: > +# base: > +# - /srv/salt > + > +# By default, the Salt fileserver recurses fully into all defined > environments > +# to attempt to find files. To limit this behavior so that the fileserver > only > +# traverses directories with SLS files and special Salt directories like > _modules, > +# enable the option below. This might be useful for installations where a > file root > +# has a very large number of files and performance is negatively impacted. > +# > +# Default is False. > +# > +# fileserver_limit_traversal: False > + > +# The hash_type is the hash to use when discovering the hash of a file in > +# the local fileserver. The default is md5, but sha1, sha224, sha256, sha384 > +# and sha512 are also supported. > +#hash_type: md5 > + > +# The Salt pillar is searched for locally if file_client is set to local. If > +# this is the case, and pillar data is defined, then the pillar_roots need to > +# also be configured on the minion: > +#pillar_roots: > +# base: > +# - /srv/pillar > + > +###### Security settings ##### > +########################################### > +# Enable "open mode", this mode still maintains encryption, but turns off > +# authentication, this is only intended for highly secure environments or for > +# the situation where your keys end up in a bad state. If you run in open > mode > +# you do so at your own risk! > +#open_mode: False > + > +# Enable permissive access to the salt keys. This allows you to run the > +# master or minion as root, but have a non-root group be given access to > +# your pki_dir. To make the access explicit, root must belong to the group > +# you've given access to. This is potentially quite insecure. > +#permissive_pki_access: False > + > +# The state_verbose and state_output settings can be used to change the way > +# state system data is printed to the display. By default all data is > printed. > +# The state_verbose setting can be set to True or False, when set to False > +# all data that has a result of True and no changes will be suppressed. > +#state_verbose: True > +# > +# The state_output setting changes if the output is the full multi line > +# output for each changed state if set to 'full', but if set to 'terse' > +# the output will be shortened to a single line. > +#state_output: full > +# > +# Fingerprint of the master public key to double verify the master is valid, > +# the master fingerprint can be found by running "salt-key -F master" on the > +# salt master. > +#master_finger: '' > + > +###### Thread settings ##### > +########################################### > +# Disable multiprocessing support, by default when a minion receives a > +# publication a new process is spawned and the command is executed therein. > +#multiprocessing: True > + > +##### Logging settings ##### > +########################################## > +# The location of the minion log file > +# The minion log can be sent to a regular file, local path name, or network > +# location. Remote logging works best when configured to use rsyslogd(8) > (e.g.: > +# ``file:///dev/log``), with rsyslogd(8) configured for network logging. The > URI > +# format is: > <file|udp|tcp>://<host|socketpath>:<port-if-required>/<log-facility> > +#log_file: /var/log/salt/minion > +#log_file: file:///dev/log > +#log_file: udp://loghost:10514 > +# > +#log_file: /var/log/salt/minion > +#key_logfile: /var/log/salt/key > +# > +# The level of messages to send to the console. > +# One of 'garbage', 'trace', 'debug', info', 'warning', 'error', 'critical'. > +# Default: 'warning' > +#log_level: warning > +# > +# The level of messages to send to the log file. > +# One of 'garbage', 'trace', 'debug', info', 'warning', 'error', 'critical'. > +# Default: 'warning' > +#log_level_logfile: > + > +# The date and time format used in log messages. Allowed date/time formating > +# can be seen here: http://docs.python.org/library/time.html#time.strftime > +#log_datefmt: '%H:%M:%S' > +#log_datefmt_logfile: '%Y-%m-%d %H:%M:%S' > +# > +# The format of the console logging messages. Allowed formatting options can > +# be seen here: > http://docs.python.org/library/logging.html#logrecord-attributes > +#log_fmt_console: '[%(levelname)-8s] %(message)s' > +#log_fmt_logfile: '%(asctime)s,%(msecs)03.0f [%(name)-17s][%(levelname)-8s] > %(message)s' > +# > +# This can be used to control logging levels more specificically. This > +# example sets the main salt library at the 'warning' level, but sets > +# 'salt.modules' to log at the 'debug' level: > +# log_granular_levels: > +# 'salt': 'warning', > +# 'salt.modules': 'debug' > +# > +#log_granular_levels: {} > + > +###### Module configuration ##### > +########################################### > +# Salt allows for modules to be passed arbitrary configuration data, any data > +# passed here in valid yaml format will be passed on to the salt minion > modules > +# for use. It is STRONGLY recommended that a naming convention be used in > which > +# the module name is followed by a . and then the value. Also, all top level > +# data must be applied via the yaml dict construct, some examples: > +# > +# You can specify that all modules should run in test mode: > +#test: True > +# > +# A simple value for the test module: > +#test.foo: foo > +# > +# A list for the test module: > +#test.bar: [baz,quo] > +# > +# A dict for the test module: > +#test.baz: {spam: sausage, cheese: bread} > + > + > +###### Update settings ###### > +########################################### > +# Using the features in Esky, a salt minion can both run as a frozen app and > +# be updated on the fly. These options control how the update process > +# (saltutil.update()) behaves. > +# > +# The url for finding and downloading updates. Disabled by default. > +#update_url: False > +# > +# The list of services to restart after a successful update. Empty by > default. > +#update_restart_services: [] > + > + > +###### Keepalive settings ###### > +############################################ > +# ZeroMQ now includes support for configuring SO_KEEPALIVE if supported by > +# the OS. If connections between the minion and the master pass through > +# a state tracking device such as a firewall or VPN gateway, there is > +# the risk that it could tear down the connection the master and minion > +# without informing either party that their connection has been taken away. > +# Enabling TCP Keepalives prevents this from happening. > +# > +# Overall state of TCP Keepalives, enable (1 or True), disable (0 or False) > +# or leave to the OS defaults (-1), on Linux, typically disabled. Default > True, enabled. > +#tcp_keepalive: True > +# > +# How long before the first keepalive should be sent in seconds. Default 300 > +# to send the first keepalive after 5 minutes, OS default (-1) is typically > 7200 seconds > +# on Linux see /proc/sys/net/ipv4/tcp_keepalive_time. > +#tcp_keepalive_idle: 300 > +# > +# How many lost probes are needed to consider the connection lost. Default -1 > +# to use OS defaults, typically 9 on Linux, see > /proc/sys/net/ipv4/tcp_keepalive_probes. > +#tcp_keepalive_cnt: -1 > +# > +# How often, in seconds, to send keepalives after the first one. Default -1 > to > +# use OS defaults, typically 75 seconds on Linux, see > +# /proc/sys/net/ipv4/tcp_keepalive_intvl. > +#tcp_keepalive_intvl: -1 > + > + > +###### Windows Software settings ###### > +############################################ > +# Location of the repository cache file on the master > +#win_repo_cachefile: 'salt://win/repo/winrepo.p' > diff --git a/meta-openstack/recipes-support/salt/files/roster > b/meta-openstack/recipes-support/salt/files/roster > new file mode 100644 > index 0000000..3eac2fa > --- /dev/null > +++ b/meta-openstack/recipes-support/salt/files/roster > @@ -0,0 +1,8 @@ > +# Sample salt-ssh config file > +#web1: > +# host: 192.168.42.1 # The IP addr or DNS hostname > +# user: fred # Remote executions will be executed as user fred > +# passwd: foobarbaz # The password to use for login, if omitted, keys are > used > +# sudo: True # Whether to sudo to root, not enabled by default > +#web2: > +# host: 192.168.42.2 > diff --git a/meta-openstack/recipes-support/salt/files/salt-api > b/meta-openstack/recipes-support/salt/files/salt-api > new file mode 100755 > index 0000000..4b45bd2 > --- /dev/null > +++ b/meta-openstack/recipes-support/salt/files/salt-api > @@ -0,0 +1,110 @@ > +#!/bin/sh > +### BEGIN INIT INFO > +# Provides: salt-api > +# Required-Start: $remote_fs $network > +# Required-Stop: $remote_fs $network > +# Default-Start: 2 3 4 5 > +# Default-Stop: 0 1 6 > +# Short-Description: salt api control daemon > +# Description: This is a daemon that exposes an external API > +### END INIT INFO > + > +# Author: Michael Prokop <[email protected]> > + > +PATH=/sbin:/usr/sbin:/bin:/usr/bin > +DESC="salt api control daemon" > +NAME=salt-api > +DAEMON=/usr/bin/salt-api > +DAEMON_ARGS="-d" > +PIDFILE=/var/run/$NAME.pid > +SCRIPTNAME=/etc/init.d/$NAME > + > +# Exit if the package is not installed > +[ -x "$DAEMON" ] || exit 0 > + > +# Read configuration variable file if it is present > +[ -r /etc/default/$NAME ] && . /etc/default/$NAME > + > +# Source function library. > +. /etc/init.d/functions > + > +do_start() { > + # Return > + # 0 if daemon has been started > + # 1 if daemon was already running > + # 2 if daemon could not be started > + pid=$(pidof -x $DAEMON) > + if [ -n "$pid" ] ; then > + return 1 > + fi > + > + start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -- > $DAEMON_ARGS \ > + || return 2 > +} > + > +do_stop() { > + # Return > + # 0 if daemon has been stopped > + # 1 if daemon was already stopped > + # 2 if daemon could not be stopped > + # other if a failure occ > + start-stop-daemon --stop --retry=TERM/30/KILL/5 --quiet --pidfile > $PIDFILE --name $NAME > + RETVAL=$? > + [ "$RETVAL" = 2 ] && return 2 > + rm -f $PIDFILE > + return "$RETVAL" > +} > + > +case "$1" in > + start) > + [ "$VERBOSE" != no ] && echo "Starting $DESC" "$NAME" > + do_start > + case "$?" in > + 0|1) [ "$VERBOSE" != no ] && echo OK ;; > + 2) [ "$VERBOSE" != no ] && echo FAILED ;; > + esac > + ;; > + stop) > + [ "$VERBOSE" != no ] && echo "Stopping $DESC" "$NAME" > + do_stop > + case "$?" in > + 0|1) [ "$VERBOSE" != no ] && echo OK ;; > + 2) [ "$VERBOSE" != no ] && echo FAILED ;; > + esac > + ;; > + status) > + pid=`pidof -x $DAEMON` > + if [ -n "$pid" ]; then > + echo "$NAME (pid $pid) is running ..." > + else > + echo "$NAME is stopped" > + fi > + ;; > + #reload) > + # not implemented > + #;; > + restart|force-reload) > + echo "Restarting $DESC" "$NAME" > + do_stop > + case "$?" in > + 0|1) > + do_start > + case "$?" in > + 0) echo OK ;; > + 1) echo FAILED ;; # Old process is still running > + *) echo FAILED ;; # Failed to start > + esac > + ;; > + *) > + # Failed to stop > + echo FAILED > + ;; > + esac > + ;; > + *) > + echo "Usage: $SCRIPTNAME {start|stop|status|restart|force-reload}" > >&2 > + exit 3 > + ;; > +esac > + > +exit 0 > diff --git > a/meta-openstack/recipes-support/salt/files/salt-common.bash_completion > b/meta-openstack/recipes-support/salt/files/salt-common.bash_completion > new file mode 100644 > index 0000000..a457f4d > --- /dev/null > +++ b/meta-openstack/recipes-support/salt/files/salt-common.bash_completion > @@ -0,0 +1,332 @@ > +# written by David Pravec > +# - feel free to /msg alekibango on IRC if you want to talk about this file > + > +# TODO: check if --config|-c was used and use configured config file for > queries > +# TODO: solve somehow completion for salt -G pythonversion:[tab] > +# (not sure what to do with lists) > +# TODO: --range[tab] -- how? > +# TODO: -E --exsel[tab] -- how? > +# TODO: --compound[tab] -- how? > +# TODO: use history to extract some words, esp. if ${cur} is empty > +# TODO: TEST EVERYTING a lot > +# TODO: cache results of some functions? where? how long? > +# TODO: is it ok to use '--timeout 2' ? > + > + > +_salt_get_grains(){ > + if [ "$1" = 'local' ] ; then > + salt-call --out=txt -- grains.ls | sed 's/^.*\[//' | tr -d ",']" > |sed 's:\([a-z0-9]\) :\1\: :g' > + else > + salt '*' --timeout 2 --out=txt -- grains.ls | sed 's/^.*\[//' | tr -d > ",']" |sed 's:\([a-z0-9]\) :\1\: :g' > + fi > +} > + > +_salt_get_grain_values(){ > + if [ "$1" = 'local' ] ; then > + salt-call --out=txt -- grains.item $1 |sed 's/^\S*:\s//' |grep -v > '^\s*$' > + else > + salt '*' --timeout 2 --out=txt -- grains.item $1 |sed 's/^\S*:\s//' > |grep -v '^\s*$' > + fi > +} > + > + > +_salt(){ > + local cur prev opts _salt_grains _salt_coms pprev ppprev > + COMPREPLY=() > + cur="${COMP_WORDS[COMP_CWORD]}" > + prev="${COMP_WORDS[COMP_CWORD-1]}" > + if [ ${COMP_CWORD} -gt 2 ]; then > + pprev="${COMP_WORDS[COMP_CWORD-2]}" > + fi > + if [ ${COMP_CWORD} -gt 3 ]; then > + ppprev="${COMP_WORDS[COMP_CWORD-3]}" > + fi > + > + opts="-h --help -d --doc --documentation --version --versions-report -c \ > + --config-dir= -v --verbose -t --timeout= -s --static -b --batch= \ > + --batch-size= -E --pcre -L --list -G --grain --grain-pcre -N \ > + --nodegroup -R --range -C --compound -X --exsel -I --pillar \ > + --return= -a --auth= --eauth= --extended-auth= -T --make-token -S \ > + --ipcidr --out=pprint --out=yaml --out=overstatestage --out=json \ > + --out=raw --out=highstate --out=key --out=txt --no-color > --out-indent= " > + > + if [[ "${cur}" == -* ]] ; then > + COMPREPLY=($(compgen -W "${opts}" -- ${cur})) > + return 0 > + fi > + > + # 2 special cases for filling up grain values > + case "${pprev}" in > + -G|--grain|--grain-pcre) > + if [ "${cur}" = ":" ]; then > + COMPREPLY=($(compgen -W "`_salt_get_grain_values ${prev}`" )) > + return 0 > + fi > + ;; > + esac > + case "${ppprev}" in > + -G|--grain|--grain-pcre) > + if [ "${prev}" = ":" ]; then > + COMPREPLY=( $(compgen -W "`_salt_get_grain_values ${pprev}`" -- > ${cur}) ) > + return 0 > + fi > + ;; > + esac > + > + if [ "${cur}" = "=" ] && [[ "${prev}" == --* ]]; then > + cur="" > + fi > + if [ "${prev}" = "=" ] && [[ "${pprev}" == --* ]]; then > + prev="${pprev}" > + fi > + > + case "${prev}" in > + > + -c|--config) > + COMPREPLY=($(compgen -f -- ${cur})) > + return 0 > + ;; > + salt) > + COMPREPLY=($(compgen -W "\'*\' ${opts} `salt-key --no-color -l acc`" > -- ${cur})) > + return 0 > + ;; > + -E|--pcre) > + COMPREPLY=($(compgen -W "`salt-key --no-color -l acc`" -- ${cur})) > + return 0 > + ;; > + -G|--grain|--grain-pcre) > + COMPREPLY=($(compgen -W "$(_salt_get_grains)" -- ${cur})) > + return 0 > + ;; > + -C|--compound) > + COMPREPLY=() # TODO: finish this one? how? > + return 0 > + ;; > + -t|--timeout) > + COMPREPLY=($( compgen -W "1 2 3 4 5 6 7 8 9 10 15 20 30 40 60 90 120 > 180" -- ${cur})) > + return 0 > + ;; > + -b|--batch|--batch-size) > + COMPREPLY=($(compgen -W "1 2 3 4 5 6 7 8 9 10 15 20 30 40 50 60 70 > 80 90 100 120 150 200")) > + return 0 > + ;; > + -X|--exsel) # TODO: finish this one? how? > + return 0 > + ;; > + -N|--nodegroup) > + MASTER_CONFIG='/etc/salt/master' > + COMPREPLY=($(compgen -W "`awk -F ':' 'BEGIN {print_line = 0}; > /^nodegroups/ {print_line = 1;getline } print_line && /^ */ {print $1} /^[^ > ]/ {print_line = 0}' <${MASTER_CONFIG}`" -- ${cur})) > + return 0 > + ;; > + esac > + > + _salt_coms="$(salt '*' --timeout 2 --out=txt -- sys.list_functions | sed > 's/^.*\[//' | tr -d ",']" )" > + all="${opts} ${_salt_coms}" > + COMPREPLY=( $(compgen -W "${all}" -- ${cur}) ) > + > + return 0 > +} > + > +complete -F _salt salt > + > + > +_saltkey(){ > + local cur prev opts prev pprev > + COMPREPLY=() > + cur="${COMP_WORDS[COMP_CWORD]}" > + prev="${COMP_WORDS[COMP_CWORD-1]}" > + opts="-c --config-dir= -h --help --version --versions-report -q --quiet \ > + -y --yes --gen-keys= --gen-keys-dir= --keysize= --key-logfile= \ > + -l --list= -L --list-all -a --accept= -A --accept-all \ > + -r --reject= -R --reject-all -p --print= -P --print-all \ > + -d --delete= -D --delete-all -f --finger= -F --finger-all \ > + --out=pprint --out=yaml --out=overstatestage --out=json --out=raw \ > + --out=highstate --out=key --out=txt --no-color --out-indent= " > + if [ ${COMP_CWORD} -gt 2 ]; then > + pprev="${COMP_WORDS[COMP_CWORD-2]}" > + fi > + if [ ${COMP_CWORD} -gt 3 ]; then > + ppprev="${COMP_WORDS[COMP_CWORD-3]}" > + fi > + if [[ "${cur}" == -* ]] ; then > + COMPREPLY=($(compgen -W "${opts}" -- ${cur})) > + return 0 > + fi > + > + if [ "${cur}" = "=" ] && [[ "${prev}" == --* ]]; then > + cur="" > + fi > + if [ "${prev}" = "=" ] && [[ "${pprev}" == --* ]]; then > + prev="${pprev}" > + fi > + > + case "${prev}" in > + -a|--accept) > + COMPREPLY=($(compgen -W "$(salt-key -l un --no-color; salt-key -l > rej --no-color)" -- ${cur})) > + return 0 > + ;; > + -r|--reject) > + COMPREPLY=($(compgen -W "$(salt-key -l acc --no-color)" -- ${cur})) > + return 0 > + ;; > + -d|--delete) > + COMPREPLY=($(compgen -W "$(salt-key -l acc --no-color; salt-key -l > un --no-color; salt-key -l rej --no-color)" -- ${cur})) > + return 0 > + ;; > + -c|--config) > + COMPREPLY=($(compgen -f -- ${cur})) > + return 0 > + ;; > + --keysize) > + COMPREPLY=($(compgen -W "2048 3072 4096 5120 6144" -- ${cur})) > + return 0 > + ;; > + --gen-keys) > + return 0 > + ;; > + --gen-keys-dir) > + COMPREPLY=($(compgen -d -- ${cur})) > + return 0 > + ;; > + -p|--print) > + COMPREPLY=($(compgen -W "$(salt-key -l acc --no-color; salt-key -l > un --no-color; salt-key -l rej --no-color)" -- ${cur})) > + return 0 > + ;; > + -l|--list) > + COMPREPLY=($(compgen -W "pre un acc accepted unaccepted rej rejected > all" -- ${cur})) > + return 0 > + ;; > + --accept-all) > + return 0 > + ;; > + esac > + COMPREPLY=($(compgen -W "${opts} " -- ${cur})) > + return 0 > +} > + > +complete -F _saltkey salt-key > + > +_saltcall(){ > + local cur prev opts _salt_coms pprev ppprev > + COMPREPLY=() > + cur="${COMP_WORDS[COMP_CWORD]}" > + prev="${COMP_WORDS[COMP_CWORD-1]}" > + opts="-h --help -d --doc --documentation --version --versions-report \ > + -m --module-dirs= -g --grains --return= --local -c --config-dir= > -l --log-level= \ > + --out=pprint --out=yaml --out=overstatestage --out=json --out=raw \ > + --out=highstate --out=key --out=txt --no-color --out-indent= " > + if [ ${COMP_CWORD} -gt 2 ]; then > + pprev="${COMP_WORDS[COMP_CWORD-2]}" > + fi > + if [ ${COMP_CWORD} -gt 3 ]; then > + ppprev="${COMP_WORDS[COMP_CWORD-3]}" > + fi > + if [[ "${cur}" == -* ]] ; then > + COMPREPLY=($(compgen -W "${opts}" -- ${cur})) > + return 0 > + fi > + > + if [ "${cur}" = "=" ] && [[ ${prev} == --* ]]; then > + cur="" > + fi > + if [ "${prev}" = "=" ] && [[ ${pprev} == --* ]]; then > + prev="${pprev}" > + fi > + > + case ${prev} in > + -m|--module-dirs) > + COMPREPLY=( $(compgen -d ${cur} )) > + return 0 > + ;; > + -l|--log-level) > + COMPREPLY=( $(compgen -W "info none garbage trace warning > error debug" -- ${cur})) > + return 0 > + ;; > + -g|grains) > + return 0 > + ;; > + salt-call) > + COMPREPLY=($(compgen -W "${opts}" -- ${cur})) > + return 0 > + ;; > + esac > + > + _salt_coms="$(salt-call --out=txt -- sys.list_functions|sed 's/^.*\[//' > | tr -d ",']" )" > + COMPREPLY=( $(compgen -W "${opts} ${_salt_coms}" -- ${cur} )) > + return 0 > +} > + > +complete -F _saltcall salt-call > + > + > +_saltcp(){ > + local cur prev opts target prefpart postpart helper filt pprev ppprev > + COMPREPLY=() > + cur="${COMP_WORDS[COMP_CWORD]}" > + prev="${COMP_WORDS[COMP_CWORD-1]}" > + opts="-t --timeout= -s --static -b --batch= --batch-size= \ > + -h --help --version --versions-report -c --config-dir= \ > + -E --pcre -L --list -G --grain --grain-pcre -N --nodegroup \ > + -R --range -C --compound -X --exsel -I --pillar \ > + --out=pprint --out=yaml --out=overstatestage --out=json --out=raw \ > + --out=highstate --out=key --out=txt --no-color --out-indent= " > + if [[ "${cur}" == -* ]] ; then > + COMPREPLY=($(compgen -W "${opts}" -- ${cur})) > + return 0 > + fi > + > + if [ "${cur}" = "=" ] && [[ "${prev}" == --* ]]; then > + cur="" > + fi > + if [ "${prev}" = "=" ] && [[ "${pprev}" == --* ]]; then > + prev=${pprev} > + fi > + > + case ${prev} in > + salt-cp) > + COMPREPLY=($(compgen -W "${opts} `salt-key -l acc --no-color`" -- > ${cur})) > + return 0 > + ;; > + -t|--timeout) > + # those numbers are just a hint > + COMPREPLY=($(compgen -W "2 3 4 8 10 15 20 25 30 40 60 90 120 180 > 240 300" -- ${cur} )) > + return 0 > + ;; > + -E|--pcre) > + COMPREPLY=($(compgen -W "`salt-key -l acc --no-color`" -- > ${cur})) > + return 0 > + ;; > + -L|--list) > + # IMPROVEMENTS ARE WELCOME > + prefpart="${cur%,*}," > + postpart=${cur##*,} > + filt="^\($(echo ${cur}| sed 's:,:\\|:g')\)$" > + helper=($(salt-key -l acc --no-color | grep -v "${filt}" | sed > "s/^/${prefpart}/")) > + COMPREPLY=($(compgen -W "${helper[*]}" -- ${cur})) > + > + return 0 > + ;; > + -G|--grain|--grain-pcre) > + COMPREPLY=($(compgen -W "$(_salt_get_grains)" -- ${cur})) > + return 0 > + ;; > + # FIXME > + -R|--range) > + # FIXME ?? > + return 0 > + ;; > + -C|--compound) > + # FIXME ?? > + return 0 > + ;; > + -c|--config) > + COMPREPLY=($(compgen -f -- ${cur})) > + return 0 > + ;; > + esac > + > + # default is using opts: > + COMPREPLY=( $(compgen -W "${opts}" -- ${cur}) ) > +} > + > +complete -F _saltcp salt-cp > diff --git a/meta-openstack/recipes-support/salt/files/salt-common.logrotate > b/meta-openstack/recipes-support/salt/files/salt-common.logrotate > new file mode 100644 > index 0000000..dcfd268 > --- /dev/null > +++ b/meta-openstack/recipes-support/salt/files/salt-common.logrotate > @@ -0,0 +1,10 @@ > +/var/log/salt/master > +/var/log/salt/minion > +/var/log/salt/*.log > +{ > + weekly > + missingok > + rotate 7 > + compress > + notifempty > +} > diff --git a/meta-openstack/recipes-support/salt/files/salt-master > b/meta-openstack/recipes-support/salt/files/salt-master > new file mode 100755 > index 0000000..b534b36 > --- /dev/null > +++ b/meta-openstack/recipes-support/salt/files/salt-master > @@ -0,0 +1,111 @@ > +#!/bin/sh > +### BEGIN INIT INFO > +# Provides: salt-master > +# Required-Start: $remote_fs $network > +# Required-Stop: $remote_fs $network > +# Default-Start: 2 3 4 5 > +# Default-Stop: 0 1 6 > +# Short-Description: salt master control daemon > +# Description: This is a daemon that controls the salt minions > +### END INIT INFO > + > +# Author: Michael Prokop <[email protected]> > + > +PATH=/sbin:/usr/sbin:/bin:/usr/bin > +DESC="salt master control daemon" > +NAME=salt-master > +DAEMON=/usr/bin/salt-master > +DAEMON_ARGS="-d" > +PIDFILE=/var/run/$NAME.pid > +SCRIPTNAME=/etc/init.d/$NAME > + > +# Exit if the package is not installed > +[ -x "$DAEMON" ] || exit 0 > + > +# Read configuration variable file if it is present > +[ -r /etc/default/$NAME ] && . /etc/default/$NAME > + > +# Source function library. > +. /etc/init.d/functions > + > +do_start() { > + # Return > + # 0 if daemon has been started > + # 1 if daemon was already running > + # 2 if daemon could not be started > + pid=$(pidof -x $DAEMON) > + if [ -n "$pid" ] ; then > + return 1 > + fi > + > + start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -- \ > + $DAEMON_ARGS \ > + || return 2 > +} > + > +do_stop() { > + # Return > + # 0 if daemon has been stopped > + # 1 if daemon was already stopped > + # 2 if daemon could not be stopped > + # other if a failure occurred > + start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --pidfile > $PIDFILE --name $NAME > + RETVAL="$?" > + [ "$RETVAL" = 2 ] && return 2 > + rm -f $PIDFILE > + return "$RETVAL" > +} > + > +case "$1" in > + start) > + [ "$VERBOSE" != no ] && echo "Starting $DESC" "$NAME" > + do_start > + case "$?" in > + 0|1) [ "$VERBOSE" != no ] && echo OK ;; > + 2) [ "$VERBOSE" != no ] && echo FAILED ;; > + esac > + ;; > + stop) > + [ "$VERBOSE" != no ] && echo "Stopping $DESC" "$NAME" > + do_stop > + case "$?" in > + 0|1) [ "$VERBOSE" != no ] && echo OK ;; > + 2) [ "$VERBOSE" != no ] && echo FAILED ;; > + esac > + ;; > + status) > + pid=`pidof -x $DAEMON` > + if [ -n "$pid" ]; then > + echo "$NAME (pid $pid) is running ..." > + else > + echo "$NAME is stopped" > + fi > + ;; > + #reload) > + # not implemented > + #;; > + restart|force-reload) > + echo "Restarting $DESC" "$NAME" > + do_stop > + case "$?" in > + 0|1) > + do_start > + case "$?" in > + 0) echo OK ;; > + 1) echo FAILED ;; # Old process is still running > + *) echo FAILED ;; # Failed to start > + esac > + ;; > + *) > + # Failed to stop > + echo FAILED > + ;; > + esac > + ;; > + *) > + echo "Usage: $SCRIPTNAME {start|stop|status|restart|force-reload}" > >&2 > + exit 3 > + ;; > +esac > + > +exit 0 > diff --git a/meta-openstack/recipes-support/salt/files/salt-minion > b/meta-openstack/recipes-support/salt/files/salt-minion > new file mode 100755 > index 0000000..e062017 > --- /dev/null > +++ b/meta-openstack/recipes-support/salt/files/salt-minion > @@ -0,0 +1,111 @@ > +#!/bin/sh > +### BEGIN INIT INFO > +# Provides: salt-minion > +# Required-Start: $remote_fs $network > +# Required-Stop: $remote_fs $network > +# Default-Start: 2 3 4 5 > +# Default-Stop: 0 1 6 > +# Short-Description: salt minion control daemon > +# Description: This is a daemon that receives commands from a > salt-master > +### END INIT INFO > + > +# Author: Michael Prokop <[email protected]> > + > +PATH=/sbin:/usr/sbin:/bin:/usr/bin > +DESC="salt minion control daemon" > +NAME=salt-minion > +DAEMON=/usr/bin/salt-minion > +DAEMON_ARGS="-d" > +PIDFILE=/var/run/$NAME.pid > +SCRIPTNAME=/etc/init.d/$NAME > + > +# Exit if the package is not installed > +[ -x "$DAEMON" ] || exit 0 > + > +# Read configuration variable file if it is present > +[ -r /etc/default/$NAME ] && . /etc/default/$NAME > + > +# Source function library. > +. /etc/init.d/functions > + > +do_start() { > + # Return > + # 0 if daemon has been started > + # 1 if daemon was already running > + # 2 if daemon could not be started > + pid=$(pidof -x $DAEMON) > + if [ -n "$pid" ] ; then > + return 1 > + fi > + > + start-stop-daemon --start --quiet --background --pidfile $PIDFILE --exec > $DAEMON -- \ > + $DAEMON_ARGS \ > + || return 2 > +} > + > +do_stop() { > + # Return > + # 0 if daemon has been stopped > + # 1 if daemon was already stopped > + # 2 if daemon could not be stopped > + # other if a failure occurred > + start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --pidfile > $PIDFILE --name $NAME > + RETVAL="$?" > + [ "$RETVAL" = 2 ] && return 2 > + rm -f $PIDFILE > + return "$RETVAL" > +} > + > +case "$1" in > + start) > + [ "$VERBOSE" != no ] && echo "Starting $DESC" "$NAME" > + do_start > + case "$?" in > + 0|1) [ "$VERBOSE" != no ] && echo OK ;; > + 2) [ "$VERBOSE" != no ] && echo FAILED ;; > + esac > + ;; > + stop) > + [ "$VERBOSE" != no ] && echo "Stopping $DESC" "$NAME" > + do_stop > + case "$?" in > + 0|1) [ "$VERBOSE" != no ] && echo OK ;; > + 2) [ "$VERBOSE" != no ] && echo FAILED ;; > + esac > + ;; > + status) > + pid=`pidof -x $DAEMON` > + if [ -n "$pid" ]; then > + echo "$NAME (pid $pid) is running ..." > + else > + echo "$NAME is stopped" > + fi > + ;; > + #reload) > + # not implemented > + #;; > + restart|force-reload) > + echo "Restarting $DESC" "$NAME" > + do_stop > + case "$?" in > + 0|1) > + do_start > + case "$?" in > + 0) echo OK ;; > + 1) echo FAILED ;; # Old process is still running > + *) echo FAILED ;; # Failed to start > + esac > + ;; > + *) > + # Failed to stop > + echo FAILED > + ;; > + esac > + ;; > + *) > + echo "Usage: $SCRIPTNAME {start|stop|status|restart|force-reload}" > >&2 > + exit 3 > + ;; > +esac > + > +exit 0 > diff --git a/meta-openstack/recipes-support/salt/files/salt-syndic > b/meta-openstack/recipes-support/salt/files/salt-syndic > new file mode 100755 > index 0000000..6d5cdff > --- /dev/null > +++ b/meta-openstack/recipes-support/salt/files/salt-syndic > @@ -0,0 +1,111 @@ > +#!/bin/sh > +### BEGIN INIT INFO > +# Provides: salt-syndic > +# Required-Start: $remote_fs $network > +# Required-Stop: $remote_fs $network > +# Default-Start: 2 3 4 5 > +# Default-Stop: 0 1 6 > +# Short-Description: salt syndic control daemon > +# Description: This is a daemon for the master of masters > +### END INIT INFO > + > +# Author: Michael Prokop <[email protected]> > + > +PATH=/sbin:/usr/sbin:/bin:/usr/bin > +DESC="salt syndic control daemon" > +NAME=salt-syndic > +DAEMON=/usr/bin/salt-syndic > +DAEMON_ARGS="-d" > +PIDFILE=/var/run/$NAME.pid > +SCRIPTNAME=/etc/init.d/$NAME > + > +# Exit if the package is not installed > +[ -x "$DAEMON" ] || exit 0 > + > +# Read configuration variable file if it is present > +[ -r /etc/default/$NAME ] && . /etc/default/$NAME > + > +# Source function library. > +. /etc/init.d/functions > + > +do_start() { > + # Return > + # 0 if daemon has been started > + # 1 if daemon was already running > + # 2 if daemon could not be started > + pid=$(pidof -x $DAEMON) > + if [ -n "$pid" ] ; then > + return 1 > + fi > + > + start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -- \ > + $DAEMON_ARGS \ > + || return 2 > +} > + > +do_stop() { > + # Return > + # 0 if daemon has been stopped > + # 1 if daemon was already stopped > + # 2 if daemon could not be stopped > + # other if a failure occurred > + start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --pidfile > $PIDFILE --name $NAME > + RETVAL="$?" > + [ "$RETVAL" = 2 ] && return 2 > + rm -f $PIDFILE > + return "$RETVAL" > +} > + > +case "$1" in > + start) > + [ "$VERBOSE" != no ] && echo "Starting $DESC" "$NAME" > + do_start > + case "$?" in > + 0|1) [ "$VERBOSE" != no ] && echo OK ;; > + 2) [ "$VERBOSE" != no ] && echo FAILED ;; > + esac > + ;; > + stop) > + [ "$VERBOSE" != no ] && echo "Stopping $DESC" "$NAME" > + do_stop > + case "$?" in > + 0|1) [ "$VERBOSE" != no ] && echo OK ;; > + 2) [ "$VERBOSE" != no ] && echo FAILED ;; > + esac > + ;; > + status) > + pid=`pidof -x $DAEMON` > + if [ -n "$pid" ]; then > + echo "$NAME (pid $pid) is running ..." > + else > + echo "$NAME is stopped" > + fi > + ;; > + #reload) > + # not implemented > + #;; > + restart|force-reload) > + echo "Restarting $DESC" "$NAME" > + do_stop > + case "$?" in > + 0|1) > + do_start > + case "$?" in > + 0) echo OK ;; > + 1) echo FAILED ;; # Old process is still running > + *) echo FAILED ;; # Failed to start > + esac > + ;; > + *) > + # Failed to stop > + echo FAILED > + ;; > + esac > + ;; > + *) > + echo "Usage: $SCRIPTNAME {start|stop|status|restart|force-reload}" > >&2 > + exit 3 > + ;; > +esac > + > +exit 0 > diff --git > a/meta-openstack/recipes-support/salt/salt/set_python_location_hashbang.patch > b/meta-openstack/recipes-support/salt/salt/set_python_location_hashbang.patch > new file mode 100644 > index 0000000..2369d4c > --- /dev/null > +++ > b/meta-openstack/recipes-support/salt/salt/set_python_location_hashbang.patch > @@ -0,0 +1,107 @@ > +Upstream-Status: Pending > + > +# The Salt SysV scripts require that the process name of the salt > +# components have the form "salt-<component>". > +# The current python shebangs on the salt components scripts spwans > +# processes that are generically named python. Changed shebang so > +# process names will be identifiable by the init scripts. > + > +diff -Naur a/scripts/salt-api b/scripts/salt-api > +--- a/scripts/salt-api 2015-04-08 16:48:01.912294278 -0500 > ++++ b/scripts/salt-api 2015-04-08 16:49:03.336483297 -0500 > +@@ -1,4 +1,4 @@ > +-#!/usr/bin/env python > ++#!/usr/bin/python > + > + # Import salt libs > + from salt.scripts import salt_api > +diff -Naur a/scripts/salt-call b/scripts/salt-call > +--- a/scripts/salt-call 2015-04-08 16:48:01.912294278 -0500 > ++++ b/scripts/salt-call 2015-04-08 16:49:11.360507977 -0500 > +@@ -1,4 +1,4 @@ > +-#!/usr/bin/env python > ++#!/usr/bin/python > + ''' > + Directly call a salt command in the modules, does not require a running salt > + minion to run. > +diff -Naur a/scripts/salt-cloud b/scripts/salt-cloud > +--- a/scripts/salt-cloud 2015-04-08 16:48:01.912294278 -0500 > ++++ b/scripts/salt-cloud 2015-04-08 16:49:20.612536436 -0500 > +@@ -1,4 +1,4 @@ > +-#!/usr/bin/env python > ++#!/usr/bin/python > + ''' > + Publish commands to the salt system from the command line on the master. > + ''' > +diff -Naur a/scripts/salt-cp b/scripts/salt-cp > +--- a/scripts/salt-cp 2015-04-08 16:48:01.912294278 -0500 > ++++ b/scripts/salt-cp 2015-04-08 16:49:30.132565723 -0500 > +@@ -1,4 +1,4 @@ > +-#!/usr/bin/env python > ++#!/usr/bin/python > + ''' > + Publish commands to the salt system from the command line on the master. > + ''' > +diff -Naur a/scripts/salt-key b/scripts/salt-key > +--- a/scripts/salt-key 2015-04-08 16:48:01.912294278 -0500 > ++++ b/scripts/salt-key 2015-04-08 16:49:39.912595801 -0500 > +@@ -1,4 +1,4 @@ > +-#!/usr/bin/env python > ++#!/usr/bin/python > + ''' > + Manage the authentication keys with salt-key > + ''' > +diff -Naur a/scripts/salt-master b/scripts/salt-master > +--- a/scripts/salt-master 2015-04-08 16:48:01.912294278 -0500 > ++++ b/scripts/salt-master 2015-04-08 16:49:50.224627508 -0500 > +@@ -1,4 +1,4 @@ > +-#!/usr/bin/env python > ++#!/usr/bin/python > + ''' > + Start the salt-master > + ''' > +diff -Naur a/scripts/salt-minion b/scripts/salt-minion > +--- a/scripts/salt-minion 2015-04-08 16:48:01.912294278 -0500 > ++++ b/scripts/salt-minion 2015-04-08 16:49:57.808650832 -0500 > +@@ -1,4 +1,4 @@ > +-#!/usr/bin/env python > ++#!/usr/bin/python > + ''' > + This script is used to kick off a salt minion daemon > + ''' > +diff -Naur a/scripts/salt-run b/scripts/salt-run > +--- a/scripts/salt-run 2015-04-08 16:48:01.912294278 -0500 > ++++ b/scripts/salt-run 2015-04-08 16:50:06.588677825 -0500 > +@@ -1,4 +1,4 @@ > +-#!/usr/bin/env python > ++#!/usr/bin/python > + ''' > + Execute a salt convenience routine > + ''' > +diff -Naur a/scripts/salt-ssh b/scripts/salt-ssh > +--- a/scripts/salt-ssh 2015-04-08 16:48:01.912294278 -0500 > ++++ b/scripts/salt-ssh 2015-04-08 16:50:13.680699631 -0500 > +@@ -1,4 +1,4 @@ > +-#!/usr/bin/env python > ++#!/usr/bin/python > + ''' > + Execute the salt ssh system > + ''' > +diff -Naur a/scripts/salt-syndic b/scripts/salt-syndic > +--- a/scripts/salt-syndic 2015-04-08 16:48:01.912294278 -0500 > ++++ b/scripts/salt-syndic 2015-04-08 16:50:20.892721803 -0500 > +@@ -1,4 +1,4 @@ > +-#!/usr/bin/env python > ++#!/usr/bin/python > + ''' > + This script is used to kick off a salt syndic daemon > + ''' > +diff -Naur a/scripts/salt-unity b/scripts/salt-unity > +--- a/scripts/salt-unity 2015-04-08 16:48:01.912294278 -0500 > ++++ b/scripts/salt-unity 2015-04-08 16:50:35.968768142 -0500 > +@@ -1,4 +1,4 @@ > +-#!/usr/bin/env python2 > ++#!/usr/bin/python2 > + > + # Import python libs > + import sys > diff --git a/meta-openstack/recipes-support/salt/salt_2014.7.4.bb > b/meta-openstack/recipes-support/salt/salt_2014.7.4.bb > new file mode 100644 > index 0000000..5b618e0 > --- /dev/null > +++ b/meta-openstack/recipes-support/salt/salt_2014.7.4.bb > @@ -0,0 +1,145 @@ > +HOMEPAGE = "http://saltstack.com/"; > +SECTION = "admin" > +LICENSE = "Apache-2.0" > +LIC_FILES_CHKSUM = "file://LICENSE;md5=5357642471cfab4740d1d0a20c51af6a" > +DEPENDS = "\ > + python-msgpack \ > + python-pyyaml \ > + python-jinja2 \ > + python-markupsafe \ > + python-requests \ > + python-pyzmq \ > + python-pycrypto \ > + python-m2crypto \ > +" > + > +SRCNAME = "salt" > +SRC_URI = > "http://pypi.python.org/packages/source/s/${SRCNAME}/${SRCNAME}-${PV}.tar.gz \ > + file://set_python_location_hashbang.patch \ > + file://minion \ > + file://salt-minion \ > + file://salt-common.bash_completion \ > + file://salt-common.logrotate \ > + file://salt-api \ > + file://salt-master \ > + file://master \ > + file://salt-syndic \ > + file://cloud \ > + file://roster \ > +" > + > +SRC_URI[md5sum] = "622404c0a6c38224f82a4c7b2927db61" > +SRC_URI[sha256sum] = > "0adf4c138ebd26745b1d1157be0772d89da3582fe8a6622a8031cbe32a28e9f3" > + > +S = "${WORKDIR}/${SRCNAME}-${PV}" > + > +inherit setuptools update-rc.d > + > +PACKAGES += "\ > + ${PN}-api \ > + ${PN}-cloud \ > + ${PN}-common \ > + ${PN}-master \ > + ${PN}-minion \ > + ${PN}-ssh \ > + ${PN}-syndic \ > + ${PN}-bash-completion \ > +" > + > +do_install_append() { > + install -d ${D}${sysconfdir}/bash_completion.d/ > + install -m 0644 ${WORKDIR}/salt-common.bash_completion > ${D}${sysconfdir}/bash_completion.d/${PN}-common > + install -d ${D}${sysconfdir}/logrotate.d/ > + install -m 0644 ${WORKDIR}/salt-common.logrotate > ${D}${sysconfdir}/logrotate.d/${PN}-common > + install -d ${D}${sysconfdir}/init.d/ > + install -m 0755 ${WORKDIR}/salt-minion > ${D}${sysconfdir}/init.d/${PN}-minion > + install -m 0755 ${WORKDIR}/salt-api > ${D}${sysconfdir}/init.d/${PN}-api > + install -m 0755 ${WORKDIR}/salt-master > ${D}${sysconfdir}/init.d/${PN}-master > + install -m 0755 ${WORKDIR}/salt-syndic > ${D}${sysconfdir}/init.d/${PN}-syndic > + install -d ${D}${sysconfdir}/${PN}/ > + install -m 0644 ${WORKDIR}/minion ${D}${sysconfdir}/${PN}/minion > + install -m 0644 ${WORKDIR}/master ${D}${sysconfdir}/${PN}/master > + install -m 0644 ${WORKDIR}/cloud ${D}${sysconfdir}/${PN}/cloud > + install -m 0644 ${WORKDIR}/roster ${D}${sysconfdir}/${PN}/roster > + install -d ${D}${sysconfdir}/${PN}/cloud.conf.d > ${D}${sysconfdir}/${PN}/cloud.profiles.d > ${D}${sysconfdir}/${PN}/cloud.providers.d > +} > + > +ALLOW_EMPTY_${PN} = "1" > +FILES_${PN} = "" > + > +INITSCRIPT_PACKAGES = "${PN}-minion ${PN}-api ${PN}-master ${PN}-syndic" > + > +DESCRIPTION_COMMON = "salt is a powerful remote execution manager that can > be used to administer servers in a\ > + fast and efficient way. It allows commands to be executed across large > groups of servers. This means systems\ > + can be easily managed, but data can also be easily gathered. Quick > introspection into running systems becomes\ > + a reality. Remote execution is usually used to set up a certain state on a > remote system. Salt addresses this\ > + problem as well, the salt state system uses salt state files to define the > state a server needs to be in. \ > +Between the remote execution system, and state management Salt addresses the > backbone of cloud and data center\ > + management." > + > +SUMMARY_${PN}-minion = "client package for salt, the distributed remote > execution system" > +DESCRIPTION_${PN}-minion = "${DESCRIPTION_COMMON} This particular package > provides the worker agent for salt." > +RDEPENDS_${PN}-minion = "python ${PN}-common (= ${EXTENDPKGV}) > python-m2crypto python-pycrypto python-msgpack python-pyzmq (>= 13.1.0)" > +RRECOMMENDS_${PN}-minion_append_x64 = "dmidecode" > +RSUGGESTS_${PN}-minion = "python-augeas" > +CONFFILES_${PN}-minion = "${sysconfdir}/${PN}/minion > ${sysconfdir}/init.d/${PN}-minion" > +FILES_${PN}-minion = "${bindir}/${PN}-minion ${sysconfdir}/${PN}/minion.d/ > ${CONFFILES_${PN}-minion}" > +INITSCRIPT_NAME_${PN}-minion = "${PN}-minion" > +INITSCRIPT_PARAMS_${PN}-minion = "defaults" > + > +SUMMARY_${PN}-common = "shared libraries that salt requires for all packages" > +DESCRIPTION_${PN}-common ="${DESCRIPTION_COMMON} This particular package > provides shared libraries that \ > +salt-master, salt-minion, and salt-syndic require to function." > +RDEPENDS_${PN}-common = "python (>= 2.7) python (< 2.8) python-jinja2 > python-pyyaml python-requests" > +RRECOMMENDS_${PN}-common = "lsb" > +RSUGGESTS_${PN}-common = "python-mako python-git" > +RCONFLICTS_${PN}-common = "python-mako (< 0.7.0)" > +CONFFILES_${PN}-common="${sysconfdir}/logrotate.d/${PN}-common" > +FILES_${PN}-common = "${bindir}/${PN}-call ${libdir}/python2.7/ > ${CONFFILES_${PN}-common}" > + > +SUMMARY_${PN}-ssh = "remote manager to administer servers via salt" > +DESCRIPTION_${PN}-ssh = "${DESCRIPTION_COMMON} This particular package > provides the salt ssh controller. It \ > +is able to run salt modules and states on remote hosts via ssh. No minion or > other salt specific software needs\ > + to be installed on the remote host." > +RDEPENDS_${PN}-ssh = "python ${PN}-common (= ${EXTENDPKGV}) python-msgpack" > +CONFFILES_${PN}-ssh="${sysconfdir}/${PN}/roster" > +FILES_${PN}-ssh = "${bindir}/${PN}-ssh ${CONFFILES_${PN}-ssh}" > + > +SUMMARY_${PN}-api = "generic, modular network access system" > +DESCRIPTION_${PN}-api = "a modular interface on top of Salt that can provide > a variety of entry points into a \ > +running Salt system. It can start and manage multiple interfaces allowing a > REST API to coexist with XMLRPC or \ > +even a Websocket API. The Salt API system is used to expose the fundamental > aspects of Salt control to external\ > + sources. salt-api acts as the bridge between Salt itself and REST, > Websockets, etc. Documentation is available\ > + on Read the Docs: http://salt-api.readthedocs.org/"; > +RDEPENDS_${PN}-api = "python ${PN}-master" > +RSUGGESTS_${PN}-api = "python-cherrypy" > +CONFFILES_${PN}-api = "${sysconfdir}/init.d/${PN}-api" > +FILES_${PN}-api = "${bindir}/${PN}-api ${CONFFILES_${PN}-api}" > +INITSCRIPT_NAME_${PN}-api = "${PN}-api" > +INITSCRIPT_PARAMS_${PN}-api = "defaults" > + > +SUMMARY_${PN}-master = "remote manager to administer servers via salt" > +DESCRIPTION_${PN}-master ="${DESCRIPTION_COMMON} This particular package > provides the salt controller." > +RDEPENDS_${PN}-master = "python ${PN}-common (= ${EXTENDPKGV}) > python-m2crypto python-pycrypto python-msgpack python-pyzmq (>= 13.1.0)" > +CONFFILES_${PN}-master="${sysconfdir}/init.d/${PN}-master > ${sysconfdir}/${PN}/master" > +FILES_${PN}-master = "${bindir}/${PN} ${bindir}/${PN}-cp ${bindir}/${PN}-key > ${bindir}/${PN}-master ${bindir}/${PN}-run ${bindir}/${PN}-unity > ${CONFFILES_${PN}-master}" > +INITSCRIPT_NAME_${PN}-master = "${PN}-master" > +INITSCRIPT_PARAMS_${PN}-master = "defaults" > + > +SUMMARY_${PN}-syndic = "master-of-masters for salt, the distributed remote > execution system" > +DESCRIPTION_${PN}-syndic = "${DESCRIPTION_COMMON} This particular package > provides the master of masters for \ > +salt; it enables the management of multiple masters at a time." > +RDEPENDS_${PN}-syndic = "python ${PN}-master (= ${EXTENDPKGV})" > +CONFFILES_${PN}-syndic="${sysconfdir}/init.d/${PN}-syndic" > +FILES_${PN}-syndic = "${bindir}/${PN}-syndic ${CONFFILES_${PN}-syndic}" > +INITSCRIPT_NAME_${PN}-syndic = "${PN}-syndic" > +INITSCRIPT_PARAMS_${PN}-syndic = "defaults" > + > +SUMMARY_${PN}-cloud = "public cloud VM management system" > +DESCRIPTION_${PN}-cloud = "provision virtual machines on various public > clouds via a cleanly controlled profile and mapping system." > +RDEPENDS_${PN}-cloud = "python ${PN}-common (= ${EXTENDPKGV}) python-msgpack" > +RSUGGESTS_${PN}-cloud = "python-netaddr python-botocore" > +CONFFILES_${PN}-cloud = "${sysconfdir}/${PN}/cloud" > +FILES_${PN}-cloud = "${bindir}/${PN}-cloud ${sysconfdir}/${PN}/cloud.conf.d/ > ${sysconfdir}/${PN}/cloud.profiles.d/ ${sysconfdir}/${PN}/cloud.providers.d/ > ${CONFFILES_${PN}-cloud}" > + > +FILES_${PN}-bash-completion = "${sysconfdir}/bash_completion.d/${PN}-common" > -- > 1.9.1 > > -- > _______________________________________________ > meta-virtualization mailing list > [email protected] > https://lists.yoctoproject.org/listinfo/meta-virtualization -- "Thou shalt not follow the NULL pointer, for chaos and madness await thee at its end" -- _______________________________________________ meta-virtualization mailing list [email protected] https://lists.yoctoproject.org/listinfo/meta-virtualization
