Syndics are generally the masters assigned to their region.
We want the minions on syndics to connect to their upstream master
("master of masters") instead of to themselves.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
Avoid permissions errors if Salt attempts to write to Redis during
non-root state.apply calls.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
This is an attempt to remove the need for the custom nbroles module. If
it works out, the localhost reference should be replaced with a global
roles API endpoint.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
'gpg_keydir' is a master specific setting, it does not work under the
top level 'salt' key.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
Add Redis configuration to salt.master profile for caching on Salt masters.
To-Do: move configuration to a formula based approach.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
- add missing settings needed for use in production
- correct existing settings with new advancements
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
Globally setting log level for easier initial setup. Later on we should
consider removing it again, or moving it to the salt:master pillar.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
These were only relevant during testing. Leaving the empty list in case
exclusions need to be added in the future.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
Roles under salt/ are enforced to be existent - adding "empty" file to
match pillar/role/salt/.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
Improve nested role support introduced with
442ff683d1 by correctly converting
subdirectories into nested state references.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
- adapt preparation script to new environment
- add sample mocking pillar including README
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
Script allows for testing and pipeline minions to work without access to
the roles API. Additionally added a note about this in prepare_minion.py.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
- walk both pillar and salt roles
- support nested roles / state files in subdirectories
- allow test invocation of the script from the command line
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
Importing local lookup.py script into Git - this file is loaded as an
external pillar module by Salt masters to allow for external pillars to
be referenced inside external pillars.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
Module should now replace ${...} variables during rendering. Pillar
references need to be quoted.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
