Merge branch 'sensu' into 'master'
if storage.swap is defined
See merge request !15
diff --git a/README.rst b/README.rst
index a1c93a1..67b17c9 100644
--- a/README.rst
+++ b/README.rst
@@ -612,6 +612,82 @@
size: 40G
mount: ${linux:storage:mount:data}
+
+Multipath with Fujitsu Eternus DXL
+
+.. code-block:: yaml
+
+ parameters:
+ linux:
+ storage:
+ multipath:
+ enabled: true
+ blacklist_devices:
+ - /dev/sda
+ - /dev/sdb
+ backends:
+ - fujitsu_eternus_dxl
+
+Multipath with Hitachi VSP 1000
+
+.. code-block:: yaml
+
+ parameters:
+ linux:
+ storage:
+ multipath:
+ enabled: true
+ blacklist_devices:
+ - /dev/sda
+ - /dev/sdb
+ backends:
+ - hitachi_vsp1000
+
+Multipath with IBM Storwize
+
+.. code-block:: yaml
+
+ parameters:
+ linux:
+ storage:
+ multipath:
+ enabled: true
+ blacklist_devices:
+ - /dev/sda
+ - /dev/sdb
+ backends:
+ - ibm_storwize
+
+Multipath with multiple backends
+
+.. code-block:: yaml
+
+ parameters:
+ linux:
+ storage:
+ multipath:
+ enabled: true
+ blacklist_devices:
+ - /dev/sda
+ - /dev/sdb
+ - /dev/sdc
+ - /dev/sdd
+ backends:
+ - ibm_storwize
+ - fujitsu_eternus_dxl
+ - hitachi_vsp1000
+
+Disabled multipath (the default setup)
+
+.. code-block:: yaml
+
+ parameters:
+ linux:
+ storage:
+ multipath:
+ enabled: false
+
+
Usage
=====
diff --git a/linux/files/collectd_df.conf b/linux/files/collectd_df.conf
index b7ac768..c0460eb 100644
--- a/linux/files/collectd_df.conf
+++ b/linux/files/collectd_df.conf
@@ -1,9 +1,10 @@
-LoadPlugin df
+<LoadPlugin df>
+ Globals false
+</LoadPlugin>
+
<Plugin df>
{%- for fs_type in plugin.get('fs_types', []) %}
FSType {{ fs_type }}
{%- endfor %}
- {%- if plugin.get('ignore_selected', False) %}
- IgnoreSelected true
- {%- endif %}
+ IgnoreSelected {{ plugin.get('ignore_selected', False)|lower }}
</Plugin>
diff --git a/linux/files/collectd_disk.conf b/linux/files/collectd_disk.conf
index 50c5288..4dac534 100644
--- a/linux/files/collectd_disk.conf
+++ b/linux/files/collectd_disk.conf
@@ -1,6 +1,7 @@
-LoadPlugin disk
+<LoadPlugin disk>
+ Globals false
+</LoadPlugin>
+
<Plugin disk>
- {%- if plugin.get('ignore_selected', False) %}
- IgnoreSelected true
- {%- endif %}
+ IgnoreSelected {{ plugin.get('ignore_selected', True)|lower }}
</Plugin>
diff --git a/linux/files/multipath.conf b/linux/files/multipath.conf
index 3d8cce7..382d775 100644
--- a/linux/files/multipath.conf
+++ b/linux/files/multipath.conf
@@ -1,98 +1,22 @@
{%- from "linux/map.jinja" import storage with context %}
##
-## This is a template multipath-tools configuration file
-## Uncomment the lines relevent to your environment
+## This is multipath-tools configuration file managed by Salt
##
-{% set backend = storage.get('backend', 'default') %}
-
-{%- if backend in ['hitachi', 'hds', 'HDS'] %}
defaults {
-# udev_dir /dev
-# polling_interval 10
-# selector "round-robin 0"
-# path_grouping_policy multibus
-# getuid_callout "/lib/udev/scsi_id --whitelisted --device=/dev/%n"
-# prio const
-# path_checker directio
-# rr_min_io 100
-# flush_on_last_del no
-# max_fds 8192
-# rr_weight priorities
-# failback immediate
-# no_path_retry fail
-# queue_without_daemon no
- user_friendly_names no
-# mode 644
-# uid 0
-# gid disk
-}
-
-{%- elif backend in ['fujitsu'] %}
-defaults {
- user_friendly_names no
-}
-blacklist {
- wwid "355cd2e404b76b*"
-}
-devices {
- device {
- vendor "FUJITSU"
- product "ETERNUS_DXL"
- prio alua
- path_grouping_policy group_by_prio
- path_selector "round-robin 0"
- failback immediate
- no_path_retry 0
- path_checker tur
- dev_loss_tmo 2097151
- fast_io_fail_tmo 1
- }
-}
-
-{%- else %}
-
-defaults {
- getuid_callout "/lib/udev/scsi_id --whitelisted --device=/dev/%n"
- user_friendly_names no
+# getuid_callout "/lib/udev/scsi_id --whitelisted --device=/dev/%n"
+ user_friendly_names no
}
blacklist {
-# wwid 26353900f02796769
-# devnode "^(ram|raw|loop|fd|md|dm-|sr|scd|st)[0-9]*"
-# devnode "^hd[a-z][[0-9]*]"
-# device {
-# vendor DEC.*
-# product MSA[15]00
-# }
- #
- # POZOR - filtrace vseho krome blacklistovanych veci
- #
-# wwid "*"
+ {%- for device in storage.multipath.get('blacklist_devices', []) %}
+ wwid {{ salt['cmd.run']('/lib/udev/scsi_id -g -u '+device) }}
+ {%- endfor %}
+ devnode "^(ram|raw|loop|fd|md|dm-|sr|scd|st|nbd)[0-9]*"
}
-blacklist_exceptions {
-# devnode "^dasd[c-d]+[0-9]*"
-# wwid "IBM.75000000092461.4d00.34"
-# wwid 3600507680280050cd000000000000035
-# wwid 3600507680280050cd000000000000030
-# wwid 3600507680280050cd0000000000000ac
-# wwid 3600507680280050cd0000000000003df
- wwid "*"
-}
+
devices {
- device {
- vendor "IBM"
- product "2145"
- path_grouping_policy group_by_prio
- getuid_callout "/lib/udev/scsi_id --whitelisted --device=/dev/%n"
- features "1 queue_if_no_path"
- prio alua
- path_checker tur
- failback immediate
- no_path_retry "5"
- rr_min_io 1
- polling_interval 30
- dev_loss_tmo 120
- }
+ {%- for backend in storage.multipath.get('backends', []) %}
+ {%- include "linux/files/multipath/_" + backend + ".conf" %}
+ {%- endfor %}
}
-{%- endif %}
diff --git a/linux/files/multipath.conf.hds b/linux/files/multipath.conf.hds
deleted file mode 100644
index 0bc246f..0000000
--- a/linux/files/multipath.conf.hds
+++ /dev/null
@@ -1,24 +0,0 @@
-##
-## This is a template multipath-tools configuration file
-## Uncomment the lines relevent to your environment
-##
-defaults {
-# udev_dir /dev
-# polling_interval 10
-# selector "round-robin 0"
-# path_grouping_policy multibus
-# getuid_callout "/lib/udev/scsi_id --whitelisted --device=/dev/%n"
-# prio const
-# path_checker directio
-# rr_min_io 100
-# flush_on_last_del no
-# max_fds 8192
-# rr_weight priorities
-# failback immediate
-# no_path_retry fail
-# queue_without_daemon no
- user_friendly_names no
-# mode 644
-# uid 0
-# gid disk
-}
diff --git a/linux/files/multipath/_fujitsu_eternus_dxl.conf b/linux/files/multipath/_fujitsu_eternus_dxl.conf
new file mode 100644
index 0000000..42b973d
--- /dev/null
+++ b/linux/files/multipath/_fujitsu_eternus_dxl.conf
@@ -0,0 +1,13 @@
+
+ device {
+ vendor "FUJITSU"
+ product "ETERNUS_DXL"
+ prio alua
+ path_grouping_policy group_by_prio
+ path_selector "round-robin 0"
+ failback immediate
+ no_path_retry 0 (*1)
+ path_checker tur
+ dev_loss_tmo 2097151 (*2)
+ fast_io_fail_tmo 1
+ }
diff --git a/linux/files/multipath/_hitachi_vsp1000.conf b/linux/files/multipath/_hitachi_vsp1000.conf
new file mode 100644
index 0000000..754a878
--- /dev/null
+++ b/linux/files/multipath/_hitachi_vsp1000.conf
@@ -0,0 +1,2 @@
+
+# vsp1000 does not have special device config
\ No newline at end of file
diff --git a/linux/files/multipath/_ibm_storwize.conf b/linux/files/multipath/_ibm_storwize.conf
new file mode 100644
index 0000000..a886123
--- /dev/null
+++ b/linux/files/multipath/_ibm_storwize.conf
@@ -0,0 +1,15 @@
+
+ device {
+ vendor "IBM"
+ product "2145"
+ path_grouping_policy group_by_prio
+ getuid_callout "/lib/udev/scsi_id --whitelisted --device=/dev/%n"
+ features "1 queue_if_no_path"
+ prio alua
+ path_checker tur
+ failback immediate
+ no_path_retry "5"
+ rr_min_io 1
+ polling_interval 30
+ dev_loss_tmo 120
+ }
diff --git a/linux/map.jinja b/linux/map.jinja
index 36a991c..fac2916 100644
--- a/linux/map.jinja
+++ b/linux/map.jinja
@@ -15,7 +15,7 @@
'doc_validity_pkgs': ['python-yaml'],
},
'Debian': {
- 'pkgs': ['python-apt','vim'],
+ 'pkgs': ['python-apt','vim-nox', 'apt-transport-https'],
'utc': true,
'user': {},
'group': {},
@@ -64,6 +64,14 @@
'down_cmds',
'pre_down_cmds',
'post_down_cmds',
+ 'maxwait',
+ 'stp',
+ 'gro',
+ 'lacp_rate',
+ 'ad_select',
+ 'downdelay',
+ 'updelay',
+ 'hashing-algorithm',
] %}
{% set network = salt['grains.filter_by']({
@@ -114,20 +122,31 @@
'mount': {},
'swap': {},
'lvm': {},
- 'multipath': False,
+ 'multipath': {
+ 'enabled': False,
+ 'pkgs': ['multipath-tools', 'multipath-tools-boot'],
+ 'service': ''
+ },
},
'Debian': {
'mount': {},
'swap': {},
'lvm': {},
- 'multipath': False,
- 'multipath_pkgs': ['multipath-tools'],
+ 'multipath': {
+ 'enabled': False,
+ 'pkgs': ['multipath-tools', 'multipath-tools-boot'],
+ 'service': 'multipath-tools'
+ },
'lvm_pkgs': ['lvm2'],
},
'RedHat': {
'mount': {},
'swap': {},
'lvm': {},
- 'multipath': False,
+ 'multipath': {
+ 'enabled': False,
+ 'pkgs': [],
+ 'service': 'multipath'
+ },
},
}, grain='os_family', merge=salt['pillar.get']('linux:storage')) %}
diff --git a/linux/meta/collectd.yml b/linux/meta/collectd.yml
index a917f50..e40f45a 100644
--- a/linux/meta/collectd.yml
+++ b/linux/meta/collectd.yml
@@ -1,30 +1,33 @@
plugin:
linux_network_interface:
plugin: interface
- interval: 60
+ execution: local
linux_system_cpu:
plugin: cpu
- interval: 60
+ execution: local
linux_system_entropy:
plugin: entropy
- interval: 60
+ execution: local
linux_system_load:
plugin: load
- interval: 60
+ execution: local
+ linux_system_contextswitch:
+ plugin: contextswitch
+ execution: local
linux_system_memory:
plugin: memory
- interval: 60
+ execution: local
linux_system_uptime:
plugin: uptime
- interval: 60
+ execution: local
linux_system_users:
plugin: users
- interval: 60
+ execution: local
linux_storage_df:
plugin: df
- interval: 60
+ execution: local
template: linux/files/collectd_df.conf
- ignore_selected: true
+ ignore_selected: True
fs_types:
- rootfs
- sysfs
@@ -36,9 +39,9 @@
- cgroup
linux_storage_disk:
plugin: disk
- interval: 60
+ execution: local
template: linux/files/collectd_disk.conf
- ignore_selected: true
+ ignore_selected: True
linux_storage_swap:
plugin: swap
- interval: 60
+ execution: local
diff --git a/linux/meta/sensu.yml b/linux/meta/sensu.yml
index ce85022..06a3775 100644
--- a/linux/meta/sensu.yml
+++ b/linux/meta/sensu.yml
@@ -1,7 +1,7 @@
{%- from "linux/map.jinja" import system,network,storage with context -%}
check:
local_linux_system_zombie_procs:
- command: "PATH=$PATH:/usr/lib64/nagios/plugins:/usr/lib/nagios/plugins check_procs -w 2 -c 7 -s Z"
+ command: "PATH=$PATH:/usr/lib64/nagios/plugins:/usr/lib/nagios/plugins check_procs -w 3 -c 7 -s Z"
interval: 60
occurrences: 3
subscribers:
diff --git a/linux/storage/init.sls b/linux/storage/init.sls
index 214c452..01b41b6 100644
--- a/linux/storage/init.sls
+++ b/linux/storage/init.sls
@@ -1,5 +1,5 @@
{%- from "linux/map.jinja" import storage with context %}
-{%- if storage.mount|length > 0 or storage.swap|length > 0 or storage.multipath %}
+{%- if storage.mount|length > 0 or storage.swap|length > 0 or storage.multipath.enabled %}
include:
{%- if storage.mount|length > 0 %}
- linux.storage.mount
@@ -10,7 +10,7 @@
{%- if storage.lvm|length > 0 %}
- linux.storage.lvm
{%- endif %}
-{%- if storage.multipath %}
+{%- if storage.multipath.enabled %}
- linux.storage.multipath
{%- endif %}
{%- endif %}
diff --git a/linux/storage/multipath.sls b/linux/storage/multipath.sls
index ae9151a..6bcadd1 100644
--- a/linux/storage/multipath.sls
+++ b/linux/storage/multipath.sls
@@ -1,48 +1,24 @@
{%- from "linux/map.jinja" import storage with context %}
-{%- if storage.enabled %}
+{%- if storage.enabled and storage.multipath.enabled %}
-{%- if grains.os_family == 'Debian' %}
-
-linux_multipath_pkgs:
+linux_storage_multipath_packages:
pkg.installed:
- - names: {{ storage.multipath_pkgs }}
+ - names: {{ storage.multipath.pkgs }}
-{%- if storage.multipath.backend not in ['fujitsu'] %}
-
-linux_multipath_boot_pkg:
- pkg.installed:
- - name: multipath-tools-boot
-
-{%- endif %}
-
-{%- if storage.multipath.backend == 'HDS' %}
-
-/etc/multipath.conf:
+linux_storage_multipath_config:
file.managed:
- - source: salt://linux/files/multipath.conf.hds
- - template: jinja
- - require:
- - pkg: linux_multipath_pkgs
-
-{%- else %}
-
-/etc/multipath.conf:
- file.managed:
+ - name: /etc/multipath.conf
- source: salt://linux/files/multipath.conf
- template: jinja
- require:
- - pkg: linux_multipath_pkgs
+ - pkg: linux_storage_multipath_packages
-{%- endif %}
-
-multipath_service:
+linux_storage_multipath_service:
service.running:
- - enable: True
- - name: multipath-tools
+ - enable: true
+ - name: {{ storage.multipath.service }}
- watch:
- - file: /etc/multipath.conf
+ - file: linux_storage_multipath_config
- sig: multipathd
{%- endif %}
-
-{%- endif %}
diff --git a/linux/system/certificate.sls b/linux/system/certificate.sls
index a342cbe..f9f39d4 100644
--- a/linux/system/certificate.sls
+++ b/linux/system/certificate.sls
@@ -3,19 +3,39 @@
{%- if system.ca_certificates is defined %}
-{%- for certificate in system.ca_certificates %}
+linux_system_ca_certificates:
+ pkg.installed:
+ - name: ca-certificates
+{%- if system.ca_certificates is mapping %}
+{%- for name, cert in system.ca_certificates.iteritems() %}
+{{ system.ca_certs_dir }}/{{ name }}.crt:
+ file.managed:
+ - contents_pillar: "linux:system:ca_certificates:{{ name }}"
+ - watch_in:
+ - cmd: update_certificates
+ - require:
+ - pkg: linux_system_ca_certificates
+{%- endfor %}
+
+{%- else %}
+{#- salt-pki way #}
+
+{%- for certificate in system.ca_certificates %}
{{ system.ca_certs_dir }}/{{ certificate }}.crt:
file.managed:
- source: salt://pki/{{ certificate }}/{{ certificate }}-chain.cert.pem
- watch_in:
- cmd: update_certificates
-
+ - require:
+ - pkg: linux_system_ca_certificates
{%- endfor %}
+{%- endif %}
+
update_certificates:
cmd.wait:
- - name: /usr/sbin/update-ca-certificates
+ - name: update-ca-certificates
{%- endif %}
diff --git a/linux/system/package.sls b/linux/system/package.sls
index cd9d2cc..f4cd07e 100644
--- a/linux/system/package.sls
+++ b/linux/system/package.sls
@@ -10,6 +10,10 @@
linux_extra_package_{{ name }}:
{%- if package.version == 'latest' %}
pkg.latest:
+ {%- elif package.version == 'purged' %}
+ pkg.purged:
+ {%- elif package.version == 'removed' %}
+ pkg.removed:
{%- else %}
pkg.installed:
- version: {{ package.version }}
@@ -22,8 +26,8 @@
- hold: {{ package.hold }}
{%- endif %}
{%- if package.verify is defined %}
- - skip_verify: {% if package.verify %}false{% else %}true{% endif %}
+ - skip_verify: {{ true if package.verify else false }}
{%- endif %}
{%- endfor %}
-{%- endif %}
\ No newline at end of file
+{%- endif %}
diff --git a/linux/system/repo.sls b/linux/system/repo.sls
index 08b4abc..04e7070 100644
--- a/linux/system/repo.sls
+++ b/linux/system/repo.sls
@@ -29,7 +29,7 @@
{%- do default_repos.update({name: repo}) %}
-{%- if repo.key_url %}
+{%- if repo.key_url|default(False) %}
linux_repo_{{ name }}_key:
cmd.wait: