1
0

0.9.9.rst 12 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286
  1. ========================
  2. Salt 0.9.9 Release Notes
  3. ========================
  4. :release: 2012-04-27
  5. 0.9.9 is out and comes with some serious bug fixes and even more serious
  6. features. This release is the last major feature release before 1.0.0 and
  7. could be considered the 1.0.0 release candidate.
  8. A few updates include more advanced kwargs support, the ability for salt
  9. states to more safely configure a running salt minion, better job directory
  10. management and the new state test interface.
  11. Many new tests have been added as well, including the new minion swarm test
  12. that allows for easier testing of Salt working with large groups of minions.
  13. This means that if you have experienced stability issues with Salt before,
  14. particularly in larger deployments, that these bugs have been tested for,
  15. found, and killed.
  16. Major Features
  17. ==============
  18. State Test Interface
  19. --------------------
  20. Until 0.9.9 the only option when running states to see what was going to be
  21. changed was to print out the highstate with state.show_highstate and manually
  22. look it over. But now states can be run to discover what is going to be
  23. changed.
  24. Passing the option ``test=True`` to many of the state functions will now cause
  25. the salt state system to only check for what is going to be changed and report
  26. on those changes.
  27. .. code-block:: bash
  28. salt '*' state.highstate test=True
  29. Now states that would have made changes report them back in yellow.
  30. State Syntax Update
  31. -------------------
  32. A shorthand syntax has been added to sls files, and it will be the default
  33. syntax in documentation going forward. The old syntax is still fully supported
  34. and will not be deprecated, but it is recommended to move to the new syntax in
  35. the future. This change moves the state function up into the state name using
  36. a dot notation. This is in-line with how state functions are generally referred
  37. to as well:
  38. The new way:
  39. .. code-block:: yaml
  40. /etc/sudoers:
  41. file.present:
  42. - source: salt://sudo/sudoers
  43. - user: root
  44. - mode: 400
  45. Use and Use_in Requisites
  46. -------------------------
  47. Two new requisite statements are available in 0.9.9. The use and use_in
  48. requisite and requisite-in allow for the transparent duplication of data
  49. between states. When a state "uses" another state it copies the other state's
  50. arguments as defaults. This was created in direct response to the new network
  51. state, and allows for many network interfaces to be configured in the same way
  52. easily. A simple example:
  53. .. code-block:: yaml
  54. root_file:
  55. file.absent:
  56. - name: /tmp/nothing
  57. - user: root
  58. - mode: 644
  59. - group: root
  60. - use_in:
  61. - file: /etc/vimrc
  62. fred_file:
  63. file.absent:
  64. - name: /tmp/nothing
  65. - user: fred
  66. - group: marketing
  67. - mode: 660
  68. /files/marketing/district7.rst:
  69. file.present:
  70. - source: salt://marketing/district7.rst
  71. - template: jinja
  72. - use:
  73. - file: fred_file
  74. /etc/vimrc:
  75. file.present:
  76. - source: salt://edit/vimrc
  77. This makes the 2 lower state decs inherit the options from their respectively
  78. "used" state decs.
  79. Network State
  80. -------------
  81. The new network state allows for the configuration of network devices via salt
  82. states and the ip salt module. This addition has been given to the project by
  83. Jeff Hutchins and Bret Palsson from Jive Communications.
  84. Currently the only network configuration backend available is for Red Hat
  85. based systems, like Red Hat Enterprise, CentOS, and Fedora.
  86. Exponential Jobs
  87. ----------------
  88. Originally the jobs executed were stored on the master in the format:
  89. ``<cachedir>/jobs/jid/{minion ids}``
  90. But this format restricted the number of jobs in the cache to the number of
  91. subdirectories allowed on the filesystem. Ext3 for instance limits
  92. subdirectories to 32000. To combat this the new format for 0.9.9 is:
  93. ``<cachedir>/jobs/jid_hash[:2]/jid_hash[2:]/{minion ids}``
  94. So that now the number of maximum jobs that can be run before the cleanup
  95. cycle hits the job directory is substantially higher.
  96. ssh_auth Additions
  97. ------------------
  98. The original ssh_auth state was limited to accepting only arguments to apply
  99. to a public key, and the key itself. This was restrictive due to the way the
  100. we learned that many people were using the state, so the key section has been
  101. expanded to accept options and arguments to the key that over ride arguments
  102. passed in the state. This gives substantial power to using ssh_auth with names:
  103. .. code-block:: yaml
  104. sshkeys:
  105. ssh_auth:
  106. - present
  107. - user: backup
  108. - enc: ssh-dss
  109. - options:
  110. - option1="value1"
  111. - option2="value2 flag2"
  112. - comment: backup
  113. - names:
  114. - AAAAB3NzaC1yc2EAAAABIwAAAQEAlyE26SMFFVY5YJvnL7AF5CRTPtAigSW1U887ASfBt6FDa7Qr1YdO5ochiLoz8aSiMKd5h4dhB6ymHbmntMPjQena29jQjXAK4AK0500rMShG1Y1HYEjTXjQxIy/SMjq2aycHI+abiVDn3sciQjsLsNW59t48Udivl2RjWG7Eo+LYiB17MKD5M40r5CP2K4B8nuL+r4oAZEHKOJUF3rzA20MZXHRQuki7vVeWcW7ie8JHNBcq8iObVSoruylXav4aKG02d/I4bz/l0UdGh18SpMB8zVnT3YF5nukQQ/ATspmhpU66s4ntMehULC+ljLvZL40ByNmF0TZc2sdSkA0111==
  115. - AAAAB3NzaC1yc2EAAAABIwAAAQEAlyE26SMFFVY5YJvnL7AF5CRTPtAigSW1U887ASfBt6FDa7Qr1YdO5ochiLoz8aSiMKd5h4dhB6ymHbmntMPjQena29jQjXAK4AK0500rMShG1Y1HYEjTXjQxIy/SMjq2aycHI+abiVDn3sciQjsLsNW59t48Udivl2RjWG7Eo+LYiB17MKD5M40r5CP2K4B8nuL+r4oAZEHKOJUF3rzA20MZXHRQuki7vVeWcW7ie8JHNBcq8iObVSoruylXav4aKG02d/I4bz/l0UdGh18SpMB8zVnT3YF5nukQQ/ATspmhpU66s4ntMehULC+ljLvZL40ByNmF0TZc2sdSkA0222== override
  116. - ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAlyE26SMFFVY5YJvnL7AF5CRTPtAigSW1U887ASfBt6FDa7Qr1YdO5ochiLoz8aSiMKd5h4dhB6ymHbmntMPjQena29jQjXAK4AK0500rMShG1Y1HYEjTXjQxIy/SMjq2aycHI+abiVDn3sciQjsLsNW59t48Udivl2RjWG7Eo+LYiB17MKD5M40r5CP2K4B8nuL+r4oAZEHKOJUF3rzA20MZXHRQuki7vVeWcW7ie8JHNBcq8iObVSoruylXav4aKG02d/I4bz/l0UdGh18SpMB8zVnT3YF5nukQQ/ATspmhpU66s4ntMehULC+ljLvZL40ByNmF0TZc2sdSkA0333== override
  117. - ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAlyE26SMFFVY5YJvnL7AF5CRTPtAigSW1U887ASfBt6FDa7Qr1YdO5ochiLoz8aSiMKd5h4dhB6ymHbmntMPjQena29jQjXAK4AK0500rMShG1Y1HYEjTXjQxIy/SMjq2aycHI+abiVDn3sciQjsLsNW59t48Udivl2RjWG7Eo+LYiB17MKD5M40r5CP2K4B8nuL+r4oAZEHKOJUF3rzA20MZXHRQuki7vVeWcW7ie8JHNBcq8iObVSoruylXav4aKG02d/I4bz/l0UdGh18SpMB8zVnT3YF5nukQQ/ATspmhpU66s4ntMehULC+ljLvZL40ByNmF0TZc2sdSkA0444==
  118. - option3="value3",option4="value4 flag4" ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAlyE26SMFFVY5YJvnL7AF5CRTPtAigSW1U887ASfBt6FDa7Qr1YdO5ochiLoz8aSiMKd5h4dhB6ymHbmntMPjQena29jQjXAK4AK0500rMShG1Y1HYEjTXjQxIy/SMjq2aycHI+abiVDn3sciQjsLsNW59t48Udivl2RjWG7Eo+LYiB17MKD5M40r5CP2K4B8nuL+r4oAZEHKOJUF3rzA20MZXHRQuki7vVeWcW7ie8JHNBcq8iObVSoruylXav4aKG02d/I4bz/l0UdGh18SpMB8zVnT3YF5nukQQ/ATspmhpU66s4ntMehULC+ljLvZL40ByNmF0TZc2sdSkA0555== override
  119. - option3="value3" ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAlyE26SMFFVY5YJvnL7AF5CRTPtAigSW1U887ASfBt6FDa7Qr1YdO5ochiLoz8aSiMKd5h4dhB6ymHbmntMPjQena29jQjXAK4AK0500rMShG1Y1HYEjTXjQxIy/SMjq2aycHI+abiVDn3sciQjsLsNW59t48Udivl2RjWG7Eo+LYiB17MKD5M40r5CP2K4B8nuL+r4oAZEHKOJUF3rzA20MZXHRQuki7vVeWcW7ie8JHNBcq8iObVSoruylXav4aKG02d/I4bz/l0UdGh18SpMB8zVnT3YF5nukQQ/ATspmhpU66s4ntMehULC+ljLvZL40ByNmF0TZc2sdSkA0666==
  120. LocalClient Additions
  121. ---------------------
  122. To follow up the recent additions in 0.9.8 of additional kwargs support,
  123. 0.9.9 also adds the capability to send kwargs into commands via a dict.
  124. This addition to the LocalClient api can be used like so:
  125. .. code-block:: python
  126. import salt.client
  127. client = salt.client.LocalClient("/etc/salt/master")
  128. ret = client.cmd("*", "cmd.run", ["ls -l"], kwarg={"cwd": "/etc"})
  129. This update has been added to all cmd methods in the LocalClient class.
  130. Better Self Salting
  131. -------------------
  132. One problem faced with running Salt states, is that it has been difficult
  133. to manage the Salt minion via states, this is due to the fact that if the
  134. minion is called to restart while a state run is happening then the state
  135. run would be killed. 0.9.9 slightly changes the process scope of the state
  136. runs, so now when salt is executing states it can safely restart the
  137. salt-minion daemon.
  138. In addition to daemonizing the state run, the apt module also daemonizes.
  139. This update makes it possible to cleanly update the salt-minion package on
  140. Debian/Ubuntu systems without leaving apt in an inconsistent state or killing
  141. the active minion process mid-execution.
  142. Wildcards for SLS Modules
  143. -------------------------
  144. Now, when including sls modules in include statements or in the top file,
  145. shell globs can be used. This can greatly simplify listing matched sls
  146. modules in the top file and include statements:
  147. .. code-block:: yaml
  148. base:
  149. '*':
  150. - files*
  151. - core*
  152. .. code-block:: yaml
  153. include:
  154. - users.dev.*
  155. - apache.ser*
  156. External Pillar
  157. ---------------
  158. Since the pillar data is just, data, it does not need to come expressly from
  159. the pillar interface. The external pillar system allows for hooks to be added
  160. making it possible to extract pillar data from any arbitrary external
  161. interface. The external pillar interface is configured via the ``ext_pillar``
  162. option. Currently interfaces exist to gather external pillar data via hiera
  163. or via a shell command that sends yaml data to the terminal:
  164. .. code-block:: yaml
  165. ext_pillar:
  166. - cmd_yaml: cat /etc/salt/ext.yaml
  167. - hiera: /etc/hirea.yaml
  168. The initial external pillar interfaces and extra interfaces can be added to
  169. the file salt/pillar.py, it is planned to add more external pillar interfaces.
  170. If the need arises a new module loader interface will be created in the future
  171. to manage external pillar interfaces.
  172. Single State Executions
  173. -----------------------
  174. The new state.single function allows for single states to be cleanly executed.
  175. This is a great tool for setting up a small group of states on a system or for
  176. testing out the behavior of single states:
  177. .. code-block:: bash
  178. salt '*' state.single user.present name=wade uid=2000
  179. The test interface functions here as well, so changes can also be tested
  180. against as:
  181. .. code-block:: bash
  182. salt '*' state.single user.present name=wade uid=2000 test=True
  183. New Tests
  184. =========
  185. A few exciting new test interfaces have been added, the minion swarm allows
  186. not only testing of larger loads, but also allows users to see how Salt behaves
  187. with large groups of minions without having to create a large deployment.
  188. Minion Swarm
  189. ------------
  190. The minion swarm test system allows for large groups of minions to be tested
  191. against easily without requiring large numbers of servers or virtual
  192. machines. The minion swarm creates as many minions as a system can handle and
  193. roots them in the /tmp directory and connects them to a master.
  194. The benefit here is that we were able to replicate issues that happen only
  195. when there are large numbers of minions. A number of elusive bugs which were
  196. causing stability issues in masters and minions have since been hunted down.
  197. Bugs that used to take careful watch by users over several days can now be
  198. reliably replicated in minutes, and fixed in minutes.
  199. Using the swarm is easy, make sure a master is up for the swarm to connect to,
  200. and then use the minionswarm.py script in the tests directory to spin up
  201. as many minions as you want. Remember, this is a fork bomb, don't spin up more
  202. than your hardware can handle!
  203. .. code-block:: bash
  204. python minionswarm.py -m 20 --master salt-master
  205. Shell Tests
  206. -----------
  207. The new Shell testing system allows us to test the behavior of commands
  208. executed from a high level. This allows for the high level testing of salt
  209. runners and commands like salt-key.
  210. Client Tests
  211. ------------
  212. Tests have been added to test the aspects of the client APIs and ensure that
  213. the client calls work, and that they manage passed data, in a desirable way.