saltstack/salt
1
0
Fork 0
mirror of https://github.com/saltstack/salt.git synced 2025-04-10 14:51:40 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Update docs for master dns changes

Browse source 
Update docs to use master_alive_interval to detect master ip changes via
DNS.
This commit is contained in:
Daniel A. Wozniak 2024-04-23 15:50:25 -07:00 committed by Daniel Wozniak
parent d2c59f45b6
commit ddcfb2e183
6 changed files with 32 additions and 58 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
conf/minion
View file

@ -271,9 +271,8 @@
#ping_interval: 0 #ping_interval: 0
# To auto recover minions if master changes IP address (DDNS) # To auto recover minions if master changes IP address (DDNS)
# auth_tries: 10 # master_alive_interval: 10
# auth_safemode: True # master_tries: -1
# ping_interval: 2
# #
# Minions won't know master is missing until a ping fails. After the ping fail, # Minions won't know master is missing until a ping fails. After the ping fail,
# the minion will attempt authentication and likely fails out and cause a restart. # the minion will attempt authentication and likely fails out and cause a restart.

4
doc/ref/configuration/minion.rst
View file

@ -291,7 +291,9 @@ Default: ``0``
Configures how often, in seconds, the minion will verify that the current Configures how often, in seconds, the minion will verify that the current
master is alive and responding. The minion will try to establish a connection master is alive and responding. The minion will try to establish a connection
to the next master in the list if it finds the existing one is dead. to the next master in the list if it finds the existing one is dead. This
setting can also be used to detect master DNS record changes when a minion has
been disconnected.
.. code-block:: yaml .. code-block:: yaml

11
tests/pytests/scenarios/dns/conftest.py
View file

@ -7,6 +7,11 @@ import pytest
log = logging.getLogger(__name__) log = logging.getLogger(__name__)
@pytest.fixture(scope="package")
def master_alive_interval():
return 5
class HostsFile: class HostsFile:
""" """
Simple helper class for tests that need to modify /etc/hosts. Simple helper class for tests that need to modify /etc/hosts.
@ -70,7 +75,7 @@ def salt_cli(master):
@pytest.fixture(scope="package") @pytest.fixture(scope="package")
def minion(master): def minion(master, master_alive_interval):
config_defaults = { config_defaults = {
"transport": master.config["transport"], "transport": master.config["transport"],
} }
@ -78,9 +83,7 @@ def minion(master):
config_overrides = { config_overrides = {
"master": f"master.local:{port}", "master": f"master.local:{port}",
"publish_port": master.config["publish_port"], "publish_port": master.config["publish_port"],
"master_alive_interval": 5, "master_alive_interval": master_alive_interval,
"master_tries": -1,
"auth_safemode": False,
} }
factory = master.salt_minion_daemon( factory = master.salt_minion_daemon(
"minion", "minion",

47
tests/pytests/scenarios/dns/multimaster/conftest.py
View file

@ -86,26 +86,23 @@ def mm_master_2_salt_cli(salt_mm_master_2):
@pytest.fixture(scope="package") @pytest.fixture(scope="package")
def salt_mm_minion_1(salt_mm_master_1, salt_mm_master_2): def salt_mm_minion_1(salt_mm_master_1, salt_mm_master_2, master_alive_interval):
config_defaults = { config_defaults = {
"transport": salt_mm_master_1.config["transport"], "transport": salt_mm_master_1.config["transport"],
} }
mm_master_1_port = salt_mm_master_1.config["ret_port"] mm_master_1_port = salt_mm_master_1.config["ret_port"]
# mm_master_1_addr = salt_mm_master_1.config["interface"]
mm_master_2_port = salt_mm_master_2.config["ret_port"] mm_master_2_port = salt_mm_master_2.config["ret_port"]
# mm_master_2_addr = salt_mm_master_2.config["interface"]
config_overrides = { config_overrides = {
"master": [ "master": [
f"master1.local:{mm_master_1_port}", f"master1.local:{mm_master_1_port}",
f"master2.local:{mm_master_2_port}", f"master2.local:{mm_master_2_port}",
], ],
"publish_port": salt_mm_master_1.config["publish_port"], "publish_port": salt_mm_master_1.config["publish_port"],
# "master_type": "failover", "master_alive_interval": master_alive_interval,
"master_alive_interval": 5,
"master_tries": -1, "master_tries": -1,
"verify_master_pubkey_sign": True, "verify_master_pubkey_sign": True,
"retry_dns": 1, "retry_dns": True,
} }
factory = salt_mm_master_1.salt_minion_daemon( factory = salt_mm_master_1.salt_minion_daemon(
"mm-minion-1", "mm-minion-1",
@ -120,41 +117,3 @@ def salt_mm_minion_1(salt_mm_master_1, salt_mm_master_2):
) )
# with factory.started(start_timeout=180): # with factory.started(start_timeout=180):
yield factory yield factory
@pytest.fixture(scope="package")
def salt_mm_minion_2(salt_mm_master_1, salt_mm_master_2):
config_defaults = {
"transport": salt_mm_master_1.config["transport"],
}
mm_master_1_port = salt_mm_master_1.config["ret_port"]
mm_master_1_addr = salt_mm_master_1.config["interface"]
mm_master_2_port = salt_mm_master_2.config["ret_port"]
mm_master_2_addr = salt_mm_master_2.config["interface"]
# We put the second master first in the list so it has the right startup checks every time.
config_overrides = {
"master": [
f"{mm_master_2_addr}:{mm_master_2_port}",
f"{mm_master_1_addr}:{mm_master_1_port}",
],
"publish_port": salt_mm_master_1.config["publish_port"],
"master_type": "failover",
"master_alive_interval": 5,
"master_tries": -1,
"verify_master_pubkey_sign": True,
"retry_dns": 1,
}
factory = salt_mm_master_2.salt_minion_daemon(
"mm-failover-minion-2",
defaults=config_defaults,
overrides=config_overrides,
extra_cli_arguments_after_first_start_failure=["--log-level=info"],
)
# Need to grab the public signing key from the master, either will do
shutil.copyfile(
os.path.join(salt_mm_master_1.config["pki_dir"], "master_sign.pub"),
os.path.join(factory.config["pki_dir"], "master_sign.pub"),
)
# with factory.started(start_timeout=180):
yield factory

15
tests/pytests/scenarios/dns/multimaster/test_dns.py
View file

@ -9,7 +9,12 @@ log = logging.getLogger(__name__)
@pytest.mark.skip_unless_on_linux @pytest.mark.skip_unless_on_linux
def test_multimaster_dns( def test_multimaster_dns(
salt_mm_master_1, salt_mm_minion_1, mm_master_1_salt_cli, etc_hosts, caplog salt_mm_master_1,
salt_mm_minion_1,
mm_master_1_salt_cli,
etc_hosts,
caplog,
master_alive_interval,
): ):
""" """
Verify a minion configured with multimaster hot/hot will pick up a master's Verify a minion configured with multimaster hot/hot will pick up a master's
@ -26,13 +31,15 @@ def test_multimaster_dns(
with caplog.at_level(logging.INFO): with caplog.at_level(logging.INFO):
ret = mm_master_1_salt_cli.run("test.ping", minion_tgt="mm-minion-1") ret = mm_master_1_salt_cli.run("test.ping", minion_tgt="mm-minion-1")
assert ret.returncode == 0 assert ret.returncode == 0
log.info("Removing secondary master IP address.")
etc_hosts.write_text( etc_hosts.write_text(
f"{etc_hosts.orig_text}\n127.0.0.1 master1.local master2.local" f"{etc_hosts.orig_text}\n127.0.0.1 master1.local master2.local"
) )
subprocess.check_output(["ip", "addr", "del", "172.16.0.1/32", "dev", "lo"])
log.info("Changed hosts record for master1.local and master2.local") log.info("Changed hosts record for master1.local and master2.local")
time.sleep(15) subprocess.check_output(["ip", "addr", "del", "172.16.0.1/32", "dev", "lo"])
log.info("Removed secondary master IP address.")
# Wait for the minion's master_alive_interval, adding a second for
# reliablity.
time.sleep(master_alive_interval + 1)
assert ( assert (
"Master ip address changed from 172.16.0.1 to 127.0.0.1" in caplog.text "Master ip address changed from 172.16.0.1 to 127.0.0.1" in caplog.text
) )

8
tests/pytests/scenarios/dns/test_dns.py
View file

@ -8,7 +8,7 @@ log = logging.getLogger(__name__)
@pytest.mark.skip_unless_on_linux @pytest.mark.skip_unless_on_linux
def test_dns_change(master, minion, salt_cli, etc_hosts, caplog): def test_dns_change(master, minion, salt_cli, etc_hosts, caplog, master_alive_interval):
""" """
Verify a minion will pick up a master's dns change if it's been disconnected. Verify a minion will pick up a master's dns change if it's been disconnected.
""" """
@ -20,8 +20,12 @@ def test_dns_change(master, minion, salt_cli, etc_hosts, caplog):
ret = salt_cli.run("test.ping", minion_tgt="minion") ret = salt_cli.run("test.ping", minion_tgt="minion")
assert ret.returncode == 0 assert ret.returncode == 0
etc_hosts.write_text(f"{etc_hosts.orig_text}\n127.0.0.1 master.local") etc_hosts.write_text(f"{etc_hosts.orig_text}\n127.0.0.1 master.local")
log.info("Changed hosts record for master1.local and master2.local")
subprocess.check_output(["ip", "addr", "del", "172.16.0.1/32", "dev", "lo"]) subprocess.check_output(["ip", "addr", "del", "172.16.0.1/32", "dev", "lo"])
time.sleep(15) log.info("Removed secondary master IP address.")
# Wait for the minion's master_alive_interval, adding a second for
# reliablity.
time.sleep(master_alive_interval + 1)
assert ( assert (
"Master ip address changed from 172.16.0.1 to 127.0.0.1" in caplog.text "Master ip address changed from 172.16.0.1 to 127.0.0.1" in caplog.text
) )