aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAlexandru Avadanii <Alexandru.Avadanii@enea.com>2019-02-15 01:23:20 +0100
committerAlexandru Avadanii <Alexandru.Avadanii@enea.com>2019-02-15 13:06:56 +0000
commitdf38b6fd10ebc89f2a45e2b226e210803c1b1e99 (patch)
treea6db1156fe9b738cc8dbafe9ee2dada605680a9d
parentf17823d034fe9adcecfb516e3ed4b715b449a43d (diff)
[cfg01] Schedule x509.get_pem_entries mine update
Previously, Salt Master CA mine was only sent once, during salt.minion.ca state execution at cfg01 bringup / bootstrap. This causes possible issues with: - Salt Master container restart (mine data is lost); - UNH Lab deployment (uknown rootcause, might be related to XFS and overlay2 being used with Docker on CentOS); To bypass this issue, make x509.get_pem_entries module send mine data at the default mine interval (60 minutes). Change-Id: I5f6334ae18f5af6cbe0a164791603b67f0a3668f Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> (cherry picked from commit 5ec93b557da3784144b7000be5245bbf5d1bb4f4)
-rw-r--r--mcp/reclass/classes/cluster/all-mcp-arch-common/infra/config_pdf.yml.j24
1 files changed, 4 insertions, 0 deletions
diff --git a/mcp/reclass/classes/cluster/all-mcp-arch-common/infra/config_pdf.yml.j2 b/mcp/reclass/classes/cluster/all-mcp-arch-common/infra/config_pdf.yml.j2
index 452f7f9d9..f62caa2bf 100644
--- a/mcp/reclass/classes/cluster/all-mcp-arch-common/infra/config_pdf.yml.j2
+++ b/mcp/reclass/classes/cluster/all-mcp-arch-common/infra/config_pdf.yml.j2
@@ -33,6 +33,10 @@ parameters:
master:
accept_policy: open_mode
file_recv: true
+ minion:
+ mine:
+ module:
+ x509.get_pem_entries: ['/etc/pki/all_cas/*']
reclass:
storage:
data_source: