From 5ec93b557da3784144b7000be5245bbf5d1bb4f4 Mon Sep 17 00:00:00 2001 From: Alexandru Avadanii Date: Fri, 15 Feb 2019 01:23:20 +0100 Subject: [cfg01] Schedule x509.get_pem_entries mine update Previously, Salt Master CA mine was only sent once, during salt.minion.ca state execution at cfg01 bringup / bootstrap. This causes possible issues with: - Salt Master container restart (mine data is lost); - UNH Lab deployment (uknown rootcause, might be related to XFS and overlay2 being used with Docker on CentOS); To bypass this issue, make x509.get_pem_entries module send mine data at the default mine interval (60 minutes). Change-Id: I5f6334ae18f5af6cbe0a164791603b67f0a3668f Signed-off-by: Alexandru Avadanii --- .../classes/cluster/all-mcp-arch-common/infra/config_pdf.yml.j2 | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/mcp/reclass/classes/cluster/all-mcp-arch-common/infra/config_pdf.yml.j2 b/mcp/reclass/classes/cluster/all-mcp-arch-common/infra/config_pdf.yml.j2 index 452f7f9d9..f62caa2bf 100644 --- a/mcp/reclass/classes/cluster/all-mcp-arch-common/infra/config_pdf.yml.j2 +++ b/mcp/reclass/classes/cluster/all-mcp-arch-common/infra/config_pdf.yml.j2 @@ -33,6 +33,10 @@ parameters: master: accept_policy: open_mode file_recv: true + minion: + mine: + module: + x509.get_pem_entries: ['/etc/pki/all_cas/*'] reclass: storage: data_source: -- cgit 1.2.3-korg