* It is possible to set remote salt tree through `remote_state_tree` argument.
* It is possible to set remote pillar root through `remote_pillar_roots` argument.
* Directories `remote_state_tree` and `remote_pillar_roots` are emptied before use.
When puppet is executed in masterless mode it didn't remove
staging directory, this can be a problem because it leaves all
the modules and manifests in the built image.
This is specially problematic when building docker images as they
can be left in the layers unless an specific cleanup is done after
running puppet.
This change adds a flag `clean_staging_directory` to puppet
masterless provisioner so it takes care of this cleanup.
Since the chef-client provisioner is cleaning the node and client at the chef-server from the provisioned node
it needs to have a flexible configuration
This is replacing the used knife flags: -s '<chef-server-url>' -k '/tmp/packer-chef-client/client.pem' -u '<client-name>'
and puts their values into a generated knife.rb
Additionally the knife.rb may include the optional ssl_verify_mode attribute to enable the verify mode verify_none
Background:
When deleting node and client to a self-hosted chef-server using self signed cerfiticates the usage of
knife node delete <node-name> -y -s '<chef-server-url>' -k '/tmp/packer-chef-client/client.pem' -u '<client-name>'
will lead into a ssl verification failure.
The error output of the knife call is somthing like:
2015/06/24 12:29:17 ui: docker: WARNING: No knife configuration file found
docker: WARNING: No knife configuration file found
2015/06/24 12:29:17 ui: docker: ERROR: SSL Validation failure connecting to host: 172.16.117.63 - SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B:
certificate verify failed
docker: ERROR: SSL Validation failure connecting to host: 172.16.117.63 - SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed
2015/06/24 12:29:17 ui: docker: ERROR: Could not establish a secure connection to the server.
docker: ERROR: Could not establish a secure connection to the server.
2015/06/24 12:29:17 ui: docker: Use 'knife ssl check' to troubleshoot your SSL configuration.
docker: Use 'knife ssl check' to troubleshoot your SSL configuration.
2015/06/24 12:29:17 ui: docker: If your Chef Server uses a self-signed certificate, you can use
docker: If your Chef Server uses a self-signed certificate, you can use
2015/06/24 12:29:17 ui: docker: 'knife ssl fetch' to make knife trust the server's certificates.
docker: 'knife ssl fetch' to make knife trust the server's certificates.
2015/06/24 12:29:17 ui: docker:
docker:
2015/06/24 12:29:17 ui: docker: Original Exception: OpenSSL::SSL::SSLError: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed
docker: Original Exception: OpenSSL::SSL::SSLError: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed
2015/06/24 12:29:17 packer-builder-docker: 2015/06/24 12:29:17 Executed command exit status: 100
when file used with download direction we don't need
to check source on builder because it on machine.
Signed-off-by: Vasiliy Tolstov <v.tolstov@selfip.ru>
Fixes the following vet reports:
provisioner/salt-masterless/provisioner.go:119: arg cmd for printf verb %s of wrong type: *github.com/mitchellh/packer/packer.RemoteCmd
provisioner/salt-masterless/provisioner.go:121: arg err for printf verb %d of wrong type: error
provisioner/salt-masterless/provisioner.go:142: arg err for printf verb %d of wrong type: error
provisioner/salt-masterless/provisioner.go:157: arg err for printf verb %d of wrong type: error
provisioner/salt-masterless/provisioner.go:172: arg err for printf verb %d of wrong type: error
provisioner/salt-masterless/provisioner.go:216: arg err for printf verb %d of wrong type: error
Fixes the following vet report:
provisioner/puppet-masterless/provisioner.go:196: missing argument for Errorf(%d): format reads arg 1, have only 0 args
This changes the SaltStack bootstrap URL to use the HTTPS link from the commercial site. Alternatives are the HTTPS link to the raw file on GitHub, but this, whilst more transparent, might break down the line.
Setting environment variables for the ansible-playbook invocation.
ANSIBLE_FORCE_COLOR will ensure output is colorized. PYTHONUNBUFFERED will stream output as Ansible runs, vs getting a big dump of output at the end.
Chris Bednarski
AmirAli Moinfar
Gonzalo Peci
Jaime Soriano Pastor
Schreiter, Wulf-Thilo
Vasiliy Tolstov
Mitchell Hashimoto
Mitchell Hashimoto
Alexander Golovko
Francisco Lopez
Nathan Hartwell
Grégoire Pineau
Ameir Abdeldayem
Emil Hessman
David Danzilio
Colin Hebert
Erik Simmler
Neeki Patel
Victor Trac
Timur Batyrshin
James Massara
Seth Vargo
Nathan Hartwell
Steve Daniels
Billie H. Cleek
Josh Frye
Tim Brown
mafro
Scott Rahner
yveslaroche
Misha Brukman
sawanoboly
Nina Berg
cfortier2
Ross Smith II
renat-sabitov-sirca