Projet

Général

Profil

Archive #23606

salt-master a besoin d’un utilisateur PostgreSQL dédié pour écrire les informations des tâches

Ajouté par Daniel Dehennin il y a environ 6 ans. Mis à jour il y a plus de 4 ans.

Statut:
Nouveau
Priorité:
Normal
Assigné à:
-
Catégorie:
-
Version cible:
-
Début:
Echéance:
% réalisé:

0%

Temps estimé:
4.00 h
Temps passé:
15.50 h
Distribution:

Révisions associées

Révision 18a4c386 (diff)
Ajouté par Daniel Dehennin il y a environ 6 ans

SaltStack: create a dedicated role for salt-master with sqitch

Waiting for a proper way to handle such need, I create the role
directly with sqitch like before.

Ref: #23526

  • services/saltmaster/migrations/deploy/salt-runner-db.sql: create the
    role and grant privileges.
  • services/saltmaster/migrations/revert/salt-runner-db.sql: revoke
    privileges and drop the dedicated role.
  • services/saltmaster/migrations/verify/salt-runner-db.sql: verify
    that the dedicated role can insert in the tables.

Ref: #23606

Révision 473d70c9 (diff)
Ajouté par Daniel Dehennin il y a environ 6 ans

SaltStack: add volume for sqitch configuration in development

This permits to just restart the container in development

Ref: #23606

Révision 8236a38d (diff)
Ajouté par Daniel Dehennin il y a environ 6 ans

Vault: grant login to database admin

The creation of role by sqitch is not working because the temporary
user created by Vault does not have the “CREATEROLE” privilege.

In the mean time we autorise the database administrator to login
without password.

Ref: #23606

Révision 1d6788fc (diff)
Ajouté par Daniel Dehennin il y a environ 6 ans

SaltStack: use “salt-runner_admin” to connect to PostgreSQL

The creation of role by sqitch is not working because the temporary
user created by Vault does not have the “CREATEROLE” privilege.

  • services/saltmaster/salt-master-2017.conf: use “salt-returner_admin”
    instead of “salt-admin”.

Ref: #23606

Révision 8bff8958 (diff)
Ajouté par Daniel Dehennin il y a environ 6 ans

SaltStack: do not create a dedicated role with sqitch

The creation of role by sqitch is not working because the temporary
user created by Vault does not have the “CREATEROLE” privilege.

Ref: #23606

Révision a7321a44 (diff)
Ajouté par Daniel Dehennin il y a environ 6 ans

SaltStack: switch role before creating objects

Ref: #23606

Révision 32c3c0f6 (diff)
Ajouté par Daniel Dehennin il y a environ 6 ans

SaltStack: switch role before creating objects

Ref: #23606

Révision e605d524 (diff)
Ajouté par Daniel Dehennin il y a environ 6 ans

SaltStack: “salt-master” must start after “salt-ctrl”

The “salt-master” must be started after database and admin role
creation.

Waiting for a solution to orchestrate services within containers, we
will just wait 10 seconds before starting “salt-master”

  • services/saltmaster/containerpilot.json5: add “wait-4-db” service
    between start of “salt-ctrl” and “salt-master”.

Ref: #23606

Révision 2450abdd (diff)
Ajouté par Daniel Dehennin il y a environ 6 ans

SaltStack: configure container loggin level

  • services/saltmaster/containerpilot.json5: use environment variable
    “CONTAINERPILOT_LOGLEVEL”.

Ref: #23606

Révision 0e072177 (diff)
Ajouté par Daniel Dehennin il y a environ 6 ans

SaltStack: use double quotes en “containerpilot.json5”

Ref: #23606

Historique

#1 Mis à jour par Daniel Dehennin il y a presque 6 ans

  • Tâche parente #23526 supprimé
  • Release mis à Zéphir-livraison-1

#2 Mis à jour par Daniel Dehennin il y a presque 6 ans

  • Tracker changé de Tâche à Scénario
  • Version cible sprint 2018 14-16 Equipe MENSR supprimé
  • Début 10/04/2018 supprimé

#3 Mis à jour par Gilles Grandgérard il y a plus de 4 ans

  • Tracker changé de Scénario à Archive

Formats disponibles : Atom PDF