use cron instead of schedule for vm init. ensure vm shutdown

2025-12-07 17:52:46 +01:00 · 2024-08-28 15:52:14 -04:00
parent f5e6e49075
commit 267d1a27ac
3 changed files with 32 additions and 12 deletions
--- a/salt/reactor/virtUpdate.sls
+++ b/salt/reactor/virtUpdate.sls
@@ -75,7 +75,19 @@ def run():
  c = 0
  while True:
    if c == 60:
-      logging.error("virtUpdate reactor: vm_name: %s failed to shutdown in time " % vm_name)
+      logging.error("virtUpdate reactor: vm_name: %s failed virt.shutdown in time " % vm_name)
+      return {}
+    r = local.cmd(hv_name, 'virt.shutdown', ['vm_=' + vm_name])
+    logging.error("virtUpdate reactor: virt.shutdown: %s return: %s " % (vm_name,r))
+    if r.get(hv_name):
+      break
+    c += 1
+    sleep(1)
+
+  c = 0
+  while True:
+    if c == 60:
+      logging.error("virtUpdate reactor: vm_name: %s failed to go inactive in time " % vm_name)
      return {}
    r = local.cmd(hv_name, 'virt.list_inactive_vms')
    logging.error("virtUpdate reactor: virt.list_inactive_vms:  %s " % r.get(hv_name))
--- a/salt/setup/virt/initial_schedule.sls
+++ b/salt/setup/virt/initial_schedule.sls
@@ -1,7 +1,13 @@
-init_node_schedule:
-  schedule.present:
-    - name: init_node
-    - function: state.sls
-    - job_args:
-      - setup.virt.init
-    - minutes: 1
+# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one
+# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at
+# https://securityonion.net/license; you may not use this file except in compliance with the
+# Elastic License 2.0.
+
+# initially tried to use schedule.present here, but that state trys to return data to the master even if run with --local
+# that causes it to fail since th firewall may not yet be open on the manager
+init_node_cron:
+  cron.present:
+    - name: salt-call state.apply setup.virt.init
+    - identifier: init_node_cron
+    - user: root
+    - minute: '*/1'
--- a/salt/setup/virt/setSalt.sls
+++ b/salt/setup/virt/setSalt.sls
@@ -8,10 +8,12 @@ set_role_grain:
    - name: role
    - value: so-{{ grains.id.split("_") | last }}

-# disable the initial schedule
-remove_init_node_schedule:
-  schedule.absent:
-    - name: init_node
+# remove the initial cron
+remove_init_node_cron:
+  cron.absent:
+    - name: salt-call state.apply setup.virt.init
+    - identifier: init_node_cron
+    - user: root

 set_highstate:
  file.append: