From 1c207afb31bd321e25a1e7e72586b7df438c3870 Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Sat, 23 May 2020 12:00:24 -0400 Subject: [PATCH 1/5] Define packages in the common state --- salt/common/init.sls | 85 ++++++++++++++++++++++++++++++++++++++++---- setup/so-functions | 12 ++++--- 2 files changed, 85 insertions(+), 12 deletions(-) diff --git a/salt/common/init.sls b/salt/common/init.sls index 82ac4a062..a8c791c7f 100644 --- a/salt/common/init.sls +++ b/salt/common/init.sls @@ -28,21 +28,92 @@ salttmp: - group: 939 - makedirs: True -# Install packages needed for the sensor -sensorpkgs: +# Install epel +{% if grains['os'] == 'CentOS' %} +epel: pkg.installed: - - skip_suggestions: False + - skip_suggestions: True + - pkgs: + - epel-release +{% endif %} + +# Install common packages +commonpkgs: + pkg.installed: + - skip_suggestions: True - pkgs: - - wget - - jq {% if grains['os'] != 'CentOS' %} - apache2-utils + - wget + - jq + - python3-docker + - docker-ce + - curl + - ca-certificates + - software-properties-common + - apt-transport-https + - openssl + - netcat + - python3-mysqldb + - sqlite3 + - argon2 + - libssl-dev + - python3-dateutil + - python3-m2crypto + - python3-mysqldb + - salt-minion: 2019.2.5+ds-1 + - hold: True + - update_holds: True + {% if grains['role'] == 'so-master' or grains['role'] == 'so-eval' or grains['role'] == 'so-helix' or grains['role'] == 'so-mastersearch' or grains['role'] == 'so-standalone' %} + - salt-master: 2019.2.5+ds-1 + - hold: True + - update_holds: True + - containerd.io: 1.2.13-2 + - hold: True + - update_holds: True + - docker-ce: 5:19.03.9~3-0~ubuntu-bionic + - hold: True + - update_holds: True + {% endif %} + - containerd.io + - docker-ce {% else %} - - net-tools + - wget + - bind-utils + - jq - tcpdump - httpd-tools + - net-tools + - curl + - sqlite + - argon2 + - maridb-devel + - nmap-ncat + - python3 + - python36-docker + - python36-dateutil + - python36-m2crypto + - python36-mysql + - yum-utils + - device-mapper-persistent-data + - lvm2 + - openssl + - salt-minion: 2019.2.5 + - hold: True + - update_holds: True + {% if grains['role'] == 'so-master' or grains['role'] == 'so-eval' or grains['role'] == 'so-helix' or grains['role'] == 'so-mastersearch' or grains['role'] == 'so-standalone' %} + - salt-master: 2019.2.5 + - hold: True + - update_holds: True {% endif %} - + - containerd.io: 1.2.6-3 + - hold: True + - update_holds: True + - docker-ce: 19.03.9-3 + - hold: True + - update_holds: True + {% endif %}%} + # Always keep these packages up to date alwaysupdated: diff --git a/setup/so-functions b/setup/so-functions index ddf265153..702c3cebd 100755 --- a/setup/so-functions +++ b/setup/so-functions @@ -19,7 +19,7 @@ source ./so-whiptail source ./so-variables source ./so-common-functions -SOVERSION=1.3.0 +SOVERSION=1.4.0 accept_salt_key_remote() { systemctl restart salt-minion @@ -514,7 +514,7 @@ detect_os() { # Install bind-utils so the host command exists if ! command -v host > /dev/null 2>&1; then echo "Installing required packages to run installer" - yum -y install bind-utils >> "$setup_log" 2>&1 + yum -y install bind-utils yum-plugin-versionlock >> "$setup_log" 2>&1 fi @@ -583,7 +583,9 @@ docker_install() { { yum clean expire-cache; yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo; - yum -y install docker-ce; + yum -y install docker-ce-19.03.9-3 containerd.io-1.2.6-3; + yum versionlock docker-ce; + yum versionlock containerd.io } >> "$setup_log" 2>&1 else @@ -687,7 +689,7 @@ docker_seed_registry() { # Tag it with the new registry destination docker tag soshybridhunter/"$i" "$HOSTNAME":5000/soshybridhunter/"$i" docker push "$HOSTNAME":5000/soshybridhunter/"$i" - docker rmi soshybridhunter/"$i" + #docker rmi soshybridhunter/"$i" } >> "$setup_log" 2>&1 done else @@ -1107,7 +1109,7 @@ saltify() { yum -y update exclude=salt*; systemctl enable salt-minion; } >> "$setup_log" 2>&1 - echo "exclude=salt*" >> /etc/yum.conf + yum versionlock salt* else DEBIAN_FRONTEND=noninteractive apt-get -y -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confold" upgrade >> "$setup_log" 2>&1 From 31b3563fb3608bc9b104bd6456bca84bbe8e5f81 Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Sun, 24 May 2020 10:56:30 -0400 Subject: [PATCH 2/5] Fix package versions --- salt/common/init.sls | 8 ++++---- setup/so-functions | 6 +++--- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/salt/common/init.sls b/salt/common/init.sls index a8c791c7f..17cbb1608 100644 --- a/salt/common/init.sls +++ b/salt/common/init.sls @@ -98,18 +98,18 @@ commonpkgs: - device-mapper-persistent-data - lvm2 - openssl - - salt-minion: 2019.2.5 + - salt-minion: 2019.2.5.el7 - hold: True - update_holds: True {% if grains['role'] == 'so-master' or grains['role'] == 'so-eval' or grains['role'] == 'so-helix' or grains['role'] == 'so-mastersearch' or grains['role'] == 'so-standalone' %} - - salt-master: 2019.2.5 + - salt-master: 2019.2.5.el7 - hold: True - update_holds: True {% endif %} - - containerd.io: 1.2.6-3 + - containerd.io: 1.2.6-3.el7 - hold: True - update_holds: True - - docker-ce: 19.03.9-3 + - docker-ce: 19.03.9-3.el7 - hold: True - update_holds: True {% endif %}%} diff --git a/setup/so-functions b/setup/so-functions index 702c3cebd..bf6db26be 100755 --- a/setup/so-functions +++ b/setup/so-functions @@ -583,9 +583,9 @@ docker_install() { { yum clean expire-cache; yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo; - yum -y install docker-ce-19.03.9-3 containerd.io-1.2.6-3; - yum versionlock docker-ce; - yum versionlock containerd.io + yum -y install docker-ce-19.03.9-3.el7 containerd.io-1.2.6-3.el7; + yum versionlock docker-ce-19.03.9-3.el7; + yum versionlock containerd.io-1.2.6-3.el7 } >> "$setup_log" 2>&1 else From 87407c9acefc7766f1f12ec1772822d49f965816 Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Tue, 26 May 2020 11:21:59 -0400 Subject: [PATCH 3/5] rework common init.sls --- salt/common/init.sls | 72 +++++++++++++++++++------------------------- 1 file changed, 31 insertions(+), 41 deletions(-) diff --git a/salt/common/init.sls b/salt/common/init.sls index 17cbb1608..77801dd1a 100644 --- a/salt/common/init.sls +++ b/salt/common/init.sls @@ -38,11 +38,11 @@ epel: {% endif %} # Install common packages +{% if grains['os'] != 'CentOS' %} commonpkgs: pkg.installed: - skip_suggestions: True - pkgs: - {% if grains['os'] != 'CentOS' %} - apache2-utils - wget - jq @@ -61,23 +61,19 @@ commonpkgs: - python3-dateutil - python3-m2crypto - python3-mysqldb - - salt-minion: 2019.2.5+ds-1 - - hold: True - - update_holds: True - {% if grains['role'] == 'so-master' or grains['role'] == 'so-eval' or grains['role'] == 'so-helix' or grains['role'] == 'so-mastersearch' or grains['role'] == 'so-standalone' %} - - salt-master: 2019.2.5+ds-1 - - hold: True - - update_holds: True +heldpackages: + pkg.installed: + - pkgs: - containerd.io: 1.2.13-2 - - hold: True - - update_holds: True - docker-ce: 5:19.03.9~3-0~ubuntu-bionic - - hold: True - - update_holds: True - {% endif %} - - containerd.io - - docker-ce - {% else %} + - hold: True + - update_holds: True + +{% else %} +commonpkgs: + pkg.installed: + - skip_suggestions: True + - pkgs: - wget - bind-utils - jq @@ -87,33 +83,27 @@ commonpkgs: - curl - sqlite - argon2 - - maridb-devel + - mariadb-devel - nmap-ncat - python3 - - python36-docker - - python36-dateutil - - python36-m2crypto - - python36-mysql - - yum-utils - - device-mapper-persistent-data - - lvm2 - - openssl - - salt-minion: 2019.2.5.el7 - - hold: True - - update_holds: True - {% if grains['role'] == 'so-master' or grains['role'] == 'so-eval' or grains['role'] == 'so-helix' or grains['role'] == 'so-mastersearch' or grains['role'] == 'so-standalone' %} - - salt-master: 2019.2.5.el7 - - hold: True - - update_holds: True - {% endif %} - - containerd.io: 1.2.6-3.el7 - - hold: True - - update_holds: True - - docker-ce: 19.03.9-3.el7 - - hold: True - - update_holds: True - {% endif %}%} - + - python36-docker + - python36-dateutil + - python36-m2crypto + - python36-mysql + - yum-utils + - device-mapper-persistent-data + - lvm2 + - openssl + +heldpackages: + pkg.installed: + - pkgs: + - containerd.io: 1.2.13-3.2.el7 + - docker-ce: 3:19.03.9-3.el7 + - hold: True + - update_holds: True +{% endif %} + # Always keep these packages up to date alwaysupdated: From 41935996d4384849fd4ffe93924d2c2fb6bd9ff7 Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Tue, 26 May 2020 13:48:36 -0400 Subject: [PATCH 4/5] add ntpdate/ntp --- salt/common/init.sls | 2 ++ 1 file changed, 2 insertions(+) diff --git a/salt/common/init.sls b/salt/common/init.sls index 77801dd1a..08ae7fa72 100644 --- a/salt/common/init.sls +++ b/salt/common/init.sls @@ -45,6 +45,7 @@ commonpkgs: - pkgs: - apache2-utils - wget + - ntp - jq - python3-docker - docker-ce @@ -75,6 +76,7 @@ commonpkgs: - skip_suggestions: True - pkgs: - wget + - ntpdate - bind-utils - jq - tcpdump From 21cd66d109c458b8aa335d3e93143fb9555a8d94 Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Tue, 26 May 2020 14:05:47 -0400 Subject: [PATCH 5/5] add ntpdate/ntp --- salt/common/init.sls | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/salt/common/init.sls b/salt/common/init.sls index 08ae7fa72..09d71114b 100644 --- a/salt/common/init.sls +++ b/salt/common/init.sls @@ -45,7 +45,7 @@ commonpkgs: - pkgs: - apache2-utils - wget - - ntp + - ntpdate - jq - python3-docker - docker-ce