%PDF- %PDF-
Mini Shell

Mini Shell

Direktori : /lib/python2.7/site-packages/salt/pillar/
Upload File :
Create Path :
Current File : //lib/python2.7/site-packages/salt/pillar/ec2_pillar.pyo

�
���^c@@s
dZddlmZmZmZddlZddlZddljj	Z	ddl
mZddlm
Zy.ddlZddlZddlZeZWnek
r�eZnXeje�Zejd�jej�d�Zd�Zeddd	dd
d�ZdS(un
Retrieve EC2 instance data for minions for ec2_tags and ec2_tags_list

The minion id must be the AWS instance-id or value in ``tag_match_key``.  For
example set ``tag_match_key`` to ``Name`` to have the minion-id matched against
the tag 'Name'. The tag contents must be unique. The value of
``tag_match_value`` can be 'uqdn' or 'asis'. if 'uqdn', then the domain will be
stripped before comparison.

Additionally, the ``use_grain`` option can be set to ``True``. This allows the
use of an instance-id grain instead of the minion-id. Since this is a potential
security risk, the configuration can be further expanded to include a list of
minions that are trusted to only allow the alternate id of the instances to
specific hosts. There is no glob matching at this time.

.. note::
    If you are using ``use_grain: True`` in the configuration for this external
    pillar module, the minion must have :conf_minion:`metadata_server_grains`
    enabled in the minion config file (see also :py:mod:`here
    <salt.grains.metadata>`).

    It is important to also note that enabling the ``use_grain`` option allows
    the minion to manipulate the pillar data returned, as described above.

The optional ``tag_list_key`` indicates which keys should be added to
``ec2_tags_list`` and be split by ``tag_list_sep`` (by default ``;``). If a tag
key is included in ``tag_list_key`` it is removed from ec2_tags. If a tag does
not exist it is still included as an empty list.


..note::
    As with any master configuration change, restart the salt-master daemon for
    changes to take effect.

.. code-block:: yaml

    ext_pillar:
      - ec2_pillar:
          tag_match_key: 'Name'
          tag_match_value: 'asis'
          tag_list_key:
            - Role
          tag_list_sep: ';'
          use_grain: True
          minion_ids:
            - trusted-minion-1
            - trusted-minion-2
            - trusted-minion-3

This is a very simple pillar configuration that simply retrieves the instance
data from AWS. Currently the only portion implemented are EC2 tags, which
returns a list of key/value pairs for all of the EC2 tags assigned to the
instance.
i(tabsolute_importtprint_functiontunicode_literalsN(trange(t
StrictVersionubotocC@sOts
tSttj�}td�}||krKtjdt||�tStS(ue
    Check for required version of boto and make this pillar available
    depending on outcome.
    u2.8.0u@%s: installed boto version %s < %s, can't retrieve instance data(	tHAS_BOTOtFalset_StrictVersiontbotot__version__tlogterrort__name__tTrue(tboto_versiontrequired_boto_version((s:/usr/lib/python2.7/site-packages/salt/pillar/ec2_pillar.pyt__virtual__Ss	
cC@s%tjj�d}|d|dfS(uj
    Helper function to return the instance ID and region of the master where
    this pillar is run.
    udocumentu
instanceIduregion(Rtutilstget_instance_identity(tidentity((s:/usr/lib/python2.7/site-packages/salt/pillar/ec2_pillar.pyt_get_instance_infocsuasisu;c
C@sOddg}tjdi�jdd*�}	|	sitjdi�jdi�jdi�jdd*�}	n|	r�tjd|	�d*kr�tjd	t|	|�d*}	n|r�tjd
|�d*kr�tjdtt	|t
j�r�|nd�iS|r(||kr(tjd
t|dj|��iS|s@dt|f}
ndt|||f}
tj
|
�d*}d*}tjd|�d*k	r�d*}|}nq|r|dkr�i|jdd�ddj|�6}ni|dj|�6}|	r|ji|	d6�qn|rl|rl|rl|	s4tj
d|�iS|d*k	rc||krctj
d||�iS|	}n|pu|s�tj
dt|||�iStjjdddd�}
t|
j��dkr�tjdt�iSt�\}}ytjj|�}Wn-tjjk
r0}tjdt|�iSX|d*krTtjdt|�iSy@|r{|jd|gdt�}n|jd |dt�}Wn-tjjk
r�}tjd!|
|�iSX|s�tj
d"|
|r�|n|�iSg}x@tdt|��D])}||j d+kr	|j!|�q	q	Wt|�}|sktj
d%|
|r`|n|�iS|dkr�tjd&|
|r�|n|�iS||d}|j"rK|j"}i}tj
d't||j"�|r9t	|t#�r9xH|D]=}||kr(||j|�||<||=q�g||<q�Wni|d(6|d)6SiS(,u7
    Execute a command and read the output as YAML
    uuqdnuasisu	meta-datauinstance-idudynamicuinstance-identityudocumentu^i-([0-9a-z]{17}|[0-9a-z]{8})$u:External pillar %s, instance-id '%s' is not valid for '%s'u[\w=.:/@-]+$u4External pillar %s, tag_match_key '%s' is not valid u
non-stringuAExternal pillar %s, tag_value '%s' is not valid must be one of %su uLExternal pillar %s, querying EC2 tags for minion id '%s' against instance-iduaExternal pillar %s, querying EC2 tags for minion id '%s' against instance-id or '%s' against '%s'u.iiutag:{0}u^Minion-id is not in AWS instance-id formation, and there is no instance-id grain for minion %su�Minion-id is not in AWS instance ID format, and minion_ids is set in the ec2_pillar configuration, but minion %s is not in the list of allowed minions %su}External pillar %s, querying EC2 tags for minion id '%s' against instance-id or '%s' against '%s' noughthing to match againstttimeoutg�������?tnum_retriesu-%s: salt master not an EC2 instance, skippingu%s: invalid AWS credentials, %su"%s: Could not connect to region %stinstance_idstdry_runtfiltersu%s failed with '%s'u%s no match using '%s'u
terminatedustoppedu"%s match found but not active '%s'u(%s multiple matches, ignored, using '%s'u0External pillar %s, for minion id '%s', tags: %suec2_tagsu
ec2_tags_listN(u
terminatedustopped($t
__grains__tgettNonetretsearchR
RRtmatcht
isinstancetsixt	text_typetjointdebugtsplittformattupdateRRtget_instance_metadatatlentkeystinfoRtec2tconnect_to_regiont	exceptiontAWSConnectionErrortget_only_instancesRtEC2ResponseErrorRtstatetappendttagstlist(t	minion_idtpillart	use_graint
minion_idst
tag_match_keyttag_match_valuettag_list_keyttag_list_septvalid_tag_match_valuetgrain_instance_idtbase_msgtfind_filtertfind_idtmyselft_tregiontconntexct
instance_datatactive_insttinstt
valid_insttinstancetec2_tagst
ec2_tags_listtitem((s:/usr/lib/python2.7/site-packages/salt/pillar/ec2_pillar.pyt
ext_pillarls�9	
		"	
	)		
				

( t__doc__t
__future__RRRRtloggingtsalt.ext.sixtextR!tsalt.ext.six.movesRtsalt.utils.versionsRRtboto.ec2Rt
boto.utilstboto.exceptionR
RtImportErrorRt	getLoggerRR
tsetLeveltWARNINGRRRRP(((s:/usr/lib/python2.7/site-packages/salt/pillar/ec2_pillar.pyt<module>7s.


		

Zerion Mini Shell 1.0