work in progress: start upgrading consul-template to 0.9.0

Signed-off-by: Steven Armstrong <steven@icarus.ethz.ch>
This commit is contained in:
Steven Armstrong 2015-05-28 22:26:51 +02:00
parent 414542cd82
commit 085a7c8ce1
8 changed files with 124 additions and 3 deletions
cdist/conf/type/__consul_template

View file

@ -0,0 +1 @@
4037434610 8901128 consul-template

View file

@ -0,0 +1 @@
https://github.com/hashicorp/consul-template/releases/download/v0.9.0/consul-template_0.9.0_linux_amd64.tar.gz

View file

@ -24,13 +24,19 @@ None.
OPTIONAL PARAMETERS
-------------------
auth::
specify a username (and password) for basic authentication.
auth-username::
specify a username for basic authentication.
auth-password::
specify a password for basic authentication.
batch-size::
the size of the batch when polling multiple dependencies.
consul::
the location of the Consul instance to query (may be an IP address or FQDN) with port.
Defaults to 'localhost:8500'.
log-level::
The log level for output. This applies to the stdout/stderr logging as well
as syslog logging (if enabled). Valid values are "debug", "info", "warn",
and "err". The default value is "warn".
max-stale::
the maximum staleness of a query. If specified, Consul will distribute work among all
servers instead of just the leader.
@ -39,6 +45,16 @@ retry::
with the API.
state::
either 'present' or 'absent'. Defaults to 'present'
ssl-cert::
Path to an SSL client certificate to use to authenticate to the consul server.
Useful if the consul server "verify_incoming" option is set.
ssl-ca-cert::
Path to a CA certificate file, containing one or more CA certificates to
use to validate the certificate sent by the consul server to us. This is a
handy alternative to setting --ssl-no-verify if you are using your own CA.
syslog-facility::
The facility to use when sending to syslog. This requires the use of --syslog.
The default value is LOCAL0.
token::
the Consul API token.
version::
@ -56,6 +72,8 @@ ssl::
use HTTPS while talking to Consul. Requires the Consul server to be configured to serve secure connections.
ssl-no-verify::
ignore certificate warnings. Only used if ssl is enabled.
syslog::
Send log output to syslog (in addition to stdout and stderr).
EXAMPLES

View file

@ -0,0 +1,93 @@
# < 0.7.0
ssl = true
ssl_no_verify = true
# >= 0.7.0
ssl {
enabled = true
verify = false
}
# >= 0.9.0
ssl-cert
ssl-ca-cert
--------------------------------------------------------------------------------
### from docs
ssl {
enabled = true
verify = false
cert = "/path/to/client/cert.pem"
ca_cert = "/path/to/ca/cert.pem"
}
ssl
Use HTTPS while talking to Consul. Requires the Consul server to be configured to serve secure connections. The default value is false.
ssl-verify
Verify certificates when connecting via SSL. This requires the use of -ssl. The default value is true.
ssl-cert
Path to an SSL client certificate to use to authenticate to the consul server. Useful if the consul server "verify_incoming" option is set.
ssl-ca-cert
Path to a CA certificate file, containing one or more CA certificates to use to validate the certificate sent by the consul server to us. This is a handy alternative to setting --ssl-verify=false if you are using your own CA.
--------------------------------------------------------------------------------
### example config file from docs
consul = "127.0.0.1:8500"
token = "abcd1234" // May also be specified via the envvar CONSUL_TOKEN
retry = "10s"
max_stale = "10m"
log_level = "warn"
pid_file = "/path/to/pid"
vault {
address = "https://vault.service.consul:8200"
token = "abcd1234" // May also be specified via the envvar VAULT_TOKEN
ssl {
enabled = true
verify = true
cert = "/path/to/client/cert.pem"
ca_cert = "/path/to/ca/cert.pem"
}
}
--auth-username
--auth-password
# if any are given enabled = true
auth {
enabled = true
username = "test"
password = "test"
}
ssl {
enabled = true
verify = false
cert = "/path/to/client/cert.pem"
ca_cert = "/path/to/ca/cert.pem"
}
syslog {
enabled = true
facility = "LOCAL5"
}
template {
source = "/path/on/disk/to/template"
destination = "/path/on/disk/where/template/will/render"
command = "optional command to run when the template is updated"
}
template {
// Multiple template definitions are supported
}

View file

@ -1,2 +1,3 @@
ssl
ssl-no-verify
syslog

View file

@ -0,0 +1 @@
warn

View file

@ -0,0 +1 @@
LOCAL0

View file

@ -1,9 +1,14 @@
auth
auth-username
auth-password
batch-size
consul
log-level
max-stale
retry
state
ssl-cert
ssl-ca-cert
syslog-facility
token
version
wait