Added functionality to state for salt cloud and exampel for EC2 and GCE

10 years ago · 5bd3d62b42
--- a/README.rst
+++ b/README.rst
 Install a syndic.
 ``salt.cloud``
 ---------------
 Install salt cloud.
 ``Configuration``
 -----------------
 Every option available in the templates can be set in pillar. Settings under 'salt' will be overridden by more specific settings under salt['master'] or salt['minion']
 Every option available in the templates can be set in pillar. Settings under 'salt' will be overridden by more specific settings under salt['master'], salt['minion'] or salt['cloud']
 ::
      minion:
        user: saltuser
        ...
      cloud:
        providers: ec2
        ...
--- a/pillar.example
+++ b/pillar.example
      test.baz:
        spam: sausage
        cheese: bread
  cloud:
    master: salt
    folders:
      - cloud.providers.d/key
      - cloud.profiles.d
      - cloud.maps.d
    providers:
      - ec2
      - gce
    aws_key: AWSKEYIJSHJAIJS6JSH
    aws_secret: AWSSECRETYkkDY1iQf9zRtl9+pW+Nm+aZY95
    gce_project: test
    gce_service_account_email_address: 867543072364-orl4h2tpp8jcn1tr9ipj@developer.gserviceaccount.com
 salt_cloud_certs:
  aws:
    pem: |
      -----BEGIN RSA PRIVATE KEY-----
      ...........
      -----END RSA PRIVATE KEY-----
  gce:
    pem: |
      -----BEGIN RSA PRIVATE KEY-----
      ...........
      -----END RSA PRIVATE KEY-----
--- a/salt/cloud.sls
+++ b/salt/cloud.sls
 {% from "salt/package-map.jinja" import pkgs with context %}
 {% set salt = pillar.get('salt', {}) -%}
 {% set cloud = salt.get('cloud', {}) -%}
 python-pip:
  pkg.installed
 pycrypto:
  pip.installed:
    - require:
      - pkg: python-pip
 crypto:
  pip.installed:
    - require:
      - pkg: python-pip
 apache-libcloud:
  pip.installed:
    - require:
      - pkg: python-pip
 salt-cloud:
  pkg.installed:
    - name: {{ pkgs['salt-cloud'] }}
    - require:
      - pip: apache-libcloud
      - pip: pycrypto
      - pip: crypto
 {% for folder in cloud['folders'] %}
 {{ folder }}:
  file.directory:
    - name: /etc/salt/{{ folder }}
    - user: root
    - group: root
    - file_mode: 744
    - dir_mode: 755
    - makedirs: True
 {% endfor %}
 {% for cert in pillar.get('salt_cloud_certs', {}) %}
 {% for type in ['pem'] %}
 cloud-cert-{{ cert }}-pem:
  file.managed:
    - name: /etc/salt/cloud.providers.d/key/{{ cert }}.pem
    - source: salt://salt/files/key
    - template: jinja
    - user: root
    - group: root
    - mode: 600
    - defaults:
        key: {{ cert }}
        type: {{ type }}
 {% endfor %}
 {% endfor %}
 {% for providers in cloud['providers'] %}
 salt-cloud-profiles-{{ providers }}:
  file.managed:
    - name: /etc/salt/cloud.profiles.d/{{ providers }}.conf
    - template: jinja
    - source: salt://salt/files/cloud.profiles.d/{{ providers }}.conf
 {% endfor %}
 {% for providers in cloud['providers'] %}
 salt-cloud-providers-{{ providers }}:
  file.managed:
    - name: /etc/salt/cloud.providers.d/{{ providers }}.conf
    - template: jinja
    - source: salt://salt/files/cloud.providers.d/{{ providers }}.conf
 {% endfor %}
 {% for providers in cloud['providers'] %}
 salt-cloud-maps-{{ providers }}:
  file.managed:
    - name: /etc/salt/cloud.maps.d/{{ providers }}.conf
    - template: jinja
    - source: salt://salt/files/cloud.maps.d/{{ providers }}.conf
 {% endfor %}
--- a/salt/files/cloud.maps.d/ec2.conf
+++ b/salt/files/cloud.maps.d/ec2.conf
 # This file managed by Salt, do not edit by hand!!
--- a/salt/files/cloud.maps.d/gce.conf
+++ b/salt/files/cloud.maps.d/gce.conf
 # This file managed by Salt, do not edit by hand!!
--- a/salt/files/cloud.profiles.d/ec2.conf
+++ b/salt/files/cloud.profiles.d/ec2.conf
 # This file managed by Salt, do not edit by hand!!
 base_ubuntu_ec2:
  provider: ec2_ubuntu_public
  image: ami-cb4986bc
  size: t2.micro 
  ssh_username: ubuntu
  network_interfaces:
    - DeviceIndex: 0
      PrivateIpAddresses:
        - Primary: True
      AssociatePublicIpAddress: True
      SubnetId: subnet-57856332
      SecurityGroupId:
        - sg-6ec11d3b
  tag: {'Environment': 'production', 'Role': 'ubuntu'}
  sync_after_install: grains
--- a/salt/files/cloud.profiles.d/gce.conf
+++ b/salt/files/cloud.profiles.d/gce.conf
 # This file managed by Salt, do not edit by hand!!
 base_debian_gce:
  image: debian-7-wheezy
  size: g1-small
  location: us-central1-a
  network: default
  tags: '["https-server", "http-server"]'
  metadata: '{"salt-minion": "true"}'
  use_persistent_disk: True
  delete_boot_pd: True
  deploy: True
  make_master: False
  provider: gce
--- a/salt/files/cloud.providers.d/ec2.conf
+++ b/salt/files/cloud.providers.d/ec2.conf
 # This file managed by Salt, do not edit by hand!!
 {% set salt = pillar.get('salt', {}) -%}
 {% set cloud = salt.get('cloud', {}) -%}
 ec2_ubuntu_public:
  minion:
    master: {{ cloud['master'] }}
  grains:
    test: True
  ssh_interface: public_ips
  id: {{ cloud['aws_key'] }}
  key: '{{ cloud['aws_secret'] }}'
  private_key: /etc/salt/cloud.providers.d/key/key.pem
  keyname: keyname
  location: eu-west-1
  availability_zone: eu-west-1a
  ssh_username: ubuntu
  provider: ec2
--- a/salt/files/cloud.providers.d/gce.conf
+++ b/salt/files/cloud.providers.d/gce.conf
 # This file managed by Salt, do not edit by hand!!
 {% set salt = pillar.get('salt', {}) -%}
 {% set cloud = salt.get('cloud', {}) -%}
 gce:
  project: "{{ cloud['gce_project'] }}"
  service_account_email_address: "{{ cloud['gce_service_account_email_address'] }}"
  service_account_private_key: "/etc/salt/cloud.providers.d/key.pem"
  minion:
    master: {{ cloud['master'] }}
  grains:
    test: True
  provider: gce
--- a/salt/files/key
+++ b/salt/files/key
 {{ pillar['salt_cloud_certs'][key][type] }}
--- a/salt/package-map.jinja
+++ b/salt/package-map.jinja
 {% set package_table = {
    'Debian': {'salt-master': 'salt-master',
               'salt-minion': 'salt-minion',
               'salt-syndic': 'salt-syndic'},
               'salt-syndic': 'salt-syndic',
               'salt-cloud': 'salt-cloud'},
    'Ubuntu': {'salt-master': 'salt-master',
               'salt-minion': 'salt-minion',
               'salt-syndic': 'salt-syndic'},
               'salt-syndic': 'salt-syndic',
               'salt-cloud': 'salt-cloud'},
    'CentOS': {'salt-master': 'salt-master',
               'salt-minion': 'salt-minion',
               'salt-syndic': 'salt-syndic'},
               'salt-syndic': 'salt-syndic',
               'salt-cloud': 'salt-cloud'},
    'Amazon': {'salt-master': 'salt-master',
               'salt-minion': 'salt-minion',
               'salt-syndic': 'salt-syndic'},
               'salt-syndic': 'salt-syndic',
               'salt-cloud': 'salt-cloud'},
    'Fedora': {'salt-master': 'salt-master',
               'salt-minion': 'salt-minion',
               'salt-syndic': 'salt-syndic'},
               'salt-syndic': 'salt-syndic',
               'salt-cloud': 'salt-cloud'},
    'RedHat': {'salt-master': 'salt-master',
               'salt-minion': 'salt-minion',
               'salt-syndic': 'salt-syndic'},
               'salt-syndic': 'salt-syndic',
               'salt-cloud': 'salt-cloud'},
    'Gentoo': {'salt-master': 'app-admin/salt',
               'salt-minion': 'app-admin/salt',
               'salt-syndic': 'app-admin/salt'},
               'salt-syndic': 'app-admin/salt',
               'salt-cloud': 'app-admin/salt'},
    'Arch':   {'salt-master': 'salt',
               'salt-minion':  'salt',
               'salt-syndic':  'salt'}
               'salt-syndic':  'salt',
               'salt-cloud':  'salt'}
 } %}
 {% if 'package_table' in pillar %}