New version of salt-formula from Saltstack
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

README.rst 22KB

9 vuotta sitten
9 vuotta sitten
9 vuotta sitten
9 vuotta sitten
9 vuotta sitten
9 vuotta sitten
9 vuotta sitten
9 vuotta sitten
9 vuotta sitten
9 vuotta sitten
9 vuotta sitten
9 vuotta sitten
8 vuotta sitten
8 vuotta sitten
9 vuotta sitten
9 vuotta sitten
9 vuotta sitten
9 vuotta sitten
9 vuotta sitten
9 vuotta sitten
8 vuotta sitten
9 vuotta sitten
6 vuotta sitten
6 vuotta sitten
6 vuotta sitten
8 vuotta sitten
8 vuotta sitten
8 vuotta sitten
8 vuotta sitten
8 vuotta sitten
9 vuotta sitten
9 vuotta sitten
9 vuotta sitten
9 vuotta sitten
9 vuotta sitten
9 vuotta sitten
9 vuotta sitten
9 vuotta sitten
9 vuotta sitten
9 vuotta sitten
9 vuotta sitten
9 vuotta sitten
9 vuotta sitten
9 vuotta sitten
9 vuotta sitten
9 vuotta sitten
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935
  1. =====
  2. Usage
  3. =====
  4. Salt is a new approach to infrastructure management. Easy enough to get
  5. running in minutes, scalable enough to manage tens of thousands of servers,
  6. and fast enough to communicate with them in seconds.
  7. Salt delivers a dynamic communication bus for infrastructures that can be used
  8. for orchestration, remote execution, configuration management and much more.
  9. Sample Metadata
  10. ===============
  11. Salt Master
  12. -----------
  13. Salt master with base formulas and pillar metadata back end:
  14. .. literalinclude:: tests/pillar/master_single_pillar.sls
  15. :language: yaml
  16. Salt master with reclass ENC metadata back end:
  17. .. literalinclude:: tests/pillar/master_single_reclass.sls
  18. :language: yaml
  19. Salt master with Architect ENC metadata back end:
  20. .. code-block:: yaml
  21. salt:
  22. master:
  23. enabled: true
  24. pillar:
  25. engine: architect
  26. project: project-name
  27. host: architect-api
  28. port: 8181
  29. username: salt
  30. password: password
  31. Salt master with multiple ``ext_pillars``:
  32. .. code-block:: yaml
  33. salt:
  34. master:
  35. enabled: true
  36. pillar:
  37. engine: salt
  38. source:
  39. engine: local
  40. ext_pillars:
  41. 1:
  42. module: cmd_json
  43. params: '"echo {\"arg\": \"val\"}"'
  44. 2:
  45. module: cmd_yaml
  46. params: /usr/local/bin/get_yml.sh
  47. Salt master with API:
  48. .. literalinclude:: tests/pillar/master_api.sls
  49. :language: yaml
  50. Salt master with defined user ACLs:
  51. .. literalinclude:: tests/pillar/master_acl.sls
  52. :language: yaml
  53. Salt master with preset minions:
  54. .. code-block:: yaml
  55. salt:
  56. master:
  57. enabled: true
  58. minions:
  59. - name: 'node1.system.location.domain.com'
  60. Salt master with pip based installation (optional):
  61. .. code-block:: yaml
  62. salt:
  63. master:
  64. enabled: true
  65. ...
  66. source:
  67. engine: pip
  68. version: 2016.3.0rc2
  69. Install formula through system package management:
  70. .. code-block:: yaml
  71. salt:
  72. master:
  73. enabled: true
  74. ...
  75. environment:
  76. prd:
  77. keystone:
  78. source: pkg
  79. name: salt-formula-keystone
  80. nova:
  81. source: pkg
  82. name: salt-formula-keystone
  83. version: 0.1+0~20160818133412.24~1.gbp6e1ebb
  84. postresql:
  85. source: pkg
  86. name: salt-formula-postgresql
  87. version: purged
  88. Formula keystone is installed latest version and the formulas
  89. without version are installed in one call to aptpkg module.
  90. If the version attribute is present sls iterates over formulas
  91. and take action to install specific version or remove it.
  92. The version attribute may have these values
  93. ``[latest|purged|removed|<VERSION>]``.
  94. Clone master branch of keystone formula as local feature branch:
  95. .. code-block:: yaml
  96. salt:
  97. master:
  98. enabled: true
  99. ...
  100. environment:
  101. dev:
  102. formula:
  103. keystone:
  104. source: git
  105. address: git@github.com:openstack/salt-formula-keystone.git
  106. revision: master
  107. branch: feature
  108. Salt master with specified formula refs (for example, for Gerrit
  109. review):
  110. .. code-block:: yaml
  111. salt:
  112. master:
  113. enabled: true
  114. ...
  115. environment:
  116. dev:
  117. formula:
  118. keystone:
  119. source: git
  120. address: https://git.openstack.org/openstack/salt-formula-keystone
  121. revision: refs/changes/56/123456/1
  122. Salt master logging configuration:
  123. .. code-block:: yaml
  124. salt:
  125. master:
  126. enabled: true
  127. log:
  128. level: warning
  129. file: '/var/log/salt/master'
  130. level_logfile: warning
  131. Salt minion logging configuration:
  132. .. code-block:: yaml
  133. salt:
  134. minion:
  135. enabled: true
  136. log:
  137. level: info
  138. file: '/var/log/salt/minion'
  139. level_logfile: warning
  140. Salt master with logging handlers:
  141. .. code-block:: yaml
  142. salt:
  143. master:
  144. enabled: true
  145. handler:
  146. handler01:
  147. engine: udp
  148. bind:
  149. host: 127.0.0.1
  150. port: 9999
  151. minion:
  152. handler:
  153. handler01:
  154. engine: udp
  155. bind:
  156. host: 127.0.0.1
  157. port: 9999
  158. handler02:
  159. engine: zmq
  160. bind:
  161. host: 127.0.0.1
  162. port: 9999
  163. Salt engine definition for saltgraph metadata collector:
  164. .. code-block:: yaml
  165. salt:
  166. master:
  167. engine:
  168. graph_metadata:
  169. engine: saltgraph
  170. host: 127.0.0.1
  171. port: 5432
  172. user: salt
  173. password: salt
  174. database: salt
  175. Salt engine definition for Architect service:
  176. .. code-block:: yaml
  177. salt:
  178. master:
  179. engine:
  180. architect:
  181. engine: architect
  182. project: project-name
  183. host: architect-api
  184. port: 8181
  185. username: salt
  186. password: password
  187. Salt engine definition for sending events from docker events:
  188. .. code-block:: yaml
  189. salt:
  190. master:
  191. engine:
  192. docker_events:
  193. docker_url: unix://var/run/docker.sock
  194. Salt master peer setup for remote certificate signing:
  195. .. code-block:: yaml
  196. salt:
  197. master:
  198. peer:
  199. ".*":
  200. - x509.sign_remote_certificate
  201. Salt master backup configuration:
  202. .. code-block:: yaml
  203. salt:
  204. master:
  205. backup: true
  206. initial_data:
  207. engine: backupninja
  208. home_dir: remote-backup-home-dir
  209. source: backup-node-host
  210. host: original-salt-master-id
  211. Configure verbosity of state output (used for :command:`salt`
  212. command):
  213. .. code-block:: yaml
  214. salt:
  215. master:
  216. state_output: changes
  217. Pass pillar render error to minion log:
  218. .. note:: When set to `False` this option is great for debuging.
  219. However it is not recomended for any production environment as it may contain
  220. templating data as passwords, and so on, that minion should not expose.
  221. .. code-block:: yaml
  222. salt:
  223. master:
  224. pillar_safe_render_error: False
  225. Enable Windows repository support:
  226. .. code-block:: yaml
  227. salt:
  228. master:
  229. win_repo:
  230. source: git
  231. address: https://github.com/saltstack/salt-winrepo-ng
  232. revision: master
  233. Configure a gitfs_remotes resource:
  234. .. code-block:: yaml
  235. salt:
  236. master:
  237. gitfs_remotes:
  238. salt_formula:
  239. url: https://github.com/salt-formulas/salt-formula-salt.git
  240. enabled: true
  241. params:
  242. base: master
  243. Read more about gitfs resource options in the official Salt documentation.
  244. Event/Reactor systems
  245. ~~~~~~~~~~~~~~~~~~~~~
  246. Salt to synchronize node pillar and modules after start:
  247. .. code-block:: yaml
  248. salt:
  249. master:
  250. reactor:
  251. salt/minion/*/start:
  252. - salt://salt/reactor/node_start.sls
  253. Trigger basic node install:
  254. .. code-block:: yaml
  255. salt:
  256. master:
  257. reactor:
  258. salt/minion/install:
  259. - salt://salt/reactor/node_install.sls
  260. Sample event to trigger the node installation:
  261. .. code-block:: bash
  262. salt-call event.send 'salt/minion/install'
  263. Run any defined orchestration pipeline:
  264. .. code-block:: yaml
  265. salt:
  266. master:
  267. reactor:
  268. salt/orchestrate/start:
  269. - salt://salt/reactor/orchestrate_start.sls
  270. Event to trigger the orchestration pipeline:
  271. .. code-block:: bash
  272. salt-call event.send 'salt/orchestrate/start' "{'orchestrate': 'salt/orchestrate/infra_install.sls'}"
  273. Synchronise modules and pillars on minion start:
  274. .. code-block:: yaml
  275. salt:
  276. master:
  277. reactor:
  278. 'salt/minion/*/start':
  279. - salt://salt/reactor/minion_start.sls
  280. Add and/or remove the minion key:
  281. .. code-block:: yaml
  282. salt:
  283. master:
  284. reactor:
  285. salt/key/create:
  286. - salt://salt/reactor/key_create.sls
  287. salt/key/remove:
  288. - salt://salt/reactor/key_remove.sls
  289. Event to trigger the key creation:
  290. .. code-block:: bash
  291. salt-call event.send 'salt/key/create' \
  292. > "{'node_id': 'id-of-minion', 'node_host': '172.16.10.100', 'orch_post_create': 'kubernetes.orchestrate.compute_install', 'post_create_pillar': {'node_name': 'id-of-minion'}}"
  293. .. note::
  294. You can add pass additional ``orch_pre_create``, ``orch_post_create``,
  295. ``orch_pre_remove`` or ``orch_post_remove`` parameters to the event
  296. to call extra orchestrate files. This can be useful for example for
  297. registering/unregistering nodes from the monitoring alarms or dashboards.
  298. The key creation event needs to be run from other machine than the one
  299. being registered.
  300. Event to trigger the key removal:
  301. .. code-block:: bash
  302. salt-call event.send 'salt/key/remove'
  303. Control VM provisioning:
  304. .. code-block:: yaml
  305. _param:
  306. private-ipv4: &private-ipv4
  307. - id: private-ipv4
  308. type: ipv4
  309. link: ens2
  310. netmask: 255.255.255.0
  311. routes:
  312. - gateway: 192.168.0.1
  313. netmask: 0.0.0.0
  314. network: 0.0.0.0
  315. virt:
  316. disk:
  317. three_disks:
  318. - system:
  319. size: 4096
  320. image: ubuntu.qcow
  321. - repository_snapshot:
  322. size: 8192
  323. image: snapshot.qcow
  324. - cinder-volume:
  325. size: 2048
  326. nic:
  327. control:
  328. - name: nic01
  329. bridge: br-pxe
  330. model: virtio
  331. - name: nic02
  332. bridge: br-cp
  333. model: virtio
  334. - name: nic03
  335. bridge: br-store-front
  336. model: virtio
  337. - name: nic04
  338. bridge: br-public
  339. model: virtio
  340. - name: nic05
  341. bridge: br-prv
  342. model: virtio
  343. virtualport:
  344. type: openvswitch
  345. salt:
  346. control:
  347. enabled: true
  348. virt_enabled: true
  349. size:
  350. medium_three_disks:
  351. cpu: 2
  352. ram: 4
  353. disk_profile: three_disks
  354. cluster:
  355. mycluster:
  356. domain: neco.virt.domain.com
  357. engine: virt
  358. # Cluster global settings
  359. rng: false
  360. enable_vnc: True
  361. cloud_init:
  362. user_data:
  363. disable_ec2_metadata: true
  364. resize_rootfs: True
  365. timezone: UTC
  366. ssh_deletekeys: True
  367. ssh_genkeytypes: ['rsa', 'dsa', 'ecdsa']
  368. ssh_svcname: ssh
  369. locale: en_US.UTF-8
  370. disable_root: true
  371. apt_preserve_sources_list: false
  372. apt:
  373. sources_list: ""
  374. sources:
  375. ubuntu.list:
  376. source: ${linux:system:repo:ubuntu:source}
  377. mcp_saltstack.list:
  378. source: ${linux:system:repo:mcp_saltstack:source}
  379. node:
  380. ubuntu1:
  381. provider: node01.domain.com
  382. image: ubuntu.qcow
  383. size: medium
  384. img_dest: /var/lib/libvirt/ssdimages
  385. # Node settings override cluster global ones
  386. enable_vnc: False
  387. rng:
  388. backend: /dev/urandom
  389. model: random
  390. rate:
  391. period: '1800'
  392. bytes: '1500'
  393. # Custom per-node loader definition (e.g. for AArch64 UEFI)
  394. loader:
  395. readonly: yes
  396. type: pflash
  397. path: /usr/share/AAVMF/AAVMF_CODE.fd
  398. machine: virt-2.11 # Custom per-node virt machine type
  399. cpu_mode: host-passthrough
  400. cpuset: '1-4'
  401. mac:
  402. nic01: AC:DE:48:AA:AA:AA
  403. nic02: AC:DE:48:AA:AA:BB
  404. # netconfig affects: hostname during boot
  405. # manual interfaces configuration
  406. cloud_init:
  407. network_data:
  408. networks:
  409. - <<: *private-ipv4
  410. ip_address: 192.168.0.161
  411. To enable Redis plugin for the Salt caching subsystem, use the
  412. below pillar structure:
  413. .. code-block:: yaml
  414. salt:
  415. master:
  416. cache:
  417. plugin: redis
  418. host: localhost
  419. port: 6379
  420. db: '0'
  421. password: pass_word
  422. bank_prefix: 'MCP'
  423. bank_keys_prefix: 'MCPKEY'
  424. key_prefix: 'KEY'
  425. separator: '@'
  426. Jinja options
  427. -------------
  428. Use the following options to update default Jinja renderer options.
  429. Salt recognize Jinja options for templates and for the ``sls`` files.
  430. For full list of options, see Jinja documentation:
  431. http://jinja.pocoo.org/docs/api/#high-level-api
  432. .. code-block:: yaml
  433. salt:
  434. renderer:
  435. # for templates
  436. jinja: &jina_env
  437. # Default Jinja environment options
  438. block_start_string: '{%'
  439. block_end_string: '%}'
  440. variable_start_string: '{{'
  441. variable_end_string: '}}'
  442. comment_start_string: '{#'
  443. comment_end_string: '#}'
  444. keep_trailing_newline: False
  445. newline_sequence: '\n'
  446. # Next two are enabled by default in Salt
  447. trim_blocks: True
  448. lstrip_blocks: True
  449. # Next two are not enabled by default in Salt
  450. # but worth to consider to enable in future for salt-formulas
  451. line_statement_prefix: '%'
  452. line_comment_prefix: '##'
  453. # for .sls state files
  454. jinja_sls: *jinja_env
  455. With the ``line_statement/comment* _prefix`` options enabled following
  456. code statements are valid:
  457. .. code-block:: yaml
  458. %- set myvar = 'one'
  459. ## You can mix even with '{%'
  460. {%- set myvar = 'two' %} ## comment
  461. %- set mylist = ['one', 'two', 'three'] ## comment
  462. ## comment
  463. %- for item in mylist: ## comment
  464. {{- item }}
  465. %- endfor
  466. Encrypted pillars
  467. ~~~~~~~~~~~~~~~~~
  468. .. note:: NACL and the below configuration will be available in Salt > 2017.7.
  469. External resources:
  470. - Tutorial to configure the Salt and Reclass ``ext_pillar`` and NACL:
  471. http://apealive.net/post/2017-09-salt-nacl-ext-pillar/
  472. - SaltStack documentation:
  473. https://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.nacl.html
  474. Configure salt NACL module:
  475. .. code-block:: bash
  476. pip install --upgrade libnacl===1.5.2
  477. salt-call --local nacl.keygen /etc/salt/pki/master/nacl
  478. local:
  479. saved sk_file:/etc/salt/pki/master/nacl pk_file: /etc/salt/pki/master/nacl.pub
  480. .. code-block:: yaml
  481. salt:
  482. master:
  483. pillar:
  484. reclass: *reclass
  485. nacl:
  486. index: 99
  487. nacl:
  488. box_type: sealedbox
  489. sk_file: /etc/salt/pki/master/nacl
  490. pk_file: /etc/salt/pki/master/nacl.pub
  491. #sk: None
  492. #pk: None
  493. NACL encrypt secrets:
  494. .. code-block:: bash
  495. salt-call --local nacl.enc 'my_secret_value' pk_file=/etc/salt/pki/master/nacl.pub
  496. hXTkJpC1hcKMS7yZVGESutWrkvzusXfETXkacSklIxYjfWDlMJmR37MlmthdIgjXpg4f2AlBKb8tc9Woma7q
  497. # or
  498. salt-run nacl.enc 'myotherpass'
  499. ADDFD0Rav6p6+63sojl7Htfrncp5rrDVyeE4BSPO7ipq8fZuLDIVAzQLf4PCbDqi+Fau5KD3/J/E+Pw=
  500. NACL encrypted values on pillar:
  501. Use Boxed syntax `NACL[CryptedValue=]` to encode value on pillar:
  502. .. code-block:: yaml
  503. my_pillar:
  504. my_nacl:
  505. key0: unencrypted_value
  506. key1: NACL[hXTkJpC1hcKMS7yZVGESutWrkvzusXfETXkacSklIxYjfWDlMJmR37MlmthdIgjXpg4f2AlBKb8tc9Woma7q]
  507. NACL large files:
  508. .. code-block:: bash
  509. salt-call nacl.enc_file /tmp/cert.crt out=/srv/salt/env/dev/cert.nacl
  510. # or more advanced
  511. cert=$(cat /tmp/cert.crt)
  512. salt-call --out=newline_values_only nacl.enc_pub data="$cert" > /srv/salt/env/dev/cert.nacl
  513. NACL within template/native pillars:
  514. .. code-block:: yaml
  515. pillarexample:
  516. user: root
  517. password1: {{salt.nacl.dec('DRB7Q6/X5gGSRCTpZyxS6hlbWj0llUA+uaVyvou3vJ4=')|json}}
  518. cert_key: {{salt.nacl.dec_file('/srv/salt/env/dev/certs/example.com/cert.nacl')|json}}
  519. cert_key2: {{salt.nacl.dec_file('salt:///certs/example.com/cert2.nacl')|json}}
  520. Salt Syndic
  521. -----------
  522. The master of masters:
  523. .. code-block:: yaml
  524. salt:
  525. master:
  526. enabled: true
  527. order_masters: True
  528. Lower syndicated master:
  529. .. code-block:: yaml
  530. salt:
  531. syndic:
  532. enabled: true
  533. master:
  534. host: master-of-master-host
  535. timeout: 5
  536. Syndicated master with multiple master of masters:
  537. .. code-block:: yaml
  538. salt:
  539. syndic:
  540. enabled: true
  541. masters:
  542. - host: master-of-master-host1
  543. - host: master-of-master-host2
  544. timeout: 5
  545. Salt Minion
  546. -----------
  547. Minion ID by default triggers dependency on Linux formula, as it uses fqdn
  548. configured from `linux.system.name` and `linux.system.domain` pillar.
  549. To override, provide exact minion ID you require. The same can be set for
  550. master ID rendered at ``master.conf``.
  551. .. code-block:: yaml
  552. salt:
  553. minion:
  554. id: minion1.production
  555. master:
  556. id: master.production
  557. Simplest Salt minion setup with central configuration node:
  558. .. literalinclude:: tests/pillar/minion_master.sls
  559. :language: yaml
  560. Multi-master Salt minion setup:
  561. .. literalinclude:: tests/pillar/minion_multi_master.sls
  562. :language: yaml
  563. Salt minion with salt mine options:
  564. .. literalinclude:: tests/pillar/minion_mine.sls
  565. :language: yaml
  566. Salt minion with graphing dependencies:
  567. .. literalinclude:: tests/pillar/minion_graph.sls
  568. :language: yaml
  569. Salt minion behind HTTP proxy:
  570. .. code-block:: yaml
  571. salt:
  572. minion:
  573. proxy:
  574. host: 127.0.0.1
  575. port: 3128
  576. Salt minion to specify non-default HTTP backend. The default
  577. tornado backend does not respect HTTP proxy settings set as
  578. environment variables. This is useful for cases where you need
  579. to set no_proxy lists.
  580. .. code-block:: yaml
  581. salt:
  582. minion:
  583. backend: urllib2
  584. Salt minion with PKI certificate authority (CA):
  585. .. literalinclude:: tests/pillar/minion_pki_ca.sls
  586. :language: yaml
  587. Salt minion using PKI certificate
  588. .. literalinclude:: tests/pillar/minion_pki_cert.sls
  589. :language: yaml
  590. Salt minion trust CA certificates issued by salt CA on a
  591. specific host (ie: salt-master node):
  592. .. code-block:: yaml
  593. salt:
  594. minion:
  595. trusted_ca_minions:
  596. - cfg01
  597. Salt Minion Proxy
  598. ~~~~~~~~~~~~~~~~~
  599. Salt proxy pillar:
  600. .. code-block:: yaml
  601. salt:
  602. minion:
  603. proxy_minion:
  604. master: localhost
  605. device:
  606. vsrx01.mydomain.local:
  607. enabled: true
  608. engine: napalm
  609. csr1000v.mydomain.local:
  610. enabled: true
  611. engine: napalm
  612. .. note:: This is pillar of the the real salt-minion
  613. Proxy pillar for IOS device:
  614. .. code-block:: yaml
  615. proxy:
  616. proxytype: napalm
  617. driver: ios
  618. host: csr1000v.mydomain.local
  619. username: root
  620. passwd: r00tme
  621. .. note:: This is pillar of the node thats not able to run
  622. salt-minion itself.
  623. Proxy pillar for JunOS device:
  624. .. code-block:: yaml
  625. proxy:
  626. proxytype: napalm
  627. driver: junos
  628. host: vsrx01.mydomain.local
  629. username: root
  630. passwd: r00tme
  631. optional_args:
  632. config_format: set
  633. .. note:: This pillar applies to the node that can not run
  634. salt-minion itself.
  635. Salt SSH
  636. ~~~~~~~~
  637. Salt SSH with sudoer using key:
  638. .. literalinclude:: tests/pillar/master_ssh_minion_key.sls
  639. :language: yaml
  640. Salt SSH with sudoer using password:
  641. .. literalinclude:: tests/pillar/master_ssh_minion_password.sls
  642. :language: yaml
  643. Salt SSH with root using password:
  644. .. literalinclude:: tests/pillar/master_ssh_minion_root.sls
  645. :language: yaml
  646. Salt control (cloud/kvm/docker)
  647. -------------------------------
  648. Salt cloud with local OpenStack provider:
  649. .. literalinclude:: tests/pillar/control_cloud_openstack.sls
  650. :language: yaml
  651. Salt cloud with Digital Ocean provider:
  652. .. literalinclude:: tests/pillar/control_cloud_digitalocean.sls
  653. :language: yaml
  654. Salt virt with KVM cluster:
  655. .. literalinclude:: tests/pillar/control_virt.sls
  656. :language: yaml
  657. Salt virt with custom destination for image file:
  658. .. literalinclude:: tests/pillar/control_virt_custom.sls
  659. :language: yaml
  660. Usage
  661. =====
  662. Working with salt-cloud:
  663. .. code-block:: bash
  664. salt-cloud -m /path/to/map --assume-yes
  665. Debug LIBCLOUD for salt-cloud connection:
  666. .. code-block:: bash
  667. export LIBCLOUD_DEBUG=/dev/stderr; salt-cloud --list-sizes provider_name --log-level all
  668. Read more
  669. =========
  670. * http://salt.readthedocs.org/en/latest/
  671. * https://github.com/DanielBryan/salt-state-graph
  672. * http://karlgrz.com/testing-salt-states-rapidly-with-docker/
  673. * https://mywushublog.com/2013/03/configuration-management-with-salt-stack/
  674. * http://russell.ballestrini.net/replace-the-nagios-scheduler-and-nrpe-with-salt-stack/
  675. * https://github.com/saltstack-formulas/salt-formula
  676. * http://docs.saltstack.com/en/latest/topics/tutorials/multimaster.html
  677. salt-cloud
  678. ----------
  679. * http://www.blog.sandro-mathys.ch/2013/07/setting-user-password-when-launching.html
  680. * http://cloudinit.readthedocs.org/en/latest/topics/examples.html
  681. * http://salt-cloud.readthedocs.org/en/latest/topics/install/index.html
  682. * http://docs.saltstack.com/topics/cloud/digitalocean.html
  683. * http://salt-cloud.readthedocs.org/en/latest/topics/rackspace.html
  684. * http://salt-cloud.readthedocs.org/en/latest/topics/map.html
  685. * http://docs.saltstack.com/en/latest/topics/tutorials/multimaster.html
  686. Documentation and Bugs
  687. ======================
  688. * http://salt-formulas.readthedocs.io/
  689. Learn how to install and update salt-formulas
  690. * https://github.com/salt-formulas/salt-formula-salt/issues
  691. In the unfortunate event that bugs are discovered, report the issue to the
  692. appropriate issue tracker. Use the Github issue tracker for a specific salt
  693. formula
  694. * https://launchpad.net/salt-formulas
  695. For feature requests, bug reports, or blueprints affecting the entire
  696. ecosystem, use the Launchpad salt-formulas project
  697. * https://launchpad.net/~salt-formulas-users
  698. Join the salt-formulas-users team and subscribe to mailing list if required
  699. * https://github.com/salt-formulas/salt-formula-salt
  700. Develop the salt-formulas projects in the master branch and then submit pull
  701. requests against a specific formula
  702. * #salt-formulas @ irc.freenode.net
  703. Use this IRC channel in case of any questions or feedback which is always
  704. welcome