Minion key create/delete - reactors and orchestration pipelines

Change-Id: I07e86cb5d132a83b2460deda08b8a7e65f379d33

README.rst

@@ -189,7 +189,7 @@ Sample event to trigger the node installation
 
     salt-call event.send 'salt/minion/install'
 
-Run any orchestration pipeline
+Run any defined orchestration pipeline
 
 .. code-block:: yaml
 
@@ -205,22 +205,39 @@ Event to trigger the orchestration pipeline
 
     salt-call event.send 'salt/orchestrate/start' "{'orchestrate': 'salt/orchestrate/infra_install.sls'}"
 
-Classify node after start
+Add and/or remove the minion key
 
 .. code-block:: yaml
 
     salt:
       master:
         reactor:
-          reclass/minion/classify:
-          - salt://reclass/reactor/node_register.sls
+          salt/key/create:
+          - salt://salt/reactor/key_create.sls
+          salt/key/remove:
+          - salt://salt/reactor/key_remove.sls
 
-Event to trigger the node classification
+Event to trigger the key creation
 
 .. code-block:: bash
 
-    salt-call event.send 'reclass/minion/classify' "{'node_master_ip': '$config_host', 'node_ip': '${node_ip}', 'node_domain': '$node_domain', 'node_cluster': '$node_cluster', 'node_hostname': '$node_hostname', 'node_os': '$node_os'}"
+    salt-call event.send 'salt/key/create' "{'node_name': 'id-of-minion', 'orch_post_create': 'kubernetes/orchestrate/compute_install.sls'}"
 
+.. note::
+
+    You can add pass additional `orch_pre_create`, `orch_post_create`,
+    `orch_pre_remove` or `orch_post_remove` parameters to the event to call
+    extra orchestrate files. This can be useful for example for
+    registering/unregistering nodes from the monitoring alarms or dashboards.
+
+    The key creation event needs to be run from other machine than the one
+    being registered.
+
+Event to trigger the key removal
+
+.. code-block:: bash
+
+    salt-call event.send 'salt/key/remove'
 
 Salt syndic
 -----------

salt/orchestrate/key_create.sls

@@ -0,0 +1,6 @@
+{%- set node_name = salt['pillar.get']('node_name') %}
+
+key_create_{{ node_name }}:
+  salt.wheel:
+  - name: key.gen_accept
+  - id_: {{ node_name }}

salt/orchestrate/key_remove.sls

@@ -0,0 +1,6 @@
+{%- set node_name = salt['pillar.get']('node_name') %}
+
+key_create_{{ node_name }}:
+  salt.wheel:
+  - name: key.delete
+  - match: {{ node_name }}

salt/orchestrate/node_install.sls

@@ -2,22 +2,22 @@
 
 linux_state:
   salt.state:
-    - tgt: '{{ node_name }}'
-    - sls: linux
-    - queue: True
+  - tgt: '{{ node_name }}'
+  - sls: linux
+  - queue: True
 
 salt_state:
   salt.state:
-    - tgt: '{{ node_name }}'
-    - sls: salt.minion
-    - queue: True
-    - require:
-      - salt: linux_state
+  - tgt: '{{ node_name }}'
+  - sls: salt.minion
+  - queue: True
+  - require:
+    - salt: linux_state
 
 misc_states:
   salt.state:
-    - tgt: '{{ node_name }}'
-    - sls: ntp,openssh
-    - queue: True
-    - require:
-      - salt: salt_state
+  - tgt: '{{ node_name }}'
+  - sls: ntp,openssh
+  - queue: True
+  - require:
+    - salt: salt_state

salt/reactor/infra_install.sls

@@ -1,5 +1,5 @@
 
 orchestrate_infra_install:
   runner.state.orchestrate:
-    - mods: salt://salt/orchestrate/infra_install.sls
-    - queue: True
+  - mods: salt://salt/orchestrate/infra_install.sls
+  - queue: True

salt/reactor/key_create.sls

@@ -0,0 +1,29 @@
+
+{% if data.data.orch_pre_create is defined %}
+
+orchestrate_node_key_pre_create:
+  runner.state.orchestrate:
+  - mods: salt://{{ data.data.orch_pre_create }}
+  - queue: True
+  - pillar:
+      node_name: {{ data.data['node_name'] }}
+
+{% endif %}
+
+node_key_create:
+  runner.state.orchestrate:
+  - mods: salt://salt/orchestrate/key_create.sls
+  - queue: True
+  - pillar:
+      node_name: {{ data.data['node_name'] }}
+
+{% if data.data.orch_post_create is defined %}
+
+orchestrate_node_key_post_create:
+  runner.state.orchestrate:
+  - mods: salt://{{ data.data.orch_post_create }}
+  - queue: True
+  - pillar:
+      node_name: {{ data.data['node_name'] }}
+
+{% endif %}

salt/reactor/key_remove.sls

@@ -0,0 +1,29 @@
+
+{% if data.data.orch_pre_remove is defined %}
+
+orchestrate_node_key_pre_remove:
+  runner.state.orchestrate:
+  - mods: salt://{{ data.data.orch_pre_remove }}
+  - queue: True
+  - pillar:
+      node_name: {{ data.data['node_name'] }}
+
+{% endif %}
+
+node_key_remove:
+  runner.state.orchestrate:
+  - mods: salt://salt/orchestrate/key_remove.sls
+  - queue: True
+  - pillar:
+      node_name: {{ data.data['node_name'] }}
+
+{% if data.data.orch_post_remove is defined %}
+
+orchestrate_node_key_post_remove:
+  runner.state.orchestrate:
+  - mods: salt://{{ data.data.orch_post_remove }}
+  - queue: True
+  - pillar:
+      node_name: {{ data.data['node_name'] }}
+
+{% endif %}

salt/reactor/node_install.sls

@@ -1,7 +1,7 @@
 
 orchestrate_node_install:
   runner.state.orchestrate:
-    - mods: salt://salt/orchestrate/node_install.sls
-    - queue: True
-    - pillar:
-        event_originator: {{ data.id }}
+  - mods: salt://salt/orchestrate/node_install.sls
+  - queue: True
+  - pillar:
+      event_originator: {{ data.id }}

salt/reactor/orchestrate_start.sls

@@ -1,5 +1,5 @@
 
-orchestrate_orchestrate_start:
+orchestrate_orchestrate_run:
   runner.state.orchestrate:
-    - mods: salt://{{ data.data.orchestrate }}
-    - queue: {{ data.data.get('queue', True) }}
+  - mods: salt://{{ data.data.orchestrate }}
+  - queue: {{ data.data.get('queue', True) }}