This obsoletes the salt:cloud:folders and salt:cloud:providers pillar entries. Provider keys have been moved to /etc/salt/pki/cloud.master
@@ -78,19 +78,16 @@ salt: | |||
# salt cloud config | |||
cloud: | |||
master: salt | |||
folders: | |||
- cloud.providers.d/key | |||
- cloud.profiles.d | |||
- cloud.maps.d | |||
# You can take profile and map templates from an alternate location | |||
# if desired. | |||
profiles_src: salt://templates/cloud.profiles.d | |||
maps_src: salt://templates/cloud.maps.d | |||
# if you want to write your own. | |||
template_sources: | |||
providers: salt://templates/cloud.providers.d | |||
profiles: salt://templates/cloud.profiles.d | |||
maps: salt://templates/cloud.maps.d | |||
providers: | |||
- ec2 | |||
- gce | |||
# These settings are used by the default provider templates and | |||
# only need to be set for the ones you're using. | |||
aws_key: AWSKEYIJSHJAIJS6JSH | |||
aws_secret: AWSSECRETYkkDY1iQf9zRtl9+pW+Nm+aZY95 | |||
gce_project: test |
@@ -32,47 +32,33 @@ salt-cloud: | |||
{% endif %} | |||
{% endif %} | |||
{% for folder in salt_settings.cloud.folders %} | |||
{{ folder }}: | |||
file.directory: | |||
- name: /etc/salt/{{ folder }} | |||
- user: root | |||
- group: root | |||
- file_mode: 744 | |||
- dir_mode: 755 | |||
- makedirs: True | |||
{% endfor %} | |||
{% for cert in pillar.get('salt_cloud_certs', {}) %} | |||
{% for type in ['pem'] %} | |||
cloud-cert-{{ cert }}-pem: | |||
file.managed: | |||
- name: /etc/salt/cloud.providers.d/key/{{ cert }}.pem | |||
- name: /etc/salt/pki/cloud/{{ cert }}.pem | |||
- source: salt://salt/files/key | |||
- template: jinja | |||
- user: root | |||
- group: root | |||
- mode: 600 | |||
- makedirs: True | |||
- defaults: | |||
key: {{ cert }} | |||
type: {{ type }} | |||
{% endfor %} | |||
{% endfor %} | |||
{% for providers in salt_settings.cloud.providers %} | |||
salt-cloud-providers-{{ providers }}: | |||
file.managed: | |||
- name: /etc/salt/cloud.providers.d/{{ providers }}.conf | |||
- template: jinja | |||
- source: salt://salt/files/cloud.providers.d/{{ providers }}.conf | |||
{% endfor %} | |||
{%- for dir in ['profiles', 'maps'] %} | |||
{%- set default_src = 'salt://salt/files/cloud.{}.d'.format(dir) %} | |||
{%- set source = salt_settings.cloud.get(dir + "_src", default_src) %} | |||
{%- for dir in ['providers', 'profiles', 'maps'] %} | |||
{%- set source = salt_settings.cloud.template_sources.get(dir) %} | |||
salt-cloud-{{ dir }}: | |||
file.recurse: | |||
- name: /etc/salt/cloud.{{ dir }}.d | |||
- source: {{ source }} | |||
- template: jinja | |||
- user: root | |||
- group: root | |||
- dir_mode: 755 | |||
- file_mode: 644 | |||
- makedirs: True | |||
{%- endfor %} |
@@ -23,3 +23,9 @@ salt: | |||
install_from_source: True | |||
gitpython: | |||
install_from_source: False | |||
cloud: | |||
template_sources: | |||
providers: salt://salt/files/cloud.providers.d | |||
profiles: salt://salt/files/cloud.profiles.d | |||
maps: salt://salt/files/cloud.maps.d |
@@ -8,7 +8,7 @@ ec2_ubuntu_public: | |||
ssh_interface: public_ips | |||
id: {{ cloud.get('aws_key', 'DEFAULT') }} | |||
key: '{{ cloud.get('aws_secret', 'DEFAULT') }}' | |||
private_key: /etc/salt/cloud.providers.d/key/key.pem | |||
private_key: /etc/salt/pki/cloud/ec2.pem | |||
keyname: keyname | |||
location: eu-west-1 | |||
availability_zone: eu-west-1a |
@@ -3,7 +3,7 @@ | |||
gce: | |||
project: "{{ cloud.get('gce_project', 'DEFAULT') }}" | |||
service_account_email_address: "{{ cloud.get('gce_service_account_email_address', 'DEFAULT') }}" | |||
service_account_private_key: "/etc/salt/cloud.providers.d/key.pem" | |||
service_account_private_key: "/etc/salt/pki/cloud/gce.pem" | |||
minion: | |||
master: {{ cloud.get('master', 'salt') }} | |||
grains: |