salt
/
salt-formula
Watch 2
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 7 Wiki Activity
New Saltstack Salt formula
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
284 Commits
26 Branches
Tree: 03560d7e1e
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '03560d7e1e'
${ noResults }
salt-formula/README.rst

README.rst 15KB
Raw Normal View History

Initial commit
9 years ago
Reactor system, documentation fixes Change-Id: Ic64656c6fc3d4f561226d884b8bfb535dd537e14
7 years ago
Initial commit
9 years ago
Reactor system, documentation fixes Change-Id: Ic64656c6fc3d4f561226d884b8bfb535dd537e14
7 years ago
Initial commit
9 years ago
Reactor system, documentation fixes Change-Id: Ic64656c6fc3d4f561226d884b8bfb535dd537e14
7 years ago
Initial commit
9 years ago
Reactor system, documentation fixes Change-Id: Ic64656c6fc3d4f561226d884b8bfb535dd537e14
7 years ago
Initial commit
9 years ago
Provisioning overhaul
8 years ago
Initial commit
9 years ago
Reactor system, documentation fixes Change-Id: Ic64656c6fc3d4f561226d884b8bfb535dd537e14
7 years ago
Initial commit
9 years ago
Provisioning overhaul
8 years ago
Initial commit
9 years ago
allow-multiple-ext-pillars-and-reclass-options Change-Id: I336b0825712218e2381e1654251765a24581da00
7 years ago
Initial commit
9 years ago
Pillar test data
8 years ago
Salt ACL and API updates
8 years ago
Pillar test data
8 years ago
Initial commit
9 years ago
Reactor system, documentation fixes Change-Id: Ic64656c6fc3d4f561226d884b8bfb535dd537e14
7 years ago
Optional installation source - pip source:engine metadata created - defaults to pkg installation, pip installation alternative added
8 years ago
Reactor system, documentation fixes Change-Id: Ic64656c6fc3d4f561226d884b8bfb535dd537e14
7 years ago
Formula reset to specific refs (example: Gerrit review)
8 years ago
version to be specified for salt formula
7 years ago
Formula reset to specific refs (example: Gerrit review)
8 years ago
version to be specified for salt formula
7 years ago
Formula reset to specific refs (example: Gerrit review)
8 years ago
Reactor system, documentation fixes Change-Id: Ic64656c6fc3d4f561226d884b8bfb535dd537e14
7 years ago
Initial commit
9 years ago
Provisioning overhaul
8 years ago
Initial commit
9 years ago
Provisioning overhaul
8 years ago
Add support for salt master engines Change-Id: Ic9decbeaf57e9aba2f95c3dd616393dc32763fcc
7 years ago
Reactor system, documentation fixes Change-Id: Ic64656c6fc3d4f561226d884b8bfb535dd537e14
7 years ago
remote peer sign
8 years ago
Initial commit
9 years ago
Backup and restore of Salt master's state: pki and generated metadata Change-Id: I5c88d22589ec1fa6a9806c1a625b752dd4fc8b54
7 years ago
configure state_output This option can configure default output of state calls. Terse (default option) will make each call to be on single line and make salt output better. Change-Id: Id0987561e34a84fb26a796729d6ab3de3b9ae8e5
7 years ago
set state_output to "changes" Terse output is not enough for debugging. Change-Id: Ida9a4ef0a2ad053fc370d3833d716d9e8d38d814
7 years ago
configure state_output This option can configure default output of state calls. Terse (default option) will make each call to be on single line and make salt output better. Change-Id: Id0987561e34a84fb26a796729d6ab3de3b9ae8e5
7 years ago
allow-multiple-ext-pillars-and-reclass-options Change-Id: I336b0825712218e2381e1654251765a24581da00
7 years ago
Orchestrates and reactors Change-Id: I9e48e113656dd9f1ce644e98650276b36e444009
7 years ago
Reactor system, documentation fixes Change-Id: Ic64656c6fc3d4f561226d884b8bfb535dd537e14
7 years ago
Orchestrates and reactors Change-Id: I9e48e113656dd9f1ce644e98650276b36e444009
7 years ago
Reactor system, documentation fixes Change-Id: Ic64656c6fc3d4f561226d884b8bfb535dd537e14
7 years ago
Orchestrates and reactors Change-Id: I9e48e113656dd9f1ce644e98650276b36e444009
7 years ago
Minion key create/delete - reactors and orchestration pipelines Change-Id: I07e86cb5d132a83b2460deda08b8a7e65f379d33
7 years ago
Salt orchestrate pipeline stars based on reactor triggers Change-Id: I3f8ada34bf7e6e356bf6805d98eb0fa4bd66d8d3
7 years ago
Orchestrates and reactors Change-Id: I9e48e113656dd9f1ce644e98650276b36e444009
7 years ago
Salt orchestrate pipeline stars based on reactor triggers Change-Id: I3f8ada34bf7e6e356bf6805d98eb0fa4bd66d8d3
7 years ago
Orchestrates and reactors Change-Id: I9e48e113656dd9f1ce644e98650276b36e444009
7 years ago
Salt orchestrate pipeline stars based on reactor triggers Change-Id: I3f8ada34bf7e6e356bf6805d98eb0fa4bd66d8d3
7 years ago
Added support for sync modules and pillar after minion start Change-Id: Ia3b1e93e5f0b3da7097a285122d24c5b1d2b20e2
7 years ago
Minion key create/delete - reactors and orchestration pipelines Change-Id: I07e86cb5d132a83b2460deda08b8a7e65f379d33
7 years ago
Salt orchestrate pipeline stars based on reactor triggers Change-Id: I3f8ada34bf7e6e356bf6805d98eb0fa4bd66d8d3
7 years ago
Minion key create/delete - reactors and orchestration pipelines Change-Id: I07e86cb5d132a83b2460deda08b8a7e65f379d33
7 years ago
Salt orchestrate pipeline stars based on reactor triggers Change-Id: I3f8ada34bf7e6e356bf6805d98eb0fa4bd66d8d3
7 years ago
Minion key create/delete - reactors and orchestration pipelines Change-Id: I07e86cb5d132a83b2460deda08b8a7e65f379d33
7 years ago
Salt orchestrate pipeline stars based on reactor triggers Change-Id: I3f8ada34bf7e6e356bf6805d98eb0fa4bd66d8d3
7 years ago
Salt reactor features refactoring Change-Id: Ifac3f5e03099e8190db0a3af62a7be1f762f87be
7 years ago
Salt orchestrate pipeline stars based on reactor triggers Change-Id: I3f8ada34bf7e6e356bf6805d98eb0fa4bd66d8d3
7 years ago
Minion key create/delete - reactors and orchestration pipelines Change-Id: I07e86cb5d132a83b2460deda08b8a7e65f379d33
7 years ago
Reactor system, documentation fixes Change-Id: Ic64656c6fc3d4f561226d884b8bfb535dd537e14
7 years ago
allow-multiple-ext-pillars-and-reclass-options Change-Id: I336b0825712218e2381e1654251765a24581da00
7 years ago
Reactor system, documentation fixes Change-Id: Ic64656c6fc3d4f561226d884b8bfb535dd537e14
7 years ago
salt-proxy Change-Id: I2aba1213b1dda46aee929b8ea583c41316e3eb0b
7 years ago
proxy_minion fix Change-Id: I73a4a14734651f6483fae169a2290e9c5b377d76
7 years ago
salt-proxy Change-Id: I2aba1213b1dda46aee929b8ea583c41316e3eb0b
7 years ago
Salt-ssh support
8 years ago
Initial commit
9 years ago
Provisioning overhaul
8 years ago
Initial commit
9 years ago
Provisioning overhaul
8 years ago
Initial commit
9 years ago
Provisioning overhaul
8 years ago
Initial commit
9 years ago
Provisioning overhaul
8 years ago
Initial commit
9 years ago
Provisioning overhaul
8 years ago
Initial commit
9 years ago
Provisioning overhaul
8 years ago
Initial commit
9 years ago
Reactor system, documentation fixes Change-Id: Ic64656c6fc3d4f561226d884b8bfb535dd537e14
7 years ago
added readme for salt minion http proxy
7 years ago
Salt minion allow to specify HTTP backend This is useful when using proxies. The default Tornado backend does not utilize proxy environment variables and isn't able to set no_proxy variable. Change-Id: I4a51c6fc9abe65d46ed4f3adeb30f7a25337857e
7 years ago
Adding environment variables for salt minion salt-minion started via upstart is not using /etc/environment to source variables therefore is not using system wide http_proxy parameters if they are set there. With this patch if salt.minion.env_vars is set to engine: file salt will set envvars in /etc/default/salt-minion and will use them for all commands executed remotely via salt. Since /etc/default is not used on systems with systemd override for salt-minion to use /etc/environmnet will be set. Change-Id: Icfe122de2486a83820a0bd2e2aeea4be3796c6aa Closes-bug: PROD-16676
7 years ago
Salt minion allow to specify HTTP backend This is useful when using proxies. The default Tornado backend does not utilize proxy environment variables and isn't able to set no_proxy variable. Change-Id: I4a51c6fc9abe65d46ed4f3adeb30f7a25337857e
7 years ago
Reactor system, documentation fixes Change-Id: Ic64656c6fc3d4f561226d884b8bfb535dd537e14
7 years ago
Added Salt PKI setup, orchestration skeleton
8 years ago
Reactor system, documentation fixes Change-Id: Ic64656c6fc3d4f561226d884b8bfb535dd537e14
7 years ago
Added Salt PKI setup, orchestration skeleton
8 years ago
Initial commit
9 years ago
Update readme trusted_ca_minions
7 years ago
Salt-ssh support
8 years ago
Provisioning overhaul
8 years ago
Initial commit
9 years ago
Provisioning overhaul
8 years ago
Initial commit
9 years ago
Provisioning overhaul
8 years ago
Initial commit
9 years ago
Provisioning overhaul
8 years ago
Initial commit
9 years ago
Salt-ssh support
8 years ago
Initial commit
9 years ago
Provisioning overhaul
8 years ago
Initial commit
9 years ago
Provisioning overhaul
8 years ago
Reactor system, documentation fixes Change-Id: Ic64656c6fc3d4f561226d884b8bfb535dd537e14
7 years ago
Initial commit
9 years ago
Provisioning overhaul
8 years ago
Initial commit
9 years ago
Provisioning overhaul
8 years ago
Unify Makefile, .gitignore and update readme
7 years ago
 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643 
  1. 

  2. ============

  3. Salt Formula

  4. ============

  5. 

  6. Salt is a new approach to infrastructure management. Easy enough to get

  7. running in minutes, scalable enough to manage tens of thousands of servers,

  8. and fast enough to communicate with them in seconds.

  9. 

  10. Salt delivers a dynamic communication bus for infrastructures that can be used

  11. for orchestration, remote execution, configuration management and much more.

  12. 

  13. 

  14. Sample Metadata

  15. ===============

  16. 

  17. 

  18. Salt master

  19. -----------

  20. 

  21. Salt master with base formulas and pillar metadata backend

  22. 

  23. .. literalinclude:: tests/pillar/master_single_pillar.sls

  24.    :language: yaml

  25. 

  26. Salt master with reclass ENC metadata backend

  27. 

  28. .. literalinclude:: tests/pillar/master_single_reclass.sls

  29.    :language: yaml

  30. 

  31. Salt master with multiple ext_pillars

  32. 

  33. .. literalinclude:: tests/pillar/master_single_extpillars.sls

  34.    :language: yaml

  35. 

  36. Salt master with API

  37. 

  38. .. literalinclude:: tests/pillar/master_api.sls

  39.    :language: yaml

  40. 

  41. Salt master with defined user ACLs

  42. 

  43. .. literalinclude:: tests/pillar/master_acl.sls

  44.    :language: yaml

  45. 

  46. Salt master with preset minions

  47. 

  48. .. code-block:: yaml

  49. 

  50.     salt:

  51.       master:

  52.         enabled: true

  53.         minions:

  54.         - name: 'node1.system.location.domain.com'

  55. 

  56. Salt master with pip based installation (optional)

  57. 

  58. .. code-block:: yaml

  59. 

  60.     salt:

  61.       master:

  62.         enabled: true

  63.         ...

  64.         source:

  65.           engine: pip

  66.           version: 2016.3.0rc2

  67. 

  68. Install formula through system package management

  69. 

  70. .. code-block:: yaml

  71. 

  72.     salt:

  73.       master:

  74.         enabled: true

  75.         ...

  76.         environment:

  77.           prd:

  78.             keystone:

  79.               source: pkg

  80.               name: salt-formula-keystone

  81.             nova:

  82.               source: pkg

  83.               name: salt-formula-keystone

  84.               version: 0.1+0~20160818133412.24~1.gbp6e1ebb

  85.             postresql:

  86.               source: pkg

  87.               name: salt-formula-postgresql

  88.               version: purged

  89. 

  90. Formula keystone is installed latest version and the formulas without version are installed in one call to aptpkg module.

  91. If the version attribute is present sls iterates over formulas and take action to install specific version or remove it.

  92. The version attribute may have these values ``[latest|purged|removed|<VERSION>]``.

  93. 

  94. Clone master branch of keystone formula as local feature branch

  95. 

  96. .. code-block:: yaml

  97. 

  98.     salt:

  99.       master:

  100.         enabled: true

  101.         ...

  102.         environment:

  103.           dev:

  104.             formula:

  105.               keystone:

  106.                 source: git

  107.                 address: git@github.com:openstack/salt-formula-keystone.git

  108.                 revision: master

  109.                 branch: feature

  110. 

  111. Salt master with specified formula refs (for example for Gerrit review)

  112. 

  113. .. code-block:: yaml

  114. 

  115.     salt:

  116.       master:

  117.         enabled: true

  118.         ...

  119.         environment:

  120.           dev:

  121.             formula:

  122.               keystone:

  123.                 source: git

  124.                 address: https://git.openstack.org/openstack/salt-formula-keystone

  125.                 revision: refs/changes/56/123456/1

  126. 

  127. Salt master with logging handlers

  128. 

  129. .. code-block:: yaml

  130. 

  131.     salt:

  132.       master:

  133.         enabled: true

  134.         handler:

  135.           handler01:

  136.             engine: udp

  137.             bind:

  138.               host: 127.0.0.1

  139.               port: 9999

  140.       minion:

  141.         handler:

  142.           handler01:

  143.             engine: udp

  144.             bind:

  145.               host: 127.0.0.1

  146.               port: 9999

  147.           handler02:

  148.             engine: zmq

  149.             bind:

  150.               host: 127.0.0.1

  151.               port: 9999

  152. 

  153. 

  154. Salt engine definition for saltgraph metadata collector

  155. 

  156. .. code-block:: yaml

  157. 

  158.     salt:

  159.       master:

  160.         engine:

  161.           graph_metadata:

  162.             engine: saltgraph

  163.             host: 127.0.0.1

  164.             port: 5432

  165.             user: salt

  166.             password: salt

  167.             database: salt

  168. 

  169. Salt engine definition for sending events from docker events

  170. 

  171. .. code-block:: yaml

  172. 

  173.     salt:

  174.       master:

  175.         engine:

  176.           docker_events:

  177.             docker_url: unix://var/run/docker.sock

  178. 

  179. Salt master peer setup for remote certificate signing

  180. 

  181. .. code-block:: yaml

  182. 

  183.     salt:

  184.       master:

  185.         peer:

  186.           ".*":

  187.           - x509.sign_remote_certificate

  188. 

  189. 

  190. Salt master backup configuration

  191. 

  192. .. code-block:: yaml

  193. 

  194.     salt:

  195.       master:

  196.         backup: true

  197.         initial_data:

  198.           engine: backupninja

  199.           source: backup-node-host

  200.           host: original-salt-master-id

  201. 

  202. Configure verbosity of state output (used for `salt` command)

  203. 

  204. .. code-block:: yaml

  205. 

  206.     salt:

  207.       master:

  208.         state_output: changes

  209. 

  210. 

  211. Salt synchronise node pillar and modules after start

  212. 

  213. .. code-block:: yaml

  214. 

  215.     salt:

  216.       master:

  217.         reactor:

  218.           salt/minion/*/start:

  219.           - salt://salt/reactor/node_start.sls

  220. 

  221. Trigger basic node install

  222. 

  223. .. code-block:: yaml

  224. 

  225.     salt:

  226.       master:

  227.         reactor:

  228.           salt/minion/install:

  229.           - salt://salt/reactor/node_install.sls

  230. 

  231. Sample event to trigger the node installation

  232. 

  233. .. code-block:: bash

  234. 

  235.     salt-call event.send 'salt/minion/install'

  236. 

  237. Run any defined orchestration pipeline

  238. 

  239. .. code-block:: yaml

  240. 

  241.     salt:

  242.       master:

  243.         reactor:

  244.           salt/orchestrate/start:

  245.           - salt://salt/reactor/orchestrate_start.sls

  246. 

  247. Event to trigger the orchestration pipeline

  248. 

  249. .. code-block:: bash

  250. 

  251.     salt-call event.send 'salt/orchestrate/start' "{'orchestrate': 'salt/orchestrate/infra_install.sls'}"

  252. 

  253. Synchronise modules and pillars on minion start.

  254. 

  255. .. code-block:: yaml

  256. 

  257.     salt:

  258.       master:

  259.         reactor:

  260.           'salt/minion/*/start':

  261.           - salt://salt/reactor/minion_start.sls

  262. 

  263. Add and/or remove the minion key

  264. 

  265. .. code-block:: yaml

  266. 

  267.     salt:

  268.       master:

  269.         reactor:

  270.           salt/key/create:

  271.           - salt://salt/reactor/key_create.sls

  272.           salt/key/remove:

  273.           - salt://salt/reactor/key_remove.sls

  274. 

  275. Event to trigger the key creation

  276. 

  277. .. code-block:: bash

  278. 

  279.     salt-call event.send 'salt/key/create' \

  280.     > "{'node_id': 'id-of-minion', 'node_host': '172.16.10.100', 'orch_post_create': 'kubernetes.orchestrate.compute_install', 'post_create_pillar': {'node_name': 'id-of-minion'}}"

  281. 

  282. .. note::

  283. 

  284.     You can add pass additional `orch_pre_create`, `orch_post_create`,

  285.     `orch_pre_remove` or `orch_post_remove` parameters to the event to call

  286.     extra orchestrate files. This can be useful for example for

  287.     registering/unregistering nodes from the monitoring alarms or dashboards.

  288. 

  289.     The key creation event needs to be run from other machine than the one

  290.     being registered.

  291. 

  292. Event to trigger the key removal

  293. 

  294. .. code-block:: bash

  295. 

  296.     salt-call event.send 'salt/key/remove'

  297. 

  298. 

  299. Encrypted pillars

  300. -----------------

  301. 

  302. Note: NACL + below configuration will be available in Salt > 2017.7.

  303. 

  304. External resources:

  305. 

  306. - Tutorial to configure salt + reclass ext_pillar and nacl: http://apealive.net/post/2017-09-salt-nacl-ext-pillar/

  307. - Saltstack documentation: https://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.nacl.html

  308. 

  309. Configure salt NACL module:

  310. 

  311. .. code-block:: shell

  312. 

  313.   pip install --upgrade libnacl===1.5.2

  314.   salt-call --local nacl.keygen /etc/salt/pki/master/nacl

  315. 

  316.     local:

  317.         saved sk_file:/etc/salt/pki/master/nacl  pk_file: /etc/salt/pki/master/nacl.pub

  318. 

  319. 

  320. .. code-block:: yaml

  321. 

  322.     salt:

  323.       master:

  324.         pillar:

  325.           reclass: *reclass

  326.           nacl:

  327.             index: 99

  328.         nacl:

  329.           box_type: sealedbox

  330.           sk_file: /etc/salt/pki/master/nacl

  331.           pk_file: /etc/salt/pki/master/nacl.pub

  332.           #sk: None

  333.           #pk: None

  334. 

  335. NACL encrypt secrets:

  336. 

  337.   salt-call --local nacl.enc 'my_secret_value' pk_file=/etc/salt/pki/master/nacl.pub

  338.     hXTkJpC1hcKMS7yZVGESutWrkvzusXfETXkacSklIxYjfWDlMJmR37MlmthdIgjXpg4f2AlBKb8tc9Woma7q

  339.   # or

  340.   salt-run nacl.enc 'myotherpass'

  341.     ADDFD0Rav6p6+63sojl7Htfrncp5rrDVyeE4BSPO7ipq8fZuLDIVAzQLf4PCbDqi+Fau5KD3/J/E+Pw=

  342. 

  343. 

  344. NACL encrypted values on pillar:

  345. 

  346. Use Boxed syntax `NACL[CryptedValue=]` to encode value on pillar:

  347. 

  348. .. code-block:: yaml

  349. 

  350.   my_pillar:

  351.     my_nacl:

  352.         key0: unencrypted_value

  353.         key1: NACL[hXTkJpC1hcKMS7yZVGESutWrkvzusXfETXkacSklIxYjfWDlMJmR37MlmthdIgjXpg4f2AlBKb8tc9Woma7q]

  354. 

  355. NACL large files:

  356. 

  357. .. code-block:: shell

  358.   salt-call nacl.enc_file /tmp/cert.crt out=/srv/salt/env/dev/cert.nacl

  359.   # or more advanced

  360.   cert=$(cat /tmp/cert.crt)

  361.   salt-call --out=newline_values_only nacl.enc_pub data="$cert" > /srv/salt/env/dev/cert.nacl

  362. 

  363. 

  364. NACL within template/native pillars:

  365. 

  366.   pillarexample:

  367.       user: root

  368.       password1: {{salt.nacl.dec('DRB7Q6/X5gGSRCTpZyxS6hlbWj0llUA+uaVyvou3vJ4=')|json}}

  369.       cert_key: {{salt.nacl.dec_file('/srv/salt/env/dev/certs/example.com/cert.nacl')|json}}

  370.       cert_key2: {{salt.nacl.dec_file('salt:///certs/example.com/cert2.nacl')|json}}

  371. 

  372. Salt syndic

  373. -----------

  374. 

  375. The master of masters

  376. 

  377. .. code-block:: yaml

  378. 

  379.     salt:

  380.       master:

  381.         enabled: true

  382.         order_masters: True

  383. 

  384. Lower syndicated master

  385. 

  386. .. code-block:: yaml

  387. 

  388.     salt:

  389.       syndic:

  390.         enabled: true

  391.         master:

  392.           host: master-of-master-host

  393.         timeout: 5

  394. 

  395. Syndicated master with multiple master of masters

  396. 

  397. .. code-block:: yaml

  398. 

  399.     salt:

  400.       syndic:

  401.         enabled: true

  402.         masters:

  403.         - host: master-of-master-host1

  404.         - host: master-of-master-host2

  405.         timeout: 5

  406. 

  407. 

  408. Salt-minion proxy

  409. -----------------

  410. 

  411. Salt proxy pillar

  412. 

  413. .. code-block:: yaml

  414. 

  415.     salt:

  416.       minion:

  417.         proxy_minion:

  418.           master: localhost

  419.           device:

  420.             vsrx01.mydomain.local:

  421.               enabled: true

  422.               engine: napalm

  423.             csr1000v.mydomain.local:

  424.               enabled: true

  425.               engine: napalm

  426. 

  427. .. note:: This is pillar of the the real salt-minion

  428. 

  429. 

  430. Proxy pillar for IOS device

  431. 

  432. .. code-block:: yaml

  433. 

  434.     proxy:

  435.       proxytype: napalm

  436.       driver: ios

  437.       host: csr1000v.mydomain.local

  438.       username: root

  439.       passwd: r00tme

  440. 

  441. .. note:: This is pillar of the node thats not able to run salt-minion itself

  442. 

  443. 

  444. Proxy pillar for JunOS device

  445. 

  446. .. code-block:: yaml

  447. 

  448.     proxy:

  449.       proxytype: napalm

  450.       driver: junos

  451.       host: vsrx01.mydomain.local

  452.       username: root

  453.       passwd: r00tme

  454.       optional_args:

  455.         config_format: set

  456. 

  457. .. note:: This is pillar of the node thats not able to run salt-minion itself

  458. 

  459. 

  460. Salt SSH

  461. --------

  462. 

  463. Salt SSH with sudoer using key

  464. 

  465. .. literalinclude:: tests/pillar/master_ssh_minion_key.sls

  466.    :language: yaml

  467. 

  468. Salt SSH with sudoer using password

  469. 

  470. .. literalinclude:: tests/pillar/master_ssh_minion_password.sls

  471.    :language: yaml

  472. 

  473. Salt SSH with root using password

  474. 

  475. .. literalinclude:: tests/pillar/master_ssh_minion_root.sls

  476.    :language: yaml

  477. 

  478. 

  479. Salt minion

  480. -----------

  481. 

  482. Simplest Salt minion setup with central configuration node

  483. 

  484. .. code-block:: yaml

  485. 

  486. .. literalinclude:: tests/pillar/minion_master.sls

  487.    :language: yaml

  488. 

  489. Multi-master Salt minion setup

  490. 

  491. .. literalinclude:: tests/pillar/minion_multi_master.sls

  492.    :language: yaml

  493. 

  494. Salt minion with salt mine options

  495. 

  496. .. literalinclude:: tests/pillar/minion_mine.sls

  497.    :language: yaml

  498. 

  499. Salt minion with graphing dependencies

  500. 

  501. .. literalinclude:: tests/pillar/minion_graph.sls

  502.    :language: yaml

  503. 

  504. Salt minion behind HTTP proxy

  505. 

  506. .. code-block:: yaml

  507. 

  508.     salt:

  509.       minion:

  510.         proxy:

  511.           host: 127.0.0.1

  512.           port: 3128

  513. 

  514. Salt minion to specify non-default HTTP backend. The default tornado backend

  515. does not respect HTTP proxy settings set as environment variables. This is

  516. useful for cases where you need to set no_proxy lists.

  517. 

  518. .. code-block:: yaml

  519. 

  520.     salt:

  521.       minion:

  522.         backend: urllib2

  523. 

  524. Salt minion using environment variables defined in /etc/default/salt-minion for

  525. upstart based Ubuntu and in /etc/environment for Ubuntu with systemd.

  526. 

  527. .. code-block:: yaml

  528. 

  529.     salt:

  530.       minion:

  531.         env_vars:

  532.           engine: file

  533. 

  534. Salt minion with PKI certificate authority (CA)

  535. 

  536. .. literalinclude:: tests/pillar/minion_pki_ca.sls

  537.    :language: yaml

  538. 

  539. Salt minion using PKI certificate

  540. 

  541. .. literalinclude:: tests/pillar/minion_pki_cert.sls

  542.    :language: yaml

  543. 

  544. Salt minion trust CA certificates issued by salt CA on a specific host (ie: salt-master node)

  545. 

  546. .. code-block:: yaml

  547. 

  548.   salt:

  549.     minion:

  550.       trusted_ca_minions:

  551.         - cfg01

  552. 

  553. Salt control (cloud/kvm/docker)

  554. -------------------------------

  555. 

  556. Salt cloud with local OpenStack provider

  557. 

  558. .. literalinclude:: tests/pillar/control_cloud_openstack.sls

  559.    :language: yaml

  560. 

  561. Salt cloud with Digital Ocean provider

  562. 

  563. .. literalinclude:: tests/pillar/control_cloud_digitalocean.sls

  564.    :language: yaml

  565. 

  566. Salt virt with KVM cluster

  567. 

  568. .. literalinclude:: tests/pillar/control_virt.sls

  569.    :language: yaml

  570. 

  571. 

  572. Usage

  573. =====

  574. 

  575. Working with salt-cloud

  576. 

  577. .. code-block:: bash

  578. 

  579.     salt-cloud -m /path/to/map --assume-yes

  580. 

  581. Debug LIBCLOUD for salt-cloud connection

  582. 

  583. .. code-block:: bash

  584. 

  585.     export LIBCLOUD_DEBUG=/dev/stderr; salt-cloud --list-sizes provider_name --log-level all

  586. 

  587. 

  588. More Information

  589. ================

  590. 

  591. * http://salt.readthedocs.org/en/latest/

  592. * https://github.com/DanielBryan/salt-state-graph

  593. * http://karlgrz.com/testing-salt-states-rapidly-with-docker/

  594. * https://mywushublog.com/2013/03/configuration-management-with-salt-stack/

  595. * http://russell.ballestrini.net/replace-the-nagios-scheduler-and-nrpe-with-salt-stack/

  596. * https://github.com/saltstack-formulas/salt-formula

  597. * http://docs.saltstack.com/en/latest/topics/tutorials/multimaster.html

  598. 

  599. 

  600. salt-cloud

  601. ----------

  602. 

  603. * http://www.blog.sandro-mathys.ch/2013/07/setting-user-password-when-launching.html

  604. * http://cloudinit.readthedocs.org/en/latest/topics/examples.html

  605. * http://salt-cloud.readthedocs.org/en/latest/topics/install/index.html

  606. * http://docs.saltstack.com/topics/cloud/digitalocean.html

  607. * http://salt-cloud.readthedocs.org/en/latest/topics/rackspace.html

  608. * http://salt-cloud.readthedocs.org/en/latest/topics/map.html

  609. * http://docs.saltstack.com/en/latest/topics/tutorials/multimaster.html

  610. 

  611. 

  612. Documentation and Bugs

  613. ======================

  614. 

  615. To learn how to install and update salt-formulas, consult the documentation

  616. available online at:

  617. 

  618.     http://salt-formulas.readthedocs.io/

  619. 

  620. In the unfortunate event that bugs are discovered, they should be reported to

  621. the appropriate issue tracker. Use Github issue tracker for specific salt

  622. formula:

  623. 

  624.     https://github.com/salt-formulas/salt-formula-salt/issues

  625. 

  626. For feature requests, bug reports or blueprints affecting entire ecosystem,

  627. use Launchpad salt-formulas project:

  628. 

  629.     https://launchpad.net/salt-formulas

  630. 

  631. You can also join salt-formulas-users team and subscribe to mailing list:

  632. 

  633.     https://launchpad.net/~salt-formulas-users

  634. 

  635. Developers wishing to work on the salt-formulas projects should always base

  636. their work on master branch and submit pull request against specific formula.

  637. 

  638.     https://github.com/salt-formulas/salt-formula-salt

  639. 

  640. Any questions or feedback is always welcome so feel free to join our IRC

  641. channel:

  642. 

  643.     #salt-formulas @ irc.freenode.net