New Saltstack Salt formula
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

README.rst 11KB

9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504
  1. ============
  2. Salt Formula
  3. ============
  4. Salt is a new approach to infrastructure management. Easy enough to get
  5. running in minutes, scalable enough to manage tens of thousands of servers,
  6. and fast enough to communicate with them in seconds.
  7. Salt delivers a dynamic communication bus for infrastructures that can be used
  8. for orchestration, remote execution, configuration management and much more.
  9. Sample Metadata
  10. ===============
  11. Salt master
  12. -----------
  13. Salt master with base formulas and pillar metadata backend
  14. .. literalinclude:: tests/pillar/master_single_pillar.sls
  15. :language: yaml
  16. Salt master with reclass ENC metadata backend
  17. .. literalinclude:: tests/pillar/master_single_reclass.sls
  18. :language: yaml
  19. Salt master with API
  20. .. literalinclude:: tests/pillar/master_api.sls
  21. :language: yaml
  22. Salt master with defined user ACLs
  23. .. literalinclude:: tests/pillar/master_acl.sls
  24. :language: yaml
  25. Salt master with preset minions
  26. .. code-block:: yaml
  27. salt:
  28. master:
  29. enabled: true
  30. minions:
  31. - name: 'node1.system.location.domain.com'
  32. Salt master with pip based installation (optional)
  33. .. code-block:: yaml
  34. salt:
  35. master:
  36. enabled: true
  37. ...
  38. source:
  39. engine: pip
  40. version: 2016.3.0rc2
  41. Install formula through system package management
  42. .. code-block:: yaml
  43. salt:
  44. master:
  45. enabled: true
  46. ...
  47. environment:
  48. prd:
  49. keystone:
  50. source: pkg
  51. name: salt-formula-keystone
  52. nova:
  53. source: pkg
  54. name: salt-formula-keystone
  55. version: 0.1+0~20160818133412.24~1.gbp6e1ebb
  56. postresql:
  57. source: pkg
  58. name: salt-formula-postgresql
  59. version: purged
  60. Formula keystone is installed latest version and the formulas without version are installed in one call to aptpkg module.
  61. If the version attribute is present sls iterates over formulas and take action to install specific version or remove it.
  62. The version attribute may have these values ``[latest|purged|removed|<VERSION>]``.
  63. Clone master branch of keystone formula as local feature branch
  64. .. code-block:: yaml
  65. salt:
  66. master:
  67. enabled: true
  68. ...
  69. environment:
  70. dev:
  71. formula:
  72. keystone:
  73. source: git
  74. address: git@github.com:openstack/salt-formula-keystone.git
  75. revision: master
  76. branch: feature
  77. Salt master with specified formula refs (for example for Gerrit review)
  78. .. code-block:: yaml
  79. salt:
  80. master:
  81. enabled: true
  82. ...
  83. environment:
  84. dev:
  85. formula:
  86. keystone:
  87. source: git
  88. address: https://git.openstack.org/openstack/salt-formula-keystone
  89. revision: refs/changes/56/123456/1
  90. Salt master with logging handlers
  91. .. code-block:: yaml
  92. salt:
  93. master:
  94. enabled: true
  95. handler:
  96. handler01:
  97. engine: udp
  98. bind:
  99. host: 127.0.0.1
  100. port: 9999
  101. minion:
  102. handler:
  103. handler01:
  104. engine: udp
  105. bind:
  106. host: 127.0.0.1
  107. port: 9999
  108. handler02:
  109. engine: zmq
  110. bind:
  111. host: 127.0.0.1
  112. port: 9999
  113. Salt master peer setup for remote certificate signing
  114. .. code-block:: yaml
  115. salt:
  116. master:
  117. peer:
  118. ".*":
  119. - x509.sign_remote_certificate
  120. Configure verbosity of state output (used for `salt` command)
  121. .. code-block:: yaml
  122. salt:
  123. master:
  124. state_output: changes
  125. Salt synchronise node pillar and modules after start
  126. .. code-block:: yaml
  127. salt:
  128. master:
  129. reactor:
  130. salt/minion/*/start:
  131. - salt://salt/reactor/node_start.sls
  132. Trigger basic node install
  133. .. code-block:: yaml
  134. salt:
  135. master:
  136. reactor:
  137. salt/minion/install:
  138. - salt://salt/reactor/node_install.sls
  139. Sample event to trigger the node installation
  140. .. code-block:: bash
  141. salt-call event.send 'salt/minion/install'
  142. Run any defined orchestration pipeline
  143. .. code-block:: yaml
  144. salt:
  145. master:
  146. reactor:
  147. salt/orchestrate/start:
  148. - salt://salt/reactor/orchestrate_start.sls
  149. Event to trigger the orchestration pipeline
  150. .. code-block:: bash
  151. salt-call event.send 'salt/orchestrate/start' "{'orchestrate': 'salt/orchestrate/infra_install.sls'}"
  152. Add and/or remove the minion key
  153. .. code-block:: yaml
  154. salt:
  155. master:
  156. reactor:
  157. salt/key/create:
  158. - salt://salt/reactor/key_create.sls
  159. salt/key/remove:
  160. - salt://salt/reactor/key_remove.sls
  161. Event to trigger the key creation
  162. .. code-block:: bash
  163. salt-call event.send 'salt/key/create' "{'node_name': 'id-of-minion', 'orch_post_create': 'kubernetes/orchestrate/compute_install.sls'}"
  164. .. note::
  165. You can add pass additional `orch_pre_create`, `orch_post_create`,
  166. `orch_pre_remove` or `orch_post_remove` parameters to the event to call
  167. extra orchestrate files. This can be useful for example for
  168. registering/unregistering nodes from the monitoring alarms or dashboards.
  169. The key creation event needs to be run from other machine than the one
  170. being registered.
  171. Event to trigger the key removal
  172. .. code-block:: bash
  173. salt-call event.send 'salt/key/remove'
  174. Salt syndic
  175. -----------
  176. The master of masters
  177. .. code-block:: yaml
  178. salt:
  179. master:
  180. enabled: true
  181. order_masters: True
  182. Lower syndicated master
  183. .. code-block:: yaml
  184. salt:
  185. syndic:
  186. enabled: true
  187. master:
  188. host: master-of-master-host
  189. timeout: 5
  190. Syndicated master with multiple master of masters
  191. .. code-block:: yaml
  192. salt:
  193. syndic:
  194. enabled: true
  195. masters:
  196. - host: master-of-master-host1
  197. - host: master-of-master-host2
  198. timeout: 5
  199. Salt-minion proxy
  200. -----------------
  201. Salt proxy pillar
  202. .. code-block:: yaml
  203. salt:
  204. minion:
  205. proxy_minion:
  206. master: localhost
  207. device:
  208. vsrx01.mydomain.local:
  209. enabled: true
  210. engine: napalm
  211. csr1000v.mydomain.local:
  212. enabled: true
  213. engine: napalm
  214. .. note:: This is pillar of the the real salt-minion
  215. Proxy pillar for IOS device
  216. .. code-block:: yaml
  217. proxy:
  218. proxytype: napalm
  219. driver: ios
  220. host: csr1000v.mydomain.local
  221. username: root
  222. passwd: r00tme
  223. .. note:: This is pillar of the node thats not able to run salt-minion itself
  224. Proxy pillar for JunOS device
  225. .. code-block:: yaml
  226. proxy:
  227. proxytype: napalm
  228. driver: junos
  229. host: vsrx01.mydomain.local
  230. username: root
  231. passwd: r00tme
  232. optional_args:
  233. config_format: set
  234. .. note:: This is pillar of the node thats not able to run salt-minion itself
  235. Salt SSH
  236. --------
  237. Salt SSH with sudoer using key
  238. .. literalinclude:: tests/pillar/master_ssh_minion_key.sls
  239. :language: yaml
  240. Salt SSH with sudoer using password
  241. .. literalinclude:: tests/pillar/master_ssh_minion_password.sls
  242. :language: yaml
  243. Salt SSH with root using password
  244. .. literalinclude:: tests/pillar/master_ssh_minion_root.sls
  245. :language: yaml
  246. Salt minion
  247. -----------
  248. Simplest Salt minion setup with central configuration node
  249. .. code-block:: yaml
  250. .. literalinclude:: tests/pillar/minion_master.sls
  251. :language: yaml
  252. Multi-master Salt minion setup
  253. .. literalinclude:: tests/pillar/minion_multi_master.sls
  254. :language: yaml
  255. Salt minion with salt mine options
  256. .. literalinclude:: tests/pillar/minion_mine.sls
  257. :language: yaml
  258. Salt minion with graphing dependencies
  259. .. literalinclude:: tests/pillar/minion_graph.sls
  260. :language: yaml
  261. Salt minion behind HTTP proxy
  262. .. code-block:: yaml
  263. salt:
  264. minion:
  265. proxy:
  266. host: 127.0.0.1
  267. port: 3128
  268. Salt minion to specify non-default HTTP backend. The default tornado backend
  269. does not respect HTTP proxy settings set as environment variables. This is
  270. useful for cases where you need to set no_proxy lists.
  271. .. code-block:: yaml
  272. salt:
  273. minion:
  274. backend: urllib2
  275. Salt minion with PKI certificate authority (CA)
  276. .. literalinclude:: tests/pillar/minion_pki_ca.sls
  277. :language: yaml
  278. Salt minion using PKI certificate
  279. .. literalinclude:: tests/pillar/minion_pki_cert.sls
  280. :language: yaml
  281. Salt minion trust CA certificates issued by salt CA on a specific host (ie: salt-master node)
  282. .. code-block:: yaml
  283. salt:
  284. minion:
  285. trusted_ca_minions:
  286. - cfg01
  287. Salt control (cloud/kvm/docker)
  288. -------------------------------
  289. Salt cloud with local OpenStack provider
  290. .. literalinclude:: tests/pillar/control_cloud_openstack.sls
  291. :language: yaml
  292. Salt cloud with Digital Ocean provider
  293. .. literalinclude:: tests/pillar/control_cloud_digitalocean.sls
  294. :language: yaml
  295. Salt virt with KVM cluster
  296. .. literalinclude:: tests/pillar/control_virt.sls
  297. :language: yaml
  298. Usage
  299. =====
  300. Working with salt-cloud
  301. .. code-block:: bash
  302. salt-cloud -m /path/to/map --assume-yes
  303. Debug LIBCLOUD for salt-cloud connection
  304. .. code-block:: bash
  305. export LIBCLOUD_DEBUG=/dev/stderr; salt-cloud --list-sizes provider_name --log-level all
  306. More Information
  307. ================
  308. * http://salt.readthedocs.org/en/latest/
  309. * https://github.com/DanielBryan/salt-state-graph
  310. * http://karlgrz.com/testing-salt-states-rapidly-with-docker/
  311. * https://mywushublog.com/2013/03/configuration-management-with-salt-stack/
  312. * http://russell.ballestrini.net/replace-the-nagios-scheduler-and-nrpe-with-salt-stack/
  313. * https://github.com/saltstack-formulas/salt-formula
  314. * http://docs.saltstack.com/en/latest/topics/tutorials/multimaster.html
  315. salt-cloud
  316. ----------
  317. * http://www.blog.sandro-mathys.ch/2013/07/setting-user-password-when-launching.html
  318. * http://cloudinit.readthedocs.org/en/latest/topics/examples.html
  319. * http://salt-cloud.readthedocs.org/en/latest/topics/install/index.html
  320. * http://docs.saltstack.com/topics/cloud/digitalocean.html
  321. * http://salt-cloud.readthedocs.org/en/latest/topics/rackspace.html
  322. * http://salt-cloud.readthedocs.org/en/latest/topics/map.html
  323. * http://docs.saltstack.com/en/latest/topics/tutorials/multimaster.html
  324. Documentation and Bugs
  325. ======================
  326. To learn how to install and update salt-formulas, consult the documentation
  327. available online at:
  328. http://salt-formulas.readthedocs.io/
  329. In the unfortunate event that bugs are discovered, they should be reported to
  330. the appropriate issue tracker. Use Github issue tracker for specific salt
  331. formula:
  332. https://github.com/salt-formulas/salt-formula-salt/issues
  333. For feature requests, bug reports or blueprints affecting entire ecosystem,
  334. use Launchpad salt-formulas project:
  335. https://launchpad.net/salt-formulas
  336. You can also join salt-formulas-users team and subscribe to mailing list:
  337. https://launchpad.net/~salt-formulas-users
  338. Developers wishing to work on the salt-formulas projects should always base
  339. their work on master branch and submit pull request against specific formula.
  340. https://github.com/salt-formulas/salt-formula-salt
  341. Any questions or feedback is always welcome so feel free to join our IRC
  342. channel:
  343. #salt-formulas @ irc.freenode.net