Merge pull request #2 from tcpcloud/salt_ssh
Salt ssh
diff --git a/CHANGELOG.rst b/CHANGELOG.rst
index e6520ad..4fa6f4a 100644
--- a/CHANGELOG.rst
+++ b/CHANGELOG.rst
@@ -3,6 +3,13 @@
salt-formula
============
+0.0.4
+-----
+
+- Salt-virt
+- Salt API
+
+
0.0.3
-----
diff --git a/README.rst b/README.rst
index a46f85b..9b0b946 100644
--- a/README.rst
+++ b/README.rst
@@ -25,28 +25,13 @@
Salt master with API
-.. code-block:: yaml
-
- salt:
- api:
- enabled: true
- ssl:
- engine: salt
- bind:
- address: 0.0.0.0
- port: 8000
+.. literalinclude:: tests/pillar/master_api.sls
+ :language: yaml
Salt master with defined user ACLs
-.. code-block:: yaml
-
- salt:
- master:
- user:
- peter:
- permissions:
- - 'fs.fs'
- - 'fs.\*'
+.. literalinclude:: tests/pillar/master_acl.sls
+ :language: yaml
Salt master with preset minions
@@ -55,7 +40,6 @@
salt:
master:
enabled: true
- ...
minions:
- name: 'node1.system.location.domain.com'
@@ -125,8 +109,7 @@
salt:
master:
enabled: true
- ...
- syndic:
+ syndicate:
mode: master
Salt master syndicate (client) master
@@ -136,7 +119,6 @@
salt:
master:
enabled: true
- ...
syndicate:
mode: client
host: master-master
@@ -177,6 +159,26 @@
".*":
- x509.sign_remote_certificate
+
+Salt SSH
+--------
+
+Salt SSH with sudoer using key
+
+.. literalinclude:: tests/pillar/master_ssh_minion_key.sls
+ :language: yaml
+
+Salt SSH with sudoer using password
+
+.. literalinclude:: tests/pillar/master_ssh_minion_password.sls
+ :language: yaml
+
+Salt SSH with root using password
+
+.. literalinclude:: tests/pillar/master_ssh_minion_root.sls
+ :language: yaml
+
+
Salt minion
-----------
@@ -202,6 +204,9 @@
.. literalinclude:: tests/pillar/minion_graph.sls
:language: yaml
+PKI CA
+~~~~~~
+
Salt minion with PKI CA
.. literalinclude:: tests/pillar/minion_pki_ca.sls
@@ -212,6 +217,7 @@
.. literalinclude:: tests/pillar/minion_pki_cert.sls
:language: yaml
+
Salt control (cloud/kvm/docker)
-------------------------------
@@ -225,7 +231,7 @@
.. literalinclude:: tests/pillar/control_cloud_digitalocean.sls
:language: yaml
-Salt virt KVM cluster
+Salt virt with KVM cluster
.. literalinclude:: tests/pillar/control_virt.sls
:language: yaml
@@ -270,32 +276,3 @@
* http://salt-cloud.readthedocs.org/en/latest/topics/map.html
* http://docs.saltstack.com/en/latest/topics/tutorials/multimaster.html
-salt-virt
----------
-
-Sample pillar
-
-.. code-block:: yaml
-
- salt:
- control:
- enabled: True
- virt_enabled: True
- size:
- medium:
- cpu: 2
- ram: 1024
- cluster:
- localnode:
- domain: domain.com
- engine: virt
- config:
- engine: salt
- host: 127.0.0.1
- node:
- ubuntu01:
- provider: node001.domain.com
- image: ubuntu-14-04-x64-1456128611.qcow2
- size: medium
- disk_profile: database
- net_profile: testing
diff --git a/VERSION b/VERSION
index 3b04cfb..bd73f47 100644
--- a/VERSION
+++ b/VERSION
@@ -1 +1 @@
-0.2
+0.4
diff --git a/metadata.yml b/metadata.yml
index b5b013c..d75dea4 100644
--- a/metadata.yml
+++ b/metadata.yml
@@ -1,5 +1,5 @@
name: "salt"
-version: "0.2"
+version: "0.4"
source: "https://github.com/tcpcloud/salt-formula-salt"
dependencies:
- name: git
diff --git a/salt/files/roster b/salt/files/roster
new file mode 100644
index 0000000..e59daf2
--- /dev/null
+++ b/salt/files/roster
@@ -0,0 +1,16 @@
+{%- from "salt/map.jinja" import master with context %}
+{%- for minion_name, minion in master.get('ssh_minion', {}).items() %}
+{{ minion_name }}:
+ host: {{ minion.host }}
+ user: {{ minion.user }}
+ {%- if minion.password is defined %}
+ passwd: {{ minion.password }}
+ {%- endif %}
+ {%- if minion.key_file is defined %}
+ priv: {{ minion.key_file }}
+ {%- endif %}
+ {%- if minion.get('sudo', False) %}
+ sudo: True
+ tty: True
+ {%- endif %}
+{%- endfor %}
diff --git a/salt/master/init.sls b/salt/master/init.sls
index 139b142..378baa2 100644
--- a/salt/master/init.sls
+++ b/salt/master/init.sls
@@ -6,6 +6,9 @@
{%- if pillar.salt.master.windows_repo is defined %}
- salt.master.win_repo
{%- endif %}
+{%- if pillar.salt.master.ssh_minion is defined %}
+- salt.master.ssh
+{%- endif %}
{#
- salt.master.orchestrate
#}
\ No newline at end of file
diff --git a/salt/master/pillar.sls b/salt/master/pillar.sls
index 65fc1a5..45dec09 100644
--- a/salt/master/pillar.sls
+++ b/salt/master/pillar.sls
@@ -4,9 +4,13 @@
{%- if master.pillar.engine == 'salt' %}
include:
+{%- if master.pillar.source.engine == "git" %}
- git.client
+{%- endif %}
- salt.master.service
+{%- if master.pillar.source.engine == "git" %}
+
{{ master.pillar.source.address }}:
git.latest:
- target: /srv/salt/pillar
@@ -25,6 +29,8 @@
{%- endif %}
+{%- endif %}
+
{%- elif master.pillar.engine == 'reclass' %}
include:
diff --git a/salt/master/ssh.sls b/salt/master/ssh.sls
new file mode 100644
index 0000000..bbc3bc3
--- /dev/null
+++ b/salt/master/ssh.sls
@@ -0,0 +1,17 @@
+{%- from "salt/map.jinja" import master with context %}
+{%- if master.enabled %}
+
+include:
+- salt.master.service
+
+/etc/salt/roster:
+ file.managed:
+ - source: salt://salt/files/roster
+ - user: root
+ - template: jinja
+ - require:
+ - {{ master.install_state }}
+ - watch_in:
+ - service: salt_master_service
+
+{%- endif %}
\ No newline at end of file
diff --git a/tests/pillar/control_virt.sls b/tests/pillar/control_virt.sls
index e07319b..e84c5dd 100644
--- a/tests/pillar/control_virt.sls
+++ b/tests/pillar/control_virt.sls
@@ -31,4 +31,4 @@
ubuntu2:
provider: node02.domain.com
image: bubuntu.qcomw
- size: small
\ No newline at end of file
+ size: small
diff --git a/tests/pillar/master_acl.sls b/tests/pillar/master_acl.sls
new file mode 100644
index 0000000..d457f5c
--- /dev/null
+++ b/tests/pillar/master_acl.sls
@@ -0,0 +1,24 @@
+git:
+ client:
+ enabled: true
+linux:
+ system:
+ enabled: true
+salt:
+ master:
+ enabled: true
+ source:
+ engine: pkg
+ pillar:
+ engine: salt
+ source:
+ engine: local
+ environment:
+ prd:
+ formula: {}
+ user:
+ peter:
+ enabled: true
+ permissions:
+ - 'fs.fs'
+ - 'fs.\*'
diff --git a/tests/pillar/master_api.sls b/tests/pillar/master_api.sls
new file mode 100644
index 0000000..b5bd653
--- /dev/null
+++ b/tests/pillar/master_api.sls
@@ -0,0 +1,25 @@
+git:
+ client:
+ enabled: true
+linux:
+ system:
+ enabled: true
+salt:
+ master:
+ enabled: true
+ source:
+ engine: pkg
+ pillar:
+ engine: salt
+ source:
+ engine: local
+ environment:
+ prd:
+ formula: {}
+ api:
+ enabled: true
+ ssl:
+ engine: salt
+ bind:
+ address: 0.0.0.0
+ port: 8000
diff --git a/tests/pillar/master_cluster_failover.sls b/tests/pillar/master_cluster_failover.sls
index e69de29..88229a0 100644
--- a/tests/pillar/master_cluster_failover.sls
+++ b/tests/pillar/master_cluster_failover.sls
@@ -0,0 +1,18 @@
+git:
+ client:
+ enabled: true
+linux:
+ system:
+ enabled: true
+salt:
+ master:
+ enabled: true
+ source:
+ engine: pkg
+ pillar:
+ engine: salt
+ source:
+ engine: local
+ environment:
+ prd:
+ formula: {}
\ No newline at end of file
diff --git a/tests/pillar/master_custom_handler.sls b/tests/pillar/master_custom_handler.sls
new file mode 100644
index 0000000..80abf33
--- /dev/null
+++ b/tests/pillar/master_custom_handler.sls
@@ -0,0 +1,24 @@
+git:
+ client:
+ enabled: true
+linux:
+ system:
+ enabled: true
+salt:
+ master:
+ enabled: true
+ source:
+ engine: pkg
+ pillar:
+ engine: salt
+ source:
+ engine: local
+ environment:
+ prd:
+ formula: {}
+ handler:
+ handler01:
+ engine: udp
+ bind:
+ host: 127.0.0.1
+ port: 9999
diff --git a/tests/pillar/master_ssh_minion_key.sls b/tests/pillar/master_ssh_minion_key.sls
new file mode 100644
index 0000000..09e007e
--- /dev/null
+++ b/tests/pillar/master_ssh_minion_key.sls
@@ -0,0 +1,25 @@
+git:
+ client:
+ enabled: true
+linux:
+ system:
+ enabled: true
+salt:
+ master:
+ enabled: true
+ source:
+ engine: pkg
+ pillar:
+ engine: salt
+ source:
+ engine: local
+ environment:
+ prd:
+ formula: {}
+ ssh_minion:
+ node01:
+ host: 10.0.0.1
+ user: saltssh
+ sudo: true
+ key_file: /path/to/the/key
+ port: 22
diff --git a/tests/pillar/master_ssh_minion_password.sls b/tests/pillar/master_ssh_minion_password.sls
new file mode 100644
index 0000000..2883f4d
--- /dev/null
+++ b/tests/pillar/master_ssh_minion_password.sls
@@ -0,0 +1,25 @@
+git:
+ client:
+ enabled: true
+linux:
+ system:
+ enabled: true
+salt:
+ master:
+ enabled: true
+ source:
+ engine: pkg
+ pillar:
+ engine: salt
+ source:
+ engine: local
+ environment:
+ prd:
+ formula: {}
+ ssh_minion:
+ node01:
+ host: 10.0.0.1
+ user: saltssh
+ sudo: true
+ password: password
+ port: 22
diff --git a/tests/pillar/master_ssh_minion_root.sls b/tests/pillar/master_ssh_minion_root.sls
new file mode 100644
index 0000000..b076fbc
--- /dev/null
+++ b/tests/pillar/master_ssh_minion_root.sls
@@ -0,0 +1,24 @@
+git:
+ client:
+ enabled: true
+linux:
+ system:
+ enabled: true
+salt:
+ master:
+ enabled: true
+ source:
+ engine: pkg
+ pillar:
+ engine: salt
+ source:
+ engine: local
+ environment:
+ prd:
+ formula: {}
+ ssh_minion:
+ node01:
+ host: 10.0.0.1
+ user: root
+ password: password
+ port: 22
diff --git a/tests/pillar/minion_custom_handler.sls b/tests/pillar/minion_custom_handler.sls
new file mode 100644
index 0000000..6c30c48
--- /dev/null
+++ b/tests/pillar/minion_custom_handler.sls
@@ -0,0 +1,14 @@
+salt:
+ minion:
+ enabled: true
+ handler:
+ handler01:
+ engine: udp
+ bind:
+ host: 127.0.0.1
+ port: 9999
+ handler02:
+ engine: zmq
+ bind:
+ host: 127.0.0.1
+ port: 9999
\ No newline at end of file
diff --git a/tests/pillar/master_base.sls b/tests/pillar/salt_master_peer.sls
similarity index 100%
rename from tests/pillar/master_base.sls
rename to tests/pillar/salt_master_peer.sls