From: Alejandro del Castillo <alejandro.delcastillo@ni.com>
To: Bruce Ashfield <bruce.ashfield@gmail.com>
Cc: "meta-virtualization@yoctoproject.org"
<meta-virtualization@yoctoproject.org>,
code@joelwhitehouse.com, Joseph Hall <perlhoser@gmail.com>
Subject: Re: [PATCH] salt: add recipe for salt
Date: Wed, 13 May 2015 16:59:31 -0500 [thread overview]
Message-ID: <5553C943.9050704@ni.com> (raw)
In-Reply-To: <CADkTA4O5W=Yfrqihq2tkGL4fRULHZM2OG9AJSsgpASk4h=Bw_g@mail.gmail.com>
On 05/12/2015 11:20 AM, Bruce Ashfield wrote:
> On Tue, May 12, 2015 at 11:38 AM, Alejandro del Castillo
> <alejandro.delcastillo@ni.com> wrote:
>>
>>
>> On 05/11/2015 11:08 PM, Bruce Ashfield wrote:
>>> The series looks good to me, I've queued it locally and will push it soon.
>>> Is there a README or HOWTO for any runtime testing ?
>>
>> There is a ton of documentation on SaltStack website
>> (http://docs.saltstack.com/en/latest/contents.html). The help is extensive,
>> which can make it overwhelming.
>
> I find the same thing with all of openstack :)
>
>>
>> The recipe has 6 components that provide different System Configuration
>> Management functionality. For embedded, I expect the majority of the use cases
>> will involve running only the salt-minion, but I did test all the components.
>> The components:
>>
>> salt-master (daemon).-
>> salt-minion (daemon)
>> salt-syndic (daemon)
>> salt-ssh
>> salt-api (daemon)
>> salt-cloud
>>
>> If it helps, I can send you the testing that I did for each component.
>
>
> That would be great!
* salt-master & salt-minion : The salt minion is a daemon that receives command
from a salt-master
- Install salt master, verify that service is running (It spawns several
salt-master processes)
- Install salt-minion, verify that service is running (1 process)
- Set salt-minion master setting to salt-master instance. On /etc/salt/minion set
master: <DNS of your system>
- Restart salt-minion
/etc/init.d/salt-minion restart
- Accept salt-minion key
salt-key -A
- Ping salt-minion from master
salt '*' test.ping (you should get a ping)
* salt-syndic : Special pass-through minion that runs on a master so it can
connect to another master
For this test you'll need another system running salt-master, which will be the
master of masters
- Set the master of masters dns by adding to /etc/salt/master
syndic_master: <master of masters dns>
- Install salt-syndic and verify that the service is running (1 process)
- On the master of master's server, accept the syndic key:
salt-key -A
- Ping all targets from master of masters
salt '*' test.ping (you should get a ping, comming from the minion,
via the syndic)
Cleanup:
- Uninstall the syndic
- killall salt-syndic (due to https://github.com/saltstack/salt/issues/23026)
* salt-ssh : Allow routines to be executed on remote systems entirely via ssh.
- Install salt-ssh
- Configure machine to connect to on /etc/salt/roster (doesn't need to have
salt installed)
myslave:
host: <slave_ip>
user: <ssh_username>
passwd: <ssh_passwd>
- Ping slave
salt-ssh myslave test.ping
* salt-api : Modular interface on top of Salt that can provide a variety of
entry points into a running salt system
- Configure WSGI interface and auth via pam by adding to /etc/salt/master:
rest_wsgi:
port: 8001
external_auth:
pam:
<username>:
-.*
- Install salt-api (it will spawn 2 processes)
- Restart salt-master
/etc/init.d/salt-master restart
- Ping via the REST API
curl -sS -i -H 'Content-Type: application/json' -d
'[{"eauth":"pam","username":"<username>","password":"<passwd>","client":"local","tgt":"*","fun":"test.ping"}]'
localhost:8001
CAVEATS
- You can't use username root
* salt-cloud : Interface to public cloud VM management systems
- Configure salt-cloud to use Amazon EC2 by adding to
/etc/salt/cloud.providers/myprovider.conf:
myprovider:
id: <AWS_ACCESS_KEY_ID>
key: '<AWS_SECRET_ACCESS_KEY>'
keyname: <aws_ssh_key>.pem
private_key: <path_to_pem_file>
provider: ec2
- List configured providers:
salt-cloud --list-providers (should list ec2 as a provider)
To run --list-providers you don't need a EC2 account (just make up values). If
you want to interact with the cloud, you'll need a EC2 account, and you will
need to fill the values on myprovider.conf. Then you should be able to do things
like list the available images:
salt-cloud --list-images ec2
--
Cheers,
Alejandro
next prev parent reply other threads:[~2015-05-13 21:59 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-05-08 15:28 [PATCH] salt: add recipe for salt Alejandro del Castillo
2015-05-12 4:08 ` Bruce Ashfield
2015-05-12 15:38 ` Alejandro del Castillo
2015-05-12 16:20 ` Bruce Ashfield
2015-05-13 21:59 ` Alejandro del Castillo [this message]
2015-05-13 20:48 ` Bruce Ashfield
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5553C943.9050704@ni.com \
--to=alejandro.delcastillo@ni.com \
--cc=bruce.ashfield@gmail.com \
--cc=code@joelwhitehouse.com \
--cc=meta-virtualization@yoctoproject.org \
--cc=perlhoser@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.