On 05/12/2015 11:20 AM, Bruce Ashfield wrote:
> On Tue, May 12, 2015 at 11:38 AM, Alejandro del Castillo
> <[email protected]> wrote:
>>
>>
>> On 05/11/2015 11:08 PM, Bruce Ashfield wrote:
>>> The series looks good to me, I've queued it locally and will push it soon.
>>> Is there a README or HOWTO for any runtime testing ?
>>
>> There is a ton of documentation on SaltStack website
>> (http://docs.saltstack.com/en/latest/contents.html). The help is extensive,
>> which can make it overwhelming.
>
> I find the same thing with all of openstack :)
>
>>
>> The recipe has 6 components that provide different System Configuration
>> Management functionality. For embedded, I expect the majority of the use
>> cases
>> will involve running only the salt-minion, but I did test all the components.
>> The components:
>>
>> salt-master (daemon).-
>> salt-minion (daemon)
>> salt-syndic (daemon)
>> salt-ssh
>> salt-api (daemon)
>> salt-cloud
>>
>> If it helps, I can send you the testing that I did for each component.
>
>
> That would be great!
* salt-master & salt-minion : The salt minion is a daemon that receives command
from a salt-master
- Install salt master, verify that service is running (It spawns several
salt-master processes)
- Install salt-minion, verify that service is running (1 process)
- Set salt-minion master setting to salt-master instance. On /etc/salt/minion
set
master: <DNS of your system>
- Restart salt-minion
/etc/init.d/salt-minion restart
- Accept salt-minion key
salt-key -A
- Ping salt-minion from master
salt '*' test.ping (you should get a ping)
* salt-syndic : Special pass-through minion that runs on a master so it can
connect to another master
For this test you'll need another system running salt-master, which will be the
master of masters
- Set the master of masters dns by adding to /etc/salt/master
syndic_master: <master of masters dns>
- Install salt-syndic and verify that the service is running (1 process)
- On the master of master's server, accept the syndic key:
salt-key -A
- Ping all targets from master of masters
salt '*' test.ping (you should get a ping, comming from the minion,
via the syndic)
Cleanup:
- Uninstall the syndic
- killall salt-syndic (due to
https://github.com/saltstack/salt/issues/23026)
* salt-ssh : Allow routines to be executed on remote systems entirely via ssh.
- Install salt-ssh
- Configure machine to connect to on /etc/salt/roster (doesn't need to have
salt installed)
myslave:
host: <slave_ip>
user: <ssh_username>
passwd: <ssh_passwd>
- Ping slave
salt-ssh myslave test.ping
* salt-api : Modular interface on top of Salt that can provide a variety of
entry points into a running salt system
- Configure WSGI interface and auth via pam by adding to /etc/salt/master:
rest_wsgi:
port: 8001
external_auth:
pam:
<username>:
-.*
- Install salt-api (it will spawn 2 processes)
- Restart salt-master
/etc/init.d/salt-master restart
- Ping via the REST API
curl -sS -i -H 'Content-Type: application/json' -d
'[{"eauth":"pam","username":"<username>","password":"<passwd>","client":"local","tgt":"*","fun":"test.ping"}]'
localhost:8001
CAVEATS
- You can't use username root
* salt-cloud : Interface to public cloud VM management systems
- Configure salt-cloud to use Amazon EC2 by adding to
/etc/salt/cloud.providers/myprovider.conf:
myprovider:
id: <AWS_ACCESS_KEY_ID>
key: '<AWS_SECRET_ACCESS_KEY>'
keyname: <aws_ssh_key>.pem
private_key: <path_to_pem_file>
provider: ec2
- List configured providers:
salt-cloud --list-providers (should list ec2 as a provider)
To run --list-providers you don't need a EC2 account (just make up values). If
you want to interact with the cloud, you'll need a EC2 account, and you will
need to fill the values on myprovider.conf. Then you should be able to do things
like list the available images:
salt-cloud --list-images ec2
--
Cheers,
Alejandro
--
_______________________________________________
meta-virtualization mailing list
[email protected]
https://lists.yoctoproject.org/listinfo/meta-virtualization
