Initial commit
This commit is contained in:
Carlos
3
.gitignore
vendored
Normal file
3
.gitignore
vendored
Normal file
@@ -0,0 +1,3 @@
|
||||
# Keys
|
||||
keys/
|
||||
|
||||
61
Dockerfile
Normal file
61
Dockerfile
Normal file
@@ -0,0 +1,61 @@
|
||||
FROM ubuntu:18.04
|
||||
|
||||
LABEL maintainer="carlos.alvaro@citelan.es"
|
||||
LABEL description="SaltStack master"
|
||||
LABEL version="2018.3.2"
|
||||
|
||||
ENV SALT_DOCKER_DIR="/etc/salt-docker" \
|
||||
SALT_MASTER_DIR="/etc/salt/pki/master"
|
||||
|
||||
ENV SALT_BUILD_DIR="${SALT_DOCKER_DIR}/build" \
|
||||
SALT_KEYS_DIR="${SALT_DOCKER_DIR}/keys" \
|
||||
SALT_RUNTIME_DIR="${SALT_DOCKER_DIR}/runtime"
|
||||
|
||||
# Bootstrap script options:
|
||||
# https://docs.saltstack.com/en/latest/topics/tutorials/salt_bootstrap.html#command-line-options
|
||||
## -M: install Salt Master by default
|
||||
## -N: Do not install salt-minion
|
||||
## -X: Do not start daemons after installation
|
||||
## -U: Fully upgrade the system prior to bootstrapping Salt
|
||||
ENV SALT_BOOTSTRAP_OPTS='-M -N -X -U'
|
||||
|
||||
# Version of salt to install:
|
||||
# https://github.com/saltstack/salt/releases
|
||||
ENV SALT_GIT_RELEASE="v2018.3.2"
|
||||
ENV SALT_LOG_LEVEL="info"
|
||||
|
||||
# Set non interactive mode
|
||||
ENV DEBIAN_FRONTEND=noninteractive
|
||||
|
||||
# Install packages
|
||||
RUN apt-get update
|
||||
RUN apt-get install --yes --quiet --no-install-recommends \
|
||||
ca-certificates apt-transport-https curl git vim python3 locales virt-what
|
||||
|
||||
# Configure locales
|
||||
RUN update-locale LANG=C.UTF-8 LC_MESSAGES=POSIX \
|
||||
locale-gen en_US.UTF-8 \
|
||||
dpkg-reconfigure locales
|
||||
|
||||
EXPOSE 4505/tcp 4506/tcp
|
||||
RUN mkdir -p /srv ${SALT_KEYS_DIR}
|
||||
VOLUME [ "/srv", "${SALT_KEYS_DIR}" ]
|
||||
|
||||
RUN mkdir -p ${SALT_BUILD_DIR}
|
||||
WORKDIR ${SALT_BUILD_DIR}
|
||||
|
||||
RUN curl -o bootstrap-salt.sh -L https://bootstrap.saltstack.com
|
||||
RUN sh bootstrap-salt.sh ${SALT_BOOTSTRAP_OPTS} git ${SALT_GIT_RELEASE}
|
||||
|
||||
RUN apt-get clean --yes
|
||||
RUN rm -rf /var/lib/apt/lists/*
|
||||
|
||||
COPY assets/runtime ${SALT_RUNTIME_DIR}
|
||||
RUN chmod -R +x ${SALT_RUNTIME_DIR}
|
||||
|
||||
COPY entrypoint.sh /sbin/entrypoint.sh
|
||||
RUN chmod +x /sbin/entrypoint.sh
|
||||
WORKDIR ${SALT_DOCKER_DIR}
|
||||
|
||||
ENTRYPOINT [ "/sbin/entrypoint.sh" ]
|
||||
|
||||
105
README.md
Normal file
105
README.md
Normal file
@@ -0,0 +1,105 @@
|
||||
# SaltStack Master v2018.3.2
|
||||
|
||||
Dockerfile to build a [SaltStack](https://www.saltstack.com) Master image for the Docker opensource container platform.
|
||||
|
||||
SaltStack Master is set up in the Docker image using the install from git source method as documented in the the [official bootstrap](https://docs.saltstack.com/en/latest/topics/tutorials/salt_bootstrap.html) documentation.
|
||||
|
||||
For other methods to install SaltStack please refer to the [Official SaltStack Installation Guide](https://docs.saltstack.com/en/latest/topics/installation/index.html).
|
||||
|
||||
## Table of Contents
|
||||
|
||||
- [Installation](#installation)
|
||||
- [Quick Start](#quick-start)
|
||||
- [Configuration](#configuration)
|
||||
- [Custom Recipes](#custom-recipes)
|
||||
- [Minion Keys](#minion-keys)
|
||||
- [Usage](#usage)
|
||||
- [Shell Access](#shell-access)
|
||||
- [References](#references)
|
||||
|
||||
## Installation
|
||||
|
||||
At the moment there are not auomated images at [Dockerhub](https://hub.docker.com) (There will be as soon as possible...)
|
||||
|
||||
In the meantime, you can build the image locally.
|
||||
|
||||
```sh
|
||||
docker build -t cdalvaro/saltstack_master gitlab.com/cdalvaro/saltstack-master
|
||||
```
|
||||
|
||||
## Quick Start
|
||||
|
||||
The quickest way to get started is using [docker-compose](https://docs.docker.com/compose/).
|
||||
|
||||
```sh
|
||||
wget https://gitlab.com/cdalvaro/saltstack-master/raw/master/docker-compose.yml
|
||||
```
|
||||
|
||||
Start SaltStack master using:
|
||||
|
||||
```sh
|
||||
docker-compose up --detach
|
||||
```
|
||||
|
||||
Alternatively, you can manually launch the `saltstack-master` container:
|
||||
|
||||
```sh
|
||||
docker run --name salt_master --detach \
|
||||
--publish 4505:4505 --publish 4506:4506 \
|
||||
--env 'SALT_LOG_LEVEL=info' \
|
||||
--read-only --volume ./srv/:/srv/ \
|
||||
cdalvaro/saltstack_master:2018.3.2
|
||||
```
|
||||
|
||||
## Configuration
|
||||
|
||||
### Custom Recipes
|
||||
|
||||
This image does not require storing data out of the container.
|
||||
|
||||
But it is necessary to mount the `/srv/` volume ir order to provide your custom recipes.
|
||||
|
||||
### Minion Keys
|
||||
|
||||
Minion keys can be added automatically on startup to SaltStack master by mounting the volume `/etc/salt-docker/keys` and copying the minion keys inside `keys/minions/` directory:
|
||||
|
||||
```sh
|
||||
mkdir -p key/minions
|
||||
cp -v /etc/salt/pki/minion/minion.pub keys/minions/minion1
|
||||
|
||||
docker run --name salt_master -d \
|
||||
--publish 4505:4505 --publish 4506:4506 \
|
||||
--env 'SALT_LOG_LEVEL=info' \
|
||||
--read-only --volume ./srv/:/srv/ \
|
||||
--volume ./keys/:/etc/salt-docker/keys/ \
|
||||
cdalvaro/saltstack_master:2018.3.2
|
||||
```
|
||||
|
||||
## Usage
|
||||
|
||||
To test which salt minions are listening the following command can be executed from the master service:
|
||||
|
||||
```sh
|
||||
docker-compose exec master salt '*' test.ping
|
||||
```
|
||||
|
||||
Then, you can apply salt states to your minions:
|
||||
|
||||
```sh
|
||||
docker-compose exec master salt '*' state.apply
|
||||
```
|
||||
|
||||
## Shell Access
|
||||
|
||||
For debugging and maintenance purposes you may want access the container shell. If you are using docker version 1.3.0 or higher you can access a running container shell using docker exec command.
|
||||
|
||||
```sh
|
||||
docker exec -it salt_master bash
|
||||
```
|
||||
|
||||
## References
|
||||
|
||||
- https://docs.saltstack.com/en/latest/topics/installation/index.html
|
||||
- https://docs.saltstack.com/en/latest/topics/tutorials/salt_bootstrap.html
|
||||
- https://github.com/saltstack/salt/releases
|
||||
|
||||
20
assets/runtime/functions.sh
Executable file
20
assets/runtime/functions.sh
Executable file
@@ -0,0 +1,20 @@
|
||||
#!/usr/bin/env bash
|
||||
|
||||
# This function copies minion keys
|
||||
function copy_minion_keys()
|
||||
{
|
||||
echo "Copying minion keys..."
|
||||
|
||||
if [ -d "${SALT_KEYS_DIR}/master" ] && [ ! -z "$(ls -A ${SALT_KEYS_DIR}/master)" ]; then
|
||||
mkdir -v -p -m 0700 ${SALT_MASTER_DIR}
|
||||
cp -v ${SALT_KEYS_DIR}/master/master.{pem,pub} ${SALT_MASTER_DIR}
|
||||
chown -v root:root ${SALT_MASTER_DIR}/master.{pem,pub}
|
||||
fi
|
||||
|
||||
if [ -d "${SALT_KEYS_DIR}/minions" ] && [ ! -z "$(ls -A ${SALT_KEYS_DIR}/minions)" ]; then
|
||||
mkdir -v -p -m 0700 ${SALT_MASTER_DIR}/minions
|
||||
cp -v ${SALT_KEYS_DIR}/minions/* ${SALT_MASTER_DIR}/minions
|
||||
chown -v root:root ${SALT_MASTER_DIR}/minions/*
|
||||
fi
|
||||
}
|
||||
|
||||
16
docker-compose.yml
Normal file
16
docker-compose.yml
Normal file
@@ -0,0 +1,16 @@
|
||||
version: '3'
|
||||
|
||||
services:
|
||||
master:
|
||||
container_name: salt_master
|
||||
image: cdalvaro/saltstack-master:2018.3.2
|
||||
build:
|
||||
context: ./
|
||||
volumes:
|
||||
- "./srv/:/srv/:ro"
|
||||
ports:
|
||||
- "4505:4505/tcp"
|
||||
- "4506:4506/tcp"
|
||||
environment:
|
||||
- SALT_LOG_LEVEL=info
|
||||
|
||||
11
entrypoint.sh
Executable file
11
entrypoint.sh
Executable file
@@ -0,0 +1,11 @@
|
||||
#!/usr/bin/env bash
|
||||
|
||||
set -e
|
||||
|
||||
source "${SALT_RUNTIME_DIR}/functions.sh"
|
||||
|
||||
# Copy minion keys
|
||||
copy_minion_keys
|
||||
|
||||
exec salt-master --log-level=${SALT_LOG_LEVEL:-warning}
|
||||
|
||||
Reference in New Issue
Block a user