# Author: Jeff Bauer # # This file is part of cloud-init. See LICENSE file for license information. """ Salt Minion ----------- **Summary:** set up and run salt minion This module installs, configures and starts salt minion. If the ``salt_minion`` key is present in the config parts, then salt minion will be installed and started. Configuration for salt minion can be specified in the ``conf`` key under ``salt_minion``. Any conf values present there will be assigned in ``/etc/salt/minion``. The public and private keys to use for salt minion can be specified with ``public_key`` and ``private_key`` respectively. Optionally if you have a custom package name, service name or config directory you can specify them with ``pkg_name``, ``service_name`` and ``config_dir``. **Internal name:** ``cc_salt_minion`` **Module frequency:** per instance **Supported distros:** all **Config keys**:: salt_minion: pkg_name: 'salt-minion' service_name: 'salt-minion' config_dir: '/etc/salt' conf: master: salt.example.com grains: role: - web public_key: | ------BEGIN PUBLIC KEY------- ------END PUBLIC KEY------- private_key: | ------BEGIN PRIVATE KEY------ ------END PRIVATE KEY------- """ import os from cloudinit import safeyaml, subp, util from cloudinit.distros import rhel_util # Note: see https://docs.saltstack.com/en/latest/topics/installation/ # Note: see https://docs.saltstack.com/en/latest/ref/configuration/ class SaltConstants(object): """ defines default distribution specific salt variables """ def __init__(self, cfg): # constants tailored for FreeBSD if util.is_FreeBSD(): self.pkg_name = 'py36-salt' self.srv_name = 'salt_minion' self.conf_dir = '/usr/local/etc/salt' # constants for any other OS else: self.pkg_name = 'salt-minion' self.srv_name = 'salt-minion' self.conf_dir = '/etc/salt' # if there are constants given in cloud config use those self.pkg_name = util.get_cfg_option_str(cfg, 'pkg_name', self.pkg_name) self.conf_dir = util.get_cfg_option_str(cfg, 'config_dir', self.conf_dir) self.srv_name = util.get_cfg_option_str(cfg, 'service_name', self.srv_name) def handle(name, cfg, cloud, log, _args): # If there isn't a salt key in the configuration don't do anything if 'salt_minion' not in cfg: log.debug(("Skipping module named %s," " no 'salt_minion' key in configuration"), name) return s_cfg = cfg['salt_minion'] const = SaltConstants(cfg=s_cfg) # Start by installing the salt package ... cloud.distro.install_packages(const.pkg_name) # Ensure we can configure files at the right dir util.ensure_dir(const.conf_dir) # ... and then update the salt configuration if 'conf' in s_cfg: # Add all sections from the conf object to minion config file minion_config = os.path.join(const.conf_dir, 'minion') minion_data = safeyaml.dumps(s_cfg.get('conf')) util.write_file(minion_config, minion_data) if 'grains' in s_cfg: # add grains to /etc/salt/grains grains_config = os.path.join(const.conf_dir, 'grains') grains_data = safeyaml.dumps(s_cfg.get('grains')) util.write_file(grains_config, grains_data) # ... copy the key pair if specified if 'public_key' in s_cfg and 'private_key' in s_cfg: pki_dir_default = os.path.join(const.conf_dir, "pki/minion") if not os.path.isdir(pki_dir_default): pki_dir_default = os.path.join(const.conf_dir, "pki") pki_dir = s_cfg.get('pki_dir', pki_dir_default) with util.umask(0o77): util.ensure_dir(pki_dir) pub_name = os.path.join(pki_dir, 'minion.pub') pem_name = os.path.join(pki_dir, 'minion.pem') util.write_file(pub_name, s_cfg['public_key']) util.write_file(pem_name, s_cfg['private_key']) # we need to have the salt minion service enabled in rc in order to be # able to start the service. this does only apply on FreeBSD servers. if cloud.distro.osfamily == 'freebsd': rhel_util.update_sysconfig_file( '/etc/rc.conf', {'salt_minion_enable': 'YES'}) # restart salt-minion. 'service' will start even if not started. if it # was started, it needs to be restarted for config change. subp.subp(['service', const.srv_name, 'restart'], capture=False) # vi: ts=4 expandtab