cloud.providers.d can now be redirected.
This obsoletes the salt☁️folders and salt☁️providers pillar entries. Provider keys have been moved to /etc/salt/pki/cloud.
This commit is contained in:
parent
7e074dc379
commit
f3ed6e1828
|
@ -78,19 +78,16 @@ salt:
|
||||||
# salt cloud config
|
# salt cloud config
|
||||||
cloud:
|
cloud:
|
||||||
master: salt
|
master: salt
|
||||||
folders:
|
|
||||||
- cloud.providers.d/key
|
|
||||||
- cloud.profiles.d
|
|
||||||
- cloud.maps.d
|
|
||||||
|
|
||||||
# You can take profile and map templates from an alternate location
|
# You can take profile and map templates from an alternate location
|
||||||
# if desired.
|
# if you want to write your own.
|
||||||
profiles_src: salt://templates/cloud.profiles.d
|
template_sources:
|
||||||
maps_src: salt://templates/cloud.maps.d
|
providers: salt://templates/cloud.providers.d
|
||||||
|
profiles: salt://templates/cloud.profiles.d
|
||||||
|
maps: salt://templates/cloud.maps.d
|
||||||
|
|
||||||
providers:
|
# These settings are used by the default provider templates and
|
||||||
- ec2
|
# only need to be set for the ones you're using.
|
||||||
- gce
|
|
||||||
aws_key: AWSKEYIJSHJAIJS6JSH
|
aws_key: AWSKEYIJSHJAIJS6JSH
|
||||||
aws_secret: AWSSECRETYkkDY1iQf9zRtl9+pW+Nm+aZY95
|
aws_secret: AWSSECRETYkkDY1iQf9zRtl9+pW+Nm+aZY95
|
||||||
gce_project: test
|
gce_project: test
|
||||||
|
|
|
@ -32,47 +32,33 @@ salt-cloud:
|
||||||
{% endif %}
|
{% endif %}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
|
||||||
{% for folder in salt_settings.cloud.folders %}
|
|
||||||
{{ folder }}:
|
|
||||||
file.directory:
|
|
||||||
- name: /etc/salt/{{ folder }}
|
|
||||||
- user: root
|
|
||||||
- group: root
|
|
||||||
- file_mode: 744
|
|
||||||
- dir_mode: 755
|
|
||||||
- makedirs: True
|
|
||||||
{% endfor %}
|
|
||||||
|
|
||||||
{% for cert in pillar.get('salt_cloud_certs', {}) %}
|
{% for cert in pillar.get('salt_cloud_certs', {}) %}
|
||||||
{% for type in ['pem'] %}
|
{% for type in ['pem'] %}
|
||||||
cloud-cert-{{ cert }}-pem:
|
cloud-cert-{{ cert }}-pem:
|
||||||
file.managed:
|
file.managed:
|
||||||
- name: /etc/salt/cloud.providers.d/key/{{ cert }}.pem
|
- name: /etc/salt/pki/cloud/{{ cert }}.pem
|
||||||
- source: salt://salt/files/key
|
- source: salt://salt/files/key
|
||||||
- template: jinja
|
- template: jinja
|
||||||
- user: root
|
- user: root
|
||||||
- group: root
|
- group: root
|
||||||
- mode: 600
|
- mode: 600
|
||||||
|
- makedirs: True
|
||||||
- defaults:
|
- defaults:
|
||||||
key: {{ cert }}
|
key: {{ cert }}
|
||||||
type: {{ type }}
|
type: {{ type }}
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
|
|
||||||
{% for providers in salt_settings.cloud.providers %}
|
{%- for dir in ['providers', 'profiles', 'maps'] %}
|
||||||
salt-cloud-providers-{{ providers }}:
|
{%- set source = salt_settings.cloud.template_sources.get(dir) %}
|
||||||
file.managed:
|
|
||||||
- name: /etc/salt/cloud.providers.d/{{ providers }}.conf
|
|
||||||
- template: jinja
|
|
||||||
- source: salt://salt/files/cloud.providers.d/{{ providers }}.conf
|
|
||||||
{% endfor %}
|
|
||||||
|
|
||||||
{%- for dir in ['profiles', 'maps'] %}
|
|
||||||
{%- set default_src = 'salt://salt/files/cloud.{}.d'.format(dir) %}
|
|
||||||
{%- set source = salt_settings.cloud.get(dir + "_src", default_src) %}
|
|
||||||
salt-cloud-{{ dir }}:
|
salt-cloud-{{ dir }}:
|
||||||
file.recurse:
|
file.recurse:
|
||||||
- name: /etc/salt/cloud.{{ dir }}.d
|
- name: /etc/salt/cloud.{{ dir }}.d
|
||||||
- source: {{ source }}
|
- source: {{ source }}
|
||||||
- template: jinja
|
- template: jinja
|
||||||
|
- user: root
|
||||||
|
- group: root
|
||||||
|
- dir_mode: 755
|
||||||
|
- file_mode: 644
|
||||||
|
- makedirs: True
|
||||||
{%- endfor %}
|
{%- endfor %}
|
||||||
|
|
|
@ -23,3 +23,9 @@ salt:
|
||||||
install_from_source: True
|
install_from_source: True
|
||||||
gitpython:
|
gitpython:
|
||||||
install_from_source: False
|
install_from_source: False
|
||||||
|
|
||||||
|
cloud:
|
||||||
|
template_sources:
|
||||||
|
providers: salt://salt/files/cloud.providers.d
|
||||||
|
profiles: salt://salt/files/cloud.profiles.d
|
||||||
|
maps: salt://salt/files/cloud.maps.d
|
||||||
|
|
|
@ -8,7 +8,7 @@ ec2_ubuntu_public:
|
||||||
ssh_interface: public_ips
|
ssh_interface: public_ips
|
||||||
id: {{ cloud.get('aws_key', 'DEFAULT') }}
|
id: {{ cloud.get('aws_key', 'DEFAULT') }}
|
||||||
key: '{{ cloud.get('aws_secret', 'DEFAULT') }}'
|
key: '{{ cloud.get('aws_secret', 'DEFAULT') }}'
|
||||||
private_key: /etc/salt/cloud.providers.d/key/key.pem
|
private_key: /etc/salt/pki/cloud/ec2.pem
|
||||||
keyname: keyname
|
keyname: keyname
|
||||||
location: eu-west-1
|
location: eu-west-1
|
||||||
availability_zone: eu-west-1a
|
availability_zone: eu-west-1a
|
||||||
|
|
|
@ -3,7 +3,7 @@
|
||||||
gce:
|
gce:
|
||||||
project: "{{ cloud.get('gce_project', 'DEFAULT') }}"
|
project: "{{ cloud.get('gce_project', 'DEFAULT') }}"
|
||||||
service_account_email_address: "{{ cloud.get('gce_service_account_email_address', 'DEFAULT') }}"
|
service_account_email_address: "{{ cloud.get('gce_service_account_email_address', 'DEFAULT') }}"
|
||||||
service_account_private_key: "/etc/salt/cloud.providers.d/key.pem"
|
service_account_private_key: "/etc/salt/pki/cloud/gce.pem"
|
||||||
minion:
|
minion:
|
||||||
master: {{ cloud.get('master', 'salt') }}
|
master: {{ cloud.get('master', 'salt') }}
|
||||||
grains:
|
grains:
|
||||||
|
|
Loading…
Reference in New Issue