Home SaltStack-Formulas Project Introduction
Bootstrap Salt-Formulas infrastructure¶
This document’s describes scripted way to configure Salt Master node.
To setup the environment according to Quickstart Configure specification.
TL;DR¶
We uses and script that provide functions to install and configure required primitives and dependencies.
Script with function library is to:
- install and configure salt master and minions
- install and configure reclass
- bootstrap salt master with salt-formulas common prerequisites in mind
- validate reclass the model / pillar for all nodes
Note
This script is expected to convert to salt formula in a longterm perspective.
Expected usage in shortcut is:
git clone https://github.com/salt-formulas/salt-formulas-scripts /srv/salt/scripts
source /srv/salt/scripts/bootstrap.sh
Use one of the functions or follow the “setup()” which is executed by default:
* source_local_envs()
* install_reclass()
* clone_reclass()
* configure_pkg_repo()
* configure_salt_master()
* configure_salt_minion()
* install_salt_formula_git()
* install_salt_formula_pkg()
* install_salt_master_pip()
* install_salt_master_pkg()
* install_salt_minion_pip()
* install_salt_minion_pkg()
* verify_salt_master()
* verify_salt_minion()
* verify_salt_minions()
Quick bootstrap¶
Bootstrap salt-master¶
(expects salt-formulas reclass model repo)
git clone https://github.com/salt-formulas/salt-formulas-scripts /srv/salt/scripts
git clone <model-repository> /srv/salt/reclass
cd /srv/salt/reclass
git submodule update --init --recursive
cd /srv/salt/scripts
CLUSTER_NAME=regionOne HOSTNAME=cfg01 DOMAIN=infra.ci.local ./bootstrap.sh
# OR just
HOSTNAME=cfg01 DOMAIN=infra.ci.local ./bootstrap.sh
Note
Creates $PWD/.salt-master-setup.sh.passed if succesfully passed the “setup script” with the aim to avoid subsequent setup.
Bootstrap salt-minion¶
This is mostly just to makeweight as configure minion as a super simple task that can be achieved by other means as well.
export HTTPS_PROXY="http://proxy.your.corp:8080"; export HTTP_PROXY=$HTTPS_PROXY
export MASTER_HOSTNAME=cfg01.infra.ci.local || export MASTER_IP=10.0.0.10
export MINION_ID=$(hostname -f) || export HOSTNAME=prx01 DOMAIN=infra.ci.local
source <(curl -qL https://raw.githubusercontent.com/salt-formulas/salt-formulas-scripts/master/bootstrap.sh)
install_salt_minion_pkg
Advanced usage¶
The script is fully driven by environment variables. That’s Pros and known Cons of course.
Additional bootstrap ENV variables¶
(for full list of options see the bootstrap.sh source)
# reclass
export RECLASS_ADDRESS=<repo url> ## if not already cloned in /srv/salt/reclass >
# formula
export FORMULAS_BRANCH=master
export FORMULAS_SOURCE=git
# system / host / salt master minion id
export HOSTNAME=cfg01
export DOMAIN=infra.ci.local
# Following variables are calculated from the above if not provided
#export MINION_ID
#export MASTER_HOSTNAME
#export MASTER_IP
# salt
export BOOTSTRAP_SALTSTACK_OPTS=" -dX stable 2016.3"
export EXTRA_FORMULAS="prometeus"
SALT_SOURCE=${SALT_SOURCE:-pkg}
SALT_VERSION=${SALT_VERSION:-latest}
# bootstrap control
export SALT_MASTER_BOOTSTRAP_MINIMIZED=False
export CLUSTER_NAME=<%= cluster %>
# workarounds (forked reclass)
export RECLASS_IGNORE_CLASS_NOTFOUND=False
export EXTRA_FORMULAS="prometheus telegraph"
Bootstrap Salt Master in a container for model validation purposes¶
We use this to check the model during CI. The example count’s with using forked version of Reclass <https://github.com/salt-formulas/reclass> with additional features, like ability to ignore missing classes during the bootstrap.
To spin a container we uses a kitchen-test framework. The setup required you may find in the Testing formulas section <../develop/testing-formulas.html#requirements
Assume you have a repository with your reclass model. Add to this repository following files. Both files can be found at salt-formulas/deploy/model <https://github.com/salt-formulas/salt-formulas/tree/master/deploy/model> repo.
.kitchen.yml
:
---
driver:
name: docker
use_sudo: false
volume:
- <%= ENV['PWD'] %>:/tmp/kitchen
provisioner:
name: shell
script: verify.sh
platforms:
<% `find classes/cluster -maxdepth 1 -mindepth 1 -type d | tr '_' '-' |sort -u`.split().each do |cluster| %>
<% cluster=cluster.split('/')[2] %>
- name: <%= cluster %>
driver_config:
# image: ubuntu:16.04
image: tcpcloud/salt-models-testing # With preinstalled dependencies (faster)
platform: ubuntu
hostname: cfg01.<%= cluster %>.local
provision_command:
- apt-get update
- apt-get install -y git curl python-pip
- git clone https://github.com/salt-formulas/salt-formulas-scripts /srv/salt/scripts
- cd /srv/salt/scripts; git pull -r; cd -
# NOTE: Configure ENV options as needed, example:
- echo "
export BOOTSTRAP=1;\n
export CLUSTER_NAME=<%= cluster %>;\n
export FORMULAS_SOURCE=pkg;\n
export RECLASS_VERSION=dev;\n
export RECLASS_IGNORE_CLASS_NOTFOUND=True;\n
export EXTRA_FORMULAS="";\n
" > /kitchen.env
#export RECLASS_SOURCE_PATH=/usr/lib/python2.7/site-packages/reclass;\n
#export PYTHONPATH=$RECLASS_SOURCE_PATH:$PYTHONPATH;\n
<% end %>
suites:
- name: cluster
verify.sh
:
#!/bin/bash
# ENV variables for MASTER_HOSTNAME composition
# export HOSTNAME=${`hostname -s`}
# export DOMAIN=${`hostname -d`}
cd /srv/salt/scripts; git pull -r || true; source bootstrap.sh || exit 1
# BOOTSTRAP
if [[ $BOOTSTRAP =~ ^(True|true|1|yes)$ ]]; then
# workarounds for kitchen
test ! -e /tmp/kitchen || (mkdir -p /srv/salt/reclass; rsync -avh /tmp/kitchen/ /srv/salt/reclass)
cd /srv/salt/reclass
# clone latest system-level if missing
if [[ -e .gitmodules ]] && [[ ! -e classes/system/linux ]]; then
git submodule update --init --recursive --remote || true
fi
source_local_envs
/srv/salt/scripts/bootstrap.sh
if [[ -e /tmp/kitchen ]]; then sed -i '/export BOOTSTRAP=/d' /kitchen.env; fi
fi
# VERIFY
export RECLASS_IGNORE_CLASS_NOTFOUND=False
cd /srv/salt/reclass &&\
if [[ -z "$1" ]] ; then
verify_salt_master &&\
verify_salt_minions
else
verify_salt_minion "$1"
fi
Then with kitchen list
command list the models in repository to test and finally converge and salt master instance where
you will trigger the validation.
$ kitchen list
Instance Driver Provisioner Verifier Transport Last Action Last Error
-------------------------------------------------------------------------------------------------------------
cluster-aaa-ha-freeipa Docker Shell Busser Ssh Created
cluster-ceph-ha Docker Shell Busser Ssh <Not Created> <None>
cluster-k8s-aio-calico Docker Shell Busser Ssh <Not Created> <None>
cluster-k8s-ha-calico Docker Shell Busser Ssh <Not Created> <None>
cluster-ost-aio-contrail Docker Shell Busser Ssh <Not Created> <None>
cluster-ost-aio-ovs Docker Shell Busser Ssh <Not Created> <None>
cluster-ost-ha-contrail Docker Shell Busser Ssh <Not Created> <None>
cluster-ost-ha-ovs Docker Shell Busser Ssh <Not Created> <None>
cluster-ost-ha-ovs-syndic Docker Shell Busser Ssh <Not Created> <None>
cluster-ost-virt-liberty-dvr Docker Shell Busser Ssh <Not Created> <None>
cluster-ost-virt-liberty-ovs Docker Shell Busser Ssh <Not Created> <None>
cluster-ost-virt-mitaka-contrail Docker Shell Busser Ssh <Not Created> <None>
cluster-ost-virt-mitaka-dvr Docker Shell Busser Ssh <Not Created> <None>
cluster-ost-virt-mitaka-ovs Docker Shell Busser Ssh <Not Created> <None>
cluster-ost-virt-ocata-aio Docker Shell Busser Ssh <Not Created> <None>
cluster-ost-virt-ocata-contrail Docker Shell Busser Ssh Created
cluster-ost-virt-ocata-contrail-nfv Docker Shell Busser Ssh <Not Created> <None>
cluster-ost-virt-ocata-dvr Docker Shell Busser Ssh <Not Created> <None>
cluster-ost-virt-ocata-k8s-calico Docker Shell Busser Ssh <Not Created> <None>
cluster-ost-virt-ocata-k8s-calico-dyn Docker Shell Busser Ssh <Not Created> <None>
cluster-ost-virt-ocata-k8s-calico-min Docker Shell Busser Ssh <Not Created> <None>
cluster-ost-virt-ocata-k8s-contrail Docker Shell Busser Ssh <Not Created> <None>
cluster-ost-virt-ocata-ovs Docker Shell Busser Ssh <Not Created> <None>
cluster-ost-virt-ocata-ovs-dpdk Docker Shell Busser Ssh <Not Created> <None>
cluster-ost-virt-ocata-ovs-ironic Docker Shell Busser Ssh <Not Created> <None>
To converge an instance:
$ kitchen converge cluster-ost-virt-ocata-contrail
To verify the model (reclass model)¶
You may use a custom module build for this purpose in reclass formula https://github.com/salt-formulas/salt-formula-reclass.
$SUDO salt-call ${SALT_OPTS} --id=${MASTER_HOSTNAME} reclass.validate_yaml
$SUDO salt-call ${SALT_OPTS} --id=${MASTER_HOSTNAME} reclass.validate_pillar
$SUDO salt-call ${SALT_OPTS} --id=${MASTER_HOSTNAME} grains.item roles
$SUDO salt-call ${SALT_OPTS} --id=${MASTER_HOSTNAME} state.show_lowstate
$SUDO salt-call --no-color grains.items
$SUDO salt-call --no-color pillar.data
$SUDO reclass --nodeinfo ${HOSTNAME}