Book Image

Learning SaltStack

By : Colton Myers
Book Image

Learning SaltStack

By: Colton Myers

Overview of this book

Related Content you might be interested in

Current Title:

Small book image
Learning SaltStack
Colton Myers
Jan, 2015 | 174 pages
No titles found
Table of Contents (15 chapters)
Learning SaltStack
Learning SaltStack
Credits
Credits
About the Author
About the Author
About the Reviewers
About the Reviewers
www.PacktPub.com
www.PacktPub.com
Preface
Preface
Free Chapter
1
Diving In – Our First Salt Commands
Diving In – Our First Salt Commands
Introducing Salt
Installing Salt
Configuring Salt
A game of ping pong
Masterless Salt
Summary
2
Controlling Your Minions with Remote Execution
Controlling Your Minions with Remote Execution
The structure of a remote execution command
Summary
3
Execution Modules – Write Your Own Solution
Execution Modules – Write Your Own Solution
Exploring the source
An advanced example
Summary
4
Defining the State of Your Infrastructure
Defining the State of Your Infrastructure
Our first state
The pieces of a state declaration
Expanding to encompass multiple pieces of state
Dependencies using requisites
Summary
5
Expanding Our States with Jinja2 and Pillar
Expanding Our States with Jinja2 and Pillar
Adding a new minion
Jinja2
Defining secure minion-specific data in pillar
Summary
6
The Highstate and Environments
The Highstate and Environments
The highstate
Storing our states in Git with GitFS
Summary
7
Using Salt Cloud to Manage Virtual Minions
Using Salt Cloud to Manage Virtual Minions
Setting up Salt Cloud
Managing groups of VMs with map files
Summary
8
The Reactor and the Event System
The Reactor and the Event System
The Salt event system
Reacting to events
Summary
Index
Index

Defining secure minion-specific data in pillar

So far, we've only been defining the state of our infrastructure using state files. However there is no mechanism in the state files for per-minion access control. Any file or data that you put in /srv/salt is immediately available for approved minions.

Thus, we need a system to give minions sensitive data. That system in Salt is called pillar.

Much like grains, which we have talked about before, pillar is just a key-value store in Salt. However, each minion gets its own set of pillar data, encrypted on a per-minion basis, which makes it suitable for sensitive data.

Our pillar files are stored in a separate directory from our state files. By default, this directory is /srv/pillar. Let's create this directory:

# sudo mkdir /srv/pillar
# cd /srv/pillar

Let's define some pillar data. Inside of /srv/pillar, we're going to create a couple of files. The first file is going to be /srv/pillar/core.sls. Note that pillar files also have the .sls file extension...

Previous Section
End of Section 4
Next Section