parent
c2875816e7
commit
81fe91a3b9
@ -0,0 +1,342 @@
|
||||
---
|
||||
date: 2016-07-12T13:00:00+01:00
|
||||
title: Having fun with Saltstack and ext_pillar mongo
|
||||
author: pcdummy
|
||||
tags:
|
||||
- HOWTO
|
||||
- saltstack
|
||||
---
|
||||
Today i have written another [Patch](https://github.com/saltstack/salt/pull/34566) for [salt.pillar.mongo](https://docs.saltstack.com/en/latest/ref/pillar/all/salt.pillar.mongo.html),
|
||||
this patch allows us to include pillar entries from previous files/includes in the current one.
|
||||
|
||||
This is usefull when you want to calculate for example network data with/or without defaults.
|
||||
|
||||
<!--more-->
|
||||
|
||||
### Code
|
||||
|
||||
This is my **defaults** file which i have stored in **pillar/pcdummy/roles/base/common_pcdummy**:
|
||||
|
||||
```yaml
|
||||
include
|
||||
:l - users.pcdummy
|
||||
- roles.base.common
|
||||
- roles.base.mongodb_client
|
||||
|
||||
_data:
|
||||
domain: pcdummy.lan
|
||||
aptcacher:
|
||||
address: "http://aptcacher.pcdummy.lan:3142"
|
||||
mail:
|
||||
relayserver: "mx0.lxch.lan"
|
||||
rootalias: "rene@jochums.at"
|
||||
|
||||
check_mk:
|
||||
ipv6: True
|
||||
only_from: '::1 fd57:1:see:bad:c0de::14'
|
||||
|
||||
network:
|
||||
managed: False
|
||||
pubinterface: eth0 # Take hosts entries from this interface.
|
||||
intinterface: eth0
|
||||
|
||||
interfaces:
|
||||
eth0:
|
||||
enabled: True
|
||||
configure: True
|
||||
type: eth
|
||||
noifupdown: True
|
||||
ipv4netmask: 255.255.255.0
|
||||
ipv4gateway: 10.167.160.1
|
||||
ipv6netmask: 64
|
||||
ipv6gateway: 'fe80::1'
|
||||
|
||||
resolver:
|
||||
nameservers:
|
||||
- fd57:1:see:bad:c0de::18
|
||||
search:
|
||||
- pcdummy.lan
|
||||
```
|
||||
|
||||
This is the **host definition** for the host `srv01.pcdummy.lan` which is stored in the mongodb and
|
||||
which will be retrieved over ext_pillar mongo.
|
||||
|
||||
```json
|
||||
{
|
||||
"_id" : "srv01.pcdummy.lan",
|
||||
"include" : [
|
||||
{
|
||||
"file" : "roles.base.common_pcdummy",
|
||||
"saltenv" : "pcdummy"
|
||||
},
|
||||
{
|
||||
"file" : "global.generator",
|
||||
"saltenv" : "pcdummy"
|
||||
},
|
||||
{
|
||||
"file" : "roles.base.server",
|
||||
"saltenv" : "pcdummy"
|
||||
},
|
||||
{
|
||||
"file" : "roles.base.postfix-relayclient",
|
||||
"saltenv" : "pcdummy"
|
||||
}
|
||||
],
|
||||
"_data" : {
|
||||
"network" : {
|
||||
"managed" : true,
|
||||
"pubinterface" : "lanbr0",
|
||||
"intinterface" : "lanbr0",
|
||||
"interfaces" : {
|
||||
"eth0" : {
|
||||
"configure" : false,
|
||||
"bridge" : "lanbr0"
|
||||
},
|
||||
"lanbr0" : {
|
||||
"enabled" : true,
|
||||
"configure" : true,
|
||||
"type" : "bridge",
|
||||
"ipv4address" : "10.167.160.14",
|
||||
"ipv4netmask" : "255.255.255.0",
|
||||
"ipv4gateway" : "10.167.160.1",
|
||||
"ipv6address" : "fd57:1:see:bad:c0de::14",
|
||||
"pubipv6address" : "2001:1:see:bad:c0de::14",
|
||||
"ipv6addresses" : [
|
||||
"2001:1:see:bad:c0de::14/64"
|
||||
],
|
||||
"ipv6netmask" : "64",
|
||||
"ipv6gateway" : "fe80::1",
|
||||
"ports" : "eth0",
|
||||
"stp" : "off",
|
||||
"delay" : "0",
|
||||
"maxwait" : 0,
|
||||
"fd" : 0
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
```
|
||||
|
||||
And this is the generator stored in **pillar/pcdummy/global/generator.sls** which generates
|
||||
pillar data from the above merged data.
|
||||
|
||||
```yaml
|
||||
#!jinja|yaml
|
||||
# vi: set ft=yaml.jinja :
|
||||
|
||||
{% set data = pillar.get('_data', {'network': {'managed': False}}) %}
|
||||
|
||||
{% if data.get('network', False) and data.network.get('managed', False) %}
|
||||
network:
|
||||
{%- if salt['grains.get']('os_family') == 'Debian' %}
|
||||
pkgs:
|
||||
purged:
|
||||
- resolvconf
|
||||
{% endif -%}
|
||||
|
||||
interfaces:
|
||||
{% for name, interface in data.network.interfaces.items() %}
|
||||
{% if 'configure' in interface and interface.configure %}
|
||||
- name: {{ name }}
|
||||
enabled: {{ interface.get('enabled', False) }}
|
||||
proto: static
|
||||
type: {{ interface.type }}
|
||||
{% if 'noifupdown' in interface %}
|
||||
noifupdown: {{ interface.noifupdown }}
|
||||
{% endif %}
|
||||
{% if 'ipv4address' in interface %}
|
||||
ipaddr: {{ interface.ipv4address }}
|
||||
netmask: {{ interface.ipv4netmask }}
|
||||
{% endif %}
|
||||
{% if 'ipv4gateway' in interface %}
|
||||
gateway: '{{ interface.ipv4gateway }}'
|
||||
{% endif %}
|
||||
{% if 'pointopoint' in interface %}
|
||||
pointopoint: '{{ interface.pointopoint }}'
|
||||
{% endif %}
|
||||
{% if 'ipv6address' in interface %}
|
||||
enable_ipv6: True
|
||||
ipv6proto: static
|
||||
ipv6ipaddr: '{{ interface.ipv6address }}'
|
||||
ipv6netmask: {{ interface.ipv6netmask }}
|
||||
{% if 'ipv6gateway' in interface %}
|
||||
ipv6gateway: '{{ interface.ipv6gateway }}'
|
||||
{% endif %}
|
||||
{% endif %}
|
||||
{% if 'bridge' in interface %}
|
||||
bridge: {{ interface.bridge }}
|
||||
{% endif %}
|
||||
{% if 'delay' in interface %}
|
||||
delay: {{ interface.delay }}
|
||||
{% endif %}
|
||||
{% if 'ports' in interface %}
|
||||
ports: {{ interface.ports }}
|
||||
{% endif %}
|
||||
{% if 'stp' in interface %}
|
||||
stp: {{ interface.stp }}
|
||||
{% endif %}
|
||||
{% if 'maxwait' in interface %}
|
||||
maxwait: {{ interface.maxwait }}
|
||||
{% endif %}
|
||||
{% if 'fd' in interface %}
|
||||
fd: {{ interface.maxwait }}
|
||||
{% endif %}
|
||||
|
||||
{% if 'pre_up_cmds' in interface %}
|
||||
pre_up_cmds:
|
||||
{%- for cmd in interface.pre_up_cmds %}
|
||||
- {{ cmd }}
|
||||
{% endfor %}
|
||||
{% endif %}
|
||||
|
||||
{% if 'ipv4routes' in interface or
|
||||
'ipv6routes' in interface or
|
||||
'ipv6addresses' in interface or
|
||||
'up_cmds' in interface %}
|
||||
up_cmds:
|
||||
{%- if 'ipv4routes' in interface %}
|
||||
{%- for route in interface.ipv4routes %}
|
||||
- /sbin/ip -4 route add {{ route }} dev $IFACE
|
||||
{% endfor %}
|
||||
{% endif %}
|
||||
{%- if 'ipv6routes' in interface %}
|
||||
{%- for route in interface.ipv6routes %}
|
||||
- /sbin/ip -6 route add {{ route }} dev $IFACE
|
||||
{% endfor %}
|
||||
{% endif %}
|
||||
{%- if 'ipv6addresses' in interface %}
|
||||
{%- for address in interface.ipv6addresses %}
|
||||
- /sbin/ip -6 addr add {{ address }} dev $IFACE
|
||||
{% endfor %}
|
||||
{% endif %}
|
||||
{%- if 'up_cmds' in data.network %}
|
||||
{%- for cmd in data.network.up_cmds %}
|
||||
- {{ cmd }}
|
||||
{% endfor %}
|
||||
{% endif %}
|
||||
{% endif %}
|
||||
{% endif %}
|
||||
{% endfor %}
|
||||
|
||||
resolver:
|
||||
domain: {{ data.domain }}
|
||||
search:
|
||||
{%- for search in data.network.resolver.search %}
|
||||
- {{ search }}
|
||||
{% endfor %}
|
||||
nameservers:
|
||||
{%- for nameserver in data.network.resolver.nameservers %}
|
||||
- {{ nameserver }}
|
||||
{% endfor %}
|
||||
|
||||
{% else %}
|
||||
network:
|
||||
{% endif %}
|
||||
|
||||
hostsfile:
|
||||
fqdn: {{ salt['grains.get']('fqdn') }}
|
||||
hostname: {{ salt['grains.get']('host') }}
|
||||
|
||||
|
||||
{% if 'check_mk' in data %}
|
||||
check_mk:
|
||||
agent:
|
||||
ipv6: {{ data.check_mk.ipv6 }}
|
||||
only_from: {{ data.check_mk.only_from }}
|
||||
{% endif %}
|
||||
|
||||
{% if data.get('aptcacher', False) and data.aptcacher.get('address', False) %}
|
||||
apt:
|
||||
configs:
|
||||
01proxy:
|
||||
content: |
|
||||
# This file managed by Salt, do not edit by hand!
|
||||
Acquire::http::Proxy "{{ data.aptcacher.address }}";
|
||||
Acquire::https { Proxy "false"; };
|
||||
{% endif %}
|
||||
```
|
||||
|
||||
This uses the following states:
|
||||
|
||||
- [apt](https://github.com/pcdummy/saltstack-apt-formula)
|
||||
- [network](https://github.com/pcdummy/saltstack-network-formula)
|
||||
- check_mk - not available to public yet.
|
||||
|
||||
|
||||
### The result
|
||||
|
||||
```yaml
|
||||
network:
|
||||
----------
|
||||
hostsfile:
|
||||
----------
|
||||
fqdn:
|
||||
srv01.pcdummy.lan
|
||||
hostname:
|
||||
srv01
|
||||
interfaces:
|
||||
|_
|
||||
----------
|
||||
delay:
|
||||
0
|
||||
enable_ipv6:
|
||||
True
|
||||
enabled:
|
||||
True
|
||||
fd:
|
||||
0
|
||||
gateway:
|
||||
10.167.160.1
|
||||
ipaddr:
|
||||
10.167.160.14
|
||||
ipv6gateway:
|
||||
fe80::1
|
||||
ipv6ipaddr:
|
||||
fd57:1:see:bad:c0de::14
|
||||
ipv6netmask:
|
||||
64
|
||||
ipv6proto:
|
||||
static
|
||||
maxwait:
|
||||
0
|
||||
name:
|
||||
lanbr0
|
||||
netmask:
|
||||
255.255.255.0
|
||||
ports:
|
||||
eth0
|
||||
proto:
|
||||
static
|
||||
stp:
|
||||
False
|
||||
type:
|
||||
bridge
|
||||
up_cmds:
|
||||
- /sbin/ip -6 addr add 2001:1:see:bad:c0de::14/64 dev $IFACE
|
||||
pkgs:
|
||||
----------
|
||||
purged:
|
||||
- resolvconf
|
||||
resolver:
|
||||
----------
|
||||
domain:
|
||||
pcdummy.lan
|
||||
nameservers:
|
||||
- fd57:1:see:bad:c0de::18
|
||||
search:
|
||||
- pcdummy.lan
|
||||
|
||||
```
|
||||
|
||||
### So how does this work
|
||||
|
||||
1. salt.pillar.mongo retrieves the **host definition** from the mongodb.
|
||||
2. It includes the **defaults** file and merges the host definition over the defaults.
|
||||
3. It includes the **generator** with the current data stored in the **pillar** variable.
|
||||
4. The generator generates the pillar data.
|
||||
|
||||
|
||||
### Thanks ...
|
||||
|
||||
Thanks for reading, please leave a comment about this.
|
@ -0,0 +1,127 @@
|
||||
---
|
||||
date: 2016-04-05T00:17:00+01:00
|
||||
description: Detailed explanation on HOWTO clone this Plone5 based blog
|
||||
tags:
|
||||
- HOWTO
|
||||
- Plone
|
||||
- Blog
|
||||
- Markdown
|
||||
title: Howto clone my blog
|
||||
---
|
||||
I open sourced all components of my blog, this post is for anyone who want's the same blog or build one on top of mine.
|
||||
It's a **step by step guide even for newcomers to Plone**.<!--more-->
|
||||
|
||||
### Requirements
|
||||
|
||||
- GNU/Linux or Mac OS
|
||||
- Windows users can use [Vagrant](http://docs.plone.org/manage/installing/installation.html#microsoft-windows)
|
||||
|
||||
### The components of this blog
|
||||
|
||||
- [collective.blog](https://github.com/collective/collective.blog) - A blog for Plone 5.
|
||||
|
||||
Ideas have been take from [ftw.blog](https://github.com/4teamwork/ftw.blog) and [plone.app.event](https://github.com/plone/plone.app.event).
|
||||
|
||||
I've written it to learn Plone.
|
||||
|
||||
- [plonetheme.persona](https://github.com/collective/plonetheme.persona) - Port of the clean and well-readable Persona theme to Plone 5.
|
||||
|
||||
- First ported by [@aries1980](https://github.com/aries1980/hugo-theme-persona) to [hugo](https://github.com/spf13/hugo)
|
||||
- Then improved by [@pcdummy](https://github.com/pcdummy/hugo-theme-persona)
|
||||
- Now ported to Plone 5 by [@pcdummy](https://github.com/pcdummy/)
|
||||
|
||||
- [mockup-highlightjs](https://github.com/collective/mockup-highlightjs) - [highlightjs](https://highlightjs.org/) for plonetheme.persona.
|
||||
|
||||
- [rj.site](https://github.com/pcdummy/rj.site) - A simple integration package
|
||||
|
||||
Currently a very simple integration package that installs `collective.blog` and `plonetheme.persona`.
|
||||
|
||||
I plan to extend this via an Upgrade Step to set some options on the site i currently manualy set.
|
||||
|
||||
- [rj.buildout](https://github.com/pcdummy/rj.buildout)
|
||||
|
||||
A buildout based on `starzel/buildout` to generate a Plone site, named last but the root to build
|
||||
your clone.
|
||||
|
||||
### Step by step guide
|
||||
|
||||
1.) Install the required packages as documented [here](http://docs.plone.org/manage/installing/installation.html#ubuntu-debian)
|
||||
|
||||
```bash
|
||||
sudo apt-get -y install python-setuptools python-dev build-essential libssl-dev libxml2-dev libxslt1-dev libbz2-dev libjpeg62-dev virtualenv python-tk python-gdbm
|
||||
sudo apt-get -y install libreadline-dev wv poppler-utils
|
||||
sudo apt-get -y install git pwgen
|
||||
```
|
||||
|
||||
2.) Create a clone of rj.buildout into a folder named `plone`
|
||||
|
||||
```bash
|
||||
git clone https://github.com/pcdummy/rj.buildout.git plone
|
||||
```
|
||||
|
||||
3.) Create a virtualenv for the buildout (a Python environment inside "plone")
|
||||
```bash
|
||||
cd plone
|
||||
virtualenv -p /usr/bin/python2.7 --no-site-packages .
|
||||
```
|
||||
|
||||
4.) Install zc.buildout in your new python environment.
|
||||
```bash
|
||||
./bin/pip install -r requirements.txt
|
||||
```
|
||||
|
||||
5.) Symlink `local_develop.cfg` to `local.cfg`
|
||||
```bash
|
||||
ln -s local_develop.cfg local.cfg
|
||||
```
|
||||
|
||||
6.) Generate a `secret.cfg` for the plone superadmin.
|
||||
```bash
|
||||
echo -e "[buildout]\nlogin = admin\npassword = $(pwgen -B -1 15)\n" > secret.cfg
|
||||
cat secret.cfg
|
||||
```
|
||||
|
||||
**Remember** the **username** and **password** here, you need it later to login to your plone site.
|
||||
|
||||
7.) Run "buildout" to download the dependencies, install and compile everything together.
|
||||
```bash
|
||||
./bin/buildout -N
|
||||
```
|
||||
|
||||
This will take a while, go get a coffee :)
|
||||
|
||||
|
||||
8.) Run the ZEO Server (the Database server)
|
||||
```bash
|
||||
./bin/zeoserver start
|
||||
```
|
||||
|
||||
9.) Run your ZOPE site.
|
||||
```bash
|
||||
RELOAD_PATH=src/ ./bin/zeoclient_debug fg
|
||||
```
|
||||
|
||||
10.) Go with a browser to [localhost:8084](http://localhost:8084)
|
||||
|
||||
11.) Click on `Create a new Plone site`
|
||||
|
||||
12.) Set the "Path identifier" to "Plone" and fill everything else as wanted.
|
||||
|
||||
13.) Goto the [Add-ons configurator](http://localhost:8084/Plone/prefs_install_products_form)
|
||||
|
||||
And install `rj.site`
|
||||
|
||||
14.) Next goto the [Markup controlpanel](http://10.167.161.14:8084/Plone/@@markup-controlpanel)
|
||||
|
||||
And enable the markups you want to write your blog posts in (i personaly prefer Markdown).
|
||||
|
||||
|
||||
### Thanks
|
||||
|
||||
This blog and its clone guide wouldn't be possible without:
|
||||
|
||||
- [The Plone Community](https://plone.org/community): Its a great community!
|
||||
- [The Plone Training](http://training.plone.org/5/): A good place to look for howto do stuff in Plone.
|
||||
- [Webmeisterei](http://webmeisterei.com/): My employer where i learn every day new stuff around Plone.
|
||||
- [Starzel](http://www.starzel.de/): For [starzel/buildout](https://github.com/starzel/buildout/).
|
||||
- [ftw.blog](https://github.com/4teamwork/ftw.blog): Code and idea for collective.blog have been taken from it.
|
@ -0,0 +1,263 @@
|
||||
---
|
||||
date: 2016-07-09T00:17:00+01:00
|
||||
description: Detailed explanation on HOWTO move your Saltstack tops and pillar data to MongoDB
|
||||
tags:
|
||||
- HOWTO
|
||||
- Saltstack
|
||||
title: Howto move Saltstack tops and pillar contents to MongoDB
|
||||
---
|
||||
|
||||
I'm a heavy user of [Saltstack](https://saltstack.com/), on my home network i develop salt states and test new stuff and on my production servers i use the results of
|
||||
my development at home.
|
||||
|
||||
#### My motiviation for this:
|
||||
|
||||
- I have a dream of automated deployed [LXD](https://linuxcontainers.org/lxd/introduction/) containers which you can manage with a web interface like [Froxlor](https://www.froxlor.org/).
|
||||
- I want a database where i can easily modify contents with a script.
|
||||
|
||||
#### Prerequisites
|
||||
|
||||
- Knowledge of Saltstack
|
||||
- Knowledge of MongoDB
|
||||
|
||||
#### Salt Modules in use
|
||||
|
||||
- [salt.tops.mongo](https://docs.saltstack.com/en/latest/ref/tops/all/salt.tops.mongo.html)
|
||||
- [salt.pillar.mongo](https://docs.saltstack.com/en/latest/ref/pillar/all/salt.pillar.mongo.html)
|
||||
|
||||
<!--more-->
|
||||
|
||||
### Here comes the step-by-step guide
|
||||
|
||||
### 1.) Install MongoDB somewhere and create some users
|
||||
|
||||
#### a.) Go to the [MongoDB installation guide](https://docs.mongodb.com/manual/installation/) for install instructions.
|
||||
|
||||
#### b.) Create a superadmin user
|
||||
|
||||
Open a mongo shell:
|
||||
|
||||
```bash
|
||||
mongo
|
||||
```
|
||||
|
||||
And insert the following (replace the username and password!).
|
||||
```javascript
|
||||
use admin;
|
||||
db.createUser({ user: "<replace with your username>",
|
||||
pwd: "<replace with your cleartext password>",
|
||||
roles: [
|
||||
{ role: "clusterAdmin", db: "admin" },
|
||||
{ role: "userAdminAnyDatabase", db: "admin" },
|
||||
{ role: "readWriteAnyDatabase", db: "admin" },
|
||||
{ role: "dbAdminAnyDatabase", db: "admin" },
|
||||
]
|
||||
})
|
||||
quit();
|
||||
```
|
||||
|
||||
#### c.) Configure MongoDB to enforce authentication:
|
||||
|
||||
Add this to your **/etc/mongd.conf**:
|
||||
```yaml
|
||||
security:
|
||||
authorization: enabled
|
||||
```
|
||||
|
||||
And restart MongoDB:
|
||||
```bash
|
||||
service mongod restart
|
||||
```
|
||||
|
||||
#### d.) Create a user and Database for your saltmaster:
|
||||
|
||||
Open a mongo shell and login
|
||||
```bash
|
||||
mongo -u <username from above> --authenticationDatabase admin -p
|
||||
```
|
||||
|
||||
```javascript
|
||||
use saltstack;
|
||||
db.createUser({ user: "saltmaster",
|
||||
pwd: "<replace with your cleartext password for the saltmaster user>",
|
||||
roles: [
|
||||
{ role: "readWrite", db: "saltstack" },
|
||||
]
|
||||
})
|
||||
quit();
|
||||
```
|
||||
|
||||
### 2.) Configure your saltmaster to use salt_tops and salt_pillar with the MongoDB
|
||||
|
||||
#### a.) Open /etc/salt/master and insert
|
||||
|
||||
```
|
||||
master_tops:
|
||||
mongo:
|
||||
id_field: _id
|
||||
collection: salt_tops
|
||||
|
||||
ext_pillar:
|
||||
- mongo: {collection: salt_pillar}
|
||||
|
||||
ext_pillar_first: false
|
||||
|
||||
##### mongodb connection settings #####
|
||||
##########################################
|
||||
mongo.db: saltstack
|
||||
mongo.indexes: true
|
||||
mongo.host: <your mongo host>
|
||||
mongo.user: saltmaster
|
||||
mongo.password: <your saltmaster mongo password>
|
||||
mongo.port: 27017
|
||||
```
|
||||
|
||||
You can also use the [salt-formula](https://github.com/saltstack-formulas/salt-formula), but you need the latest version with my [PR](https://github.com/saltstack-formulas/salt-formula/pull/241)
|
||||
|
||||
|
||||
#### b.) Restart your salt-master
|
||||
|
||||
```bash
|
||||
service salt-master restart
|
||||
```
|
||||
|
||||
### 3.) Create some tops and pillars
|
||||
|
||||
I use [robomongo](https://robomongo.org/) for that, its a Desktop app with functionality like phpMyAdmin.
|
||||
To convert my old YAML files to JSON i use: [YAML to JSON](http://yamltojson.com/).
|
||||
|
||||
#### a.) An example top in the collection **salt_tops**
|
||||
|
||||
```json
|
||||
{
|
||||
"_id" : "apu1d4.pcdummy.lan",
|
||||
"states" : [
|
||||
"roles.base.server",
|
||||
"roles.base.lxc",
|
||||
"bird",
|
||||
"softether.client"
|
||||
],
|
||||
"environment" : "pcdummy"
|
||||
}
|
||||
```
|
||||
|
||||
#### b.) An example pillar entry in the collection **salt_pillar**
|
||||
|
||||
This uses my **mongo include patch** which you can optain from [Salt PR #34566](https://github.com/saltstack/salt/pull/34566)
|
||||
|
||||
```json
|
||||
{
|
||||
"_id" : "apu1d4.pcdummy.lan",
|
||||
"include" : [
|
||||
{
|
||||
"file" : "roles.base.server",
|
||||
"saltenv" : "pcdummy"
|
||||
},
|
||||
{
|
||||
"file" : "roles.base.lxc",
|
||||
"saltenv" : "pcdummy"
|
||||
},
|
||||
{
|
||||
"file" : "roles.base.sysctl_container_host",
|
||||
"saltenv" : "pcdummy"
|
||||
},
|
||||
{
|
||||
"file" : "roles.base.postfix-relayclient",
|
||||
"saltenv" : "pcdummy"
|
||||
}
|
||||
],
|
||||
"grub" : {
|
||||
"lookup" : {
|
||||
"config" : {
|
||||
"manage" : [
|
||||
"default_config"
|
||||
]
|
||||
}
|
||||
},
|
||||
"default_config" : {
|
||||
"content" : "GRUB_DEFAULT=0\nGRUB_TIMEOUT=10\nGRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian`\nGRUB_CMDLINE_LINUX_DEFAULT=\"quiet cgroup_enable=memory swapaccount=1\"\nGRUB_CMDLINE_LINUX=\"console=ttyS0,115200n8 earlyprint=ttyS0,115200n8\"\nGRUB_TERMINAL=serial\nGRUB_SERIAL_COMMAND=\"serial --unit=0 --speed=115200 --word=8 --parity=no --stop=1\"\n"
|
||||
}
|
||||
},
|
||||
"network" : {
|
||||
"hosts" : [
|
||||
{
|
||||
"name" : "apu1d4.pcdummy.lan",
|
||||
"ip" : "fd57:c87d:f1ee:ee00::1"
|
||||
}
|
||||
],
|
||||
"resolver" : {
|
||||
"domain" : "pcdummy.lan",
|
||||
"search" : [
|
||||
"pcdummy.lan"
|
||||
],
|
||||
"nameservers" : [
|
||||
"fd57:c87d:f1ee:ee00:f::18"
|
||||
]
|
||||
}
|
||||
},
|
||||
"lxc" : {
|
||||
"default_conf" : [
|
||||
{
|
||||
"lxc.network.type" : "veth"
|
||||
},
|
||||
{
|
||||
"lxc.network.link" : "apubr0"
|
||||
},
|
||||
{
|
||||
"lxc.network.flags" : "up"
|
||||
},
|
||||
{
|
||||
"lxc.network.hwaddr" : "00:16:3e:02:xx:xx"
|
||||
}
|
||||
],
|
||||
"users" : {
|
||||
"lxd" : {
|
||||
"interfaces" : {
|
||||
"apubr0" : {
|
||||
"type" : "veth",
|
||||
"count" : 100
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
},
|
||||
"softether" : {
|
||||
"lookup" : {
|
||||
"client_svc_onboot" : true
|
||||
},
|
||||
"interface" : {
|
||||
"enabled" : true,
|
||||
"name" : "vpn_gw0",
|
||||
"ipv4address" : "10.171.104.160",
|
||||
"ipv4netmask" : "255.255.0.0",
|
||||
"ipv6enabled" : true,
|
||||
"ipv6address" : "fd57:c87d:f1ee:f003::ee00:1",
|
||||
"ipv6netmask" : 64
|
||||
}
|
||||
},
|
||||
"bird" : {
|
||||
"bird_cfg" : "log syslog { info, remote, warning, error, auth, fatal, bug };\nlog stderr all;\n\nrouter id 10.171.104.160;\n\nprotocol kernel {\n learn;\n persist;\n scan time 20;\n import all;\n export all;\n}\n\nprotocol device {\n scan time 10; # Scan interfaces every 10 seconds\n}\n\nprotocol ospf main {\n import all;\n export all;\n\n area 0.0.0.0 {\n interface \"apubr0\";\n interface \"vpn_gw0\";\n };\n}\n",
|
||||
"bird6_cfg" : "log syslog { info, remote, warning, error, auth, fatal, bug };\nlog stderr all;\n\nrouter id 10.171.104.160;\n\nfunction is_default() { return net ~ [ ::/0 ]; }\n\nprotocol kernel {\n learn;\n persist;\n scan time 20;\n import all;\n export all;\n}\n\nprotocol device {\n scan time 10; # Scan interfaces every 10 seconds\n}\n\nprotocol ospf main {\n import all;\n export filter {\n if (is_default()) then reject;\n accept;\n };\n\n area 0 {\n interface \"apubr0\";\n interface \"vpn_gw0\";\n };\n}\n\nprotocol radv {\n interface \"apubr0\";\n prefix fd57:c87d:f1ee:ee00::/64;\n prefix 2001:470:b718:ee00::/64;\n\n rdnss fd57:c87d:f1ee:ee00:f::18;\n\n dnssl {\n domain \"pcdummy.lan\";\n };\n}\n"
|
||||
}
|
||||
}
|
||||
```
|
||||
|
||||
### 4.) Check if your tops and pillar.items are right
|
||||
|
||||
On the saltmaster
|
||||
|
||||
#### a.) For the **tops**
|
||||
|
||||
```bash
|
||||
salt apu1d4.pcdummy.lan state.show_top
|
||||
```
|
||||
|
||||
#### b.) For the **pillar**
|
||||
|
||||
```bash
|
||||
salt apu1d4.pcdummy.lan pillar.items
|
||||
```
|
||||
|
||||
### 5.) Leave a comment about this HOWTO
|
||||
|
||||
Any suggestions? Or did it help you? Please leave a comment.
|
@ -1 +1 @@
|
||||
Subproject commit 0ea25c35ae8529796fee9432bae0572e8b93c2b1
|
||||
Subproject commit 7c2309269f5f9ea8cf66a627147c13e4e55d74fb
|
Loading…
Reference in New Issue