1
0

proxy-2015.8.0.rst 3.1 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112
  1. :orphan:
  2. .. _proxy-2015.8.0:
  3. =========================
  4. Proxy Minion Enhancements
  5. =========================
  6. Proxy Minions have undergone a significant overhaul in 2015.8.
  7. - Proxies are now more of a first-class citizen in the Salt universe
  8. - Proxies are no longer started by a "parent minion", they are started on the
  9. command line with the new ``salt-proxy`` command
  10. - The default configuration file for proxies is now ``/etc/salt/proxy``.
  11. - The default logfile for proxies is now ``/var/log/salt/proxy``.
  12. - ``salt-proxy`` takes a ``--proxyid`` switch. This becomes the id of the proxy
  13. minion, and thus the pillar key under which the configuration for the proxy is
  14. looked up.
  15. - Proxies have been lightly tested with the new TCP transport. They still do
  16. not work with the RAET transport.
  17. - The pillar structure is therefore different than in previous releases. In
  18. earlier releases you might have something that looked like this:
  19. ``/srv/pillar/top.sls``:
  20. .. code-block:: yaml
  21. base:
  22. minioncontroller:
  23. - dumbdevice1
  24. - dumbdevice2
  25. ``/srv/pillar/dumbdevice1.sls``:
  26. .. code-block:: yaml
  27. dumbdevice1:
  28. proxy:
  29. proxytype: networkswitch
  30. host: 172.23.23.5
  31. username: root
  32. passwd: letmein
  33. ``/srv/pillar/dumbdevice2.sls``:
  34. .. code-block:: yaml
  35. dumbdevice2:
  36. proxy:
  37. proxytype: networkswitch
  38. host: 172.23.23.6
  39. username: root
  40. passwd: letmein
  41. This would cause the minion with id ``minioncontroller`` to fork off two
  42. processes and rename their minion id's to ``dumbdevice1`` and ``dumbdevice2``.
  43. These processes would initiate a new connection to the master.
  44. For proxy minion controllers this made it quite difficult to tell which process
  45. was doing what. Also, if the controlling minion died for any reason, it would
  46. take all the proxies with it. The new pillar structure does away with the
  47. id's in the lower level pillar files and brings proxy configuration to the same
  48. level with all other minions.
  49. ``/srv/pillar/top.sls``:
  50. .. code-block:: yaml
  51. base:
  52. dumbdevice1:
  53. - dumbdevice1
  54. dumbdevice2:
  55. - dumbdevice2
  56. ``/srv/pillar/dumbdevice1.sls``:
  57. .. code-block:: yaml
  58. proxy:
  59. proxytype: networkswitch
  60. host: 172.23.23.5
  61. username: root
  62. passwd: letmein
  63. ``/srv/pillar/dumbdevice2.sls``:
  64. .. code-block:: yaml
  65. proxy:
  66. proxytype: networkswitch
  67. host: 172.23.23.6
  68. username: root
  69. passwd: letmein
  70. Proxies can be better tracked via system process utilities:
  71. ..code-block:: bash
  72. root@raring64:/var/log/salt# ps guax | grep p8
  73. root 15215 pts/3 S+ 10:57 0:00 python salt-proxy -l debug --proxyid=p8000
  74. root 15275 pts/5 S+ 10:57 0:00 python salt-proxy -l debug --proxyid=p8002
  75. Proxies still gather a significant number of grains from the host. This is
  76. useful for targeting, but does not obviate the need for custom grains to better
  77. support your controlled devices. See the proxy documentation for writing
  78. grains modules for your proxy.
  79. Future enhancements of proxy minions could include execution modules and states
  80. for easier proxy process management.
  81. See :ref:`Proxy Minion Documentation <proxy-minion>`.