roster.rst 3.4 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990
  1. .. _ssh-roster:
  2. ============
  3. Salt Rosters
  4. ============
  5. Salt rosters are pluggable systems added in Salt 0.17.0 to facilitate the
  6. ``salt-ssh`` system.
  7. The roster system was created because ``salt-ssh`` needs a means to
  8. identify which systems need to be targeted for execution.
  9. .. seealso:: :ref:`all-salt.roster`
  10. .. note::
  11. The Roster System is not needed or used in standard Salt because the
  12. master does not need to be initially aware of target systems, since the
  13. Salt Minion checks itself into the master.
  14. Since the roster system is pluggable, it can be easily augmented to attach to
  15. any existing systems to gather information about what servers are presently
  16. available and should be attached to by ``salt-ssh``. By default the roster
  17. file is located at /etc/salt/roster.
  18. How Rosters Work
  19. ================
  20. The roster system compiles a data structure internally referred to as
  21. ``targets``. The ``targets`` is a list of target systems and attributes about how
  22. to connect to said systems. The only requirement for a roster module in Salt
  23. is to return the ``targets`` data structure.
  24. Targets Data
  25. ------------
  26. The information which can be stored in a roster ``target`` is the following:
  27. .. code-block:: yaml
  28. <Salt ID>: # The id to reference the target system with
  29. host: # The IP address or DNS name of the remote host
  30. user: # The user to log in as
  31. passwd: # The password to log in with
  32. # Optional parameters
  33. port: # The target system's ssh port number
  34. sudo: # Boolean to run command via sudo
  35. sudo_user: # Str: Set this to execute Salt as a sudo user other than root.
  36. # This user must be in the same system group as the remote user
  37. # that is used to login and is specified above. Alternatively,
  38. # the user must be a super-user.
  39. tty: # Boolean: Set this option to True if sudo is also set to
  40. # True and requiretty is also set on the target system
  41. priv: # File path to ssh private key, defaults to salt-ssh.rsa
  42. # The priv can also be set to agent-forwarding to not specify
  43. # a key, but use ssh agent forwarding
  44. priv_passwd: # Passphrase for ssh private key
  45. timeout: # Number of seconds to wait for response when establishing
  46. # an SSH connection
  47. minion_opts: # Dictionary of minion opts
  48. thin_dir: # The target system's storage directory for Salt
  49. # components. Defaults to /tmp/salt-<hash>.
  50. cmd_umask: # umask to enforce for the salt-call command. Should be in
  51. # octal (so for 0o077 in YAML you would do 0077, or 63)
  52. .. _roster_defaults:
  53. Target Defaults
  54. ---------------
  55. The `roster_defaults` dictionary in the master config is used to set the
  56. default login variables for minions in the roster so that the same arguments do
  57. not need to be passed with commandline arguments.
  58. .. code-block:: yaml
  59. roster_defaults:
  60. user: daniel
  61. sudo: True
  62. priv: /root/.ssh/id_rsa
  63. tty: True
  64. thin_dir
  65. --------
  66. Salt needs to upload a standalone environment to the target system, and this
  67. defaults to /tmp/salt-<hash>. This directory will be cleaned up per normal
  68. systems operation.
  69. If you need a persistent Salt environment, for instance to set persistent grains,
  70. this value will need to be changed.