nee2c
/
salt
mirror da https://github.com/nee2c/salt.git


			
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321
							================================
Using the Salt Modules for Cloud
================================

In addition to the ``salt-cloud`` command, Salt Cloud can be called from Salt,
in a variety of different ways. Most users will be interested in either the
execution module or the state module, but it is also possible to call Salt Cloud
as a runner.

Because the actual work will be performed on a remote minion, the normal Salt
Cloud configuration must exist on any target minion that needs to execute a Salt
Cloud command.  Because Salt Cloud now supports breaking out configuration into
individual files, the configuration is easily managed using Salt's own
``file.managed`` state function. For example, the following directories allow
this configuration to be managed easily:

.. code-block:: yaml

    /etc/salt/cloud.providers.d/
    /etc/salt/cloud.profiles.d/


Minion Keys
-----------
Keep in mind that when creating minions, Salt Cloud will create public and
private minion keys, upload them to the minion, and place the public key on the
machine that created the minion. It will *not* attempt to place any public
minion keys on the master, unless the minion which was used to create the
instance is also the Salt Master. This is because granting arbitrary minions
access to modify keys on the master is a serious security risk, and must be
avoided.


Execution Module
----------------
The ``cloud`` module is available to use from the command line. At the moment,
almost every standard Salt Cloud feature is available to use. The following
commands are available:

list_images
~~~~~~~~~~~
This command is designed to show images that are available to be used to create
an instance using Salt Cloud. In general they are used in the creation of
profiles, but may also be used to create an instance directly (see below).
Listing images requires a provider to be configured, and specified:

.. code-block:: bash

    salt myminion cloud.list_images my-cloud-provider

list_sizes
~~~~~~~~~~
This command is designed to show sizes that are available to be used to create
an instance using Salt Cloud. In general they are used in the creation of
profiles, but may also be used to create an instance directly (see below). This
command is not available for all cloud providers; see the provider-specific
documentation for details. Listing sizes requires a provider to be configured,
and specified:

.. code-block:: bash

    salt myminion cloud.list_sizes my-cloud-provider

list_locations
~~~~~~~~~~~~~~
This command is designed to show locations that are available to be used to
create an instance using Salt Cloud. In general they are used in the creation of
profiles, but may also be used to create an instance directly (see below). This
command is not available for all cloud providers; see the provider-specific
documentation for details. Listing locations requires a provider to be
configured, and specified:

.. code-block:: bash

    salt myminion cloud.list_locations my-cloud-provider

query
~~~~~
This command is used to query all configured cloud providers, and display all
instances associated with those accounts. By default, it will run a standard
query, returning the following fields:

``id``
    The name or ID of the instance, as used by the cloud provider.

``image``
    The disk image that was used to create this instance.

``private_ips``
    Any public IP addresses currently assigned to this instance.

``public_ips``
    Any private IP addresses currently assigned to this instance.

``size``
    The size of the instance; can refer to RAM, CPU(s), disk space, etc.,
    depending on the cloud provider.

``state``
    The running state of the instance; for example, ``running``, ``stopped``,
    ``pending``, etc. This state is dependent upon the provider.

This command may also be used to perform a full query or a select query, as
described below. The following usages are available:

.. code-block:: bash

    salt myminion cloud.query
    salt myminion cloud.query list_nodes
    salt myminion cloud.query list_nodes_full

full_query
~~~~~~~~~~
This command behaves like the ``query`` command, but lists all information
concerning each instance as provided by the cloud provider, in addition to the
fields returned by the ``query`` command.

.. code-block:: bash

    salt myminion cloud.full_query

select_query
~~~~~~~~~~~~
This command behaves like the ``query`` command, but only returned select
fields as defined in the ``/etc/salt/cloud`` configuration file. A sample
configuration for this section of the file might look like:

.. code-block:: yaml

    query.selection:
      - id
      - key_name

This configuration would only return the ``id`` and ``key_name`` fields, for
those cloud providers that support those two fields. This would be called using
the following command:

.. code-block:: bash

    salt myminion cloud.select_query

profile
~~~~~~~
This command is used to create an instance using a profile that is configured
on the target minion. Please note that the profile must be configured before
this command can be used with it.

.. code-block:: bash

    salt myminion cloud.profile ec2-centos64-x64 my-new-instance

Please note that the execution module does *not* run in parallel mode. Using
multiple minions to create instances can effectively perform parallel instance
creation.

create
~~~~~~
This command is similar to the ``profile`` command, in that it is used to create
a new instance. However, it does not require a profile to be pre-configured.
Instead, all of the options that are normally configured in a profile are passed
directly to Salt Cloud to create the instance:

.. code-block:: bash

    salt myminion cloud.create my-ec2-config my-new-instance \
        image=ami-1624987f size='t1.micro' ssh_username=ec2-user \
        securitygroup=default delvol_on_destroy=True

Please note that the execution module does *not* run in parallel mode. Using
multiple minions to create instances can effectively perform parallel instance
creation.

destroy
~~~~~~~
This command is used to destroy an instance or instances. This command will
search all configured providers and remove any instance(s) which matches the
name(s) passed in here. The results of this command are *non-reversable* and
should be used with caution.

.. code-block:: bash

    salt myminion cloud.destroy myinstance
    salt myminion cloud.destroy myinstance1,myinstance2

action
~~~~~~
This command implements both the ``action`` and the ``function`` commands
used in the standard ``salt-cloud`` command. If one of the standard ``action``
commands is used, an instance name must be provided. If one of the standard
``function`` commands is used, a provider configuration must be named.

.. code-block:: bash

    salt myminion cloud.action start instance=myinstance
    salt myminion cloud.action show_image provider=my-ec2-config \
        image=ami-1624987f

The actions available are largely dependent upon the module for the specific
cloud provider. The following actions are available for all cloud providers:

``list_nodes``
    This is a direct call to the ``query`` function as described above, but is
    only performed against a single cloud provider. A provider configuration
    must be included.

``list_nodes_select``
    This is a direct call to the ``full_query`` function as described above, but
    is only performed against a single cloud provider. A provider configuration
    must be included.

``list_nodes_select``
    This is a direct call to the ``select_query`` function as described above,
    but is only performed against a single cloud provider.  A provider
    configuration must be included.

``show_instance``
    This is a thin wrapper around ``list_nodes``, which returns the full
    information about a single instance. An instance name must be provided.


State Module
------------
A subset of the execution module is available through the ``cloud`` state
module. Not all functions are currently included, because there is currently
insufficient code for them to perform statefully. For example, a command to
create an instance may be issued with a series of options, but those options
cannot currently be statefully managed. Additional states to manage these
options will be released at a later time.

cloud.present
~~~~~~~~~~~~~
This state will ensure that an instance is present inside a particular cloud
provider. Any option that is normally specified in the ``cloud.create``
execution module and function may be declared here, but only the actual
presence of the instance will be managed statefully.

.. code-block:: yaml

    my-instance-name:
      cloud.present:
        - cloud_provider: my-ec2-config
        - image: ami-1624987f
        - size: 't1.micro'
        - ssh_username: ec2-user
        - securitygroup: default
        - delvol_on_destroy: True

cloud.profile
~~~~~~~~~~~~~
This state will ensure that an instance is present inside a particular cloud
provider. This function calls the ``cloud.profile`` execution module and
function, but as with ``cloud.present``, only the actual presence of the
instance will be managed statefully.

.. code-block:: yaml

    my-instance-name:
      cloud.profile:
        - profile: ec2-centos64-x64

cloud.absent
~~~~~~~~~~~~
This state will ensure that an instance (identified by name) does not exist in
any of the cloud providers configured on the target minion. Please note that
this state is *non-reversable* and may be considered especially destructive when
issued as a cloud state.

.. code-block:: yaml

    my-instance-name:
      cloud.absent


Runner Module
-------------
The ``cloud`` runner module is executed on the master, and performs actions
using the configuration and Salt modules on the master itself. This means that
any public minion keys will also be properly accepted by the master.

Using the functions in the runner module is no different than using those in
the execution module, outside of the behavior described in the above paragraph.
The following functions are available inside the runner:

- list_images
- list_sizes
- list_locations
- query
- full_query
- select_query
- profile
- destroy
- action

Outside of the standard usage of ``salt-run`` itself, commands are executed as
usual:

.. code-block:: bash

    salt-run cloud.profile ec2-centos64-x86_64 my-instance-name


CloudClient
-----------
The execution, state, and runner modules ultimately all use the CloudClient
library that ships with Salt. To use the CloudClient library locally (either on
the master or a minion), create a client object and issue a command against it:

.. code-block:: python

    import salt.cloud
    import pprint

    client = salt.cloud.CloudClient("/etc/salt/cloud")
    nodes = client.query()
    pprint.pprint(nodes)

Reactor
-------
Examples of using the reactor with Salt Cloud are available in the
:formula_url:`ec2-autoscale-reactor <ec2-autoscale-reactor>` and
:formula_url:`salt-cloud-reactor <salt-cloud-reactor>` formulas.