| 1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889 |
- .. _docker-sls:
- =====================================================
- Running Salt States and Commands in Docker Containers
- =====================================================
- The 2016.11.0 release of Salt introduces the ability to execute Salt States
- and Salt remote execution commands directly inside of Docker containers.
- This addition makes it possible to not only deploy fresh containers using
- Salt States. This also allows for running containers to be audited and
- modified using Salt, but without running a Salt Minion inside the container.
- Some of the applications include security audits of running containers as
- well as gathering operating data from containers.
- This new feature is simple and straightforward, and can be used via a running
- Salt Minion, the Salt Call command, or via Salt SSH. For this tutorial we will
- use the `salt-call` command, but like all salt commands these calls are
- directly translatable to `salt` and `salt-ssh`.
- Step 1 - Install Docker
- =======================
- Since setting up Docker is well covered in the Docker documentation we will
- make no such effort to describe it here. Please see the Docker Installation
- Documentation for installing and setting up Docker:
- https://docs.docker.com/engine/installation/
- The Docker integration also requires that the `docker-py` library is installed.
- This can easily be done using pip or via your system package manager:
- .. code-block:: bash
- pip install docker-py
- Step 2 - Install Salt
- =====================
- For this tutorial we will be using Salt Call, which is available in the
- `salt-minion` package, please follow the Salt Installation docs found here:
- https://repo.saltstack.com/
- Step 3 - Create With Salt States
- ================================
- Next some Salt States are needed, for this example a very basic state which
- installs `vim` is used, but anything Salt States can do can be done here,
- please see the Salt States Introduction Tutorial to learn more about Salt
- States:
- https://docs.saltstack.com/en/stage/getstarted/config/
- For this tutorial, simply create a small state file in `/srv/salt/vim.sls`:
- .. code-block:: yaml
- vim:
- pkg.installed
- .. note::
- The base image you choose will need to have python 2.6 or 2.7 installed.
- We are hoping to resolve this constraint in a future release.
- If `base` is omitted the default image used is a minimal openSUSE
- image with Python support, maintained by SUSE
- Next run the `docker.sls_build` command:
- .. code-block:: bash
- salt-call --local dockerng.sls_build test base=my_base_image mods=vim
- Now we have a fresh image called `test` to work with and vim has been
- installed.
- Step 4 - Running Commands Inside the Container
- ==============================================
- Salt can now run remote execution functions inside the container with another
- simple `salt-call` command:
- .. code-block:: bash
- salt-call --local dockerng.call test test.version
- salt-call --local dockerng.call test network.interfaces
- salt-call --local dockerng.call test disk.usage
- salt-call --local dockerng.call test pkg.list_pkgs
- salt-call --local dockerng.call test service.running httpd
- salt-call --local dockerng.call test cmd.run 'ls -l /etc'
|
