Salt Reactor
Der Salt Reactor ist ein Prozess, welcher auf dem Master läuft und auf Events der Minions reagiert. Der Reactor kann auf Standard-Events, wie z.B. "Minion gestartet" oder frei definierte Events reagieren.
Reactor aktivieren
Der Reactor wird über die Konfiguration des Masters aktiviert. Verwenden Sie dazu zum Beispiel die Datei /etc/salt/master.d/reactor.conf.
Nach jeder Änderung am Reactor müssen Sie den Salt Master neu starten.
Ein simples Beispiel
/etc/salt/master.d/reactor.conf
reactor:
- 'salt/minion/*/start': # Match tag "salt/minion/*/start"
- /srv/reactor/minion-start.sls # Things to do when a minion starts
- 'dummy/foo/*':
- /srv/reactor/dummy.sls
/srv/reactor/dummy.sls
{% set list = tag.split('/') %}
dummy:
local.cmd.run:
- name: gaga
- tgt: 'master'
- arg:
- 'echo "{{ data['id'] }}: {{ list[2] }} . {{ tag }} {{ data | json() }}">/tmp/reactor.txt'
root@minion1: salt-call event.send 'dummy/foo/hamster'
Reactor Beispiel Burp Backup
Registrierung neuer Burp-Backup-Clients per Reactor
/etc/salt/master.d/reactor.conf
reactor: # Master config section "reactor"
- 'burp/register/*': # React to custom event tags
- /srv/reactor/burp-register.sls
/srv/reactor/burp-register.sls
{% set args = tag.split('/') %}
register-backup-client:
local.cmd.run:
- name: register
- tgt: 'backup-server.local'
- arg:
- 'echo "password = {{ args[2] }}" > /etc/burp/clientconfdir/{{ data['id'] }}'
Backup Server einrichten
Master vorbereiten, damit dieser Backups der Minions annimmt:
apt-get install librsync1
wget "http://de.archive.ubuntu.com/ubuntu/pool/universe/b/burp/burp_2.0.54-1_amd64.deb"
dpkg -i burp_2.0.54-1_amd64.deb
rm burp_2.0.54-1_amd64.deb
Öffnen Sie die Datei /etc/burp/burp-server.conf und setzen Sie protocol = 2. Anschließend starten Sie den Burp-Server.
burp -c /etc/burp/burp-server.conf
Backup Client per Salt ausrollen
/srv/salt/linux/burp/init.sls
#
# Install burp backup client
#
librsync1:
pkg.installed: []
# We want to keep our sources list tidy. So we don't add the a source to the system
install:
cmd.run:
- name: |
wget "http://de.archive.ubuntu.com/ubuntu/pool/universe/b/burp/burp_2.0.54-1_amd64.deb"
dpkg -i burp_2.0.54-1_amd64.deb
rm burp_2.0.54-1_amd64.deb
- runas: root
- chdir: /tmp
- creates: /usr/sbin/burp
/etc/burp/burp.conf:
file.managed:
- source: salt://linux/burp/burp.conf
- template: jinja
- defaults:
include:
- /etc
- /root
server: backup-server.local
- user: root
- group: root
- mode: 0500
burp/register:
event.send:
- unless: test -e /etc/burp/ssl_cert-client.key
#burp -a b:
# cmd.run:
# - runas: root
/srv/salt/linux/burp/burp.conf
# This is an example config file for the burp client.
mode = client
port = 4971
status_port = 4972
server = {{ server }}
password = {{ password }}
cname = {{ grains['id'] }}
protocol = 2
pidfile = /var/run/burp.client.pid
syslog = 0
stdout = 1
progress_counter = 1
server_can_restore = 0
cross_filesystem=/home
ca_burp_ca = /usr/sbin/burp_ca
ca_csr_dir = /etc/burp/CA-client
ssl_cert_ca = /etc/burp/ssl_cert_ca.pem
ssl_cert = /etc/burp/ssl_cert-client.pem
ssl_key = /etc/burp/ssl_cert-client.key
ssl_peer_cn = burpserver
{# Loop over the dict #}
{% for dir in include %}include = {{ dir }}{% endfor %}
exclude_fs = sysfs
exclude_fs = tmpfs
nobackup = .nobackup
exclude_comp=bz2
exclude_comp=gz