Last active
November 13, 2023 20:22
-
-
Save arubis/0d065b9e10f9e69c83d2 to your computer and use it in GitHub Desktop.
Salt doesn't see individual values in 'roles' grain
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| base_ec2_private: | |
| provider: my-ec2-us-east-private-ips | |
| image: ami-018c9568 | |
| size: Micro Instance | |
| ssh_username: ubuntu | |
| base_ec2_public: | |
| provider: my-ec2-us-east-public-ips | |
| image: ami-018c9568 | |
| size: Micro Instance | |
| ssh_username: ubuntu | |
| base_ec2_elk: | |
| provider: my-ec2-us-east-private-ips | |
| image: ami-018c9568 | |
| size: m3.medium | |
| ssh_username: ubuntu | |
| volumes: | |
| - { size: 10, device: /dev/sdf, type: standard } | |
| # tag: { 'role': 'logstash-receiver' } | |
| sync_after_install: all | |
| # rename_on_destroy: True | |
| destroy_sshkeys: True | |
| script_args: -p python-boto | |
| staging_ec2_elk: | |
| provider: my-ec2-us-east-private-ips | |
| image: ami-018c9568 | |
| size: m3.medium | |
| ssh_username: ubuntu | |
| grains: | |
| environment: staging | |
| roles: | |
| - logstash-receiver | |
| - logstash | |
| - elasticsearch | |
| - kibana | |
| volumes: | |
| - { size: 30, device: /dev/sdf, type: standard } | |
| tag: { 'environment': 'staging', 'roles': 'logstash-receiver,logstash,kibana,elasticsearch' } | |
| # n.b. the 'tag' attribute sets ec2 tags, which we can later extract with the ec2_tags.py _grain | |
| # but just setting them in 'grains' above is way easier, so this is kind of redundant | |
| sync_after_install: all | |
| destroy_sshkeys: True | |
| del_all_vols_on_destroy: True | |
| script_args: -p python-boto | |
| allocate_new_eip: True |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| base_ec2_private: | |
| provider: my-ec2-us-east-private-ips | |
| image: ami-018c9568 | |
| size: Micro Instance | |
| ssh_username: ubuntu | |
| base_ec2_public: | |
| provider: my-ec2-us-east-public-ips | |
| image: ami-018c9568 | |
| size: Micro Instance | |
| ssh_username: ubuntu | |
| base_ec2_elk: | |
| provider: my-ec2-us-east-private-ips | |
| image: ami-018c9568 | |
| size: m3.medium | |
| ssh_username: ubuntu | |
| volumes: | |
| - { size: 10, device: /dev/sdf, type: standard } | |
| # tag: { 'role': 'logstash-receiver' } | |
| sync_after_install: all | |
| # rename_on_destroy: True | |
| destroy_sshkeys: True | |
| script_args: -p python-boto | |
| staging_ec2_elk: | |
| provider: my-ec2-us-east-private-ips | |
| image: ami-018c9568 | |
| size: m3.medium | |
| ssh_username: ubuntu | |
| grains: | |
| environment: staging | |
| roles: {'logstash-reciever': True, 'logstash': True, 'elasticsearch': True, 'kibana': True} | |
| volumes: | |
| - { size: 30, device: /dev/sdf, type: standard } | |
| tag: { 'environment': 'staging', 'roles': 'logstash-receiver,logstash,kibana,elasticsearch' } | |
| # n.b. the 'tag' attribute sets ec2 tags, which we can later extract with the ec2_tags.py _grain | |
| # but just setting them in 'grains' above is way easier, so this is kind of redundant | |
| sync_after_install: all | |
| destroy_sshkeys: True | |
| del_all_vols_on_destroy: True | |
| script_args: -p python-boto | |
| allocate_new_eip: True |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| my-ec2-us-east-private-ips: | |
| # set location for salt-master | |
| minion: | |
| master: saltmaster.MYDOMAIN.com | |
| # set up grains, which all nodes using this provider inherit | |
| grains: | |
| node_type: managed | |
| # specify whether to use public or private IP for the deploy script | |
| ssh_interface: private_ips | |
| # EC2 access credentials | |
| id: TKTKTKTK | |
| key: TKTKTKTK | |
| # private key for SSH login to new instances | |
| private_key: /etc/salt/salt-master.pem | |
| keyname: salt-master | |
| securitygroup: 'A NICE SECURITY GROUP' | |
| # above security group opens ssh, web+https, salt to public, plus redis (only to 10/8) | |
| # configure region | |
| location: us-east-1 | |
| availability_zone: us-east-1b | |
| # configure which user to run the deploy script | |
| # we're using ubuntu for most everything; this can be overridden | |
| ssh_username: ubuntu | |
| # optionally add IAM profile | |
| iam_profile: 'arn:aws:iam::MY IAM NUMBER:instance-profile/salt-minion' | |
| # rename_on_destroy: True | |
| provider: ec2 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| dylan@salt /srv/salt (internal-ip-nginx-endpoint●)$ _ salt '*' grains.get roles | |
| logstash_staging: | |
| - logstash-receiver | |
| - logstash | |
| - elasticsearch | |
| - kibana | |
| logstash_ops: | |
| - logstash-receiver | |
| - logstash | |
| - elasticsearch | |
| - kibana | |
| dylan@salt /srv/salt (internal-ip-nginx-endpoint●)$ _ salt '*' grains.has_value roles | |
| logstash_staging: | |
| True | |
| logstash_ops: | |
| True | |
| dylan@salt /srv/salt (internal-ip-nginx-endpoint●)$ _ salt '*' grains.has_value roles:logstash | |
| logstash_staging: | |
| False | |
| logstash_ops: | |
| False |
gravyboat
commented
Aug 26, 2014
With that setup and new minions provisioned afresh, I get:
dylan@salt /srv/salt (internal-ip-nginx-endpoint●)$ _ salt '*' grains.get roles
logstash_staging:
----------
- logstash-receiver:
True
----------
- logstash:
True
----------
- elasticsearch:
True
----------
- kibana:
True
logstash_ops:
----------
- logstash-receiver:
True
----------
- logstash:
True
----------
- elasticsearch:
True
----------
- kibana:
True
dylan@salt /srv/salt (internal-ip-nginx-endpoint●)$ _ salt '*' grains.get roles:elasticsearch
logstash_staging:
logstash_ops:
dylan@salt /srv/salt (internal-ip-nginx-endpoint●)$ _ salt '*' grains.has_value roles
logstash_staging:
True
logstash_ops:
True
dylan@salt /srv/salt (internal-ip-nginx-endpoint●)$ _ salt '*' grains.has_value roles:elasticsearch
logstash_ops:
False
logstash_staging:
False
When defining each of the "roles" keys as "present" (instead of True):
dylan@salt /srv/salt (internal-ip-nginx-endpoint●)$ _ salt '*' grains.get roles
logstash_staging:
----------
- logstash-receiver:
present
----------
- logstash:
present
----------
- elasticsearch:
present
----------
- kibana:
present
logstash_ops:
----------
- logstash-receiver:
present
----------
- logstash:
present
----------
- elasticsearch:
present
----------
- kibana:
present
dylan@salt /srv/salt (internal-ip-nginx-endpoint●)$ _ salt '*' grains.has_value roles
logstash_staging:
True
logstash_ops:
True
dylan@salt /srv/salt (internal-ip-nginx-endpoint●)$ _ salt '*' grains.has_value roles:logstash
logstash_ops:
False
logstash_staging:
False
By defining the 'roles' dict using curly-bracket syntax as in https://gist.github.com/arubis/0d065b9e10f9e69c83d2#file-_etc_salt_cloud-profiles-functional , we achieve expected behavior:
dylan@salt /srv/salt (internal-ip-nginx-endpoint●)$ _ salt '*' grains.get roles
logstash_staging:
----------
elasticsearch:
True
kibana:
True
logstash:
True
logstash-reciever:
True
logstash_ops:
----------
elasticsearch:
True
kibana:
True
logstash:
True
logstash-reciever:
True
dylan@salt /srv/salt (internal-ip-nginx-endpoint●)$ _ salt '*' grains.has_value roles
logstash_ops:
True
logstash_staging:
True
dylan@salt /srv/salt (internal-ip-nginx-endpoint●)$ _ salt '*' grains.has_value roles:kibana
logstash_ops:
True
logstash_staging:
True
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment