Merge pull request #41 from jacksoncage/salt-cloud

Added functionality to state for salt cloud and exampel for EC2 and GCE

README.rst

@@ -30,9 +30,14 @@ Install a master.
 
 Install a syndic.
 
+``salt.cloud``
+---------------
+
+Install salt cloud.
+
 ``Configuration``
 -----------------
-Every option available in the templates can be set in pillar. Settings under 'salt' will be overridden by more specific settings under salt['master'] or salt['minion']
+Every option available in the templates can be set in pillar. Settings under 'salt' will be overridden by more specific settings under salt['master'], salt['minion'] or salt['cloud']
 
 ::
 
@@ -44,3 +49,6 @@ Every option available in the templates can be set in pillar. Settings under 'sa
       minion:
         user: saltuser
         ...
+      cloud:
+        providers: ec2
+        ...

pillar.example

@@ -19,3 +19,28 @@ salt:
       test.baz:
         spam: sausage
         cheese: bread
+  cloud:
+    master: salt
+    folders:
+      - cloud.providers.d/key
+      - cloud.profiles.d
+      - cloud.maps.d
+    providers:
+      - ec2
+      - gce
+    aws_key: AWSKEYIJSHJAIJS6JSH
+    aws_secret: AWSSECRETYkkDY1iQf9zRtl9+pW+Nm+aZY95
+    gce_project: test
+    gce_service_account_email_address: 867543072364-orl4h2tpp8jcn1tr9ipj@developer.gserviceaccount.com
+salt_cloud_certs:
+  aws:
+    pem: |
+      -----BEGIN RSA PRIVATE KEY-----
+      ...........
+      -----END RSA PRIVATE KEY-----
+
+  gce:
+    pem: |
+      -----BEGIN RSA PRIVATE KEY-----
+      ...........
+      -----END RSA PRIVATE KEY-----

salt/cloud.sls

@@ -0,0 +1,80 @@
+{% from "salt/package-map.jinja" import pkgs with context %}
+{% set salt = pillar.get('salt', {}) -%}
+{% set cloud = salt.get('cloud', {}) -%}
+
+python-pip:
+  pkg.installed
+
+pycrypto:
+  pip.installed:
+    - require:
+      - pkg: python-pip
+
+crypto:
+  pip.installed:
+    - require:
+      - pkg: python-pip
+
+apache-libcloud:
+  pip.installed:
+    - require:
+      - pkg: python-pip
+
+salt-cloud:
+  pkg.installed:
+    - name: {{ pkgs['salt-cloud'] }}
+    - require:
+      - pip: apache-libcloud
+      - pip: pycrypto
+      - pip: crypto
+
+{% for folder in cloud['folders'] %}
+{{ folder }}:
+  file.directory:
+    - name: /etc/salt/{{ folder }}
+    - user: root
+    - group: root
+    - file_mode: 744
+    - dir_mode: 755
+    - makedirs: True
+{% endfor %}
+
+{% for cert in pillar.get('salt_cloud_certs', {}) %}
+{% for type in ['pem'] %}
+cloud-cert-{{ cert }}-pem:
+  file.managed:
+    - name: /etc/salt/cloud.providers.d/key/{{ cert }}.pem
+    - source: salt://salt/files/key
+    - template: jinja
+    - user: root
+    - group: root
+    - mode: 600
+    - defaults:
+        key: {{ cert }}
+        type: {{ type }}
+{% endfor %}
+{% endfor %}
+
+{% for providers in cloud['providers'] %}
+salt-cloud-profiles-{{ providers }}:
+  file.managed:
+    - name: /etc/salt/cloud.profiles.d/{{ providers }}.conf
+    - template: jinja
+    - source: salt://salt/files/cloud.profiles.d/{{ providers }}.conf
+{% endfor %}
+
+{% for providers in cloud['providers'] %}
+salt-cloud-providers-{{ providers }}:
+  file.managed:
+    - name: /etc/salt/cloud.providers.d/{{ providers }}.conf
+    - template: jinja
+    - source: salt://salt/files/cloud.providers.d/{{ providers }}.conf
+{% endfor %}
+
+{% for providers in cloud['providers'] %}
+salt-cloud-maps-{{ providers }}:
+  file.managed:
+    - name: /etc/salt/cloud.maps.d/{{ providers }}.conf
+    - template: jinja
+    - source: salt://salt/files/cloud.maps.d/{{ providers }}.conf
+{% endfor %}

salt/files/cloud.maps.d/ec2.conf

@@ -0,0 +1 @@
+# This file managed by Salt, do not edit by hand!!

salt/files/cloud.maps.d/gce.conf

@@ -0,0 +1 @@
+# This file managed by Salt, do not edit by hand!!

salt/files/cloud.profiles.d/ec2.conf

@@ -0,0 +1,16 @@
+# This file managed by Salt, do not edit by hand!!
+base_ubuntu_ec2:
+  provider: ec2_ubuntu_public
+  image: ami-cb4986bc
+  size: t2.micro 
+  ssh_username: ubuntu
+  network_interfaces:
+    - DeviceIndex: 0
+      PrivateIpAddresses:
+        - Primary: True
+      AssociatePublicIpAddress: True
+      SubnetId: subnet-57856332
+      SecurityGroupId:
+        - sg-6ec11d3b
+  tag: {'Environment': 'production', 'Role': 'ubuntu'}
+  sync_after_install: grains

salt/files/cloud.profiles.d/gce.conf

@@ -0,0 +1,13 @@
+# This file managed by Salt, do not edit by hand!!
+base_debian_gce:
+  image: debian-7-wheezy
+  size: g1-small
+  location: us-central1-a
+  network: default
+  tags: '["https-server", "http-server"]'
+  metadata: '{"salt-minion": "true"}'
+  use_persistent_disk: True
+  delete_boot_pd: True
+  deploy: True
+  make_master: False
+  provider: gce

salt/files/cloud.providers.d/ec2.conf

@@ -0,0 +1,17 @@
+# This file managed by Salt, do not edit by hand!!
+{% set salt = pillar.get('salt', {}) -%}
+{% set cloud = salt.get('cloud', {}) -%}
+ec2_ubuntu_public:
+  minion:
+    master: {{ cloud['master'] }}
+  grains:
+    test: True
+  ssh_interface: public_ips
+  id: {{ cloud['aws_key'] }}
+  key: '{{ cloud['aws_secret'] }}'
+  private_key: /etc/salt/cloud.providers.d/key/key.pem
+  keyname: keyname
+  location: eu-west-1
+  availability_zone: eu-west-1a
+  ssh_username: ubuntu
+  provider: ec2

salt/files/cloud.providers.d/gce.conf

@@ -0,0 +1,12 @@
+# This file managed by Salt, do not edit by hand!!
+{% set salt = pillar.get('salt', {}) -%}
+{% set cloud = salt.get('cloud', {}) -%}
+gce:
+  project: "{{ cloud['gce_project'] }}"
+  service_account_email_address: "{{ cloud['gce_service_account_email_address'] }}"
+  service_account_private_key: "/etc/salt/cloud.providers.d/key.pem"
+  minion:
+    master: {{ cloud['master'] }}
+  grains:
+    test: True
+  provider: gce

salt/files/key

@@ -0,0 +1 @@
+{{ pillar['salt_cloud_certs'][key][type] }}

salt/package-map.jinja

@@ -1,28 +1,36 @@
 {% set package_table = {
     'Debian': {'salt-master': 'salt-master',
                'salt-minion': 'salt-minion',
-               'salt-syndic': 'salt-syndic'},
+               'salt-syndic': 'salt-syndic',
+               'salt-cloud': 'salt-cloud'},
     'Ubuntu': {'salt-master': 'salt-master',
                'salt-minion': 'salt-minion',
-               'salt-syndic': 'salt-syndic'},
+               'salt-syndic': 'salt-syndic',
+               'salt-cloud': 'salt-cloud'},
     'CentOS': {'salt-master': 'salt-master',
                'salt-minion': 'salt-minion',
-               'salt-syndic': 'salt-syndic'},
+               'salt-syndic': 'salt-syndic',
+               'salt-cloud': 'salt-cloud'},
     'Amazon': {'salt-master': 'salt-master',
                'salt-minion': 'salt-minion',
-               'salt-syndic': 'salt-syndic'},
+               'salt-syndic': 'salt-syndic',
+               'salt-cloud': 'salt-cloud'},
     'Fedora': {'salt-master': 'salt-master',
                'salt-minion': 'salt-minion',
-               'salt-syndic': 'salt-syndic'},
+               'salt-syndic': 'salt-syndic',
+               'salt-cloud': 'salt-cloud'},
     'RedHat': {'salt-master': 'salt-master',
                'salt-minion': 'salt-minion',
-               'salt-syndic': 'salt-syndic'},
+               'salt-syndic': 'salt-syndic',
+               'salt-cloud': 'salt-cloud'},
     'Gentoo': {'salt-master': 'app-admin/salt',
                'salt-minion': 'app-admin/salt',
-               'salt-syndic': 'app-admin/salt'},
+               'salt-syndic': 'app-admin/salt',
+               'salt-cloud': 'app-admin/salt'},
     'Arch':   {'salt-master': 'salt',
                'salt-minion':  'salt',
-               'salt-syndic':  'salt'}
+               'salt-syndic':  'salt',
+               'salt-cloud':  'salt'}
 } %}
 
 {% if 'package_table' in pillar %}