2012-10-25 21:30:28 +00:00
|
|
|
.. _configuration-salt-minion:
|
|
|
|
|
2011-10-30 16:04:21 +00:00
|
|
|
===========================
|
|
|
|
Configuring the Salt Minion
|
|
|
|
===========================
|
|
|
|
|
|
|
|
The Salt system is amazingly simple and easy to configure, the two components
|
|
|
|
of the Salt system each have a respective configuration file. The
|
|
|
|
:command:`salt-master` is configured via the master configuration file, and the
|
|
|
|
:command:`salt-minion` is configured via the minion configuration file.
|
|
|
|
|
2011-11-15 10:37:06 +00:00
|
|
|
.. seealso::
|
|
|
|
:ref:`example minion configuration file <configuration-examples-minion>`
|
2011-10-30 16:04:21 +00:00
|
|
|
|
|
|
|
The Salt Minion configuration is very simple, typically the only value that
|
|
|
|
needs to be set is the master value so the minion can find its master.
|
|
|
|
|
2013-08-07 22:50:51 +00:00
|
|
|
|
|
|
|
|
2011-10-30 16:04:21 +00:00
|
|
|
Minion Primary Configuration
|
2013-08-07 22:50:51 +00:00
|
|
|
============================
|
2011-10-30 16:04:21 +00:00
|
|
|
|
|
|
|
.. conf_minion:: master
|
|
|
|
|
|
|
|
``master``
|
|
|
|
----------
|
|
|
|
|
|
|
|
Default: ``salt``
|
|
|
|
|
|
|
|
The hostname or ipv4 of the master.
|
|
|
|
|
|
|
|
.. code-block:: yaml
|
|
|
|
|
|
|
|
master: salt
|
|
|
|
|
|
|
|
.. conf_minion:: master_port
|
|
|
|
|
|
|
|
``master_port``
|
|
|
|
---------------
|
|
|
|
|
|
|
|
Default: ``4506``
|
|
|
|
|
|
|
|
The port of the master ret server, this needs to coincide with the ret_port
|
2012-05-23 04:43:12 +00:00
|
|
|
option on the Salt master.
|
2011-10-30 16:04:21 +00:00
|
|
|
|
|
|
|
.. code-block:: yaml
|
|
|
|
|
|
|
|
master_port: 4506
|
|
|
|
|
2012-01-19 05:04:48 +00:00
|
|
|
.. conf_minion:: user
|
|
|
|
|
|
|
|
``user``
|
2012-05-23 04:43:12 +00:00
|
|
|
--------
|
2012-01-19 05:04:48 +00:00
|
|
|
|
|
|
|
Default: ``root``
|
|
|
|
|
|
|
|
The user to run the Salt processes
|
|
|
|
|
|
|
|
.. code-block:: yaml
|
|
|
|
|
|
|
|
user: root
|
|
|
|
|
2012-12-27 04:58:35 +00:00
|
|
|
.. conf_minion:: pidfile
|
|
|
|
|
|
|
|
``pidfile``
|
|
|
|
-----------
|
|
|
|
|
|
|
|
Default: ``/var/run/salt-minion.pid``
|
|
|
|
|
2012-12-27 17:29:46 +00:00
|
|
|
The location of the daemon's process ID file
|
2012-12-27 04:58:35 +00:00
|
|
|
|
|
|
|
.. code-block:: yaml
|
|
|
|
|
2013-07-30 05:57:34 +00:00
|
|
|
pidfile: /var/run/salt-minion.pid
|
2012-12-27 04:58:35 +00:00
|
|
|
|
|
|
|
.. conf_minion:: root_dir
|
|
|
|
|
|
|
|
``root_dir``
|
|
|
|
------------
|
|
|
|
|
|
|
|
Default: ``/``
|
|
|
|
|
2012-12-27 17:29:46 +00:00
|
|
|
This directory is prepended to the following options: :conf_minion:`pki_dir`,
|
2012-12-27 04:58:35 +00:00
|
|
|
:conf_minion:`cachedir`, :conf_minion:`log_file`, :conf_minion:`sock_dir`, and
|
|
|
|
:conf_minion:`pidfile`.
|
|
|
|
|
|
|
|
.. code-block:: yaml
|
|
|
|
|
|
|
|
root_dir: /
|
|
|
|
|
2011-10-30 16:04:21 +00:00
|
|
|
.. conf_minion:: pki_dir
|
|
|
|
|
|
|
|
``pki_dir``
|
|
|
|
-----------
|
|
|
|
|
2013-08-15 23:00:08 +00:00
|
|
|
Default: ``/etc/salt/pki``
|
2011-10-30 16:04:21 +00:00
|
|
|
|
|
|
|
The directory used to store the minion's public and private keys.
|
|
|
|
|
|
|
|
.. code-block:: yaml
|
|
|
|
|
|
|
|
pki_dir: /etc/salt/pki
|
|
|
|
|
2012-02-20 06:22:24 +00:00
|
|
|
.. conf_minion:: id
|
2011-10-30 16:04:21 +00:00
|
|
|
|
|
|
|
``id``
|
2012-05-23 04:43:12 +00:00
|
|
|
------
|
2011-10-30 16:04:21 +00:00
|
|
|
|
2013-08-15 23:00:08 +00:00
|
|
|
Default: the system's hostname
|
|
|
|
|
|
|
|
.. seealso:: :ref:`Salt Walkthrough <minion-id-generation>`
|
|
|
|
|
|
|
|
The :strong:`Setting up a Salt Minion` section contains detailed
|
|
|
|
information on how the hostname is determined.
|
2011-10-30 16:04:21 +00:00
|
|
|
|
2013-07-21 02:14:59 +00:00
|
|
|
Explicitly declare the id for this minion to use. Since Salt uses detached ids
|
|
|
|
it is possible to run multiple minions on the same machine but with different
|
2013-11-06 19:11:08 +00:00
|
|
|
ids.
|
2011-10-30 16:04:21 +00:00
|
|
|
|
|
|
|
.. code-block:: yaml
|
|
|
|
|
|
|
|
id: foo.bar.com
|
|
|
|
|
2012-12-27 04:58:35 +00:00
|
|
|
.. conf_minion:: append_domain
|
|
|
|
|
|
|
|
``append_domain``
|
|
|
|
-----------------
|
|
|
|
|
|
|
|
Default: ``None``
|
|
|
|
|
|
|
|
Append a domain to a hostname in the event that it does not exist. This is
|
|
|
|
useful for systems where ``socket.getfqdn()`` does not actually result in a
|
|
|
|
FQDN (for instance, Solaris).
|
|
|
|
|
|
|
|
.. code-block:: yaml
|
|
|
|
|
|
|
|
append_domain: foo.org
|
|
|
|
|
2011-10-30 16:04:21 +00:00
|
|
|
.. conf_minion:: cachedir
|
|
|
|
|
|
|
|
``cachedir``
|
|
|
|
------------
|
|
|
|
|
2013-08-15 23:00:08 +00:00
|
|
|
Default: ``/var/cache/salt``
|
2011-10-30 16:04:21 +00:00
|
|
|
|
|
|
|
The location for minion cache data.
|
|
|
|
|
|
|
|
.. code-block:: yaml
|
|
|
|
|
|
|
|
cachedir: /var/cache/salt
|
|
|
|
|
2012-12-27 04:58:35 +00:00
|
|
|
.. conf_minion:: verify_env
|
2012-09-22 01:48:41 +00:00
|
|
|
|
2012-12-27 04:58:35 +00:00
|
|
|
``verify_env``
|
|
|
|
--------------
|
2012-09-22 01:48:41 +00:00
|
|
|
|
2012-12-27 04:58:35 +00:00
|
|
|
Default: ``True``
|
2012-09-22 01:48:41 +00:00
|
|
|
|
2012-12-27 04:58:35 +00:00
|
|
|
Verify and set permissions on configuration directories at startup.
|
2012-09-22 01:48:41 +00:00
|
|
|
|
|
|
|
.. code-block:: yaml
|
|
|
|
|
2012-12-27 04:58:35 +00:00
|
|
|
verify_env: True
|
2012-09-22 01:48:41 +00:00
|
|
|
|
2013-11-06 05:41:56 +00:00
|
|
|
.. note::
|
|
|
|
|
|
|
|
When marked as True the verify_env option requires WRITE access to the
|
|
|
|
configuration directory (/etc/salt/). In certain situations such as
|
|
|
|
mounting /etc/salt/ as read-only for templating this will create a
|
|
|
|
stack trace when state.highstate is called.
|
|
|
|
|
2012-01-18 07:04:14 +00:00
|
|
|
.. conf_minion:: cache_jobs
|
|
|
|
|
|
|
|
``cache_jobs``
|
|
|
|
--------------
|
|
|
|
|
|
|
|
Default: ``False``
|
|
|
|
|
2012-12-27 04:58:35 +00:00
|
|
|
The minion can locally cache the return data from jobs sent to it, this can be
|
|
|
|
a good way to keep track of the minion side of the jobs the minion has
|
|
|
|
executed. By default this feature is disabled, to enable set cache_jobs to
|
|
|
|
``True``.
|
2012-01-18 07:04:14 +00:00
|
|
|
|
|
|
|
.. code-block:: yaml
|
|
|
|
|
|
|
|
cache_jobs: False
|
|
|
|
|
2012-12-27 04:58:35 +00:00
|
|
|
.. conf_minion:: sock_dir
|
|
|
|
|
|
|
|
``sock_dir``
|
|
|
|
--------------
|
|
|
|
|
|
|
|
Default: ``/var/run/salt/minion``
|
|
|
|
|
2013-03-18 19:59:27 +00:00
|
|
|
The directory where Unix sockets will be kept.
|
2012-12-27 04:58:35 +00:00
|
|
|
|
|
|
|
.. code-block:: yaml
|
|
|
|
|
|
|
|
sock_dir: /var/run/salt/minion
|
|
|
|
|
|
|
|
.. conf_minion:: backup_mode
|
|
|
|
|
|
|
|
``backup_mode``
|
|
|
|
---------------
|
|
|
|
|
|
|
|
Default: ``[]``
|
|
|
|
|
|
|
|
Backup files replaced by file.managed and file.recurse under cachedir.
|
|
|
|
|
|
|
|
.. code-block:: yaml
|
|
|
|
|
|
|
|
backup_mode: minion
|
|
|
|
|
2012-01-14 00:27:43 +00:00
|
|
|
.. conf_minion:: acceptance_wait_time
|
|
|
|
|
2012-01-18 07:04:14 +00:00
|
|
|
``acceptance_wait_time``
|
|
|
|
------------------------
|
|
|
|
|
2012-01-14 00:27:43 +00:00
|
|
|
Default: ``10``
|
|
|
|
|
|
|
|
The number of seconds to wait until attempting to re-authenticate with the
|
|
|
|
master.
|
|
|
|
|
|
|
|
.. code-block:: yaml
|
|
|
|
|
|
|
|
acceptance_wait_time: 10
|
|
|
|
|
2013-08-01 01:43:37 +00:00
|
|
|
.. conf_minion:: random_reauth_delay
|
|
|
|
|
|
|
|
``random_reauth_delay``
|
|
|
|
------------------------
|
|
|
|
|
|
|
|
When the master key changes, the minion will try to re-auth itself to
|
|
|
|
receive the new master key. In larger environments this can cause a syn-flood
|
|
|
|
on the master because all minions try to re-auth immediately. To prevent this
|
|
|
|
and have a minion wait for a random amount of time, use this optional
|
|
|
|
parameter. The wait-time will be a random number of seconds between
|
|
|
|
0 and the defined value.
|
|
|
|
|
|
|
|
.. code-block:: yaml
|
|
|
|
|
|
|
|
random_reauth_delay: 60
|
|
|
|
|
2013-07-27 20:51:38 +00:00
|
|
|
.. conf_minion:: acceptance_wait_time_max
|
|
|
|
|
|
|
|
``acceptance_wait_time_max``
|
2013-08-01 23:59:54 +00:00
|
|
|
----------------------------
|
2013-07-27 20:51:38 +00:00
|
|
|
|
|
|
|
Default: ``None``
|
|
|
|
|
|
|
|
The maximum number of seconds to wait until attempting to re\-authenticate
|
|
|
|
with the master. If set, the wait will increase by acceptance_wait_time
|
|
|
|
seconds each iteration.
|
|
|
|
|
|
|
|
.. code-block:: yaml
|
|
|
|
|
|
|
|
acceptance_wait_time_max: None
|
|
|
|
|
2012-12-27 04:58:35 +00:00
|
|
|
.. conf_minion:: dns_check
|
|
|
|
|
|
|
|
``dns_check``
|
|
|
|
-------------
|
|
|
|
|
|
|
|
Default: ``True``
|
|
|
|
|
2012-12-27 17:29:46 +00:00
|
|
|
When healing, a dns_check is run. This is to make sure that the originally
|
|
|
|
resolved dns has not changed. If this is something that does not happen in your
|
|
|
|
environment, set this value to ``False``.
|
2012-12-27 04:58:35 +00:00
|
|
|
|
|
|
|
.. code-block:: yaml
|
|
|
|
|
|
|
|
dns_check: True
|
|
|
|
|
|
|
|
.. conf_minion:: ipc_mode
|
|
|
|
|
|
|
|
``ipc_mode``
|
|
|
|
-------------
|
|
|
|
|
|
|
|
Default: ``ipc``
|
|
|
|
|
2013-03-18 19:59:27 +00:00
|
|
|
Windows platforms lack POSIX IPC and must rely on slower TCP based inter-
|
2012-12-27 04:58:35 +00:00
|
|
|
process communications. Set ipc_mode to ``tcp`` on such systems.
|
|
|
|
|
|
|
|
.. code-block:: yaml
|
|
|
|
|
|
|
|
ipc_mode: ipc
|
|
|
|
|
|
|
|
.. conf_minion:: tcp_pub_port
|
|
|
|
|
|
|
|
``tcp_pub_port``
|
|
|
|
----------------
|
|
|
|
|
|
|
|
Default: ``4510``
|
|
|
|
|
|
|
|
Publish port used when :conf_minion:`ipc_mode` is set to ``tcp``.
|
|
|
|
|
|
|
|
.. code-block:: yaml
|
|
|
|
|
|
|
|
tcp_pub_port: 4510
|
|
|
|
|
|
|
|
.. conf_minion:: tcp_pull_port
|
|
|
|
|
|
|
|
``tcp_pull_port``
|
|
|
|
-----------------
|
|
|
|
|
|
|
|
Default: ``4511``
|
|
|
|
|
|
|
|
Pull port used when :conf_minion:`ipc_mode` is set to ``tcp``.
|
|
|
|
|
|
|
|
.. code-block:: yaml
|
|
|
|
|
|
|
|
tcp_pull_port: 4511
|
|
|
|
|
2013-08-07 22:50:51 +00:00
|
|
|
|
|
|
|
|
2011-10-30 16:04:21 +00:00
|
|
|
Minion Module Management
|
2013-08-07 22:50:51 +00:00
|
|
|
========================
|
2011-10-30 16:04:21 +00:00
|
|
|
|
|
|
|
.. conf_minion:: disable_modules
|
|
|
|
|
|
|
|
``disable_modules``
|
|
|
|
-------------------
|
|
|
|
|
|
|
|
Default: ``[]`` (all modules are enabled by default)
|
|
|
|
|
|
|
|
The event may occur in which the administrator desires that a minion should not
|
|
|
|
be able to execute a certain module. The sys module is built into the minion
|
|
|
|
and cannot be disabled.
|
|
|
|
|
2012-01-14 00:27:43 +00:00
|
|
|
This setting can also tune the minion, as all modules are loaded into ram
|
|
|
|
disabling modules will lover the minion's ram footprint.
|
|
|
|
|
|
|
|
.. code-block:: yaml
|
|
|
|
|
|
|
|
disable_modules:
|
|
|
|
- test
|
|
|
|
- solr
|
|
|
|
|
|
|
|
.. conf_minion:: disable_returners
|
|
|
|
|
|
|
|
``disable_returners``
|
|
|
|
---------------------
|
|
|
|
|
|
|
|
Default: ``[]`` (all returners are enabled by default)
|
|
|
|
|
2012-03-15 00:09:19 +00:00
|
|
|
If certain returners should be disabled, this is the place
|
2012-01-14 00:27:43 +00:00
|
|
|
|
|
|
|
.. code-block:: yaml
|
|
|
|
|
|
|
|
disable_returners:
|
|
|
|
- mongo_return
|
|
|
|
|
|
|
|
.. conf_minion:: module_dirs
|
|
|
|
|
|
|
|
``module_dirs``
|
|
|
|
---------------
|
|
|
|
|
|
|
|
Default: ``[]``
|
|
|
|
|
2012-05-23 04:43:12 +00:00
|
|
|
A list of extra directories to search for Salt modules
|
2012-01-14 00:27:43 +00:00
|
|
|
|
|
|
|
.. code-block:: yaml
|
|
|
|
|
|
|
|
module_dirs:
|
|
|
|
- /var/lib/salt/modules
|
|
|
|
|
|
|
|
.. conf_minion:: returner_dirs
|
|
|
|
|
|
|
|
``returner_dirs``
|
2012-01-16 05:36:49 +00:00
|
|
|
-----------------
|
2012-01-14 00:27:43 +00:00
|
|
|
|
|
|
|
Default: ``[]``
|
|
|
|
|
2012-05-23 04:43:12 +00:00
|
|
|
A list of extra directories to search for Salt returners
|
2012-01-14 00:27:43 +00:00
|
|
|
|
2011-10-30 16:04:21 +00:00
|
|
|
.. code-block:: yaml
|
|
|
|
|
2012-01-14 00:27:43 +00:00
|
|
|
returners_dirs:
|
|
|
|
- /var/lib/salt/returners
|
|
|
|
|
|
|
|
.. conf_minion:: states_dirs
|
|
|
|
|
|
|
|
``states_dirs``
|
|
|
|
---------------
|
|
|
|
|
|
|
|
Default: ``[]``
|
|
|
|
|
2012-05-23 04:43:12 +00:00
|
|
|
A list of extra directories to search for Salt states
|
2012-01-14 00:27:43 +00:00
|
|
|
|
|
|
|
.. code-block:: yaml
|
|
|
|
|
|
|
|
states_dirs:
|
|
|
|
- /var/lib/salt/states
|
|
|
|
|
|
|
|
|
2014-01-28 12:38:06 +00:00
|
|
|
.. conf_minion:: grains_dirs
|
|
|
|
|
|
|
|
``grains_dirs``
|
|
|
|
---------------
|
|
|
|
|
|
|
|
Default: ``[]``
|
|
|
|
|
|
|
|
A list of extra directories to search for Salt grains
|
|
|
|
|
|
|
|
.. code-block:: yaml
|
|
|
|
|
|
|
|
grains_dirs:
|
|
|
|
- /var/lib/salt/grains
|
|
|
|
|
|
|
|
|
2012-01-14 00:27:43 +00:00
|
|
|
.. conf_minion:: render_dirs
|
|
|
|
|
|
|
|
``render_dirs``
|
|
|
|
---------------
|
|
|
|
|
|
|
|
Default: ``[]``
|
|
|
|
|
2012-05-23 04:43:12 +00:00
|
|
|
A list of extra directories to search for Salt renderers
|
2012-01-14 00:27:43 +00:00
|
|
|
|
|
|
|
.. code-block:: yaml
|
|
|
|
|
|
|
|
render_dirs:
|
|
|
|
- /var/lib/salt/renderers
|
|
|
|
|
|
|
|
.. conf_minion:: cython_enable
|
|
|
|
|
|
|
|
``cython_enable``
|
|
|
|
-----------------
|
|
|
|
|
|
|
|
Default: ``False``
|
|
|
|
|
2012-05-23 04:43:12 +00:00
|
|
|
Set this value to true to enable auto-loading and compiling of ``.pyx`` modules,
|
|
|
|
This setting requires that ``gcc`` and ``cython`` are installed on the minion
|
2012-01-14 00:27:43 +00:00
|
|
|
|
|
|
|
.. code-block:: yaml
|
|
|
|
|
|
|
|
cython_enable: False
|
|
|
|
|
2012-10-11 20:17:10 +00:00
|
|
|
.. conf_minion:: providers
|
|
|
|
|
|
|
|
``providers``
|
|
|
|
-------------
|
|
|
|
|
|
|
|
Default: (empty)
|
|
|
|
|
|
|
|
A module provider can be statically overwritten or extended for the minion via
|
2012-12-22 03:39:22 +00:00
|
|
|
the ``providers`` option. This can be done :doc:`on an individual basis in an
|
|
|
|
SLS file <../states/providers>`, or globally here in the minion config, like
|
|
|
|
below.
|
|
|
|
|
|
|
|
.. code-block:: yaml
|
|
|
|
|
|
|
|
providers:
|
|
|
|
service: systemd
|
2012-10-11 20:17:10 +00:00
|
|
|
|
2013-08-07 22:50:51 +00:00
|
|
|
|
2012-01-14 00:27:43 +00:00
|
|
|
State Management Settings
|
2013-08-07 22:50:51 +00:00
|
|
|
=========================
|
2012-01-14 00:27:43 +00:00
|
|
|
|
|
|
|
.. conf_minion:: renderer
|
|
|
|
|
|
|
|
``renderer``
|
|
|
|
------------
|
|
|
|
|
|
|
|
Default: ``yaml_jinja``
|
|
|
|
|
|
|
|
The default renderer used for local state executions
|
|
|
|
|
2012-01-16 05:36:49 +00:00
|
|
|
.. code-block:: yaml
|
2012-01-14 00:27:43 +00:00
|
|
|
|
|
|
|
renderer: yaml_jinja
|
|
|
|
|
|
|
|
.. conf_minion:: state_verbose
|
|
|
|
|
|
|
|
``state_verbose``
|
|
|
|
-----------------
|
|
|
|
|
|
|
|
Default: ``False``
|
|
|
|
|
|
|
|
state_verbose allows for the data returned from the minion to be more
|
2012-03-15 00:09:19 +00:00
|
|
|
verbose. Normally only states that fail or states that have changes are
|
2012-05-23 04:43:12 +00:00
|
|
|
returned, but setting state_verbose to ``True`` will return all states that
|
2012-01-14 00:27:43 +00:00
|
|
|
were checked
|
|
|
|
|
2012-01-16 05:36:49 +00:00
|
|
|
.. code-block:: yaml
|
2012-01-14 00:27:43 +00:00
|
|
|
|
|
|
|
state_verbose: True
|
|
|
|
|
2012-12-11 00:37:42 +00:00
|
|
|
.. conf_minion:: state_output
|
|
|
|
|
|
|
|
``state_output``
|
|
|
|
----------------
|
|
|
|
|
|
|
|
Default: ``full``
|
|
|
|
|
|
|
|
The state_output setting changes if the output is the full multi line
|
|
|
|
output for each changed state if set to 'full', but if set to 'terse'
|
|
|
|
the output will be shortened to a single line.
|
|
|
|
|
|
|
|
.. code-block:: yaml
|
|
|
|
|
|
|
|
state_output: full
|
|
|
|
|
2012-01-14 00:27:43 +00:00
|
|
|
.. conf_minion:: autoload_dynamic_modules
|
|
|
|
|
|
|
|
``autoload_dynamic_modules``
|
|
|
|
----------------------------
|
|
|
|
|
|
|
|
Default: ``True``
|
|
|
|
|
|
|
|
autoload_dynamic_modules Turns on automatic loading of modules found in the
|
|
|
|
environments on the master. This is turned on by default, to turn of
|
2013-03-18 19:59:27 +00:00
|
|
|
auto-loading modules when states run set this value to ``False``
|
2012-01-14 00:27:43 +00:00
|
|
|
|
2012-01-16 05:36:49 +00:00
|
|
|
.. code-block:: yaml
|
2012-01-14 00:27:43 +00:00
|
|
|
|
|
|
|
autoload_dynamic_modules: True
|
|
|
|
|
|
|
|
.. conf_minion:: clean_dynamic_modules
|
|
|
|
|
|
|
|
Default: ``True``
|
|
|
|
|
|
|
|
clean_dynamic_modules keeps the dynamic modules on the minion in sync with
|
|
|
|
the dynamic modules on the master, this means that if a dynamic module is
|
|
|
|
not on the master it will be deleted from the minion. By default this is
|
2012-05-23 04:43:12 +00:00
|
|
|
enabled and can be disabled by changing this value to ``False``
|
2012-01-14 00:27:43 +00:00
|
|
|
|
2012-01-16 05:36:49 +00:00
|
|
|
.. code-block:: yaml
|
2012-01-14 00:27:43 +00:00
|
|
|
|
|
|
|
clean_dynamic_modules: True
|
|
|
|
|
2012-02-09 18:57:37 +00:00
|
|
|
.. conf_minion:: environment
|
|
|
|
|
|
|
|
``environment``
|
|
|
|
---------------
|
|
|
|
|
|
|
|
Default: ``None``
|
|
|
|
|
|
|
|
Normally the minion is not isolated to any single environment on the master
|
|
|
|
when running states, but the environment can be isolated on the minion side
|
|
|
|
by statically setting it. Remember that the recommended way to manage
|
|
|
|
environments is to isolate via the top file.
|
|
|
|
|
|
|
|
.. code-block:: yaml
|
|
|
|
|
|
|
|
environment: None
|
2012-01-14 00:27:43 +00:00
|
|
|
|
2013-08-07 22:50:51 +00:00
|
|
|
|
|
|
|
|
2013-08-03 23:53:39 +00:00
|
|
|
File Directory Settings
|
2013-08-07 22:50:51 +00:00
|
|
|
=======================
|
2013-08-03 23:53:39 +00:00
|
|
|
|
|
|
|
.. conf_minion:: file_client
|
|
|
|
|
|
|
|
``file_client``
|
|
|
|
---------------
|
|
|
|
|
|
|
|
Default: ``remote``
|
|
|
|
|
|
|
|
The client defaults to looking on the master server for files, but can be
|
|
|
|
directed to look on the minion by setting this parameter to ``local``.
|
|
|
|
|
|
|
|
.. code-block:: yaml
|
|
|
|
|
|
|
|
file_client: remote
|
|
|
|
|
|
|
|
.. conf_minion:: file_roots
|
|
|
|
|
|
|
|
``file_roots``
|
|
|
|
--------------
|
|
|
|
|
|
|
|
Default:
|
|
|
|
|
|
|
|
.. code-block:: yaml
|
|
|
|
|
|
|
|
base:
|
|
|
|
- /srv/salt
|
|
|
|
|
|
|
|
When using a local :conf_minion:`file_client`, this parameter is used to setup
|
|
|
|
the fileserver's environments. This parameter operates identically to the
|
|
|
|
:conf_master:`master config parameter of the same name <file_roots>`.
|
|
|
|
|
|
|
|
.. code-block:: yaml
|
|
|
|
|
|
|
|
file_roots:
|
|
|
|
base:
|
|
|
|
- /srv/salt
|
|
|
|
dev:
|
|
|
|
- /srv/salt/dev/services
|
|
|
|
- /srv/salt/dev/states
|
|
|
|
prod:
|
|
|
|
- /srv/salt/prod/services
|
|
|
|
- /srv/salt/prod/states
|
|
|
|
|
|
|
|
.. conf_master:: hash_type
|
|
|
|
|
|
|
|
``hash_type``
|
|
|
|
-------------
|
|
|
|
|
|
|
|
Default: ``md5``
|
|
|
|
|
|
|
|
The hash_type is the hash to use when discovering the hash of a file on the
|
|
|
|
local fileserver. The default is md5, but sha1, sha224, sha256, sha384 and
|
|
|
|
sha512 are also supported.
|
|
|
|
|
|
|
|
.. code-block:: yaml
|
|
|
|
|
|
|
|
hash_type: md5
|
|
|
|
|
|
|
|
.. conf_minion:: pillar_roots
|
|
|
|
|
|
|
|
``pillar_roots``
|
|
|
|
----------------
|
|
|
|
|
|
|
|
Default:
|
|
|
|
|
|
|
|
.. code-block:: yaml
|
|
|
|
|
|
|
|
base:
|
|
|
|
- /srv/pillar
|
|
|
|
|
|
|
|
When using a local :conf_minion:`file_client`, this parameter is used to setup
|
|
|
|
the pillar environments.
|
|
|
|
|
|
|
|
.. code-block:: yaml
|
|
|
|
|
|
|
|
pillar_roots:
|
|
|
|
base:
|
|
|
|
- /srv/pillar
|
|
|
|
dev:
|
|
|
|
- /srv/pillar/dev
|
|
|
|
prod:
|
|
|
|
- /srv/pillar/prod
|
|
|
|
|
2013-08-07 22:50:51 +00:00
|
|
|
|
|
|
|
|
2012-01-14 00:27:43 +00:00
|
|
|
Security Settings
|
2013-08-07 22:50:51 +00:00
|
|
|
=================
|
2011-10-30 16:04:21 +00:00
|
|
|
|
|
|
|
.. conf_minion:: open_mode
|
|
|
|
|
|
|
|
``open_mode``
|
|
|
|
-------------
|
|
|
|
|
|
|
|
Default: ``False``
|
|
|
|
|
2012-05-23 04:43:12 +00:00
|
|
|
Open mode can be used to clean out the PKI key received from the Salt master,
|
2011-10-30 16:04:21 +00:00
|
|
|
turn on open mode, restart the minion, then turn off open mode and restart the
|
|
|
|
minion to clean the keys.
|
|
|
|
|
|
|
|
.. code-block:: yaml
|
|
|
|
|
|
|
|
open_mode: False
|
2012-01-14 00:27:43 +00:00
|
|
|
|
2013-08-07 22:50:51 +00:00
|
|
|
|
|
|
|
|
2012-01-14 00:27:43 +00:00
|
|
|
Thread Settings
|
2013-08-07 22:50:51 +00:00
|
|
|
===============
|
2012-01-14 00:27:43 +00:00
|
|
|
|
|
|
|
.. conf_minion:: multiprocessing
|
|
|
|
|
|
|
|
Default: ``True``
|
|
|
|
|
2012-05-23 04:43:12 +00:00
|
|
|
Disable multiprocessing support by default when a minion receives a
|
2012-01-14 00:27:43 +00:00
|
|
|
publication a new process is spawned and the command is executed therein.
|
|
|
|
|
|
|
|
.. code-block:: yaml
|
|
|
|
|
|
|
|
multiprocessing: True
|
|
|
|
|
2013-07-25 07:07:18 +00:00
|
|
|
|
2013-08-07 22:50:51 +00:00
|
|
|
|
|
|
|
|
2013-07-25 07:07:18 +00:00
|
|
|
.. _minion-logging-settings:
|
|
|
|
|
2012-01-14 00:27:43 +00:00
|
|
|
Minion Logging Settings
|
2013-08-07 22:50:51 +00:00
|
|
|
=======================
|
2012-01-14 00:27:43 +00:00
|
|
|
|
|
|
|
.. conf_minion:: log_file
|
|
|
|
|
|
|
|
``log_file``
|
|
|
|
------------
|
|
|
|
|
2013-08-07 22:50:51 +00:00
|
|
|
Default: ``/var/log/salt/minion``
|
|
|
|
|
|
|
|
The minion log can be sent to a regular file, local path name, or network
|
2013-12-14 00:33:32 +00:00
|
|
|
location. See also :conf_log:`log_file`.
|
2012-01-14 00:27:43 +00:00
|
|
|
|
2013-08-07 22:50:51 +00:00
|
|
|
Examples:
|
2013-01-10 07:45:11 +00:00
|
|
|
|
|
|
|
.. code-block:: yaml
|
|
|
|
|
2013-01-11 00:51:44 +00:00
|
|
|
log_file: /var/log/salt/minion
|
2013-01-10 07:45:11 +00:00
|
|
|
|
|
|
|
.. code-block:: yaml
|
|
|
|
|
2013-01-11 00:51:44 +00:00
|
|
|
log_file: file:///dev/log
|
2012-01-14 00:27:43 +00:00
|
|
|
|
|
|
|
.. code-block:: yaml
|
|
|
|
|
2013-01-11 00:51:44 +00:00
|
|
|
log_file: udp://loghost:10514
|
2012-01-14 00:27:43 +00:00
|
|
|
|
2013-08-07 22:50:51 +00:00
|
|
|
|
|
|
|
|
2012-01-14 00:27:43 +00:00
|
|
|
.. conf_minion:: log_level
|
|
|
|
|
|
|
|
``log_level``
|
|
|
|
-------------
|
|
|
|
|
|
|
|
Default: ``warning``
|
|
|
|
|
2013-12-14 00:33:32 +00:00
|
|
|
The level of messages to send to the console. See also :conf_log:`log_level`.
|
2012-01-14 00:27:43 +00:00
|
|
|
|
|
|
|
.. code-block:: yaml
|
|
|
|
|
|
|
|
log_level: warning
|
|
|
|
|
2013-08-07 22:50:51 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
2013-01-10 07:45:11 +00:00
|
|
|
.. conf_minion:: log_level_logfile
|
|
|
|
|
|
|
|
``log_level_logfile``
|
|
|
|
---------------------
|
|
|
|
|
|
|
|
Default: ``warning``
|
|
|
|
|
2013-08-07 22:50:51 +00:00
|
|
|
The level of messages to send to the log file. See also
|
2013-12-14 00:33:32 +00:00
|
|
|
:conf_log:`log_level_logfile`.
|
2013-01-10 07:45:11 +00:00
|
|
|
|
|
|
|
.. code-block:: yaml
|
|
|
|
|
|
|
|
log_level_logfile: warning
|
|
|
|
|
2013-08-07 22:50:51 +00:00
|
|
|
|
|
|
|
|
2013-01-10 07:45:11 +00:00
|
|
|
.. conf_minion:: log_datefmt
|
|
|
|
|
|
|
|
``log_datefmt``
|
|
|
|
---------------
|
|
|
|
|
|
|
|
Default: ``%H:%M:%S``
|
|
|
|
|
2013-08-07 22:50:51 +00:00
|
|
|
The date and time format used in console log messages. See also
|
2013-12-14 00:33:32 +00:00
|
|
|
:conf_log:`log_datefmt`.
|
2013-01-10 07:45:11 +00:00
|
|
|
|
|
|
|
.. code-block:: yaml
|
|
|
|
|
|
|
|
log_datefmt: '%H:%M:%S'
|
|
|
|
|
2013-08-07 22:50:51 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
2013-01-10 07:45:11 +00:00
|
|
|
.. conf_minion:: log_datefmt_logfile
|
|
|
|
|
|
|
|
``log_datefmt_logfile``
|
|
|
|
-----------------------
|
|
|
|
|
|
|
|
Default: ``%Y-%m-%d %H:%M:%S``
|
|
|
|
|
2013-08-07 22:50:51 +00:00
|
|
|
The date and time format used in log file messages. See also
|
2013-12-14 00:33:32 +00:00
|
|
|
:conf_log:`log_datefmt_logfile`.
|
2013-01-10 07:45:11 +00:00
|
|
|
|
|
|
|
.. code-block:: yaml
|
|
|
|
|
|
|
|
log_datefmt_logfile: '%Y-%m-%d %H:%M:%S'
|
|
|
|
|
2013-08-07 22:50:51 +00:00
|
|
|
|
|
|
|
|
2013-01-10 07:45:11 +00:00
|
|
|
.. conf_minion:: log_fmt_console
|
|
|
|
|
|
|
|
``log_fmt_console``
|
|
|
|
-------------------
|
|
|
|
|
|
|
|
Default: ``[%(levelname)-8s] %(message)s``
|
|
|
|
|
2013-08-07 22:50:51 +00:00
|
|
|
The format of the console logging messages. See also
|
2013-12-14 00:33:32 +00:00
|
|
|
:conf_log:`log_fmt_console`.
|
2013-01-10 07:45:11 +00:00
|
|
|
|
|
|
|
.. code-block:: yaml
|
|
|
|
|
|
|
|
log_fmt_console: '[%(levelname)-8s] %(message)s'
|
|
|
|
|
2013-08-07 22:50:51 +00:00
|
|
|
|
|
|
|
|
2013-01-10 07:45:11 +00:00
|
|
|
.. conf_minion:: log_fmt_logfile
|
|
|
|
|
|
|
|
``log_fmt_logfile``
|
|
|
|
-------------------
|
|
|
|
|
|
|
|
Default: ``%(asctime)s,%(msecs)03.0f [%(name)-17s][%(levelname)-8s] %(message)s``
|
|
|
|
|
2013-08-07 22:50:51 +00:00
|
|
|
The format of the log file logging messages. See also
|
2013-12-14 00:33:32 +00:00
|
|
|
:conf_log:`log_fmt_logfile`.
|
2013-01-10 07:45:11 +00:00
|
|
|
|
|
|
|
.. code-block:: yaml
|
|
|
|
|
|
|
|
log_fmt_logfile: '%(asctime)s,%(msecs)03.0f [%(name)-17s][%(levelname)-8s] %(message)s'
|
|
|
|
|
2013-08-07 22:50:51 +00:00
|
|
|
|
|
|
|
|
2012-01-14 00:27:43 +00:00
|
|
|
.. conf_minion:: log_granular_levels
|
|
|
|
|
|
|
|
``log_granular_levels``
|
|
|
|
-----------------------
|
|
|
|
|
|
|
|
Default: ``{}``
|
|
|
|
|
2013-08-07 22:50:51 +00:00
|
|
|
This can be used to control logging levels more specifically. See also
|
2013-12-14 00:33:32 +00:00
|
|
|
:conf_log:`log_granular_levels`.
|
2013-08-07 22:50:51 +00:00
|
|
|
|
2012-01-14 00:27:43 +00:00
|
|
|
|
|
|
|
|
2013-08-07 22:50:51 +00:00
|
|
|
Include Configuration
|
|
|
|
=====================
|
2012-06-26 19:53:27 +00:00
|
|
|
|
|
|
|
.. conf_minion:: include
|
|
|
|
|
2012-08-24 15:14:21 +00:00
|
|
|
``default_include``
|
|
|
|
-------------------
|
|
|
|
|
|
|
|
Default: ``minion.d/*.conf``
|
|
|
|
|
|
|
|
The minion can include configuration from other files. Per default the
|
|
|
|
minion will automatically include all config files from `minion.d/*.conf`
|
|
|
|
where minion.d is relative to the directory of the minion configuration
|
|
|
|
file.
|
|
|
|
|
2012-06-26 19:53:27 +00:00
|
|
|
``include``
|
|
|
|
-----------
|
|
|
|
|
|
|
|
Default: ``not defined``
|
|
|
|
|
|
|
|
The minion can include configuration from other files. To enable this,
|
|
|
|
pass a list of paths to this option. The paths can be either relative or
|
|
|
|
absolute; if relative, they are considered to be relative to the directory
|
2012-08-24 15:14:21 +00:00
|
|
|
the main minion configuration file lives in. Paths can make use of
|
2012-06-26 19:54:56 +00:00
|
|
|
shell-style globbing. If no files are matched by a path passed to this
|
2012-06-26 19:53:27 +00:00
|
|
|
option then the minion will log a warning message.
|
|
|
|
|
|
|
|
.. code-block:: yaml
|
2012-08-24 15:14:21 +00:00
|
|
|
|
2012-06-26 19:53:27 +00:00
|
|
|
# Include files from a minion.d directory in the same
|
|
|
|
# directory as the minion config file
|
2013-10-02 12:36:47 +00:00
|
|
|
include: minion.d/*.conf
|
2012-06-26 19:53:27 +00:00
|
|
|
|
|
|
|
# Include a single extra file into the configuration
|
|
|
|
include: /etc/roles/webserver
|
|
|
|
|
|
|
|
# Include several files and the minion.d directory
|
|
|
|
include:
|
|
|
|
- extra_config
|
|
|
|
- minion.d/*
|
|
|
|
- /etc/roles/webserver
|
2012-09-12 03:44:00 +00:00
|
|
|
|
|
|
|
|
2013-08-07 22:50:51 +00:00
|
|
|
|
2012-09-12 03:44:00 +00:00
|
|
|
Frozen Build Update Settings
|
2013-08-07 22:50:51 +00:00
|
|
|
============================
|
2012-09-12 03:44:00 +00:00
|
|
|
|
|
|
|
These options control how :py:func:`salt.modules.saltutil.update` works with esky
|
|
|
|
frozen apps. For more information look at `<https://github.com/cloudmatrix/esky/>`_.
|
|
|
|
|
|
|
|
.. conf_minion:: update_url
|
|
|
|
|
|
|
|
``update_url``
|
|
|
|
--------------
|
|
|
|
|
|
|
|
Default: ``False`` (Update feature is disabled)
|
|
|
|
|
|
|
|
The url to use when looking for application updates. Esky depends on directory
|
|
|
|
listings to search for new versions. A webserver running on your Master is a
|
|
|
|
good starting point for most setups.
|
|
|
|
|
|
|
|
.. code-block:: yaml
|
|
|
|
|
|
|
|
update_url: 'http://salt.example.com/minion-updates'
|
|
|
|
|
|
|
|
.. conf_minion:: update_restart_services
|
|
|
|
|
|
|
|
``update_restart_services``
|
|
|
|
---------------------------
|
|
|
|
|
|
|
|
Default: ``[]`` (service restarting on update is disabled)
|
|
|
|
|
2012-09-12 05:23:31 +00:00
|
|
|
A list of services to restart when the minion software is updated. This would
|
|
|
|
typically just be a list containing the minion's service name, but you may
|
|
|
|
have other services that need to go with it.
|
2012-09-12 03:44:00 +00:00
|
|
|
|
|
|
|
.. code-block:: yaml
|
|
|
|
|
|
|
|
update_restart_services: ['salt-minion']
|