Merge pull request #27206 from rallytime/gce-doc-cleanup

Don't repeat GCE setup instructions, and make the use of .json files clearer
2024-11-07 17:09:03 +00:00 · 2015-09-18 08:38:39 -06:00 · 2015-09-18 08:38:39 -06:00 · 6b79ad69a9
commit 6b79ad69a9
parent 1d022eb5de cced6e9031
2 changed files with 17 additions and 33 deletions
--- a/doc/topics/cloud/gce.rst
+++ b/doc/topics/cloud/gce.rst
@ -13,13 +13,14 @@ at https://cloud.google.com.

 Dependencies
 ============
-* Libcloud >= 0.14.0-beta3
-* PyCrypto >= 2.1.
+* LibCloud >= 0.14.1
 * A Google Cloud Platform account with Compute Engine enabled
 * A registered Service Account for authorization
 * Oh, and obviously you'll need `salt <https://github.com/saltstack/salt>`_


+.. _gce_setup:
+
 Google Compute Engine Setup
 ===========================
 #. Sign up for Google Cloud Platform
@ -49,17 +50,19 @@ Google Compute Engine Setup
   To set up authorization, navigate to *APIs & auth* section and then the
   *Credentials* link and click the *CREATE NEW CLIENT ID* button. Select
   *Service Account* and click the *Create Client ID* button. This will
-   automatically download a ``.json`` file which can be ignored.
+   automatically download a ``.json`` file, which may or may not be used
+   in later steps, depending on your version of ``libcloud``.
   
-   Look for a new *Service Account* section in the page and record the generated email
-   address for the matching key/fingerprint. The email address will be used
-   in the ``service_account_email_address`` of the ``/etc/salt/cloud`` file.
+   Look for a new *Service Account* section in the page and record the generated
+   email address for the matching key/fingerprint. The email address will be used
+   in the ``service_account_email_address`` of the ``/etc/salt/cloud.providers``
+   or the ``/etc/salt/cloud.providers.d/*.conf`` file.

 #. Key Format

-   *If you are using ``libcloud >= 0.17.0`` it is recommended that you use the ``JSON 
-   format`` file you downloaded above and skip to the "Configuration" section below, using 
-   the JSON file **_in place of 'NEW.pem'_** in the documentation.
+   *If you are using ``libcloud >= 0.17.0`` it is recommended that you use the ``JSON
+   format`` file you downloaded above and skip to the `Provider Configuration`_ section
+   below, using the JSON file **_in place of 'NEW.pem'_** in the documentation.
   
   If you are using an older version of libcloud or are unsure of the version you 
   have, please follow the instructions below to generate and format a new P12 key.*
--- a/salt/cloud/clouds/gce.py
+++ b/salt/cloud/clouds/gce.py
@ -17,30 +17,12 @@ limitations under the License.
 Google Compute Engine Module
 ============================

-The Google Compute Engine module.  This module interfaces with Google Compute
-Engine.  To authenticate to GCE, you will need to create a Service Account.
+The Google Compute Engine module. This module interfaces with Google Compute
+Engine (GCE). To authenticate to GCE, you will need to create a Service Account.
+To set up Service Account Authentication, follow the :ref:`gce_setup` instructions.

-Setting up Service Account Authentication:
-  - Go to the Cloud Console at: https://cloud.google.com/console.
-  - Create or navigate to your desired Project.
-  - Make sure Google Compute Engine service is enabled under the Services
-    section.
-  - Go to "APIs and auth" section, and then the "Credentials" link.
-  - Click the "CREATE NEW CLIENT ID" button.
-  - Select "Service Account" and click "Create Client ID" button.
-  - This will automatically download a .json file; ignore it.
-  - Look for a new "Service Account" section in the page, click on the "Generate New P12 key" button
-  - Copy the Email Address for inclusion in your /etc/salt/cloud file
-    in the 'service_account_email_address' setting.
-  - Download the Private Key
-  - The key that you download is a PKCS12 key.  It needs to be converted to
-    the PEM format.
-  - Convert the key using OpenSSL (the default password is 'notasecret'):
-    C{openssl pkcs12 -in PRIVKEY.p12 -passin pass:notasecret \
-    -nodes -nocerts | openssl rsa -out ~/PRIVKEY.pem}
-  - Add the full path name of the converted private key to your
-    /etc/salt/cloud file as 'service_account_private_key' setting.
-  - Consider using a more secure location for your private key.
+Example Provider Configuration
+------------------------------

 .. code-block:: yaml

@ -60,7 +42,6 @@ Setting up Service Account Authentication:

 :maintainer: Eric Johnson <erjohnso@google.com>
 :depends: libcloud >= 0.14.1
-:depends: pycrypto >= 2.1
 '''
 # pylint: disable=invalid-name,function-redefined