[Labs-l] salt in labs?
Ryan Lane
rlane32 at gmail.com
Sat Mar 16 22:14:59 UTC 2013
On Sat, Mar 16, 2013 at 2:58 PM, Antoine Musso <hashar+wmf at free.fr> wrote:
> Hello,
>
> The beta project has two apaches boxes on which I would like to be able
> to run command without having to connect to both boxes, for example to
> reload Apaches. Seems salt could let me do that but I haven't found any
> documentation about salt :(
>
> So the questions are:
> - do we have salt support in labs?
>
We only really have it for production roots. I have plans on adding
per-project salt support, but we need some features upstream for this.
> - how do we set it up, what is the basic howto?
> - doc? :-]
>
>
> Searching "salt" on wikitech returns no doc:
>
> https://wikitech.wikimedia.org/w/index.php?search=salt&title=Special%3ASearch
>
>
Yes, I really need to add some documentation on this.
> Bug about easily reloading all Apaches in beta
> https://bugzilla.wikimedia.org/show_bug.cgi?id=36422
>
>
>
The plan would be to allow salt peer calls [1] from a specific instance
(configured by a project admin) to all instances in a project.
We *may* be able to do this without any additional features from upstream.
We could use the peer runner system [2] to funnel all calls through a
runner. The runner can determine the caller instance, then ensure the
matching call only affects other instances in the same project.
We could use the grains [3] that are defined for projects, but those can be
changed on the instances, so there's some danger there. We could also have
a pillar [4] provider that pulls information from LDAP, then match on
pillars. This is likely the best option, but I'll have to investigate how
possible it is.
- Ryan
[1]: <
https://salt.readthedocs.org/en/latest/ref/peer.html#peer-communication>
[2]: <
https://salt.readthedocs.org/en/latest/ref/peer.html#peer-runner-communication
>
[3]: <http://docs.saltstack.org/en/latest/topics/targeting/grains.html>
[4]: <https://salt.readthedocs.org/en/latest/topics/pillar/index.html>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.wikimedia.org/pipermail/labs-l/attachments/20130316/28c663e2/attachment.html>
More information about the Labs-l
mailing list