One formula for differing minions?

18 views

Skip to first unread message

Michael Jinks

unread,

Aug 31, 2015, 9:48:29 PM8/31/15

to Salt-users

I'm new to Salt, starting to get some traction, but still get hung up on what seem like basic issues.

Right now, I'm using the 'users' formula to handle accounts on a minion. It was going really well, I've got a couple hundred accounts under control there... but then today I realized that I only have the users formula listed once in my top.sls, and as soon as I start trying to manage accounts on more than a single minion, I'll have problems.

I've tried everything I can think of to differentiate pillar files, with either no effect (minions still see data they shouldn't), or errors.

I've read:

http://docs.saltstack.com/en/latest/ref/states/all/salt.states.grains.html

Specifically,

https://docs.saltstack.com/en/latest/topics/targeting/grains.html#matching-grains-in-the-top-file

...but I'm missing something.

What's currently working:

In top.sls I have:

'ftp*':

- users

...and in my pillar I have files that start with:

users:

...followed by lists of either:

jblow:

uid: xxx

fullname: joe blow

home: /home/jblow

[...]

...or,

jblow:

password: [hash string]

I've tried to subdivide things in all kinds of ways, but none of my guess have been right. For instance, in top.sls:

'host:ftp*':

- match: grains

- ftp-users

And in the pillar,

ftp-users:

users:

[same stuff as above]

That doesn't seem to do anything. All my other minions with a 'users:' field in the top file would still get everything the ftp minions get.

If I just try changing 'users:' to some other string, in both top.sls and the pillar, obviously we lose sight of the users formula, so that can't be right.

The only thing I can think of that I know would work, is to copy the users formula and do some kind of string replace on all the 'user' and 'users' fields, for each category of minions that I want to configure. But I know that *really* can't be right, defeats the whole purpose.

I'm missing something basic.

Michael Jinks

unread,

Sep 1, 2015, 11:32:03 AM9/1/15

to Salt-users

AHA.

All this time I've understood how to handle the top file on the state side. But for some reason I hadn't fully ported that over to the pillar side. No matter how many times I was told "it's just like the states side".

So, for anybody else who stumbles upon this with the same issue: it's just like the states side.

Thanks, IRC guys, for the extra nudge of prompting that it took.

Sigh.

Reply all

Reply to author

Forward

0 new messages