using salt to install software in template-vms
58 views
Skip to first unread message
john.david.r.smith
Dec 18, 2016, 5:47:50 PM12/18/16
to qubes-users
hi.
currently i am trying to configure salt to create and setup all my
templates and vms.
i managed to create the vms and do the config in dom0.
then i tried to install software in my template-vms, but this failed.
my top:
base:
tmp-salt: #this is a template (a clone of fedora-23)
- q
app-salt: #this is an appvm (based on fedora-23)
- q
my q.sls:
/home/user/q:
file.touch
pkgs:
pkg.installed:
- pkgs:
- htop
both vms (tmp-salt, app-salt) contain the file q.
no vm has the software installed (this is expected for the appvm).
both vms have an empty folder from their configuring salt management vm.
as updatevm i tried a tor-gw, an updatevm (based on fedora-23) behind a
torvm and sys-firewall.
what am i doing wrong?
-john
currently i am trying to configure salt to create and setup all my
templates and vms.
i managed to create the vms and do the config in dom0.
then i tried to install software in my template-vms, but this failed.
my top:
base:
tmp-salt: #this is a template (a clone of fedora-23)
- q
app-salt: #this is an appvm (based on fedora-23)
- q
my q.sls:
/home/user/q:
file.touch
pkgs:
pkg.installed:
- pkgs:
- htop
both vms (tmp-salt, app-salt) contain the file q.
no vm has the software installed (this is expected for the appvm).
both vms have an empty folder from their configuring salt management vm.
as updatevm i tried a tor-gw, an updatevm (based on fedora-23) behind a
torvm and sys-firewall.
what am i doing wrong?
-john
Marek Marczykowski-Górecki
Dec 18, 2016, 6:04:56 PM12/18/16
to john.david.r.smith, qubes-users
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
On Sun, Dec 18, 2016 at 10:47:36PM +0000, john.david.r.smith wrote:
> hi.
> currently i am trying to configure salt to create and setup all my templates
> and vms.
>
> i managed to create the vms and do the config in dom0.
>
> then i tried to install software in my template-vms, but this failed.
>
> my top:
> base:
> tmp-salt: #this is a template (a clone of fedora-23)
> - q
> app-salt: #this is an appvm (based on fedora-23)
> - q
>
> my q.sls:
> /home/user/q:
> file.touch
> pkgs:
> pkg.installed:
> - pkgs:
> - htop
>
> both vms (tmp-salt, app-salt) contain the file q.
> no vm has the software installed (this is expected for the appvm).
You mean template too? Check salt output
(/var/log/qubes/mgmt-tmp-salt.log) for details - maybe this package is
unavailable, or there was some network problem.
> both vms have an empty folder from their configuring salt management vm.
> as updatevm i tried a tor-gw, an updatevm (based on fedora-23) behind a
> torvm and sys-firewall.
>
> what am i doing wrong?
You mean /srv there? This is expected. Configuration is copied
temporarily there, into /tmp. This is how salt-ssh works. And thanks to
salt-ssh, you don't have to install salt in every template to use it to
manage VMs. Just default template is enough.
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQEcBAEBCAAGBQJYVxYWAAoJENuP0xzK19csxIYH/jVc2/B0jqQd8nKMtJA1WKdU
s9SxtQTWIOS6WHfbSp43H8/XNRvzv/4gJlx2ISe7zC8khGe25oJ5NiYh7xDqZWi7
Pat17q086NAEeyVctr5hBZvKFJCHEfzyAsZCkRQ58Tw0S0fq1SXPOywJ7jpTfDXh
dDe4vFFaTOKAM8fTajRS8H57MXwxqnq6qM+13gzfkoljc1tejCosvp/blr7VZVGv
msfNBfWwY6OIrGT/csXhdMZ6tE0ZBt3iEOaAczogTQP9VgYYSGurX+SdVDry7RGn
mE6QEnOOrS+0IQJ4dTZTh9S7MEo8g32QcQikSSmCapUhzP+s/y4QvCrjmA0SjdM=
=9Drv
-----END PGP SIGNATURE-----
Hash: SHA256
On Sun, Dec 18, 2016 at 10:47:36PM +0000, john.david.r.smith wrote:
> hi.
> currently i am trying to configure salt to create and setup all my templates
> and vms.
>
> i managed to create the vms and do the config in dom0.
>
> then i tried to install software in my template-vms, but this failed.
>
> my top:
> base:
> tmp-salt: #this is a template (a clone of fedora-23)
> - q
> app-salt: #this is an appvm (based on fedora-23)
> - q
>
> my q.sls:
> /home/user/q:
> file.touch
> pkgs:
> pkg.installed:
> - pkgs:
> - htop
>
> both vms (tmp-salt, app-salt) contain the file q.
> no vm has the software installed (this is expected for the appvm).
(/var/log/qubes/mgmt-tmp-salt.log) for details - maybe this package is
unavailable, or there was some network problem.
> both vms have an empty folder from their configuring salt management vm.
> as updatevm i tried a tor-gw, an updatevm (based on fedora-23) behind a
> torvm and sys-firewall.
>
> what am i doing wrong?
temporarily there, into /tmp. This is how salt-ssh works. And thanks to
salt-ssh, you don't have to install salt in every template to use it to
manage VMs. Just default template is enough.
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQEcBAEBCAAGBQJYVxYWAAoJENuP0xzK19csxIYH/jVc2/B0jqQd8nKMtJA1WKdU
s9SxtQTWIOS6WHfbSp43H8/XNRvzv/4gJlx2ISe7zC8khGe25oJ5NiYh7xDqZWi7
Pat17q086NAEeyVctr5hBZvKFJCHEfzyAsZCkRQ58Tw0S0fq1SXPOywJ7jpTfDXh
dDe4vFFaTOKAM8fTajRS8H57MXwxqnq6qM+13gzfkoljc1tejCosvp/blr7VZVGv
msfNBfWwY6OIrGT/csXhdMZ6tE0ZBt3iEOaAczogTQP9VgYYSGurX+SdVDry7RGn
mE6QEnOOrS+0IQJ4dTZTh9S7MEo8g32QcQikSSmCapUhzP+s/y4QvCrjmA0SjdM=
=9Drv
-----END PGP SIGNATURE-----
john.david.r.smith
Dec 18, 2016, 6:41:32 PM12/18/16
to Marek Marczykowski-Górecki, qubes-users
all but one in this mail)
it was the package vim.
if i omit it, all other packages get installed.
strangely i can install vim via `dnf install vim` or `yum install vim`.
what could be the reason for this?
>> both vms have an empty folder from their configuring salt management vm.
>> as updatevm i tried a tor-gw, an updatevm (based on fedora-23) behind a
>> torvm and sys-firewall.
>>
>> what am i doing wrong?
>
> You mean /srv there? This is expected. Configuration is copied
> temporarily there, into /tmp. This is how salt-ssh works. And thanks to
> salt-ssh, you don't have to install salt in every template to use it to
> manage VMs. Just default template is enough.
(it still is created with my now working sls)
-john
Marek Marczykowski-Górecki
Dec 18, 2016, 6:53:26 PM12/18/16
to john.david.r.smith, qubes-users
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Hash: SHA256
'vim'. Not sure why virtual name does not work with salt, but I've see
such thing before. Maybe there some option for pkg.installed?
> > > both vms have an empty folder from their configuring salt management vm.
> > > as updatevm i tried a tor-gw, an updatevm (based on fedora-23) behind a
> > > torvm and sys-firewall.
> > >
> > > what am i doing wrong?
> >
> > You mean /srv there? This is expected. Configuration is copied
> > temporarily there, into /tmp. This is how salt-ssh works. And thanks to
> > salt-ssh, you don't have to install salt in every template to use it to
> > manage VMs. Just default template is enough.
>
> i mean the folder /home/user/QubesIncoming/disp-mgmt-tmp-salt
> (it still is created with my now working sls)
the files there. Probably should be cleaned up after the operation...
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
eubQ/s75838gr4ABwHTfUN4PBScZPUPLqcAfkMLqaSvgH/inYGP9UAKbIZzBykLm
FlYuqaO22ZFXHJfTTNEaZ0c44YH9PUzKalLiVP+h0qKTyJPj9TQo7OT+yYZe++79
ZEIeSoFeT4U1snE+/2wukkyVPFowuG4/CTQ2zJv9r0+GM/i7X8/SuIU2e7p2+qNF
JzbVAA4QKVJQ/6fCkd7ZTvn7/MTa/FojsXQLKjXDc6eM1AlNKrzgjmc1d5n1Y9V7
40l4hKujdhapXj7u1tOJkpSQ8PhCks5dbyPU/oN0K5MC4des0pIOmUrdCZ0KJy8=
=uJG9
-----END PGP SIGNATURE-----
Reply all
Reply to author
Forward
0 new messages