Running Salt-Master in a Docker Container
1,223 views
Skip to first unread message
Luminous Salt
Nov 29, 2014, 12:45:35 PM11/29/14
to Salt Users
Hello!
I am going to be using Docker more in the future, and thought about
running salt-master in a Docker container. I am aware that Docker
complicates things (this issue is a good example
https://github.com/saltstack/salt/issues/18569), so maybe you run
salt-master in docker in production and you have some recommendations or
insights to watch out for? How do you handle the ephemeral nature of
docker containers? Data volumes makes it easier to provide formula/etc
from the host, but do you need to worry about other stuff in /var/lib,
cache, logs, etc?
Thanks for any and all input!
I am going to be using Docker more in the future, and thought about
running salt-master in a Docker container. I am aware that Docker
complicates things (this issue is a good example
https://github.com/saltstack/salt/issues/18569), so maybe you run
salt-master in docker in production and you have some recommendations or
insights to watch out for? How do you handle the ephemeral nature of
docker containers? Data volumes makes it easier to provide formula/etc
from the host, but do you need to worry about other stuff in /var/lib,
cache, logs, etc?
Thanks for any and all input!
Colton Myers
Dec 4, 2014, 6:38:03 PM12/4/14
to salt-...@googlegroups.com
There are no serious caveats that immediately come to mind. I guess since you mentioned the cache, I should note that salt does not handle the cache being deleted out from under a running master very well.
Otherwise, you should be good!
--
Colton Myers
Colton Myers
Platform Engineer, SaltStack
@basepi on Github/Twitter/IRC
--
You received this message because you are subscribed to the Google Groups "Salt-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to salt-users+...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Mike Flood
Dec 5, 2014, 1:00:52 AM12/5/14
to salt-...@googlegroups.com, sa...@luminous.io
insights to watch out for? How do you handle the ephemeral nature of
docker containers? Data volumes makes it easier to provide formula/etc
from the host, but do you need to worry about other stuff in /var/lib,
cache, logs, etc?
You'll definitely want to persist the minion keys in /etc/salt/pki so that minions don't need to re-establish trust the next time the container is fired up.
cheers,
cheers,
Alex Leonhardt
Dec 5, 2014, 3:46:07 AM12/5/14
to salt-...@googlegroups.com, sa...@luminous.io
Fwiw, https://github.com/alex-leonhardt/docker-saltmaster :)
Am not persisting /etc/salt but that's easy to change.. Also probably stuff in /var/lib/salt (not 100% sure of the path as am walking :)) should be persistent, I guess that's it..
Alex
Am not persisting /etc/salt but that's easy to change.. Also probably stuff in /var/lib/salt (not 100% sure of the path as am walking :)) should be persistent, I guess that's it..
Alex
Heath
Jan 15, 2016, 7:11:29 PM1/15/16
to Salt-users, sa...@luminous.io
I am looking to do this without using the docker-saltmaster. I have volumes set up for the following directories:
I going to be destroying and recreating these salt master containers at various times and need to ensure that no state information that relates the master to the minion is lost. Currently when I destroy and rebuild a container (installing a new instance of salt) all my information in /etc/salt/pki is lost as well as other folders. Any solutions thus far?
VOLUME ["/etc/salt/pki", "/var/cache/salt", "/var/logs/salt", "/etc/salt/master.d", "/srv/salt"]
Reply all
Reply to author
Forward
0 new messages