bootstrap via ssh

220 views
Skip to first unread message

Robert Booth

unread,
Apr 10, 2014, 9:23:23 PM4/10/14
to salt-...@googlegroups.com
Not sure if this is just a redundant script but I wanted to pass it along in case it's useful to anybody else.

The script pushes the bootstrap-salt.sh file to the remote node and executes it with the specified params.

If you're using the bootstrap-salt.sh script from the stable branch in git, you'll need to uncomment out the bottom section and comment the develop branch line.




I use it for my AWS instances since they are pre-seeded with my ssh key.


-Rob

Shane Gibson

unread,
Apr 11, 2014, 9:49:38 AM4/11/14
to salt-...@googlegroups.com
On Thursday, April 10, 2014 6:23:23 PM UTC-7, Robert Booth wrote:
Not sure if this is just a redundant script but I wanted to pass it along in case it's useful to anybody else.

Rob,

Thanks for sharing your ssh-bootstrap.sh script.  I'd like to suggest the attached patch (also copied inline below).  It simply modifies the stable branch to not use 4 separate SSH connections, and use a single SSH connection, with each command set run in a sub-shell.  If the command succeeds, the next one will be executed.  

This saves on SSH setup overhead, particularly if you have a new environment and DNS isn't setup (when SSH is using DNS).

  apply patch:  patch -b ssh-bootstrap.sh ssh-bootstrap.sh.patch

~~shane 

Patch:
--- ssh-bootstrap.sh 2014-04-11 06:42:23.000000000 -0700
+++ ssh-bootstrap-sg.sh 2014-04-11 06:42:23.000000000 -0700
@@ -81,11 +81,13 @@

 shift $((OPTIND-1))

+_Options="-i ${_Sssh_Key} ${_Target}"
+
 # If your bootstrap-salt.sh script is from the develop branch
-ssh -i ${_Ssh_Key} ${_Target} sudo bash -s -- < bootstrap-salt.sh -X -A ${_Master_Name} -i ${_Minion_Name}
+ssh ${_Options} sudo bash -s -- < bootstrap-salt.sh -X -A ${_Master_Name} -i ${_Minion_Name}

 # If your bootstrap-salt.sh script is from the stable branch
-#ssh -i ${_Ssh_Key} ${_Target} sudo bash -s -- < bootstrap-salt.sh -X -A ${_Master_Name}
-#ssh -i ${_Ssh_Key} ${_Target} sudo sed -i "s/\#id\:/id:\ ${_Minion_Name}/g" /etc/salt/minion
-#ssh -i ${_Ssh_Key} ${_Target} sudo  service salt-minion stop
-#ssh -i ${_Ssh_Key} ${_Target} sudo  service salt-minion start
+#ssh ${_Options} " ( sudo bash -s -- < bootstrap-salt.sh -X -A ${_Master_Name} ) &&
+#                  ( sudo sed -i "s/\#id\:/id:\ ${_Minion_Name}/g" /etc/salt/minion ) &&
+#                  ( sudo service salt-minion stop ) &&
+#                  ( sudo service salt-minion start ) "



ssh-bootstrap.sh.patch

Robert Booth

unread,
Apr 11, 2014, 10:03:28 AM4/11/14
to salt-...@googlegroups.com
And THAT is the reason I like to share my code!

Thanks Shane, the updates have been applied.


-Rob

Shane Gibson

unread,
Apr 11, 2014, 10:09:35 AM4/11/14
to salt-...@googlegroups.com
Rob,

You betcha.  However - much to my embarrassment .. I introduced a bug.  :) 

I set _Options variable _Ssh_Key incorrectly - so the command will fail with the patch applied.  Adjust the "_Sssh_Key" variable in _Options to "_Ssh_Key" (drop the extra "s").  

Also - note, you call "echoerror" in your "does not exist" OptArg processing.  Presumably this is an alias, script, or part of a function() in other scripts of yours; but it's not defined in your script.

~~shane 

--
"He who overcomes others has force; he who overcomes himself is strong."   Lao-tzu

Mike Place

unread,
Apr 11, 2014, 11:47:12 AM4/11/14
to salt-...@googlegroups.com
This is a cool script. Though Salt can be deployed with salt-ssh, I think there's an excellent case for this being another option available like this one. If you're willing to contribute it to the salt-bootstrap project, it might be a great fit to stand along-side the main boostrap script, or even to be integrated into it: https://github.com/saltstack/salt-bootstrap

Nice work!

-mp


--
You received this message because you are subscribed to the Google Groups "Salt-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to salt-users+...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Robert Booth

unread,
Apr 11, 2014, 2:18:02 PM4/11/14
to salt-...@googlegroups.com
Glad you and I aren't working on the OpenSSL project :-) Can't imagine what bugs would get through code review.

Anyway, I decided to take a deeper longer look at this script and actually test it (imagine that) and I noticed another bug that I'm hoping you might have a suggestion for.

The way I'm feeding the bootstrap-salt.sh file to the remote box is via an ssh command line switch. With the suggested code I'm not able to pass that script over. I'm going to continue to try some things but I'm a very beginner bash guy.

-Rob

Robert Booth

unread,
Apr 11, 2014, 2:35:32 PM4/11/14
to salt-...@googlegroups.com
Found the fix! I'll have code posted in the next few minutes to github. Please let me know if it's working on your side if you can test.

Note:
Added following switches

  Optional
  -k  SSH key to use for connection (default to ~/.ssh/id_rsa)
  -b  Use the develop branch of bootstrap-salt.sh script (defaults to stable)

Thanks,
Rob
Reply all
Reply to author
Forward
0 new messages