Salt rosters在0.17.0版本中被加入,用来方便 salt-ssh
的使用。roster被创建是因为 salt-ssh
需要一种方法来针对特定的目标系统执行命令。
注解
标准的Salt并不需要Roster ,因为master不需要知道目标系统,minion会主动连接master。
roster系统为可插拔设计, 可以非常方便的加入到已有的系统中,用于``salt-ssh`` 获取需要连接的服务器信息. 默认情况下roster文件本地路径为 /etc/salt/roster.
The roster system compiles a data structure internally referred to as
targets
. The targets
is a list of target systems and attributes about how
to connect to said systems. The only requirement for a roster module in Salt
is to return the targets
data structure.
The information which can be stored in a roster target
is the following:
<Salt ID>: # The id to reference the target system with
host: # The IP address or DNS name of the remote host
user: # The user to log in as
passwd: # The password to log in with
# Optional parameters
port: # The target system's ssh port number
sudo: # Boolean to run command via sudo
tty: # Boolean: Set this option to True if sudo is also set to
# True and requiretty is also set on the target system
priv: # File path to ssh private key, defaults to salt-ssh.rsa
# The priv can also be set to agent-forwarding to not specify
# a key, but use ssh agent forwarding
timeout: # Number of seconds to wait for response when establishing
# an SSH connection
minion_opts: # Dictionary of minion opts
thin_dir: # The target system's storage directory for Salt
# components. Defaults to /tmp/salt-<hash>.
cmd_umask: # umask to enforce for the salt-call command. Should be in
# octal (so for 0o077 in YAML you would do 0077, or 63)
Salt needs to upload a standalone environment to the target system, and this defaults to /tmp/salt-<hash>. This directory will be cleaned up per normal systems operation.
If you need a persistent Salt environment, for instance to set persistent grains, this value will need to be changed.