The LXC module is designed to install Salt in an LXC container on a controlled and possibly remote minion.
In other words, Salt will connect to a minion, then from that minion:
Provision and configure a container for networking access
Use those modules to deploy salt and re-attach to master.
lxc runner
lxc module
You can only act on one minion and one provider at a time.
Listing images must be targeted to a particular LXC provider (nothing will be
outputted with all
)
Salt's LXC support does use lxc.init
via the lxc.cloud_init_interface
and seeds the minion via seed.mkconfig
.
You can provide to those lxc VMs a profile and a network profile like if you were directly using the minion module.
Order of operation:
Create the LXC container on the desired minion (clone or template)
Change LXC config options (if any need to be changed)
Start container
Change base passwords if any
Change base DNS configuration if necessary
Wait for LXC container to be up and ready for ssh
Test SSH connection and bailout in error
Upload deploy script and seeds, then re-attach the minion.
Here is a simple provider configuration:
# Note: This example goes in /etc/salt/cloud.providers or any file in the
# /etc/salt/cloud.providers.d/ directory.
devhost10-lxc:
target: devhost10
driver: lxc
Note
Changed in version 2015.8.0.
The provider
parameter in cloud provider definitions was renamed to driver
. This
change was made to avoid confusion with the provider
parameter that is used in cloud profile
definitions. Cloud provider definitions now use driver
to refer to the Salt cloud module that
provides the underlying functionality to connect to a cloud host, while cloud profiles continue
to use provider
to refer to provider configurations that you define.
Please read LXC Management with Salt before anything else. And specially Profiles.
Here are the options to configure your containers:
- target
Host minion id to install the lxc Container into
- lxc_profile
Name of the profile or inline options for the LXC vm creation/cloning, please see Container Profiles.
- network_profile
Name of the profile or inline options for the LXC vm network settings, please see Network Profiles.
- nic_opts
Totally optional. Per interface new-style configuration options mappings which will override any profile default option:
eth0: {'mac': '00:16:3e:01:29:40', 'gateway': None, (default) 'link': 'br0', (default) 'gateway': None, (default) 'netmask': '', (default) 'ip': '22.1.4.25'}}- password
password for root and sysadmin users
- dnsservers
List of DNS servers to use. This is optional.
- minion
minion configuration (see Minion Configuration in Salt Cloud)
- bootstrap_delay
specify the time to wait (in seconds) between container creation and salt bootstrap execution. It is useful to ensure that all essential services have started before the bootstrap script is executed. By default there's no wait time between container creation and bootstrap unless you are on systemd where we wait that the system is no more in starting state.
- bootstrap_shell
shell for bootstraping script (default: /bin/sh)
- script
defaults to salt-boostrap
- script_args
arguments which are given to the bootstrap script. the {0} placeholder will be replaced by the path which contains the minion config and key files, eg:
script_args="-c {0}"
Using profiles:
# Note: This example would go in /etc/salt/cloud.profiles or any file in the
# /etc/salt/cloud.profiles.d/ directory.
devhost10-lxc:
provider: devhost10-lxc
lxc_profile: foo
network_profile: bar
minion:
master: 10.5.0.1
master_port: 4506
Using inline profiles (eg to override the network bridge):
devhost11-lxc:
provider: devhost10-lxc
lxc_profile:
clone_from: foo
network_profile:
etho:
link: lxcbr0
minion:
master: 10.5.0.1
master_port: 4506
Using a lxc template instead of a clone:
devhost11-lxc:
provider: devhost10-lxc
lxc_profile:
template: ubuntu
# options:
# release: trusty
network_profile:
etho:
link: lxcbr0
minion:
master: 10.5.0.1
master_port: 4506
Static ip:
# Note: This example would go in /etc/salt/cloud.profiles or any file in the
# /etc/salt/cloud.profiles.d/ directory.
devhost10-lxc:
provider: devhost10-lxc
nic_opts:
eth0:
ipv4: 10.0.3.9
minion:
master: 10.5.0.1
master_port: 4506
DHCP:
# Note: This example would go in /etc/salt/cloud.profiles or any file in the
# /etc/salt/cloud.profiles.d/ directory.
devhost10-lxc:
provider: devhost10-lxc
minion:
master: 10.5.0.1
master_port: 4506
Container creation
Image listing (LXC templates)
Running container information (IP addresses, etc.)