From e4343dcf3b14489347c238ffe37de665784e6570 Mon Sep 17 00:00:00 2001 From: Stefan Bogner Date: Wed, 8 Jul 2020 06:45:27 +0200 Subject: [PATCH 1/3] added brief documentation on filecache. for now, I added filecache: false as default as it requires additional rubygems to be installed which are not packaged at least for RHEL/CentOS7. --- plugins/foreman_salt/13.0/index.md | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/plugins/foreman_salt/13.0/index.md b/plugins/foreman_salt/13.0/index.md index 2eeb3e725b..3bc138d656 100644 --- a/plugins/foreman_salt/13.0/index.md +++ b/plugins/foreman_salt/13.0/index.md @@ -175,9 +175,15 @@ In `/etc/salt/foreman.yaml`, make the following changes: :timeout: 10 :salt: /usr/bin/salt :upload_grains: true + :filecache: false If your Smart Proxy uses SSL, then the certs and key configured in the YAML should be the same ones it uses to talk to Foreman. If you're already using Puppet in Foreman, consult `/etc/puppet/foreman.yaml` or `/etc/puppet/node.rb` for those settings. +The :filecache: option makes foreman-node read the grains cache from files rather than using salt-run. + +Please note this will only work if the master is not configured to use an external minion cache module. With salt's default configuration the filecache option works fine and should be used as it is much faster than getting the cache using salt-run. Please note that for this to work, the "msgpack" rubygem needs to be present. +If your salt-master is configured to use a different data directory for cache, you can also set the :cachedir: option to the same directory you configured in the salt master configuration. + ### 2.1.3 Salt API Configuration To support state and environment importing, configure salt-api as per the [Salt documentation](https://docs.saltstack.com/en/latest/ref/netapi/all/salt.netapi.rest_cherrypy.html). The user for the Smart Proxy requires a minimum of the `@runner` permission. An example for CherryPy is below, using the Puppet certificates for SSL. From b6ced3708acbb9409d2aa7c092b75b28fcb97d56 Mon Sep 17 00:00:00 2001 From: Stefan Bogner Date: Wed, 8 Jul 2020 12:31:30 +0200 Subject: [PATCH 2/3] Revert "added brief documentation on filecache." - commited to wrong branch This reverts commit e4343dcf3b14489347c238ffe37de665784e6570. --- plugins/foreman_salt/13.0/index.md | 6 ------ 1 file changed, 6 deletions(-) diff --git a/plugins/foreman_salt/13.0/index.md b/plugins/foreman_salt/13.0/index.md index 3bc138d656..2eeb3e725b 100644 --- a/plugins/foreman_salt/13.0/index.md +++ b/plugins/foreman_salt/13.0/index.md @@ -175,15 +175,9 @@ In `/etc/salt/foreman.yaml`, make the following changes: :timeout: 10 :salt: /usr/bin/salt :upload_grains: true - :filecache: false If your Smart Proxy uses SSL, then the certs and key configured in the YAML should be the same ones it uses to talk to Foreman. If you're already using Puppet in Foreman, consult `/etc/puppet/foreman.yaml` or `/etc/puppet/node.rb` for those settings. -The :filecache: option makes foreman-node read the grains cache from files rather than using salt-run. - -Please note this will only work if the master is not configured to use an external minion cache module. With salt's default configuration the filecache option works fine and should be used as it is much faster than getting the cache using salt-run. Please note that for this to work, the "msgpack" rubygem needs to be present. -If your salt-master is configured to use a different data directory for cache, you can also set the :cachedir: option to the same directory you configured in the salt master configuration. - ### 2.1.3 Salt API Configuration To support state and environment importing, configure salt-api as per the [Salt documentation](https://docs.saltstack.com/en/latest/ref/netapi/all/salt.netapi.rest_cherrypy.html). The user for the Smart Proxy requires a minimum of the `@runner` permission. An example for CherryPy is below, using the Puppet certificates for SSL. From 51ac5cf76998f132ad5d7b7702428bcc0f18c75d Mon Sep 17 00:00:00 2001 From: Stefan Bogner Date: Wed, 29 Jul 2020 13:22:47 +0200 Subject: [PATCH 3/3] add runner upload docs --- plugins/foreman_salt/13.0/index.md | 19 ++++++++++++++++++- 1 file changed, 18 insertions(+), 1 deletion(-) diff --git a/plugins/foreman_salt/13.0/index.md b/plugins/foreman_salt/13.0/index.md index 2eeb3e725b..42be25a1a8 100644 --- a/plugins/foreman_salt/13.0/index.md +++ b/plugins/foreman_salt/13.0/index.md @@ -377,7 +377,24 @@ When running `state.highstate`, you can have Foreman process the results and sho ![](/static/images/plugins/foreman_salt/reports.gif) -Uploading the salt reports is done by `/usr/sbin/upload-salt-reports` and is scheduled by a cron job running on the smart proxy. By default, reports are uploaded to Foreman once every 10 minutes from the Salt master's job cache. You may modify the smart_proxy_salt cron job to customize this by editing `/etc/cron.d/smart_proxy_salt`. +There are two ways to upload the highstate reports to foreman: + +Either use the script `/usr/sbin/upload-salt-reports` scheduled by a cron job running on the smart proxy. By default, reports are uploaded to Foreman once every 10 minutes from the Salt master's job cache. You may modify the smart_proxy_salt cron job to customize this by editing `/etc/cron.d/smart_proxy_salt`. + +The other way is to use the report upload reactor/runner. + +An example configuration may look like this, but please note that configuration may differ in your environment (ie. if you are already using reactors or have runner_dirs defined). + +`/etc/salt/master.d/upload-salt-reports.conf`: + +``` +runner_dirs: + - /usr/share/foreman-salt/runner + +reactor: + - 'salt/job/*/ret/*': + - /usr/share/foreman-salt/reactor/foreman_report_upload.sls +``` Why not use a returner?