##--------------------------------------------
## generate ssh key
ssh-keygen -t rsa -b 4096 -o -a 64 -N "" -f ~/.ssh/id_rsa
##--------------------------------------------
## install salt-ssh
## - NOTE: check if customer already has salt configured.
## - If so, use it or configure a Saltfile under our $HOME
sudo yum install https://repo.saltstack.com/yum/redhat/salt-repo-latest-2.el7.noarch.rpm
sudo yum clean expire-cache
sudo yum install salt-ssh openssh-clients salt-master
##--------------------------------------------
## set roster defaults.
## - NOTE: Change 'centos' to the user we use to access other hosts in the cluster
sudo tee /etc/salt/master.d/roster-defaults.conf > /dev/null <<-'EOF'
roster_defaults:
user: centos
#sudo: True
priv: ~centos/.ssh/id_rsa
tty: True
salt-ssh:
ssh_wipe: True
EOF
##--------------------------------------------
## Make salt roster. Format is:
## alias: hostname-or-ip
sudo tee /etc/salt/roster > /dev/null <<-'EOF'
master01: master01
master02: master02
edge01: edge01
worker01: worker01
worker02: worker02
worker03: worker03
EOF
##--------------------------------------------
## Deploy keys to hosts using customer provided password
sudo salt-ssh '*' -i --key-deploy --askpass test.ping
## Confirm host access
sudo salt-ssh '*' test.ping
sudo salt-ssh '*' cmd.run 'uptime'
Created
May 8, 2018 10:02
-
-
Save seanorama/9a226433dd53bddbf2baf82ee6e57cd6 to your computer and use it in GitHub Desktop.
configure-salt-ssh
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment