Transfer states to a Saltstack master server using GITFS


This article is part of a series I’m writing on using Saltstack.

As soon as you’ve setup your Salt master and minion, the next thing you will want to do is configure them. I found lots of resources online about writing states but not much about how to get them on the server. The answer, is using gitfs. Gitfs allows you to write your state files locally, with your salt master using the repository as its filesystem.

The first step is initialise a git repository inside the folder you’re using to hold your state files. Once this is done you’ll need to push this to a remote git server (such as Bitbucket, Gitlab or Github) where your salt-master can retrieve it.

The salt-master requires a library to communicate with git, in this example we’re using pygit2, so the ‘python-pygit2’ package would need to be installed on the salt-master for this to work. With this installed and your repository uploaded, we can configure the salt-master to use it. Log onto the salt-master and edit the master config file (/etc/salt/master). Look for the ‘Git File Server Backend Configuration’ section.

  1. Set the gitfs provider:
  2. Set the URL to use to fetch the git repository:

And that’s it.

If you’re using a private repository, you’ll need to generate a key pair and set the ‘gitfs_pubkey’ and ‘gitfs_privkey’ options too, which are the path to the public and private keys to use. Then upload the public key to your git server.

The salt-master will refresh this filesystem every minute by default (this can also be changed in the config file). If, for testing you need to force a refresh this can be done also:

To test if your gitfs is present and working, try issuing a command to provision a minion (assuming have written some states and applied them to minions):

 

Leave a comment

Your email address will not be published. Required fields are marked *