For a long time now we've been advising against the use of provisioners, but our documentation for them is pretty prominent on the website in comparision to the better alternatives, and so it's little surprise that many users end up making significant use of them. Although in the longer term a change to our information architecture would probably address this even better, this is an attempt to be explicit about the downsides of using provisioners and to prominently describe the alternatives that are available for common use-cases, along with some reasons why we consider them to be better. I took the unusual step here of directly linking to specific provider documentation pages about the alternatives, even though we normally try to keep the core documentation provider-agnostic, because otherwise that information tends to be rather buried in the provider documentation and thus the reader would be reasonable to use provisioners just because we're not giving specific enough alternative recommendations.
3.9 KiB
layout | page_title | sidebar_current | description |
---|---|---|---|
docs | Provisioner: salt-masterless | docs-provisioners-salt-masterless | The salt-masterless Terraform provisioner provisions machines built by Terraform |
Salt Masterless Provisioner
Type: salt-masterless
The salt-masterless
Terraform provisioner provisions machines built by Terraform
using Salt states, without connecting to a Salt master. The salt-masterless
provisioner supports ssh
connections.
-> Note: Provisioners should only be used as a last resort. For most common situations there are better alternatives. For more information, see the main Provisioners page.
Requirements
The salt-masterless
provisioner has some prerequisites. cURL
must be available on the remote host.
Example usage
The example below is fully functional.
provisioner "salt-masterless" {
"local_state_tree" = "/srv/salt"
}
Argument Reference
The reference of available configuration options is listed below. The only required argument is the path to your local salt state tree.
Optional:
-
bootstrap_args
(string) - Arguments to send to the bootstrap script. Usage is somewhat documented on github, but the script itself has more detailed usage instructions. By default, no arguments are sent to the script. -
disable_sudo
(boolean) - By default, the bootstrap install command is prefixed withsudo
. When using a Docker builder, you will likely want to passtrue
sincesudo
is often not pre-installed. -
remote_pillar_roots
(string) - The path to your remote pillar roots. default:/srv/pillar
. This option cannot be used withminion_config
. -
remote_state_tree
(string) - The path to your remote state tree. default:/srv/salt
. This option cannot be used withminion_config
. -
local_pillar_roots
(string) - The path to your local pillar roots. This will be uploaded to theremote_pillar_roots
on the remote. -
local_state_tree
(string) - The path to your local state tree. This will be uploaded to theremote_state_tree
on the remote. -
custom_state
(string) - A state to be run instead ofstate.highstate
. Defaults tostate.highstate
if unspecified. -
minion_config_file
(string) - The path to your local minion config file. This will be uploaded to the/etc/salt
on the remote. This option overrides theremote_state_tree
orremote_pillar_roots
options. -
skip_bootstrap
(boolean) - By default the salt provisioner runs salt bootstrap to install salt. Set this to true to skip this step. -
temp_config_dir
(string) - Where your local state tree will be copied before moving to the/srv/salt
directory. Default is/tmp/salt
. -
no_exit_on_failure
(boolean) - Terraform will exit if thesalt-call
command fails. Set this option to true to ignore Salt failures. -
log_level
(string) - Set the logging level for thesalt-call
run. -
salt_call_args
(string) - Additional arguments to pass directly tosalt-call
. See salt-call documentation for more information. By default no additional arguments (besides the ones Terraform generates) are passed tosalt-call
. -
salt_bin_dir
(string) - Path to thesalt-call
executable. Useful if it is not on the PATH.